Release 3.5 - Upgrade Packages #5919
Description
- Update all packages required to resolve the dependabot PRs, which means updating to the recommended PR version or the most updated version when available.
- Nodejs should be updated to the most updated minor and patch versions of the current major version, or a major version upgrade if agreed by the team.
- Any package not yet raised to be upgraded by Dependabot can be upgraded.
- Overall package upgrades can be verified using the npm-check-updates
- formio webgroup dependabot PRs should not be merged
- By the end of the effort, as much as possible, executing an npm audit on all packages should result in some vulnerability only if there are no fixes available.