chore(deps): pin package dependencies [SWC-1243]

[castastrophe]

Description

This change pins package dependencies across the entire Spectrum Web Components monorepo to ensure consistent and reproducible builds. The update affects 25 package.json files and the yarn.lock file, standardizing dependency versions across all packages and tools.

Note: pinned versions may be minor or patch versions larger than the original. This is because our lockfile was consuming higher versions than we had listed due to our caret approach. I've gone through and tried to map the updated versions to the original lockfile as much as possible.

Motivation and context

Pinning dependencies is essential for:

• Ensuring reproducible builds across different environments
• Preventing unexpected breaking changes from dependency updates
• Maintaining consistent behavior across all packages in the monorepo
• Improving security by controlling exactly which versions are used
• Facilitating easier debugging when issues arise

Related issue(s)

• fixes [SWC-1243]

Screenshots (if appropriate)

N/A - This is a dependency management change without visual changes.

Author's checklist

• I have read the CONTRIBUTING and PULL_REQUESTS documents.
• I have reviewed at the Accessibility Practices for this feature, see: Aria Practices
• I have added automated tests to cover my changes.
• I have included a well-written changeset if my change needs to be published.
• I have included updated documentation if my change required it.

Reviewer's checklist

• Includes a Github Issue with appropriate flag or Jira ticket number without a link
• Includes thoughtfully written changeset if changes suggested include patch, minor, or major features
• Automated tests cover all use cases and follow best practices for writing
• Validated on all supported browsers
• All VRTs are approved before the author can update Golden Hash

Manual review test cases

• All packages build successfully with pinned dependencies

  1. Go to root directory
  2. Run yarn install to install pinned dependencies
  3. Expect all packages to install without conflicts

• Build system works with pinned dependencies

  1. Run yarn build
  2. Verify all packages build successfully
  3. Expect no build errors related to dependency conflicts

• Tests pass with pinned dependencies

  1. Run yarn test
  2. Verify all tests pass
  3. Expect no test failures related to dependency changes

[changeset-bot]

⚠️ No Changeset found

Latest commit: 547e9e9

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[castastrophe]

Don't need to load fs and path; those ship with node

[castastrophe]

The yarn.lock was resolving to 3.6.5 so I updated here to prevent regressions

[blunteshwar]

Thanks for doing this

[github-actions]

📚 Branch Preview

• Documentation Site
• Storybook

🔍 Visual Regression Test Results

When a visual regression test fails (or has previously failed while working on this branch), its results can be found in the following URLs:

• Spectrum | Light | Medium | LTR
• Spectrum | Dark | Large | RTL
• Express | Light | Medium | LTR
• Express | Dark | Large | RTL
• Spectrum-two | Light | Medium | LTR
• Spectrum-two | Dark | Large | RTL
• High Contrast Mode | Medium | LTR

Deployed to Azure Blob Storage: pr-5744

If the changes are expected, update the current_golden_images_cache hash in the circleci config to accept the new images. Instructions are included in that file.
If the changes are unexpected, you can investigate the cause of the differences and update the code accordingly.

[github-actions]

Tachometer results

Currently, no packages are changed by this PR...