[Snyk] Fix for 4 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	No	Proof of Concept
	387/1000 Why? Proof of Concept exploit, CVSS 5.6	Prototype Pollution SNYK-JS-IMMER-1540542	No	Proof of Concept
	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	No	Proof of Concept
	405/1000 Why? CVSS 8.1	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @storybook/addon-docs

The new version differs by 61 commits.

• d0c1e8a v6.4.13
• ad95877 Update root, peer deps, version.ts/json to 6.4.13 [ci skip]
• 908cda1 6.4.13 changelog
• ee5c044 Merge pull request RNMobile Add size options to mobile image block WordPress/gutenberg#17245 from storybookjs/fix-prettier-2-3-formatting-main
• c3311c0 Update snapshots
• a533573 Fix prettier 2.3 formatting on main
• 59b85c7 Merge pull request PR #16814 breaks Co-Authors-Plus plugin Guest Author creation functionality WordPress/gutenberg#17241 from storybookjs/17008-fix-staticdirs-favicon
• f2a7256 Merge pull request Custom sidebar once unpinned never come back WordPress/gutenberg#17022 from Taillook/chore/react-dev-utils
• ec142c8 Merge pull request Block Editor: Disable click-through on desktop. WordPress/gutenberg#17239 from storybookjs/16820-fix-prettier-transpilation
• de25e19 Merge pull request Fix type docs for Notices WordPress/gutenberg#17206 from storybookjs/angular/fix-angular-13.1
• 8fe4027 Merge pull request Try delaying sibling inserter hover events WordPress/gutenberg#17240 from storybookjs/15574-fix-namedexportsorder-warning
• 8346850 Merge pull request RichText: Fall back to setTimeout if no requestIdleCallback WordPress/gutenberg#17213 from storybookjs/16067-fix-manager-process
• 3a0fd74 Merge pull request Implement new block-directory package  WordPress/gutenberg#17244 from storybookjs/chore_docs_fix_composition_link
• 7e43adc Merge pull request Cannot set an ID to blocks WordPress/gutenberg#17224 from storybookjs/chore_docs_update_addons_install_docs
• 373ca10 Merge pull request Button Block: Only display buttons if the title attribute exists  WordPress/gutenberg#17221 from storybookjs/chore_docs_fix_addon_knowledge_base
• 1e1331d Merge pull request Pasting modifies/removes spacing WordPress/gutenberg#17208 from storybookjs/chore_docs_updates_syntax_highlight_docs
• 00a6c36 Merge pull request Incorrect type definition for WPNoticeAction and missing docs for type option for notices WordPress/gutenberg#17203 from storybookjs/chore_fix_repro_docs
• f0a2216 6.4.12 latest.json version file
• 180e481 Update git head to 6.4.12, update yarn.lock
• 9ce1a3b v6.4.12
• b278a84 Update root, peer deps, version.ts/json to 6.4.12 [ci skip]
• 7610bf0 6.4.12 changelog
• 704d82a Update git head to 6.4.11, update yarn.lock
• dc7fc7b v6.4.11

See the full diff

Package name: @storybook/react

The new version differs by 61 commits.

• d0c1e8a v6.4.13
• ad95877 Update root, peer deps, version.ts/json to 6.4.13 [ci skip]
• 908cda1 6.4.13 changelog
• ee5c044 Merge pull request RNMobile Add size options to mobile image block WordPress/gutenberg#17245 from storybookjs/fix-prettier-2-3-formatting-main
• c3311c0 Update snapshots
• a533573 Fix prettier 2.3 formatting on main
• 59b85c7 Merge pull request PR #16814 breaks Co-Authors-Plus plugin Guest Author creation functionality WordPress/gutenberg#17241 from storybookjs/17008-fix-staticdirs-favicon
• f2a7256 Merge pull request Custom sidebar once unpinned never come back WordPress/gutenberg#17022 from Taillook/chore/react-dev-utils
• ec142c8 Merge pull request Block Editor: Disable click-through on desktop. WordPress/gutenberg#17239 from storybookjs/16820-fix-prettier-transpilation
• de25e19 Merge pull request Fix type docs for Notices WordPress/gutenberg#17206 from storybookjs/angular/fix-angular-13.1
• 8fe4027 Merge pull request Try delaying sibling inserter hover events WordPress/gutenberg#17240 from storybookjs/15574-fix-namedexportsorder-warning
• 8346850 Merge pull request RichText: Fall back to setTimeout if no requestIdleCallback WordPress/gutenberg#17213 from storybookjs/16067-fix-manager-process
• 3a0fd74 Merge pull request Implement new block-directory package  WordPress/gutenberg#17244 from storybookjs/chore_docs_fix_composition_link
• 7e43adc Merge pull request Cannot set an ID to blocks WordPress/gutenberg#17224 from storybookjs/chore_docs_update_addons_install_docs
• 373ca10 Merge pull request Button Block: Only display buttons if the title attribute exists  WordPress/gutenberg#17221 from storybookjs/chore_docs_fix_addon_knowledge_base
• 1e1331d Merge pull request Pasting modifies/removes spacing WordPress/gutenberg#17208 from storybookjs/chore_docs_updates_syntax_highlight_docs
• 00a6c36 Merge pull request Incorrect type definition for WPNoticeAction and missing docs for type option for notices WordPress/gutenberg#17203 from storybookjs/chore_fix_repro_docs
• f0a2216 6.4.12 latest.json version file
• 180e481 Update git head to 6.4.12, update yarn.lock
• 9ce1a3b v6.4.12
• b278a84 Update root, peer deps, version.ts/json to 6.4.12 [ci skip]
• 7610bf0 6.4.12 changelog
• 704d82a Update git head to 6.4.11, update yarn.lock
• dc7fc7b v6.4.11

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution
🦉 Remote Code Execution (RCE)