[Snyk] Security upgrade eslint-plugin-jest from 24.7.0 to 25.0.4

[MelvinBot]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	Yes	No Known Exploit
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: eslint-plugin-jest

The new version differs by 39 commits.

• 8befa12 chore(release): 25.0.4 [skip ci]
• afad49a fix: update `@ typescript-eslint/experimental-utils` to v5 (#941)
• b2ed605 chore(release): 25.0.3 [skip ci]
• bd2c33c fix(valid-expect-in-promise): support awaited promises in arguments (#936)
• d90a5dc chore(release): 25.0.2 [skip ci]
• 07d2137 fix(valid-expect-in-promise): support out of order awaits (#939)
• e731bce chore: add patches to git
• cbea1d6 refactor(valid-expect-in-promise): remove duplicate check (#938)
• c171942 chore(deps): lock file maintenance
• d47fd25 chore(deps): lock file maintenance
• 4a3caa4 chore(deps): lock file maintenance
• 1748063 chore(release): 25.0.1 [skip ci]
• cb87458 fix: specify peer dependency ranges correctly
• 3a12aec chore(release): 25.0.0 [skip ci]
• 2dce752 Merge pull request #905 from jest-community/next
• 1ef8586 chore(release): 25.0.0-next.7 [skip ci]
• f3e9e9a feat(valid-describe): rename to `valid-describe-callback`
• b860084 feat(lowercase-name): rename to `prefer-lowercase-title`
• 3434d9b feat(prefer-to-be-undefined): remove rule
• 809bcda feat(prefer-to-be-null): remove rule
• 2a3376f feat: add `prefer-to-be` to style ruleset
• c5ccdca chore(release): 25.0.0-next.6 [skip ci]
• 6708bb8 Merge branch 'main' into next
• 24b6c5d chore(release): 25.0.0-next.5 [skip ci]

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption

[pecanoro]

This ended up having conflicts so I am going to create the branch manually so we can close this: https://github.com/Expensify/Expensify/issues/399651

[chiragsalian]

oh wow, i was just about to ask about this. I was just trying to address the conflict manually but the package-lock.json kept failing when i use version 25.0.4.
Let me know how you're going to address this.

[pecanoro]

I updated to the v28 instead 😄 #715