[Snyk] Fix for 3 vulnerabilities

[GurdipS5]

Snyk has created this PR to fix 3 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json
• package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Allocation of Resources Without Limits or Throttling SNYK-JS-JSPDF-12205531	756
	Allocation of Resources Without Limits or Throttling SNYK-JS-AXIOS-12613773	666
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-9403194	524

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.
• Snyk has automatically assigned this pull request, set who gets assigned.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
👩‍💻 Set who automatically gets assigned
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Allocation of Resources Without Limits or Throttling
🦉 Server-side Request Forgery (SSRF)

[safedep]

SafeDep Report Summary

Package Details

Package	Malware	Vulnerability	Risky License	Report
@types/pako @ 2.0.4 package-lock.json				🔗
adm-zip @ 0.5.16 package-lock.json				🔗
axios @ 1.12.2 package-lock.json				🔗
cliui @ 8.0.1 package-lock.json				🔗
commander @ 14.0.1 package-lock.json				🔗
fast-png @ 6.4.0 package-lock.json				🔗
form-data @ 4.0.4 package-lock.json				🔗
fs-extra @ 11.3.2 package-lock.json				🔗
get-caller-file @ 2.0.5 package-lock.json				🔗
iobuffer @ 5.4.0 package-lock.json				🔗
jest-sonar-reporter @ 2.0.0 package-lock.json				🔗
jspdf @ 3.0.2 package-lock.json				🔗
pako @ 2.1.0 package-lock.json				🔗
properties-file @ 3.6.1 package-lock.json				🔗
replace-in-file @ 8.3.0 package-lock.json				🔗
require-directory @ 2.1.1 package-lock.json				🔗
semver @ 7.7.2 package-lock.json				🔗
sonarqube-scanner @ 4.3.1 package-lock.json				🔗
xml @ 1.0.1 package-lock.json				🔗
y18n @ 5.0.8 package-lock.json				🔗
yargs @ 17.7.2 package-lock.json				🔗
yargs-parser @ 21.1.1 package-lock.json				🔗

_{This report is generated by SafeDep Github App}

[secure-code-warrior-for-github]

Micro-Learning Topic: Server-side request forgery (Detected by phrase)

Matched on "Server-side Request Forgery"

What is this? (2min video)

Server-Side Request Forgery (SSRF) vulnerabilities are caused when an attacker can supply or modify a URL that reads or sends data to the server. The attacker can create a malicious request with a manipulated URL, when this request reaches the server, the server-side code executes the exploit URL causing the attacker to be able to read data from services that shouldn't be exposed.

Try a challenge in Secure Code Warrior

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch snyk-fix-5d7f4eb5c6be5ebd3eca93d5ce400959

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}