[Snyk] Security upgrade scratch-blocks from 1.0.2 to 1.1.4

[adrienne-deriv]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/bot-skeleton/package.json
  • packages/bot-skeleton/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Command Injection SNYK-JS-CHROMEDRIVER-6049539	No	Proof of Concept
	Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-DECOMPRESSTAR-559095	No	Proof of Concept
	Open Redirect SNYK-JS-GOT-2932019	No	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	No	Proof of Concept
	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	No	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	No	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	No	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOCHA-2863123	No	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOCHA-561476	No	No Known Exploit
	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	No	Proof of Concept
	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	No	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:diff:20180305	No	Proof of Concept

Commit messages

Package name: scratch-blocks

The new version differs by 38 commits.

• 5024c97 chore(release): 1.1.4 [skip ci]
• 6ae99a2 Merge pull request translations: 📚 sync translations with crowdin binary-com/deriv-app#3131 from scratchfoundation/renovate/npm-chromedriver-vulnerability
• bca10aa chore(release): 1.1.3 [skip ci]
• b3c991a fix(deps): update dependency chromedriver to v119 [security]
• 2ed2c80 Merge pull request Kseniya/DP2P - Back arrow icon on the order details page is not vertically centered binary-com/deriv-app#3156 from scratchfoundation/renovate/pin-dependencies
• 0bd6342 chore(deps): pin dependencies
• e2bea99 fix(deps): unpin non-dev dependencies
• f210e04 chore(release): 1.1.2 [skip ci]
• b210432 Merge pull request Hubert/ Translating certain cashier text doesn't work binary-com/deriv-app#3155 from scratchfoundation/renovate/scratch-l10n-3.x
• d3bc30e fix(deps): update dependency scratch-l10n to v3.18.3
• a3b238c Merge pull request nikolai/Function block label readability binary-com/deriv-app#3154 from scratchfoundation/renovate/commitlint-monorepo
• c4eae72 chore(deps): update commitlint monorepo to v18.6.0
• c941240 chore(release): 1.1.1 [skip ci]
• db2172b Merge pull request translations: 📚 sync translations with crowdin binary-com/deriv-app#3151 from scratchfoundation/renovate/scratch-l10n-3.x
• 4d3bf95 fix(deps): update dependency scratch-l10n to v3.18.1
• 065619d Merge pull request Shayan / upgrader deriv-chart to version 0.3.17 binary-com/deriv-app#3150 from scratchfoundation/renovate/commitlint-monorepo
• 170b89e chore(deps): update commitlint monorepo to v18.5.0
• d77b39a chore(release): 1.1.0 [skip ci]
• 3fab755 Merge pull request Hubert/ Missing message for withdrawal limits for authenticated accounts binary-com/deriv-app#3147 from scratchfoundation/renovate/scratch-l10n-3.x
• 5c8304d feat(deps): update dependency scratch-l10n to v3.18.0
• a308e37 chore(release): 1.0.8 [skip ci]
• e9d065c Merge pull request bahar/fix_learn_more_button_width binary-com/deriv-app#3146 from scratchfoundation/renovate/scratch-l10n-3.x
• e3c6fe1 fix(deps): update dependency scratch-l10n to v3.16.20240116031928
• 818c6cd chore(release): 1.0.7 [skip ci]

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Command Injection
🦉 Open Redirect
🦉 Regular Expression Denial of Service (ReDoS)
🦉 More lessons are available in Snyk Learn

[github-actions]

This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[github-actions]

This PR was closed because it has been stalled for 5 days with no activity. Please reopen it if needed.