[Snyk] Fix for 1 vulnerabilities

[Muhammad-Altabba]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • docs/package.json
  • docs/yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[github-actions]

Bundle Stats

Hey there, this message comes from a github action that helps you and reviewers to understand how these changes affect the size of this project's bundle.

As this PR is updated, I'll keep you updated on how the bundle size is impacted.

Total

Asset	Old size	New size	Diff	Diff %
Total	591 KB	591 KB	0	0.00%

View detailed bundle breakdown

Added

No assets were added

Removed

No assets were removed

Bigger

No assets were bigger

Smaller

No assets were smaller

Unchanged

Asset	Old size	New size	Diff	Diff %
web3.min.js	573 KB	573 KB	0	0.00%
../lib/commonjs/index.d.ts	8.63 KB	8.63 KB	0	0.00%
../lib/commonjs/accounts.d.ts	3.89 KB	3.89 KB	0	0.00%
../lib/commonjs/types.d.ts	2.45 KB	2.45 KB	0	0.00%
../lib/commonjs/web3.d.ts	1.14 KB	1.14 KB	0	0.00%
../lib/commonjs/abi.d.ts	999 bytes	999 bytes	0	0.00%
../lib/commonjs/eth.exports.d.ts	280 bytes	280 bytes	0	0.00%
../lib/commonjs/providers.exports.d.ts	148 bytes	148 bytes	0	0.00%
../lib/commonjs/version.d.ts	60 bytes	60 bytes	0	0.00%

[codecov]

Codecov Report

Merging #6665 (ceedefa) into 4.x (f9468a8) will decrease coverage by 0.46%.
The diff coverage is n/a.

❗ Current head ceedefa differs from pull request most recent head 8fdb7df. Consider uploading reports for the commit 8fdb7df to get more accurate results

Additional details and impacted files

@@            Coverage Diff             @@
##              4.x    #6665      +/-   ##
==========================================
- Coverage   91.46%   91.01%   -0.46%     
==========================================
  Files         214      214              
  Lines        8155     8121      -34     
  Branches     2193     2174      -19     
==========================================
- Hits         7459     7391      -68     
- Misses        696      730      +34     

Flag	Coverage Δ
UnitTests	91.01% <ø> (-0.46%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
web3	∅ <ø> (∅)
web3-core	∅ <ø> (∅)
web3-errors	∅ <ø> (∅)
web3-eth	∅ <ø> (∅)
web3-eth-abi	∅ <ø> (∅)
web3-eth-accounts	∅ <ø> (∅)
web3-eth-contract	∅ <ø> (∅)
web3-eth-ens	∅ <ø> (∅)
web3-eth-iban	∅ <ø> (∅)
web3-eth-personal	∅ <ø> (∅)
web3-net	∅ <ø> (∅)
web3-providers-http	∅ <ø> (∅)
web3-providers-ipc	∅ <ø> (∅)
web3-providers-ws	∅ <ø> (∅)
web3-rpc-methods	∅ <ø> (∅)
web3-utils	∅ <ø> (∅)
web3-validator	∅ <ø> (∅)

[jdevcs]

was yarn lock generated by you?

[Muhammad-Altabba]

No, they were generated by Snyk.

[jdevcs]

I'll suggest lock files should be generated by our team internally.

[Muhammad-Altabba]

This dependencies update must be done along #6670 to pass the Docs Deploy. I am closing this MR while I included those updates in #6670

[github-actions]

Benchmark

Benchmark suite	Current: 8fdb7df	Previous: 6c075db	Ratio
processingTx	9267 ops/sec (±3.82%)	9301 ops/sec (±4.81%)	1.00
processingContractDeploy	39023 ops/sec (±7.96%)	39129 ops/sec (±7.62%)	1.00
processingContractMethodSend	19317 ops/sec (±11.78%)	19443 ops/sec (±5.19%)	1.01
processingContractMethodCall	41283 ops/sec (±5.69%)	38971 ops/sec (±6.34%)	0.94
abiEncode	45505 ops/sec (±7.74%)	44252 ops/sec (±6.92%)	0.97
abiDecode	32220 ops/sec (±7.13%)	30419 ops/sec (±8.89%)	0.94
sign	1678 ops/sec (±1.12%)	1656 ops/sec (±4.08%)	0.99
verify	370 ops/sec (±2.66%)	373 ops/sec (±0.78%)	1.01

This comment was automatically generated by workflow using github-action-benchmark.