Upgrade nanoid and openid-client

[seansica]

The latest releases of these two dependencies default to ECMAScript syntax rather than CommonJS. We're not using a transpiler like Babel to handle converting between different JS flavors, and ideally we shouldn't have to until we're ready for a TS migration.

Figure out a way to upgrade these dependencies while still using CommonJS, or find suitable alternatives. nanoid specifies a solution for CommonJS (link below). I'm not sure about openid-client.

NanoID

After version 3, CommonJS support is mostly dropped in favor of ESM:

https://github.com/ai/nanoid?tab=readme-ov-file#commonjs

Error [ERR_REQUIRE_ESM]: require() of ES Module /Users/ssica/Development/attack/workbench/attack-workbench-rest-api/node_modules/openid-client/build/index.js from /Users/ssica/Development/attack/workbench/attack-workbench-rest-api/app/lib/authn-oidc.js not supported.
Instead change the require of index.js in /Users/ssica/Development/attack/workbench/attack-workbench-rest-api/app/lib/authn-oidc.js to a dynamic import() which is available in all CommonJS modules.

For now, downgraded back to 3x:

❯ npm list | grep nanoid
├── nanoid@5.0.9
❯ npm install nanoid@3

changed 1 package, and audited 654 packages in 667ms

89 packages are looking for funding
  run `npm fund` for details

3 vulnerabilities (2 low, 1 high)

To address all issues, run:
  npm audit fix

Run `npm audit` for details.
❯ npm list | grep nanoid
├── nanoid@3.3.8

OpenID-Client

Same thing with openid-client -- v6 moves to ESM:

Downgraded:

❯ npm list | grep openid
├── openid-client@6.1.7
❯ npm install openid-client@5

added 2 packages, removed 2 packages, changed 1 package, and audited 654 packages in 968ms

87 packages are looking for funding
  run `npm fund` for details

3 vulnerabilities (2 low, 1 high)

To address all issues, run:
  npm audit fix

Run `npm audit` for details.
❯ npm list | grep openid
├── openid-client@5.7.1