Update micromatch to 4.8.0to fix cve issue

[ruchidh]

Description

The NPM package "micromatch" prior to 4.0.8 is vulnerable to Regular Expression Denial of Service (ReDoS)
Fixed vulnerabilities Issues to all packages using older version.

Updates packages directly-
@types/jest
@typescript-eslint/parse
babel-jest
jest-cli
yo

Also, webpack using "^3.1.10", which can not be updated directly so have to add resolutions.

Issues Resolved

#1588
#1595

Check List

• New functionality includes testing.
• New functionality has been documented.
• All tests pass
  • yarn lint
  • yarn test-unit
• Update CHANGELOG.md
• Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[virajsanghvi]

Have you taken a look at failures? I think node and TS will need to be upgraded to support jest 30, so may need to update micromatch without touching those dependencies - node should be straightforward to update but think TS may require more work to get to 5.4.0

[virajsanghvi]

Btw, this will require an update to the Changelog

[ruchidh]

Have you taken a look at failures? I think node and TS will need to be upgraded to support jest 30, so may need to update micromatch without touching those dependencies - node should be straightforward to update but think TS may require more work to get to 5.4.0

yes node has to be updated with > 20.18. and we have ts errors.

TS will need to be upgraded to support jest 30, so may need to update micromatch without touching those dependencies

should we just update in resolutions without upgrading jest.

[virajsanghvi]

Unless number of ts errors is safely resolvable, I'd just go the resolutions route for now. Probably should check which packages depend on micromatch and validate its just a minor version update for them, otherwise, we should be more targeted.