[Snyk] Security upgrade ajv from 5.1.3 to 8.18.0

[LoganLynd]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AJV-15274295	209

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[LoganLynd]

This is a major upgrade across three major versions (v5 → v8) of ajv and introduces significant breaking changes that will require code and schema modifications.

Key Breaking Changes (v5 → v7):

• JSON Schema Draft-04 Support Removed: Support for draft-04 of the JSON Schema specification has been removed. Schemas using the id property must be updated to use $id.
• Formats moved to a separate package: All format validators (e.g., date-time, email) have been moved to the ajv-formats package and must be explicitly added to the Ajv instance.
• Strict Mode by Default: A new strict mode is enabled by default, which may cause schemas that were previously considered valid to throw errors.
• API Changes:
  • Ajv is now an ES6 class and must be instantiated with the new keyword.
  • The addKeyword API has been changed.

Key Breaking Changes (v7 → v8):

• JSON Schema Draft-2020-12 Support: This version adds support for draft-2020-12, which is not backward-compatible with previous drafts. For example, the items keyword has new semantics, and prefixItems has been added. You cannot use draft-2020-12 schemas and previous versions in the same Ajv instance.
• Error Reporting: The dataPath property in error objects has been replaced with instancePath.
• Regular Expressions: Regular expressions for pattern and patternProperties now enforce the Unicode "u" flag, which may cause some patterns to become invalid.

Recommendation:
This upgrade is a high-risk change. Developers must carefully review their existing JSON schemas for compatibility with newer drafts, update their code to handle the new API and package structure, and test validation logic thoroughly. It is highly recommended to consult the official migration guides.

Source: Ajv v7 and v8 Release Notes

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.