Fix security vulnerabilities

[mauriciolauffer]

Bump dependencies to address security vulnerabilities.

Executing $ npm audit returns 0 vulnerabilities now.

[mauriciolauffer]

Supporting node 12-15 versions isn't required anymore, these tests could be removed.

[littleamigo]

Supporting node 12-15 versions isn't required anymore, these tests could be removed.

Where are the tests for node 22 and 24?

[mauriciolauffer]

@littleamigo my guess is they don't exist as I couldn't find them in the CircleCI config

PS: right now, v24 might be covered by the node:lts image, but I'm not sure because I didn't check it

[cla-assistant]

All committers have signed the CLA.

[littleamigo]

fixes CVE-2026-25639
fixes #1190

[littleamigo]

@kbarnold Would you be so nice and review/merge this fix and then release a new image on docker hub?

[littleamigo]

@kbarnold Coveralls is down (Outage) and hence the build fails. Please hold until they restored the service and then re-run the build.

[kbarnold]

@littleamigo Thanks for the info. I'm planning to merge this and a few other PRs but want to include Node 22 and 24 in the tests before.
Removal of the old Node versions should be done separately. It probably makes sense to remove them altogether, not just from the tests.

[littleamigo]

@kbarnold Coveralls is restored and fully functional again. You can re-trigger the build at https://app.circleci.com/pipelines/github/SAP/cloud-mta-build-tool/1202/workflows/6290489a-f3cb-47cf-8f1a-0d440cc7d772/jobs/8664.