[Snyk] Security upgrade @opengovsg/formsg-sdk from 0.10.0 to 0.11.0

[isomeradmin]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	676/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.1	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @opengovsg/formsg-sdk

The new version differs by 12 commits.

• 4de687d build: bump version to 0.11.0 (CI: description field left blank when deploying to Elastic Beanstalk #100)
• aef81c6 Create LICENSE (chore: add /v1 to all URI paths #95)
• a017183 chore: upgrade axios to 1.6.2 (Merge to Prod #93)
• e7267c9 build(deps-dev): bump @ babel/traverse from 7.16.3 to 7.23.3 (Fix/typo in images endpoint and increase limit of requests #99)
• 1d7ac98 build(deps-dev): bump word-wrap from 1.2.3 to 1.2.5 (Fix: add check for files in directory when reading file #97)
• 9cd2b71 Update ci.yml (build(deps): bump ini from 1.3.5 to 1.3.7 #96)
• c07f4a0 chore(readme): add wording for period inclusion of unstable fields (Fix/error handling for large payload #94)
• 7ba2a38 Merge pull request feat: improve /sites endpoint performance #90 from opengovsg/add-sister-sdks
• e3f7edc Update README.md to include existence of sister SDks
• 5814c76 fix: upgrade axios from 0.24.0 to 0.25.0 (fix: update config settings and footer settings separately #81)
• b8c2bf2 build(deps): bump json5 from 1.0.1 to 1.0.2 (Fix/handle renaming of folders with multiple files #88)
• 083556f Merge pull request Fix: throw NotFoundError for files #87 from opengovsg/release-v0.10.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Request Forgery (CSRF)

[seaerchin]

closing, package alr updated