Bump deps and fix snyk workflow (#1745)

### Feature or Bugfix
<!-- please choose -->
- Bugfix

### Detail
- Bump deps for `nanoid` and `path-to-regexp` npm packages
- remove `with:` arg in Snyk Workflow for weekly runs

### Relates
- #1743

### Security
Please answer the questions below briefly where applicable, or write
`N/A`. Based on
[OWASP 10](https://owasp.org/Top10/en/).

- Does this PR introduce or modify any input fields or queries - this
includes
fetching data from storage outside the application (e.g. a database, an
S3 bucket)?
  - Is the input sanitized?
- What precautions are you taking before deserializing the data you
consume?
  - Is injection prevented by parametrizing queries?
  - Have you ensured no `eval` or similar functions are used?
- Does this PR introduce any functionality or component that requires
authorization?
- How have you ensured it respects the existing AuthN/AuthZ mechanisms?
  - Are you logging failed auth attempts?
- Are you using or adding any cryptographic features?
  - Do you use a standard proven implementations?
  - Are the used keys controlled by the customer? Where are they stored?
- Are you introducing any new policies/roles/users?
  - Have you used the least-privilege principle? How?


By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.

.github/workflows/snyk.yaml

@@ -28,5 +28,3 @@ jobs:
         run: snyk test --all-projects --detection-depth=5 --severity-threshold=high
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          args: --all-projects --detection-depth=5 --severity-threshold=high

frontend/package.json

@@ -71,7 +71,8 @@
     "uuid": "^10.0.0",
     "web-vitals": "^2.1.4",
     "yup": "^0.32.11",
-    "webpack": "^5.94.0"
+    "webpack": "^5.94.0",
+    "nanoid": "^3.3.8"
   },
   "overrides": {
     "aws-amplify": {
@@ -97,7 +98,7 @@
     "express": "4.20.0",
     "ejs": "3.1.10",
     "fast-xml-parser": "4.4.1",
-    "path-to-regexp": "0.1.10",
+    "path-to-regexp": "0.1.12",
     "body-parser": "^1.20.3",
     "send": "0.19.0",
     "rollup": "3.29.5",
@@ -119,7 +120,7 @@
     "ejs": "3.1.10",
     "ws": "^8.17.1",
     "fast-xml-parser": "4.4.1",
-    "path-to-regexp": "0.1.10",
+    "path-to-regexp": "0.1.12",
     "body-parser": "^1.20.3",
     "send": "0.19.0",
     "rollup": "3.29.5",

frontend/yarn.lock

@@ -11238,10 +11238,10 @@ nanoclone@^0.2.1:
   resolved "https://registry.npmjs.org/nanoclone/-/nanoclone-0.2.1.tgz"
   integrity sha512-wynEP02LmIbLpcYw8uBKpcfF6dmg2vcpKqxeH5UcoKEYdExslsdUA4ugFauuaeYdTB76ez6gJW8XAZ6CgkXYxA==
 
-nanoid@^3.3.6:
-  version "3.3.7"
-  resolved "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz"
-  integrity sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g==
+nanoid@^3.3.6, nanoid@^3.3.8:
+  version "3.3.8"
+  resolved "https://registry.npmjs.org/nanoid/-/nanoid-3.3.8.tgz"
+  integrity sha512-WNLf5Sd8oZxOm+TzppcYk8gVOgP+l58xNy58D0nbUnOxOWRWvlcCV4kUF7ltmI6PsrLl/BgKEyS4mqsGChFN0w==
 
 natural-compare-lite@^1.4.0:
   version "1.4.0"
@@ -11739,10 +11739,10 @@ path-scurry@^1.11.1:
     lru-cache "^10.2.0"
     minipass "^5.0.0 || ^6.0.2 || ^7.0.0"
 
-[email protected].10:
-  version "0.1.10"
-  resolved "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.10.tgz"
-  integrity sha512-7lf7qcQidTku0Gu3YDPc8DJ1q7OOucfa/BSsIwjuh56VU7katFvuM8hULfkwB3Fns/rsVF7PwPKVw1sl5KQS9w==
+[email protected].12:
+  version "0.1.12"
+  resolved "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz"
+  integrity sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==
 
 path-type@^4.0.0:
   version "4.0.0"