fix(deps): bump deps to avoid subdependency problems

[billhimmelsbach]

We have some two moderate security issues with current subdependencies that would be good to fix before the cybersecurity audits. I found the deps that had the subdependencies that were causing the issues and upped their versions to the minimum version that didn't have the security issues: a little nicer than just using resolutions to override the subdependencies.

Changes

• "axios": "^1.6.7" => "axios": "^1.6.8"
• "start-server-and-test": "2.0.0" => "start-server-and-test": "^2.0.3"
• "vitest": "0.31.0" => "vitest": "^0.34.6"
• "vite": "^4.4.9" => "vite": "^4.5.3"
• "@vitejs/plugin-react": "4.0.0" => "@vitejs/plugin-react": "4.2.1"

How to test this PR

1. Checkout the PR
2. Run yarn install
3. Run yarn npm audit
4. Success! 🎉

Screenshots

Current behavior

Expected behavior

[shindigira]

Clears yarn npm audit purrrrfectly 😸

[billhimmelsbach]

Going to need to fix some vitest issues... 😔

[billhimmelsbach]

So this vitest error...

...was caused by @vitejs/plugin-react package being out of date. Updated that and everything works great.

I did find some problems with how tests run locally, which I spun off into its own PR over here.

Ready for re-review @shindigira!

[shindigira]

Tested with node 16, yarn install and yarn npm audit.

[meissadia]

All clear!

[billhimmelsbach]

After a little shuffling, I removed the .nvmrc change from this commit and moved it over here.

[meissadia]

Sorry about the commit-to-the-wrong-branch!

Audit still clear. 👍🏾

[billhimmelsbach]

Sorry about the commit-to-the-wrong-branch!

Audit still clear. 👍🏾

No worries! Thanks for the quick re-review @meissadia!