[🐸 Frogbot] Update version of rollup to 2.79.2

[github-actions]

📦 Vulnerable Dependencies

Severity	ID	Contextual Analysis	Direct Dependencies	Impacted Dependency	Fixed Versions
Medium	CVE-2024-47068	Not Covered	@rollup/plugin-image:3.0.2 rollup-plugin-dts:4.2.3 react-scripts:5.0.1 rollup:2.79.1 @rollup/plugin-typescript:9.0.2	rollup 2.79.1	[2.79.2] [3.29.5] [4.22.4]

🔖 Details

Vulnerability Details

Contextual Analysis:	Not Covered
Direct Dependencies:	@rollup/plugin-image:3.0.2, rollup-plugin-dts:4.2.3, react-scripts:5.0.1, rollup:2.79.1, @rollup/plugin-typescript:9.0.2
Impacted Dependency:	rollup:2.79.1
Fixed Versions:	[2.79.2], [3.29.5], [4.22.4]
CVSS V3:	6.1

Rollup is a module bundler for JavaScript. Versions prior to 2.79.2, 3.29.5, and 4.22.4 are susceptible to a DOM Clobbering vulnerability when bundling scripts with properties from import.meta (e.g., import.meta.url) in cjs/umd/iife format. The DOM Clobbering gadget can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an img tag with an unsanitized name attribute) are present. Versions 2.79.2, 3.29.5, and 4.22.4 contain a patch for the vulnerability.

---

🐸 JFrog Frogbot