[Snyk] Fix for 2 vulnerabilities

[mnk-blr]

Snyk has created this PR to fix 2 vulnerabilities in the pnpm dependencies of this project.

Snyk changed the following file(s):

• package.json

⚠️ Warning

Failed to update the pnpm-lock.yaml, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Inefficient Algorithmic Complexity SNYK-JS-MINIMATCH-15353389	170
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AJV-15274295	155

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[claude]

⚠️ Breaking Change: ESLint 9.1.0 is incompatible with the current TypeScript ESLint packages.

Current state:

• @typescript-eslint/eslint-plugin: ^5.59.5
• @typescript-eslint/parser: ^5.59.5

Required fixes:

1. Update TypeScript ESLint packages to v6.x+ or v7.x for ESLint 9 compatibility
2. Migrate from legacy .eslintrc.js to ESLint 9's flat config format
3. Consider deferring ESLint 9 upgrade until ecosystem compatibility is verified

This change will likely break the current linting pipeline.

[claude]

⚠️ Configuration Updates Required: Jest 29 has breaking changes that need configuration updates.

Critical issues to fix:

1. Jest config: jest.config.sdk.js uses deprecated globals syntax - needs migration to transform configuration
2. Type definitions: Update @types/jest from ^27.0.3 to ^29.0.0
3. JSDOM compatibility: Upgrade jsdom from ^19.0.0 to ^20.0.0 for Jest 29 support
4. Timer APIs: Update legacy timer usage in test files (src/main/util.spec.ts)

Documentation: Update CLAUDE.md line 23 to reflect "Jest 29 + ts-jest"

Without these updates, tests will fail to run.

[claude]

Code Review Summary

❌ NOT READY FOR MERGE - This PR introduces breaking changes that require additional updates.

Critical Issues Found

🔴 ESLint 9 Compatibility

• Current TypeScript ESLint packages (v5.x) are incompatible with ESLint 9
• Missing migration to ESLint 9's flat config format
• Will break linting pipeline

🔴 Jest 29 Configuration

• Deprecated globals configuration in jest.config.sdk.js needs migration to transform
• Missing required updates: @types/jest (→v29), jsdom (→v20+)
• Timer API usage needs updating in test files

🟡 Documentation

• CLAUDE.md still references Jest 27 instead of Jest 29

Required Actions Before Merge

1. Update TypeScript ESLint ecosystem to v6+ for ESLint 9 compatibility
2. Migrate Jest configuration from deprecated globals to transform syntax
3. Update peer dependencies: @types/jest, jsdom, potentially ts-jest
4. Update documentation in CLAUDE.md
5. Test the build pipeline after each change to ensure compatibility

Recommendation

Consider breaking this into smaller, incremental PRs:

1. Jest 28 upgrade first (easier migration path)
2. TypeScript ESLint packages upgrade
3. ESLint 9 upgrade with flat config migration

This approach would reduce risk and make debugging easier if issues arise.

---

Review completed using specialized agents for code quality, documentation, and test coverage analysis.