chore(deps): bump axios@1.17.0, express-rate-limit@8.5.2, others

[petruki]

This pull request mainly focuses on updating dependencies and workflow actions to their latest versions, as well as adding a security badge to the README. These updates help ensure better security, compatibility, and visibility for the project. Additionally, some unused Docker Compose version declarations were removed for cleanup.

Dependency updates:

• Updated several dependencies in package.json to their latest patch versions, including axios, express-rate-limit, graphql, helmet, mongoose, and others, as well as the eslint dev dependency. [1] [2]

CI/CD and workflow improvements:

• Updated the sonarsource/sonarqube-scan-action GitHub Action from v8.0.0 to v8.1.0 in both master.yml and sonar.yml workflows. [1] [2]
• Updated the actions/github-script action from v7 to v9 in the sonar.yml workflow.

Documentation and badges:

• Added a Snyk security vulnerability badge to the README.md for improved visibility of known vulnerabilities.

Docker configuration cleanup:

• Removed the version field from both .devcontainer/docker-compose.yml and docker-compose.yml as it is no longer required in recent Docker Compose versions. [1] [2]

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud