fix(deps): update dependency sirv to v1.0.19

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
sirv	1.0.7 -> 1.0.19

---

Release Notes

lukeed/sirv

v1.0.19

Compare Source

Patches

• Replace mime/lite with mrmime: d93f33f
  Dependency swap for a significant size reduction and makes sirv more ESM-friendly.

Chores

• Bump uvu version: 6008daf

---

Full Changelog: lukeed/sirv@v1.0.18...v1.0.19

v1.0.18

Compare Source

Patches

• (sirv): Append charset=utf-8 to HTML content-type (#​106, #​122): d1b8ba6
  Thank you @​aleclarson~!

---

Full Changelog: lukeed/sirv@v1.0.17...v1.0.18

v1.0.17

Compare Source

v1.0.16

Compare Source

v1.0.15

Compare Source

v1.0.14

Compare Source

Chores

• (sirv): Bump @polka/url to take advantage of this fix

v1.0.13

Compare Source

Patches

• (sirv) Only use req.path if has req._decoded flag exists (#​82):

  The req._decoded check was added & should have always been in there, since this was sirv's way of preventing duplicate decodeURIComponent calls. However, this was only true when it received a request from a polka@next app, since Polka was previously writing the decoded value to req.path – this changed with [email protected]

  Now that the latest polka@next (and Express) doesn't decode automatically anymore, req.path isn't trustworthy on its own. It needs req._decoded to be there too in order to trust it.

  This combo-check is backwards compatible for polka@next users who don't upgrade and will unblock Express users for the first time, who have always had a "raw" req.path value set.

v1.0.12

Compare Source

Patches

• (sirv-cli): Ensure boolean options are parsed as booleans (#​97): 8ebca7c
• (sirv): Bump @polka/url dependency version: 7c5162a

Chores

• Adjust GitHub Action env setup (#​109): f2ae0f5
• Update Github Action image(s) and Node versions: 9334dfc, cf2de81, c7e0a20
• Add test for filename with space (#​102): ede9189
  Thank you @​samccone!

v1.0.11

Compare Source

Patches

• (sirv) Add Vary header when gzip or brotli is in use (#​95): 86e6733
  Thank you @​istarkov~!

v1.0.10

Compare Source

Patches

• (sirv) Use Cache-Control: no-cache when both dev & etag are enabled (#​90): c8fe11b
  By default dev-mode always used no-store – but this also means that any ETag on the response is ignored too. Changing this to no-cache allows the browser to remember the ETag and send if as the If-None-Match header on next request.

v1.0.9

Compare Source

Patches

• (sirv) More specific ignore regex default (#​88): 5e3d7a8
  Thank you @​adam-lynch~!

• (sirv) Replace VoidFunction usage in TypeScript definitions (#​89): 478b487

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.