[CHORE] Update package-lock.json in /benchmarks

[RyanJohannesBland]

Package-lock.json in /benchmarks is more than 2 years out of date. This causes it to still have @azure/identity installed at "^2.0.4", which has know vulnerabilities. These vulnerabilities are caught by services such as AWS Inspector. To upgrade, simply recreate package-lock.json based on the current directory.

I attempted to create a PR with these changes, but I do not have access to push a new branch.

[sjgutta]

I would like to second this issue. This package-lock file has been sitting stale for a long time and trips up vulnerabilities in a bunch of different vulnerability scanning services when there isn't actually a relevant vulnerability. It would be great to be able to just install tedious without the benchmarks files included but at the very least maintenance of the package lock file would be a huge improvement. It has been a major time suck for us every time it trips up a vulnerability alert that isn't relevant

Thank you!

[PGodward]

There is also an issue with form-data. All of the form-data versions need to be brought up to at least 4.0.4 in order to resolve the CVE-2025-7783 critical vulnerability

[ZsoltPath]

It is causing serious pain for us too.
We can't go live with a project until there's a critical AWS Inspector finding in it.

[PGodward]

I am starting to think that there is no one maintaining Tedious anymore...

[ZsoltPath]

Definitely feels like that. There was no release since last August and 51 PRs are waiting. :/