[Snyk] Fix for 1 vulnerabilities

[cc-prodsec]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• packages/internal-lib-build/package.json
• packages/internal-lib-build/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-15309438	828

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[cc-prodsec]

This upgrade includes multiple major versions for jest, rimraf, and replace-in-file, each introducing significant breaking changes that require developer action.

Top 3 Most Impactful Upgrades

• jest 26.6.3 → 29.0.0 (High Risk): This upgrade spans three major versions (v27, v28, v29) with critical breaking changes.

  • Action Required (v28): The default test environment has been changed from jsdom to node. If your tests rely on a browser environment (DOM APIs), you must now explicitly install jest-environment-jsdom and set testEnvironment: 'jsdom' in your Jest configuration.
  • Action Required (v28): The expect function is now a named export instead of a default export. You must change import expect from 'expect'; to import {expect} from 'expect';.
  • Other Changes: Support for older Node.js versions (10, 12, 15, 17) has been dropped. The snapshot format has changed in v29, which may require updating snapshots.

• rimraf 2.7.1 → 6.1.1 (High Risk): This upgrade crosses several major versions and modernizes the package to be ESM-only.

  • Action Required (v5+): The package is now an ES Module. You must switch from require() to import. Additionally, there is no default export. Update your code from const rimraf = require('rimraf') to import { rimraf, rimrafSync } from 'rimraf'.
  • Action Required (v4+): Glob patterns are no longer enabled by default. If you use globs, you must set the glob: true option in the API or use the --glob flag in the CLI.
  • Other Changes: The main asynchronous function now returns a Promise instead of using a callback. Support for Node.js versions below 20 has been dropped in v6.

• replace-in-file 6.3.5 → 8.3.1 (High Risk): This upgrade introduces ESM and API changes.

  • Action Required (v8+): The package is now an ES Module and requires Node.js 18+. You must switch from require() to import.
  • Action Required (v8+): The package no longer has a default export. You must use named imports like import { replaceInFile, replaceInFileSync } from 'replace-in-file'.
  • Other Changes:

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[cc-prodsec]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.