[Snyk] Security upgrade lockfile-lint from 3.0.18 to 4.12.0

[lirantal]

Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• package.json

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

⚠️ Warning

Failed to update the yarn.lock, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	482

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[qodo-merge-for-open-source]

CI Feedback 🧐

(Feedback updated until commit 79261ad)

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: build_and_publish

Failed stage: Build and push Docker image [❌]

Failure summary: The action failed during the Docker build process when executing the npm ci command. The package.json and package-lock.json files are out of sync, specifically: The package.json requires lockfile-lint@^4.12.0 But the package-lock.json has [email protected] This version mismatch caused the npm ci command to fail with exit code 1 at line 14 in the Dockerfile.

Relevant error logs: 1: ##[group]Operating System 2: Ubuntu ... 715: #7 3.342 OK: 238 MiB in 30 packages 716: #7 DONE 3.7s 717: #8 [3/5] COPY . /app 718: #8 DONE 0.1s 719: #9 [4/5] WORKDIR /app 720: #9 DONE 0.0s 721: #10 [5/5] RUN npm ci 722: #10 0.627 npm ERR! cipm can only install packages when your package.json and package-lock.json or npm-shrinkwrap.json are in sync. Please update your lock file with `npm install` before continuing. 723: #10 0.627 npm ERR! 724: #10 0.627 npm ERR! 725: #10 0.627 npm ERR! Invalid: lock file's [email protected] does not satisfy lockfile-lint@^4.12.0 726: #10 0.627 npm ERR! 727: #10 0.630 728: #10 0.630 npm ERR! A complete log of this run can be found in: 729: #10 0.631 npm ERR! /root/.npm/_logs/2025-04-27T17_15_12_917Z-debug.log 730: #10 ERROR: process "/bin/sh -c npm ci" did not complete successfully: exit code: 1 731: ------ ... 735: 0.627 npm ERR! 736: 0.627 npm ERR! Invalid: lock file's [email protected] does not satisfy lockfile-lint@^4.12.0 737: 0.627 npm ERR! 738: 0.630 739: 0.630 npm ERR! A complete log of this run can be found in: 740: 0.631 npm ERR! /root/.npm/_logs/2025-04-27T17_15_12_917Z-debug.log 741: ------ 742: Dockerfile:14 743: -------------------- 744: 12 | WORKDIR /app 745: 13 | ENV NODE_ENV production 746: 14 | >>> RUN npm ci 747: 15 | 748: 16 | ENTRYPOINT ["node", "index.js"] 749: -------------------- 750: ERROR: failed to solve: process "/bin/sh -c npm ci" did not complete successfully: exit code: 1 751: ##[error]buildx call failed with: ERROR: failed to solve: process "/bin/sh -c npm ci" did not complete successfully: exit code: 1 752: Post job cleanup.