[Snyk] Security upgrade @loopback/rest-explorer from 3.3.4 to 4.0.1

[kspshnik]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • src/backend/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	591/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.4	Server-side Request Forgery (SSRF) SNYK-JS-SWAGGERUIDIST-6056393	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @loopback/rest-explorer

The new version differs by 115 commits.

• 4a88864 chore: publish release
• 47d9096 chore: lock file maintenance
• 10045c4 chore: update dependency winston to ^3.4.0
• bf5d43b chore: update dependency qs to ^6.10.3
• d39ed1b test(logging): metadata is not defined in the format
• 78eb55d chore: update dependency winston to ^3.3.4
• 3454eeb chore: update dependency testcontainers to v8
• fedf35e chore: update lint packages
• 72805cb chore: update dependency supertest to ^6.2.0
• f2e96ae chore: update dependency async to ^3.2.3
• 56c8116 chore: correct import syntax
• af19a5d chore: update dependency winston-transport to ^4.4.2
• 18c3f34 chore: update dependency @ graphql-tools/utils to ^8.6.1
• c8f56e0 chore: update dependency @ commitlint/cli to ^16.0.2
• 96c3d7e chore: update dependency lint-staged to ^12.1.7
• 4d1ddde chore: update dependency @ types/json-merge-patch to v0.0.8
• b22f47b chore: update dependency hyperid to v3
• d75cef7 chore: update dependency lint-staged to ^12.1.6
• 5504ea0 chore: lock file maintenance
• 2f573c7 chore: update dependency bson to v4.6.1
• be29b00 chore: replace issue template by issue form [skip ci]
• 1d790a6 chore: lock file maintenance and update minor dependencies
• c509340 chore: update dependency http-errors to v2
• 8ee85f0 chore: update socket.io packages to ^4.4.1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Server-side Request Forgery (SSRF)

_{Mention [stepsize] in a comment if you'd like to report some technical debt. See examples here.}

[viezly]

Changes preview:

Legend:

👀 Review pull request on Viezly