build(deps): Raise potential security vulnerabilities for assembly yarn.lock file using Dependabot

[RomanNikitenko]

Signed-off-by: Roman Nikitenko rnikiten@redhat.com

What does this PR do?

There are a lot of the Dependabot alerts for yarn.lock file which is actually used for tests. We could just remove those dependencies from the generator/tests/production/assembly/yarn.lock as there is no influence on tests.

Instead of removing them I updated that file by actual content of the yarn.lock file which we use at building our assembly(not repo). I mean, that we build our assembly using theia + che-theia repositories, so to detect potential security vulnerabilities in the dependencies of our assembly we could use up-to-date yarn.lock file placed in our repo.

Screenshot/screencast of this PR

What issues does this PR fix or reference?

https://github.com/eclipse/che/issues/21034

How to test this PR?

The changes are for generator/tests/production/assembly/yarn.lock and there is no influence on tests. So, I believe it's enough to have successful jobs for the PR.

PR Checklist

As the author of this Pull Request I made sure that:

• [x] The Eclipse Contributor Agreement is valid
• [x] Code produced is complete
• [x] Code builds without errors
• [ ] Tests are covering the bugfix
• [ ] The repository devfile is up to date and works
• [x] Sections What issues does this PR fix or reference and How to test this PR completed
• [ ] Relevant user documentation updated
• [ ] Relevant contributing documentation updated
• [ ] CI/CD changes implemented, documented and communicated
• [ ] Optional Companion PR for updating the HappyPath tests is approved and ready to be merged

Reviewers

Reviewers, please comment how you tested the PR when approving it.

Happy Path Channel

HAPPY_PATH_CHANNEL=stable

[codecov[bot]]

Codecov Report

Merging #1313 (ae3a775) into main (c299f59) will increase coverage by 3.13%. The diff coverage is 28.02%.

@@            Coverage Diff             @@
##             main    #1313      +/-   ##
==========================================
+ Coverage   32.78%   35.91%   +3.13%     
==========================================
  Files         290      326      +36     
  Lines        9885    10713     +828     
  Branches     1457     1439      -18     
==========================================
+ Hits         3241     3848     +607     
- Misses       6641     6860     +219     
- Partials        3        5       +2     

Impacted Files	Coverage Δ
...theia-about/src/browser/about-che-theia-dialog.tsx	0.00% <0.00%> (ø)
...credentials/src/browser/che-credentials-service.ts	0.00% <0.00%> (ø)
...entials/src/browser/credentials-frontend-module.ts	0.00% <0.00%> (ø)
...eia-credentials/src/common/credentials-protocol.ts	0.00% <0.00%> (ø)
...eia-credentials/src/node/che-credentials-server.ts	0.00% <0.00%> (ø)
...s/src/node/che-theia-credentials-backend-module.ts	0.00% <0.00%> (ø)
...ashboard/src/browser/che-theia-dashboard-module.ts	0.00% <0.00%> (ø)
...ia-dashboard/src/browser/theia-dashboard-client.ts	0.00% <0.00%> (ø)
...rowser/src/browser/che-mini-browser-environment.ts	0.00% <0.00%> (ø)
...in-ext/src/browser/che-sidecar-file-system-main.ts	100.00% <ø> (ø)
... and 290 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update fff21d0...ae3a775. Read the comment docs.