[Snyk] Security upgrade @backstage/plugin-scaffolder-backend from 1.14.0 to 1.19.2

[devyaniofficial]

This PR was automatically created by Snyk using the credentials of a real user.

 ### Snyk has created this PR to fix 9 vulnerabilities in the yarn dependencies of this project. #### Snyk changed the following file(s): - `packages/backend/package.json` #### Note for [zero-installs](https://yarnpkg.com/features/zero-installs) users If you are using the Yarn feature [zero-installs](https://yarnpkg.com/features/zero-installs) that was introduced in Yarn V2, note that this PR does not update the `.yarn/cache/` directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run `yarn` to update the contents of the `./yarn/cache` directory. If you are not using zero-install you can ignore this as your flow should likely be unchanged.

⚠️ Warning

``` Failed to update the yarn.lock, please update manually before merging. ```

#### Vulnerabilities that will be fixed with an upgrade: | | Issue | Score | :-------------------------:|:-------------------------|:-------------------------  | Denial of Service (DoS)
[SNYK-JS-WS-7266574](https://snyk.io/vuln/SNYK-JS-WS-7266574) |   **768**    | Uncontrolled resource consumption
[SNYK-JS-BRACES-6838727](https://snyk.io/vuln/SNYK-JS-BRACES-6838727) |   **696**    | Information Exposure Through an Error Message
[SNYK-JS-BACKSTAGEBACKENDAPPAPI-6229731](https://snyk.io/vuln/SNYK-JS-BACKSTAGEBACKENDAPPAPI-6229731) |   **686**    | Uncontrolled Resource Consumption ('Resource Exhaustion')
[SNYK-JS-TAR-6476909](https://snyk.io/vuln/SNYK-JS-TAR-6476909) |   **646**    | Missing Release of Resource after Effective Lifetime
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) |   **631**    | Path Traversal
[SNYK-JS-BACKSTAGEBACKENDCOMMON-6274391](https://snyk.io/vuln/SNYK-JS-BACKSTAGEBACKENDCOMMON-6274391) |   **619**    | Open Redirect
[SNYK-JS-EXPRESS-6474509](https://snyk.io/vuln/SNYK-JS-EXPRESS-6474509) |   **519**    | Resource Exhaustion
[SNYK-JS-JOSE-6419224](https://snyk.io/vuln/SNYK-JS-JOSE-6419224) |   **479**    | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-FASTXMLPARSER-5777726](https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-5777726) |   **399**   --- > [!IMPORTANT] > > - Check the changes in this PR to ensure they won't cause issues with your project. > - Max score is 1000. Note that the real score may have changed since the PR was raised. > - This PR was automatically created by Snyk using the credentials of a real user. --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._ For more information: 🧐 [View latest project report](https://app.snyk.io/org/ashishkaushik/project/8e1e7baa-3594-45ac-bbc6-e7f5083792ff?utm_source=github&utm_medium=referral&page=fix-pr) 📜 [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates) 🛠 [Adjust project settings](https://app.snyk.io/org/ashishkaushik/project/8e1e7baa-3594-45ac-bbc6-e7f5083792ff?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read about Snyk's upgrade logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Information Exposure Through an Error Message](https://learn.snyk.io/lesson/error-message-with-sensitive-information/?loc=fix-pr) 🦉 [Path Traversal](https://learn.snyk.io/lesson/directory-traversal/?loc=fix-pr) 🦉 [Uncontrolled resource consumption](https://learn.snyk.io/lesson/redos/?loc=fix-pr) 🦉 [More lessons are available in Snyk Learn](https://learn.snyk.io/?loc=fix-pr) [//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"@backstage/plugin-scaffolder-backend","from":"1.14.0","to":"1.19.2"}],"env":"prod","issuesToFix":[{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BACKSTAGEBACKENDAPPAPI-6229731","priority_score":686,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Information Exposure Through an Error Message"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-BACKSTAGEBACKENDCOMMON-6274391","priority_score":619,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Path Traversal"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BRACES-6838727","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Uncontrolled resource consumption"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-EXPRESS-6474509","priority_score":519,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.1","score":305},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-FASTXMLPARSER-5777726","priority_score":399,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-FASTXMLPARSER-5777726","priority_score":399,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-INFLIGHT-6095116","priority_score":631,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.2","score":310},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Missing Release of Resource after Effective Lifetime"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-JOSE-6419224","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Resource Exhaustion"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-TAR-6476909","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-TAR-6476909","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-WS-7266574","priority_score":768,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"freshness","label":true,"score":71},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"}],"prId":"e5b80470-8835-4032-9842-b2b47bf20298","prPublicId":"e5b80470-8835-4032-9842-b2b47bf20298","packageManager":"yarn","priorityScoreList":[686,619,696,519,399,631,479,646,768],"projectPublicId":"8e1e7baa-3594-45ac-bbc6-e7f5083792ff","projectUrl":"https://app.snyk.io/org/ashishkaushik/project/8e1e7baa-3594-45ac-bbc6-e7f5083792ff?utm_source=github&utm_medium=referral&page=fix-pr","prType":"fix","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["updated-fix-title","pr-warning-shown","priorityScore"],"type":"auto","upgrade":["SNYK-JS-BACKSTAGEBACKENDAPPAPI-6229731","SNYK-JS-BACKSTAGEBACKENDCOMMON-6274391","SNYK-JS-BRACES-6838727","SNYK-JS-EXPRESS-6474509","SNYK-JS-FASTXMLPARSER-5777726","SNYK-JS-INFLIGHT-6095116","SNYK-JS-JOSE-6419224","SNYK-JS-TAR-6476909","SNYK-JS-WS-7266574"],"vulns":["SNYK-JS-BACKSTAGEBACKENDAPPAPI-6229731","SNYK-JS-BACKSTAGEBACKENDCOMMON-6274391","SNYK-JS-BRACES-6838727","SNYK-JS-EXPRESS-6474509","SNYK-JS-FASTXMLPARSER-5777726","SNYK-JS-INFLIGHT-6095116","SNYK-JS-JOSE-6419224","SNYK-JS-TAR-6476909","SNYK-JS-WS-7266574"],"patch":[],"isBreakingChange":false,"remediationStrategy":"vuln"}'

[sonarcloud[bot]]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud