fix: docs/package.json to reduce vulnerabilities

[balqaasem]

The following vulnerabilities are fixed with an upgrade:

• https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462
• https://snyk.io/vuln/SNYK-JS-JSON5-3182856
• https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3042992
• https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105
• https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943
• https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818
• https://snyk.io/vuln/SNYK-JS-NANOID-2332193
• https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
• https://snyk.io/vuln/SNYK-JS-SERIALIZEJAVASCRIPT-6147607
• https://snyk.io/vuln/SNYK-JS-SHELLJS-2332187
• https://snyk.io/vuln/SNYK-JS-SIDEWAYFORMULA-3317169
• https://snyk.io/vuln/SNYK-JS-TERSER-2806366
• https://snyk.io/vuln/SNYK-JS-TRIM-1017038
• https://snyk.io/vuln/SNYK-JS-WEBPACK-3358798
• https://snyk.io/vuln/SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555

Problem

Summary of Changes

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • docs/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	Yes	Proof of Concept
	641/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.4	Prototype Pollution SNYK-JS-JSON5-3182856	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	Yes	No Known Exploit
	521/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4	Information Exposure SNYK-JS-NANOID-2332193	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept
	626/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.1	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	Yes	Proof of Concept
	676/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.1	Improper Privilege Management SNYK-JS-SHELLJS-2332187	Yes	Proof of Concept
	489/1000 Why? Has a fix available, CVSS 5.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIM-1017038	Yes	Proof of Concept
	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Sandbox Bypass SNYK-JS-WEBPACK-3358798	Yes	Proof of Concept
	763/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.4	Path Traversal SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @docusaurus/core

The new version differs by 250 commits.

• 1ddee1c v2.0.1
• 2ef40c2 chore: Netlify branch deploys should only deploy default locale "en" (solana-install init doesn't know when there's no work to do #7788)
• d88f248 chore: add Netlify config for major version branch deploys (docusaurus-v2 branch) (Too easy to burn tokens #7787)
• e4fc47b Merge branch 'main' into docusaurus-v2
• 7f40350 chore: fix codesandbox playgrounds, use Node.js 16 version (Plumb ability to handle duplicate shreds into shred insertion functions #7784)
• 1065e55 refactor(core): log Docusaurus & Node version before exiting (Block time calculation gets warped with high stakes #7781)
• 965a01e chore: port-2.0.0-rc.1 (Unignore advisories as affected ver. is corrected (bp #7730) #7782)
• e78a15e chore: ci tests should run on version branches "docusaurus-vX" (Unignore advisories as affected ver. is corrected (bp #7730) #7783)
• c751bc6 chore: regen v2.0.0-rc.1 examples (Add hash stats information to check hashes between validators #7780)
• d255389 chore: prepare v2.0.0-rc.1 release (Nonce: Rename instructions with VerbNoun scheme (bp #7775) #7778)
• 443914a docs: add Bruce Wiki website to showcase (Book: Update durable nonce proposal entry (bp #7694) #7770)
• f913af0 docs: release process, versioning, breaking changes, public API surface (Account for stake held by the current node while waiting for the supermajority to join gossip #7706)
• 9788944 refactor(theme): fix duplicate page metadata usage (Include shred version in gossip #7777)
• c48f338 fix(core): swizzle --eject js should not copy theme .d.ts files (Remove create_account bandaid now that to's signature is required #7776)
• c3d2e0d fix(sitemap): complete gracefully when all pages have noIndex meta (Fix Turbine making Port based decisions #7774)
• 665c311 chore: bump Infima to 0.2.0-alpha.42, fix a:hover link bug (Rename blocktree to blockstore (bp #7757) #7771)
• 1899a2e docs: add EverShop website to showcase (Coalesce data and coding index #7765)
• 542228e fix(deploy): revert "feat(deploy): copy local git config to tmp repo (Bump tokio from 0.1.22 to 0.2.8 #7702)" (Bump tiny-bip39 from 0.6.2 to 0.7.0 #7750)
• a4b4a7f fix(migrate): import siteConfig with file extension (Adjust TdS leader efficiency calculation #7766)
• 337463a chore(theme-translations): complete ko translations (Pick an RPC node at random to avoid getting stuck on a bad RPC node (bp #7759) #7762)
• 9467da6 chore(deps): bump actions/setup-node from 3.3.0 to 3.4.0 (Reduce grace ticks, and ignore grace ticks for missing leaders #7764)
• cba8be0 fix(theme-classic): validate options properly (Handle errors on replaying ledger properly (bp #7741) #7755)
• 636d470 refactor(core): use has instead of get to test for existence in ExecEnv (Pick an RPC node at random to avoid getting stuck on a bad RPC node (bp #7759) #7763)
• f21dadf docs: add StackQL Provider Registry to showcase (Manage durable nonce stored value in runtime (bp #7684) #7760)

See the full diff

Package name: @docusaurus/preset-classic

The new version differs by 250 commits.

• 1ddee1c v2.0.1
• 2ef40c2 chore: Netlify branch deploys should only deploy default locale "en" (solana-install init doesn't know when there's no work to do #7788)
• d88f248 chore: add Netlify config for major version branch deploys (docusaurus-v2 branch) (Too easy to burn tokens #7787)
• e4fc47b Merge branch 'main' into docusaurus-v2
• 7f40350 chore: fix codesandbox playgrounds, use Node.js 16 version (Plumb ability to handle duplicate shreds into shred insertion functions #7784)
• 1065e55 refactor(core): log Docusaurus & Node version before exiting (Block time calculation gets warped with high stakes #7781)
• 965a01e chore: port-2.0.0-rc.1 (Unignore advisories as affected ver. is corrected (bp #7730) #7782)
• e78a15e chore: ci tests should run on version branches "docusaurus-vX" (Unignore advisories as affected ver. is corrected (bp #7730) #7783)
• c751bc6 chore: regen v2.0.0-rc.1 examples (Add hash stats information to check hashes between validators #7780)
• d255389 chore: prepare v2.0.0-rc.1 release (Nonce: Rename instructions with VerbNoun scheme (bp #7775) #7778)
• 443914a docs: add Bruce Wiki website to showcase (Book: Update durable nonce proposal entry (bp #7694) #7770)
• f913af0 docs: release process, versioning, breaking changes, public API surface (Account for stake held by the current node while waiting for the supermajority to join gossip #7706)
• 9788944 refactor(theme): fix duplicate page metadata usage (Include shred version in gossip #7777)
• c48f338 fix(core): swizzle --eject js should not copy theme .d.ts files (Remove create_account bandaid now that to's signature is required #7776)
• c3d2e0d fix(sitemap): complete gracefully when all pages have noIndex meta (Fix Turbine making Port based decisions #7774)
• 665c311 chore: bump Infima to 0.2.0-alpha.42, fix a:hover link bug (Rename blocktree to blockstore (bp #7757) #7771)
• 1899a2e docs: add EverShop website to showcase (Coalesce data and coding index #7765)
• 542228e fix(deploy): revert "feat(deploy): copy local git config to tmp repo (Bump tokio from 0.1.22 to 0.2.8 #7702)" (Bump tiny-bip39 from 0.6.2 to 0.7.0 #7750)
• a4b4a7f fix(migrate): import siteConfig with file extension (Adjust TdS leader efficiency calculation #7766)
• 337463a chore(theme-translations): complete ko translations (Pick an RPC node at random to avoid getting stuck on a bad RPC node (bp #7759) #7762)
• 9467da6 chore(deps): bump actions/setup-node from 3.3.0 to 3.4.0 (Reduce grace ticks, and ignore grace ticks for missing leaders #7764)
• cba8be0 fix(theme-classic): validate options properly (Handle errors on replaying ledger properly (bp #7741) #7755)
• 636d470 refactor(core): use has instead of get to test for existence in ExecEnv (Pick an RPC node at random to avoid getting stuck on a bad RPC node (bp #7759) #7763)
• f21dadf docs: add StackQL Provider Registry to showcase (Manage durable nonce stored value in runtime (bp #7684) #7760)

See the full diff

Package name: @docusaurus/theme-search-algolia

The new version differs by 250 commits.

• ca8b463 v3.0.0
• 2121b71 fix bad path
• 0b3be15 version 3.0.0 docs
• 9658a5b 3.0.0 changelog
• 1089741 docs: archive v2 docs versions + create 2.x docs (Reorder CI jobs to allow for more concurrent PRs (bp #9470) #9472)
• 495c793 chore: v3.0.0-rc.1 release (Validator Unable to get Transaction/Account History #9453)
• 4a0bd92 docs: v3 upgrade guide should mention MDX v1 compat options (ledger-tool: accounts subcommand now prints account balances in SOL #9452)
• 7e456ec feat(mdx-loader): upgrade to MDX v3 + (Allow lower shred count (bp #9410) #9451)
• 8d19054 fix(theme): fix useWindowSize React hydration issue (Bump generic-array from 0.13.2 to 0.14.1 #9446)
• d07567e chore: revert Lighthouse numberOfRuns due to bad/verbose reporting (Calculate account refs fix (1.0 bp) #9448)
• dd03a25 chore: Make Lighthouse CI run on local build (Calculate account refs fix #9447)
• c6762a2 feat(mdx-loader): Remark plugin to report unused MDX / Markdown directives (Fix partition setup (bp #9386) #9394)
• 56cc8e8 chore(ci): fix missing screenshots on Argos (Bump generic-array from 0.13.2 to 0.14.0 #9445)
• f80e1bd refactor(blog-plugin): blog archive reverse ordering of posts (Bump parking_lot from 0.10.0 to 0.10.2 #9438)
• 911dfb4 chore(deps): bump actions/setup-node from 3 to 4 (Safer cargo command (bp #9437) #9440)
• e525794 chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 (Don't subject authorizing a new stake authority to lockup (bp #9434) #9441)
• aa958f0 fix(plugin-blog): blog archive should hide unlisted blog posts (Safer cargo command #9437)
• 2bb4fd0 chore(ci): use new Argos playwright integration (Search for ports sequentially instead of at random for more predictable port selection (bp #9411) #9419)
• f674e02 docs: update Kinsta deployment documentation (ReceiveUpdates spams the log, adjust the threshold higher (bp #9429) #9430)
• 7ee2f75 chore: v3.0.0-rc.0 release (Rpc: Add getConfirmedSignaturesForAddress (bp #9407) #9418)
• 4e150d2 docs: add Docusaurus v3.0 upgrade guide (Rpc: Add getConfirmedSignaturesForAddress (bp #9407) #9417)
• 45f1a66 feat(core): support TypeScript + ESM configuration (Add JSON RPC primitives for fetching the list of transactions that affect a given address #9317)
• 336a44f chore: remove docusaurus-migrate (CLI with --no-wait doesn't retry #9400)
• ae31916 docs: fix typos in website/docs/i18n/i18n-git.mdx (Remove Trust Wallet Beta install instructions #9396)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Fixes #

[anza-team]

Thank you for the contribution! This repository is no longer in use. Please re-open this pull request in the agave repo: https://github.com/anza-xyz/agave