npm dependecies should be updated and checked by CI automatically

[tswfi]

$ npm audit
# npm audit report

braces  <3.0.3
Severity: high
Uncontrolled resource consumption in braces - https://github.com/advisories/GHSA-grv7-fg5c-xmjg
fix available via `npm audit fix`
node_modules/@storybook/core-common/node_modules/braces
node_modules/watchpack-chokidar2/node_modules/braces
  chokidar  1.3.0 - 2.1.8
  Depends on vulnerable versions of anymatch
  Depends on vulnerable versions of braces
  Depends on vulnerable versions of readdirp
  node_modules/watchpack-chokidar2/node_modules/chokidar
    watchpack-chokidar2  *
    Depends on vulnerable versions of chokidar
    node_modules/watchpack-chokidar2
      watchpack  1.7.2 - 1.7.5
      Depends on vulnerable versions of watchpack-chokidar2
      node_modules/@storybook/core-common/node_modules/watchpack
        webpack  4.0.0-alpha.0 - 5.0.0-rc.6
        Depends on vulnerable versions of micromatch
        Depends on vulnerable versions of terser-webpack-plugin
        Depends on vulnerable versions of watchpack
        node_modules/@storybook/core-common/node_modules/webpack
          @storybook/core-common  <=6.5.17-alpha.0
          Depends on vulnerable versions of webpack
          node_modules/@storybook/core-common
          terser-webpack-plugin  <=2.2.1
          Depends on vulnerable versions of webpack
          node_modules/@storybook/core-common/node_modules/terser-webpack-plugin
  micromatch  <=4.0.7
  Depends on vulnerable versions of braces
  node_modules/@storybook/core-common/node_modules/micromatch
  node_modules/watchpack-chokidar2/node_modules/micromatch
    anymatch  1.2.0 - 2.0.0
    Depends on vulnerable versions of micromatch
    node_modules/watchpack-chokidar2/node_modules/anymatch
    readdirp  2.2.0 - 2.2.1
    Depends on vulnerable versions of micromatch
    node_modules/watchpack-chokidar2/node_modules/readdirp

cookie  <0.7.0
cookie accepts cookie name, path, and domain with out of bounds characters - https://github.com/advisories/GHSA-pxg6-pf52-xh8x
fix available via `npm audit fix`
node_modules/cookie
  express  3.0.0-alpha1 - 4.21.1 || 5.0.0-alpha.1 - 5.0.0
  Depends on vulnerable versions of cookie
  Depends on vulnerable versions of path-to-regexp
  node_modules/express

cross-spawn  7.0.0 - 7.0.4
Severity: high
Regular Expression Denial of Service (ReDoS) in cross-spawn - https://github.com/advisories/GHSA-3xgq-45jj-v275
fix available via `npm audit fix`
node_modules/cross-spawn

elliptic  <=6.6.0
Severity: critical
Valid ECDSA signatures erroneously rejected in Elliptic - https://github.com/advisories/GHSA-fc9h-whq2-v747
Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string) - https://github.com/advisories/GHSA-vjh7-7g9h-fjfh
fix available via `npm audit fix`
node_modules/elliptic

esbuild  <=0.24.2
Severity: moderate
esbuild enables any website to send any requests to the development server and read the response - https://github.com/advisories/GHSA-67mh-4wv8-2f99
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/esbuild
node_modules/esbuild-loader/node_modules/esbuild
  @storybook/core  <=0.0.0-pr-30567-sha-f5452a43 || 6.5.17-alpha.0 - 8.5.7 || 8.6.0-alpha.0 - 8.6.0-beta.10
  Depends on vulnerable versions of esbuild
  node_modules/@storybook/core
    storybook  8.2.0-alpha.0 - 8.5.7 || 8.6.0-alpha.0 - 8.6.0-beta.10
    Depends on vulnerable versions of @storybook/core
    node_modules/storybook
  esbuild-loader  <=4.2.2
  Depends on vulnerable versions of esbuild
  node_modules/esbuild-loader

http-proxy-middleware  <2.0.7
Severity: high
Denial of service in http-proxy-middleware - https://github.com/advisories/GHSA-c7qv-q95q-8v27
fix available via `npm audit fix`
node_modules/http-proxy-middleware


nanoid  <3.3.8
Severity: moderate
Predictable results in nanoid generation when given non-integer values - https://github.com/advisories/GHSA-mwcw-c2x4-8c55
fix available via `npm audit fix`
node_modules/nanoid

path-to-regexp  <0.1.12
Severity: high
Unpatched `path-to-regexp` ReDoS in 0.1.x - https://github.com/advisories/GHSA-rhx6-c78j-4q9w
fix available via `npm audit fix`
node_modules/path-to-regexp

store2  <2.14.4
Severity: moderate
Cross Site Scripting vulnerability in store2 - https://github.com/advisories/GHSA-w5hq-hm5m-4548
fix available via `npm audit fix`
node_modules/store2

webpack-dev-middleware  <=5.3.3
Severity: high
Path traversal in webpack-dev-middleware - https://github.com/advisories/GHSA-wr3j-pwj9-hqq6
No fix available
node_modules/@storybook/manager-webpack5/node_modules/webpack-dev-middleware
  @storybook/manager-webpack5  <=6.5.17-alpha.0
  Depends on vulnerable versions of @storybook/core-common
  Depends on vulnerable versions of webpack-dev-middleware
  node_modules/@storybook/manager-webpack5

24 vulnerabilities (1 low, 10 moderate, 12 high, 1 critical)

To address issues that do not require attention, run:
  npm audit fix

To address all issues possible (including breaking changes), run:
  npm audit fix --force

Some issues need review, and may require choosing
a different dependency.

1 critical...