[Snyk] Security upgrade happy-dom from 17.1.0 to 20.8.9

[Dargon789]

Snyk has created this PR to fix 4 vulnerabilities in the pnpm dependencies of this project.

Snyk changed the following file(s):

• packages/siwx/package.json

⚠️ Warning

Failed to update the pnpm-lock.yaml, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue
	Arbitrary Code Injection SNYK-JS-HAPPYDOM-13535083
	Prototype Pollution SNYK-JS-HAPPYDOM-13559227
	Arbitrary Code Injection SNYK-JS-HAPPYDOM-15790746
	Insertion of Sensitive Information Into Sent Data SNYK-JS-HAPPYDOM-15810980

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Arbitrary Code Injection
🦉 Prototype Pollution

[codesandbox]

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders

Open Preview

[bolt-new-by-stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[vercel]

Deployment failed with the following error:

Too many requests - try again in 5 minutes (more than 60, code: "api-deployments-flood").

Learn More: https://vercel.com/docs/limits#rate-limits

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[gemini-code-assist]

Code Review

This pull request updates the happy-dom development dependency to version 20.8.9 in the packages/siwx package. Feedback indicates that the pnpm-lock.yaml file was not updated alongside this change, which is required to ensure consistent installations and prevent CI failures.

[gemini-code-assist]

The pnpm-lock.yaml file was not updated in this pull request. In a pnpm workspace, the lockfile must be synchronized with package.json to ensure that the specified version (and its security fixes) are actually installed. Merging this change without an updated lockfile will cause CI failures in environments using --frozen-lockfile and will prevent the security vulnerabilities from being correctly remediated in deployed environments.