Update jspdf to 4.0.0 to fix CVE-2025-68428

[Copilot]

jspdf ≤3.0.4 contains a critical path traversal vulnerability (CVE-2025-68428) allowing local file inclusion in Node.js builds.

Changes

• package.json: jspdf ^3.0.4 → ^4.0.0
• projects/igniteui-angular/package.json: jspdf ^3.0.2 → ^4.0.0

jspdf 4.0.0 introduces no breaking changes beyond restricting filesystem access by default. This does not affect the PDF exporter, which only generates PDFs and does not load files.

Branch Coverage

This PR targets master. Separate PRs required for:

• 20.1.x
• 21.0.x

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Critical vulnerability in jspdf dependency</issue_title>
<issue_description>## Description

Igniteui-Angular depends on a jspdf version with a critical vulnerability.

jspdf <=3.0.4
Severity: critical
jsPDF has Local File Inclusion/Path Traversal vulnerability - GHSA-f8cm-6447-x5h2</issue_description>

<agent_instructions>Update jspdf above the version that has critical vulnarability. The fix should be applied with separate pull requests for 20.1.x , 21.0.x and master</agent_instructions>

Comments on the Issue (you are @copilot in this section)

• Fixes Critical vulnerability in jspdf dependency #16737

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.