[Snyk] Security upgrade rudder-sdk-js from 2.46.0 to 2.48.7

[surajpuvvada]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: rudder-sdk-js

The new version differs by 215 commits.

• 727804c chore(release): pulling release/3.7.0 into main (chore:(deps): bump @apollo/client from 3.6.7 to 3.6.8 #1703)
• d2e5fe0 chore(monorepo): sync versions and generate release logs
• e58b2fe chore(@ rudderstack/analytics-js-sanity-suite): release version 3.0.6
• 5454b88 chore(@ rudderstack/analytics-js-loading-scripts): release version 3.0.5
• c5eb782 chore(@ rudderstack/analytics-js-integrations): release version 3.1.0
• 4a1bfda chore(rudder-sdk-js): release version 2.48.7
• 5f4367f chore(@ rudderstack/analytics-js): release version 3.1.0
• 5d9f75a chore(@ rudderstack/analytics-js-plugins): release version 3.0.4
• 0c11299 chore(@ rudderstack/analytics-js-common): release version 3.2.0
• e85208b chore: remove duplicate config named eventWhiteList (fix(sheet overlay): break-word for header #1652)
• 607c381 feat: add autoConfig support in FBPixel, add tests (chore:(deps): bump @fullstory/browser from 1.6.0 to 1.6.1 #1702)
• c57cf82 feat: warn users on missing plugins (fix: added style for clickable card #1691)
• bb7e1df feat: supporting add to cart for criteo ([Snyk] Security upgrade nginx from 1.21-alpine to 1.20-alpine #1696)
• 3543cc1 feat: added custom domain support in ga4 (fix: added new mixins #1697)
• ba33b9e feat: upgrade storejs lib and remove the patch (chore:(deps): bump rudder-sdk-js from 2.6.0 to 2.7.0 #1700)
• 695b229 chore: update all the sample applications to latest (feat: export drilldown filter type #1695)
• 36a13b0 feat: add a patch for storejs to expose length of the store (fix: added new colors #1694)
• f3a59a1 chore(release): pull main into develop post release v3.6.0 (feat: sheet title as template #1692)
• 711180c chore(release): pulling release/3.6.0 into main (fix: added style for selection in metric card #1690)
• d19c0c0 chore(monorepo): sync versions and generate release logs
• 90cad53 chore(@ rudderstack/analytics-js-sanity-suite): release version 3.0.5
• c9a5928 chore(@ rudderstack/analytics-js-loading-scripts): release version 3.0.4
• c607507 chore(@ rudderstack/analytics-js-integrations): release version 3.0.4
• 74704da chore(@ rudderstack/analytics-js): release version 3.0.4

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption

[github-actions]

Test Results

    4 files  ±0    317 suites  ±0   30m 23s ⏱️ - 2m 9s
1 143 tests ±0  1 143 ✅ ±0  0 💤 ±0  0 ❌ ±0 
1 153 runs  ±0  1 153 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit d5f4fb6. ± Comparison against base commit cf7c36a.