[Snyk] Security upgrade date-fns from 2.30.0 to 3.0.0

[rubenfiszel]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• frontend/package.json
• frontend/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIME-10044504

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

---

Important

Upgrade date-fns to 3.0.0 to fix a ReDoS vulnerability.

• Dependencies:
  • Upgrade date-fns from 2.30.0 to 3.0.0 in frontend/package.json and frontend/package-lock.json.
• Security:
  • Fixes Regular Expression Denial of Service (ReDoS) vulnerability SNYK-JS-BABELRUNTIME-10044504.

^{This description was created by for 3c97901. You can customize this summary. It will automatically update as commits are pushed.}

[cloudflare-workers-and-pages]

Deploying windmill with    Cloudflare Pages

Latest commit:	3c97901
Status:	✅  Deploy successful!
Preview URL:	https://58e12bf3.windmill.pages.dev
Branch Preview URL:	https://snyk-fix-49ade0cb285adea6fde.windmill.pages.dev

View logs

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to 3c97901 in 52 seconds. Click for details.

• Reviewed 13 lines of code in 1 files
• Skipped 1 files when reviewing.
• Skipped posting 2 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. frontend/package.json:105

• Draft comment:
  Upgrading date-fns to v3 may introduce breaking API changes. Verify compatibility with existing code.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is about a dependency change and warns about potential breaking changes. It asks the author to verify compatibility, which is against the rules.

2. frontend/package.json:105

• Draft comment:
  Upgrading date-fns from ^2.30.0 to ^3.0.0 is a breaking change. Ensure that all usages comply with the v3 migration guide and check compatibility with other dependencies (e.g., chartjs-adapter-date-fns).
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is about a dependency change, specifically upgrading a library version. It advises the author to ensure compatibility and check the migration guide, which falls under the rule of not commenting on dependency changes or asking the author to ensure compatibility.

Workflow ID: wflow_DFaFywQmlDXoXrfy

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}