Medium security scan issues reported for transient dependencies which are part of sfcc-ci

### sfcc-ci Version

2.12.0

### NodeJS Version

20.19.4

### sfcc-ci Path

_No response_

### Host OS Details

_No response_

### Description

We got 2 Medium security scan vulnerability issues reported for jsondiffpatch@0.4.1 package. This package is transient dependency for sfcc-ci@2.12.0 and we could not find a higher version where a fix is available for this vulnerability. For jsondiffpatch we have a higher non vulnerable version (0.7.3) available, however even when we tried to override in package.json it was still referring to old vulnerable version (0.4.1). Please let us know how can we address these medium security vulnerabilities. Also, could you please let us know why we are unable to override the vulnerable package?

### Relevant log output

```shell

```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Medium security scan issues reported for transient dependencies which are part of sfcc-ci #589

sfcc-ci Version

NodeJS Version

sfcc-ci Path

Host OS Details

Description

Relevant log output

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Medium security scan issues reported for transient dependencies which are part of sfcc-ci #589

Description

sfcc-ci Version

NodeJS Version

sfcc-ci Path

Host OS Details

Description

Relevant log output

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions