[Snyk] Fix for 9 vulnerabilities

[hezro]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • doc-site/package.json
• doc-site/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	235/1000 Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Changed, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Local, EPSS: 0.0006, Social Trends: No, Days since published: 222, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Critical, Package Popularity Score: 99, Impact: 10.1, Likelihood: 2.33, Score Version: V5	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	Yes	Proof of Concept
	169/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00045, Social Trends: No, Days since published: 9, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.81, Score Version: V5	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	Yes	Proof of Concept
	178/1000 Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): Low, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00571, Social Trends: No, Days since published: 514, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 7.84, Likelihood: 2.27, Score Version: V5	Prototype Pollution SNYK-JS-JSON5-3182856	Yes	Proof of Concept
	124/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00045, Social Trends: No, Days since published: 9, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.06, Score Version: V5	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	Yes	No Known Exploit
	49/1000 Why? Confidentiality impact: None, Integrity impact: Low, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00052, Social Trends: No, Days since published: 234, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 2.35, Likelihood: 2.06, Score Version: V5	Improper Input Validation SNYK-JS-POSTCSS-5926692	Yes	No Known Exploit
	169/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00091, Social Trends: No, Days since published: 337, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.81, Score Version: V5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept
	59/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Local, EPSS: 0.0008, Social Trends: No, Days since published: 468, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 0.968, Score Version: V5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169	Yes	No Known Exploit
	161/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01236, Social Trends: No, Days since published: 1303, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.67, Score Version: V5	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIM-1017038	Yes	Proof of Concept
	165/1000 Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Changed, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00229, Social Trends: No, Days since published: 436, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 6.22, Likelihood: 2.65, Score Version: V5	Sandbox Bypass SNYK-JS-WEBPACK-3358798	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @docusaurus/core

The new version differs by 250 commits.

• ca8b463 v3.0.0
• 2121b71 fix bad path
• 0b3be15 version 3.0.0 docs
• 9658a5b 3.0.0 changelog
• 1089741 docs: archive v2 docs versions + create 2.x docs (#9472)
• 495c793 chore: v3.0.0-rc.1 release (#9453)
• 4a0bd92 docs: v3 upgrade guide should mention MDX v1 compat options (#9452)
• 7e456ec feat(mdx-loader): upgrade to MDX v3 + (#9451)
• 8d19054 fix(theme): fix useWindowSize React hydration issue (#9446)
• d07567e chore: revert Lighthouse numberOfRuns due to bad/verbose reporting (#9448)
• dd03a25 chore: Make Lighthouse CI run on local build (#9447)
• c6762a2 feat(mdx-loader): Remark plugin to report unused MDX / Markdown directives (#9394)
• 56cc8e8 chore(ci): fix missing screenshots on Argos (#9445)
• f80e1bd refactor(blog-plugin): blog archive reverse ordering of posts (#9438)
• 911dfb4 chore(deps): bump actions/setup-node from 3 to 4 (#9440)
• e525794 chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 (#9441)
• aa958f0 fix(plugin-blog): blog archive should hide unlisted blog posts (#9437)
• 2bb4fd0 chore(ci): use new Argos playwright integration (#9419)
• f674e02 docs: update Kinsta deployment documentation (#9430)
• 7ee2f75 chore: v3.0.0-rc.0 release (#9418)
• 4e150d2 docs: add Docusaurus v3.0 upgrade guide (#9417)
• 45f1a66 feat(core): support TypeScript + ESM configuration (#9317)
• 336a44f chore: remove docusaurus-migrate (#9400)
• ae31916 docs: fix typos in website/docs/i18n/i18n-git.mdx (#9396)

See the full diff

Package name: @docusaurus/preset-classic

The new version differs by 250 commits.

• 1ddee1c v2.0.1
• 2ef40c2 chore: Netlify branch deploys should only deploy default locale "en" (#7788)
• d88f248 chore: add Netlify config for major version branch deploys (docusaurus-v2 branch) (#7787)
• e4fc47b Merge branch 'main' into docusaurus-v2
• 7f40350 chore: fix codesandbox playgrounds, use Node.js 16 version (#7784)
• 1065e55 refactor(core): log Docusaurus & Node version before exiting (#7781)
• 965a01e chore: port-2.0.0-rc.1 (#7782)
• e78a15e chore: ci tests should run on version branches "docusaurus-vX" (#7783)
• c751bc6 chore: regen v2.0.0-rc.1 examples (#7780)
• d255389 chore: prepare v2.0.0-rc.1 release (#7778)
• 443914a docs: add Bruce Wiki website to showcase (#7770)
• f913af0 docs: release process, versioning, breaking changes, public API surface (#7706)
• 9788944 refactor(theme): fix duplicate page metadata usage (#7777)
• c48f338 fix(core): swizzle --eject js should not copy theme .d.ts files (#7776)
• c3d2e0d fix(sitemap): complete gracefully when all pages have noIndex meta (#7774)
• 665c311 chore: bump Infima to 0.2.0-alpha.42, fix a:hover link bug (#7771)
• 1899a2e docs: add EverShop website to showcase (#7765)
• 542228e fix(deploy): revert "feat(deploy): copy local git config to tmp repo (#7702)" (#7750)
• a4b4a7f fix(migrate): import siteConfig with file extension (#7766)
• 337463a chore(theme-translations): complete ko translations (#7762)
• 9467da6 chore(deps): bump actions/setup-node from 3.3.0 to 3.4.0 (#7764)
• cba8be0 fix(theme-classic): validate options properly (#7755)
• 636d470 refactor(core): use has instead of get to test for existence in ExecEnv (#7763)
• f21dadf docs: add StackQL Provider Registry to showcase (#7760)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption
🦉 Prototype Pollution
🦉 Improper Input Validation