chore(deps): update yarn.lock to resolve CVE-2024-35255

[kim-tsao]

update yarn.lock to resolve CVE-2024-35255 Fixes RHIDP-2735

[openshift-ci[bot]]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please ask for approval from kim-tsao. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/janus-idp/backstage-plugins/blob/main/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[kim-tsao]

Added dependabot rule to filter out findings from root yarn.lock which is not used in RHDH

[kim-tsao]

Re-opening, as discussed with @Zaperex it would be good to keep the root yarn.lock up to date

[kim-tsao]

/retest

[kim-tsao]

/retest

[openshift-merge-robot]

PR needs rebase.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.

[nickboldt]

Closing as Kim has said:

those were moderate findings. Plugins [update] is not important because it was a root yarn.lock update done to keep dependencies in sync we put a no_backport label and FixVersion=1.3 on it https://issues.redhat.com/browse/RHIDP-2735