updated microsoft/api-extractor to 7.43.8

[bwang-icf]

JIRA Ticket:
BB2-4307

What Does This PR Do?

Minor version upgrade for microsoft/api-extractor

What Should Reviewers Watch For?

Any portions of code that would be breaking

Validation

Ran npm audit and npm install without issues.

What Security Implications Does This PR Have?

Please indicate if this PR does any of the following:

• Adds any new software dependencies
• Modifies any security controls
• Adds new transmission or storage of data
• Any other changes that could possibly affect security?

• Yes, one or more of the above security implications apply. This PR must not be merged without the ISSO or team security engineer's approval.

[JamesDemeryNava]

When I run npm audit on main, I see 3 vulnerabilities, 2 high and 1 moderate:

axios 1.0.0 - 1.11.0
Severity: high
js-yaml <3.14.2 || >=4.0.0 <4.1.1
Severity: moderate
validator <=13.15.20
Severity: high

When I run npm audit in this branch, I see 2 vulnerabilities, 1 high and 1 moderate:

axios 1.0.0 - 1.11.0
Severity: high
js-yaml <3.14.2 || >=4.0.0 <4.1.1
Severity: moderate

So that looks good! @bwang-icf, to see the validator vulnerability be removed for npm audit, I had to run npm install, which also added changes to package-lock.json. Do we typically need to run an npm install when we make changes to package.json in this repository? From looking at some prior PRs in this project, it seems like we do. This PR is still in draft, so maybe i'm getting ahead of myself, my bad if that's the case.

Also, @sb-benohe, just wanted to call out the other high vulnerability. I don't see it exactly in Snyk, though there is a moderate vulnerability that suggests upgrading to axios 1.12.0. The suggested fix for the high vulnerability locally is upgrading from axios 1.0.0 to 1.11.0.

[JamesDemeryNava]

Looks good to me! I believe these PRs need to be approved @sb-DarenDean or @sb-benohe, but I think it's good to go.

[sb-DarenDean]

This looks good to me!