chore: upgrade moment to latest version to fix CVE

[alexmt]

Signed-off-by: Alexander Matyushentsev AMatyushentsev@gmail.com

PR upgrades moment to latest version and fixes https://security.snyk.io/vuln/SNYK-JS-MOMENT-2440688 . Argo CD is not really affected since moment is used only on client side but good to fix it since it fails CI.

[crenshaw-dev]

lgtm, thanks for the quick fix!

I'd like to avoid this blocking any future security fixes in release-2.1 through release-2.3. Any opposition to my cherry-picking this back?

Alternatively, I could add an ignore rule to the .snyk file, since this vulnerability doesn't really affect us.

[alexmt]

I would cherry-pick it. It is probably the same amount of work

[codecov]

Codecov Report

Merging #9005 (b3da8bc) into master (b0cd653) will decrease coverage by 0.04%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master    #9005      +/-   ##
==========================================
- Coverage   45.07%   45.03%   -0.05%     
==========================================
  Files         212      212              
  Lines       25281    25281              
==========================================
- Hits        11396    11385      -11     
- Misses      12278    12292      +14     
+ Partials     1607     1604       -3     

Impacted Files	Coverage Δ
applicationset/services/scm_provider/github.go	63.52% <0.00%> (-17.65%)	⬇️
applicationset/services/scm_provider/utils.go	88.50% <0.00%> (+4.59%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b0cd653...b3da8bc. Read the comment docs.

[crenshaw-dev]

Cherry-picked onto release-2.2 for 2.2.12 and release-2.3 for 2.3.7.