deps: [M3-9082, M3-9083] - Dependabot Fixes

[jaalah-akamai]

Description 📝

1. See: https://github.com/linode/manager/security/dependabot/137
   • vite@npm:5.4.11
     └─ postcss@npm:8.4.47
     └─ nanoid@npm:3.3.7 (via npm:^3.3.7)
2. See: https://github.com/linode/manager/security/dependabot/136
   • @storybook/core@npm:8.3.4
     └─ express@npm:4.21.0 (via npm:^4.19.2)
   • At the end of the day, I'm not sure we can fix this one quite yet. It's also being used by React Router Dom which we're trying to phase out and we're on an old version.

Changes 🔄

• Bumped "storybook": "^8.4.7" and other deps where they removed express
• Add resolution "nanoid": "^3.3.8" - "vite": "^6.0.7" (latest at this time) doesn't have 3.3.8

Target release date 🗓️

01/28/2025

Verification steps

Run yarn why nanoid && yarn why path-to-regexp

Author Checklists

As an Author, to speed up the review process, I considered 🤔

👀 Doing a self review
❔ Our contribution guidelines
🤏 Splitting feature into small PRs
➕ Adding a changeset
🧪 Providing/improving test coverage
🔐 Removing all sensitive information from the code and PR description
🚩 Using a feature flag to protect the release
👣 Providing comprehensive reproduction steps
📑 Providing or updating our documentation
🕛 Scheduling a pair reviewing session
📱 Providing mobile support
♿ Providing accessibility support

• I have read and considered all applicable items listed above.

As an Author, before moving this PR from Draft to Open, I confirmed ✅

• All unit tests are passing
• TypeScript compilation succeeded without errors
• Code passes all linting rules

[github-actions]

Coverage Report: ✅
Base Coverage: 87.19%
Current Coverage: 87.19%

[linode-gh-bot]

Cloud Manager UI test results

🔺 1 failing test on test run #2 ↗︎

❌ Failing	✅ Passing	↪️ Skipped	🕐 Duration
1 Failing	473 Passing	2 Skipped	100m 58s

Details

Failing Tests
	Spec	Test
❌	linode-config.spec.ts	End-to-End » Clones a config

Troubleshooting

Use this command to re-run the failing tests:

yarn cy:run -s "cypress/e2e/core/linodes/linode-config.spec.ts"

[hkhalil-akamai]

• ✅ No vulnerable versions found via yarn audit
• ✅ Verified nanoid is updated to patched version
• I believe we can resolve the path-to-regexp dependabot alert since the vulnerable version was removed in chore: Fix last path-to-regexp depenabot alert by using vite preview instead of serve #11015

[hkhalil-akamai]

Looks like cypress failures are unrelated (cc @linode/frontend-sdet)

[bnussman-akamai]

Dependency versions look good ✅
Storybook local dev server ran stable ✅
Storybook production build worked ✅