Bump the npm_and_yarn group across 1 directory with 8 updates

[dependabot]

Warning

Dependabot will stop supporting npm v6!

Please upgrade to one of the following versions: v7, v8, v9, or v10.

Bumps the npm_and_yarn group with 7 updates in the / directory:

Package	From	To
axios	0.18.0	0.28.0
css-what	2.1.0	6.1.0
nth-check	1.0.1	2.1.1
cheerio	1.0.0-rc.2	1.0.0
minimist	0.0.8	removed
mocha	5.0.4	11.0.1
pathval	1.1.0	1.1.1

Updates axios from 0.18.0 to 0.28.0

Release notes

Sourced from axios's releases.

Release v0.28.0

Release notes:

Bug Fixes

• fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

• Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• Fixing content-type header repeated #4745
• Fixed timeout error message for HTTP 4738
• Added axios.formToJSON method (#4735)
• URL params serializer (#4734)
• Fixed toFormData Blob issue on node>v17 #4728
• Adding types for progress event callbacks #4675
• Fixed max body length defaults #4731
• Added data URL support for node.js (#4725)
• Added isCancel type assert (#4293)
• Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)
• Add string[] to AxiosRequestHeaders type (#4322)
• Allow type definition for axios instance methods (#4224)
• Fixed AxiosError stack capturing; (#4718)
• Fixed AxiosError status code type; (#4717)
• Adding Canceler parameters config and request (#4711)
• fix(types): allow to specify partial default headers for instance creation (#4185)
• Added blob to the list of protocols supported by the browser (#4678)
• Fixing Z_BUF_ERROR when no content (#4701)
• Fixed race condition on immediate requests cancellation (#4261)
• Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248
• Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)
• Fix TS definition for AxiosRequestTransformer (#4201)
• Use type alias instead of interface for AxiosPromise (#4505)
• Include request and config when creating a CanceledError instance (#4659)
• Added generic TS types for the exposed toFormData helper (#4668)
• Optimized the code that checks cancellation (#4587)
• Replaced webpack with rollup (#4596)
• Added stack trace to AxiosError (#4624)
• Updated AxiosError.config to be optional in the type definition (#4665)
• Removed incorrect argument for NetworkError constructor (#4656)

v0.27.2

Fixes and Functionality:

• Fixed FormData posting in browser environment by reverting #3785 (#4640)
• Enhanced protocol parsing implementation (#4639)
• Fixed bundle size

v0.27.1

Fixes and Functionality:

• Removed import of url module in browser build due to huge size overhead and builds being broken (#4594)
• Bumped follow-redirects to ^1.14.9 (#4615)

... (truncated)

Changelog

Sourced from axios's changelog.

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

• fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

• Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• Fixing content-type header repeated #4745
• Fixed timeout error message for HTTP 4738
• Added axios.formToJSON method (#4735)
• URL params serializer (#4734)
• Fixed toFormData Blob issue on node>v17 #4728
• Adding types for progress event callbacks #4675
• Fixed max body length defaults #4731
• Added data URL support for node.js (#4725)
• Added isCancel type assert (#4293)
• Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)
• Add string[] to AxiosRequestHeaders type (#4322)
• Allow type definition for axios instance methods (#4224)
• Fixed AxiosError stack capturing; (#4718)
• Fixed AxiosError status code type; (#4717)
• Adding Canceler parameters config and request (#4711)
• fix(types): allow to specify partial default headers for instance creation (#4185)
• Added blob to the list of protocols supported by the browser (#4678)
• Fixing Z_BUF_ERROR when no content (#4701)
• Fixed race condition on immediate requests cancellation (#4261)
• Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248
• Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)
• Fix TS definition for AxiosRequestTransformer (#4201)
• Use type alias instead of interface for AxiosPromise (#4505)
• Include request and config when creating a CanceledError instance (#4659)
• Added generic TS types for the exposed toFormData helper (#4668)
• Optimized the code that checks cancellation (#4587)
• Replaced webpack with rollup (#4596)
• Added stack trace to AxiosError (#4624)
• Updated AxiosError.config to be optional in the type definition (#4665)
• Removed incorrect argument for NetworkError constructor (#4656)

0.27.2 (April 27, 2022)

Fixes and Functionality:

• Fixed FormData posting in browser environment by reverting #3785 (#4640)
• Enhanced protocol parsing implementation (#4639)
• Fixed bundle size

0.27.1 (April 26, 2022)

... (truncated)

Commits

• 3b7635a [Release] v0.28.0 (#6211)
• 27c0076 feat(backport): added ability for paramsSerializer to handle function; (#6227)
• 80c3d74 chore(ci): backported publish action; (#6224)
• 2755df5 fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to ...
• 880b42e docs: Fix a typo in README
• c4bf0a4 Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• 1e2679f fix: [Types] Type of header in AxiosRequestConfig / for Axios.create is incor...
• 80b546c fix: loosing request header (#4858) (#4871)
• 6acb5ef feat: brower platform add data protocol. (#4814)
• bbb2264 fix(typing): axios response headers can be undefined (#4813)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jasonsaayman, a new releaser for axios since your current version.

Updates css-what from 2.1.0 to 6.1.0

Release notes

Sourced from css-what's releases.

v6.1.0

• feat: Support pseudo elements with data (#762) 3be227a

fb55/css-what@v6.0.1...v6.1.0

v6.0.1

• Fix parsing column combinators after tag names 503570e

fb55/css-what@v6.0.0...v6.0.1

v6.0.0

Breaking Changes

• Added ES6 module export (by @​spocke, fb55/css-what#680)
  • CommonJS is still provided for earlier NodeJS versions, but this change might cause issues with your build system. If they aren't trivially resolved, please open an issue!
• Removed all options 5cad07b
  • BREAKING: Added a new value for ignoreCase: 'quirks' should ignore the case only in quirks mode.
  • BREAKING: Tags and attributes aren't lowercased anymore
• Made selector types & actions enums 65121fe
• Set empty namespace to null in attributes de367ca
• Simplify stringify output 8a29466 b3e5e59

Features

• Support parsing column combinators 8030f67

Fixes

• Strip leading whitespace encapsulated in comments a812a1c
  • This used to be a way to sneak in descendant operators in front of selectors.

Refactors

• Switched parsing to numbers 65121fe
• Restructured the parser to a big switch statement 7b6cc76

Other

• Adopted CSS Selector parsing tests from WPT 1881bba
• Updated README to reflect changes b165a8d

New Contributors

• @​spocke made their first contribution in fb55/css-what#680

Full Changelog: fb55/css-what@v5.1.0...v6.0.0

v5.1.0

What's Changed

• Add 'where' pseudo selector by @​jannispl in fb55/css-what#620

Full Changelog: fb55/css-what@v5.0.1...v5.1.0

v5.0.1

Fixes:

... (truncated)

Commits

• ee41dda 6.1.0
• 3be227a feat: Support pseudo elements with data (#762)
• 13ffc5b build(deps-dev): bump @​typescript-eslint/parser from 5.16.0 to 5.17.0 (#760)
• 7d0cc2f build(deps-dev): bump @​typescript-eslint/eslint-plugin (#759)
• 389d1b3 build(deps-dev): bump eslint from 8.11.0 to 8.12.0 (#758)
• afd14e7 build(deps-dev): bump prettier from 2.6.0 to 2.6.1 (#757)
• a1542de build(deps-dev): bump typescript from 4.6.2 to 4.6.3 (#756)
• 41d9752 build(deps-dev): bump ts-jest from 27.1.3 to 27.1.4 (#755)
• fed0407 build(deps): bump minimist from 1.2.5 to 1.2.6 (#754)
• 96a2408 build(deps-dev): bump @​types/node from 17.0.22 to 17.0.23 (#753)
• Additional commits viewable in compare view

Updates nth-check from 1.0.1 to 2.1.1

Release notes

Sourced from nth-check's releases.

v2.1.1

• The ESM code had some issues that are now fixed aeeb067

fb55/nth-check@v2.1.0...v2.1.1

v2.1.0

What's Changed

• nth-check is now a dual CommonJS and ESM module fb55/nth-check#206
• With the new sequence and generate methods, it is now possible to generate a sequence of indices for a given formula fb55/nth-check#207

Full Changelog: fb55/nth-check@v2.0.1...v2.1.0

v2.0.1

Fixes:

• Replace regex with hand-rolled parser for nth-expressions (#9) 9894c1d
  • Ensures parsing will always have linear time complexity.

Internal:

• chore(ci): Use GitHub Actions, Dependabot (#10) e02b4dd
• Bump dependencies

fb55/nth-check@v2.0.0...v2.0.1

v2.0.0

• Port module to TS, Jest, ESLint

Breaking:

• The main export is now a default export.
• The module now throws regular Errors on invalid selectors instead of SyntaxErrors.

Commits

• See full diff in compare view

Updates cheerio from 1.0.0-rc.2 to 1.0.0

Release notes

Sourced from cheerio's releases.

v1.0.0

Cheerio 1.0 is here! 🎉

Announcement Blog Post

Breaking Changes

• The minimum NodeJS version is now 18.17 or higher cheeriojs/cheerio#3959

• Import paths were simplified. For example, use cheerio/slim instead of cheerio/lib/slim. cheeriojs/cheerio#3970

• The deprecated default Cheerio instance and static methods were removed. cheeriojs/cheerio#3974

  Before, it was possible to write code like this:

  import cheerio, { html } from 'cheerio';
  html(cheerio('<test></test>')); // ~ '<test></test>' -- NO LONGER WORKS

  Make sure to always load documents first:

  import * as cheerio from 'cheerio';
  cheerio.load('<test></test>').html();

• Node types previously re-exported by Cheerio must now be imported directly from (domhandler)(https://github.com/fb55/domhandler). cheeriojs/cheerio#3969

• htmlparser2 options now reside exclusively under the xml key (cheeriojs/cheerio#2916):

  const $ = cheerio.load('<html>', {
    xml: {
      withStartIndices: true,
    },
  });

New Features

• Add functions to load buffers, streams & URLs in NodeJS by @​fb55 in cheeriojs/cheerio#2857
• Add extract method by @​fb55 in cheeriojs/cheerio#2750

Fixes

• Allow imports of cheerio/utils by @​blixt in cheeriojs/cheerio#2601
• Allow empty string in data, and simplify by @​fb55 in cheeriojs/cheerio#2818

... (truncated)

Commits

• 50b5d5c 1.0.0
• eea2fec fix(eslint): Disable misfiring lint rule
• e60f659 chore(package): Update published files
• 4fe3e7b chore(docs): Add 1.0 Announcement Post (#3984)
• 944553b build(deps): bump docusaurus-plugin-typedoc in /website (#3983)
• e34967e build(deps-dev): bump tsx from 4.16.5 to 4.17.0 (#3982)
• eb7122b chore(traversing): Add test case for lowerCaseTags (#3981)
• b824ba8 fix(website): Fix ReactLiveScope examples (#3980)
• 08ebee5 build(deps-dev): bump eslint-plugin-jsdoc from 49.0.0 to 50.0.0 (#3979)
• bf5f44c build(deps-dev): bump eslint-plugin-jsdoc from 48.11.0 to 49.0.0 (#3976)
• Additional commits viewable in compare view

Updates follow-redirects from 1.4.1 to 1.15.9

Commits

• e4e55c7 Release version 1.15.9 of the npm package.
• 31a1abf Attempt much more gentle detection.
• d2aaa97 Fix url field.
• 62558f0 Release version 1.15.8 of the npm package.
• a8d1cee Return subtlety.
• 458ca8e Fix native URL test for Node 20.
• ca49e44 Handle KeepAlive connections in tests.
• f3711d7 Test on Node 20 and 22.
• fda0faf Fix typo.
• 760757f Release version 1.15.7 of the npm package.
• Additional commits viewable in compare view

Removes minimist

Updates mocha from 5.0.4 to 11.0.1

Release notes

Sourced from mocha's releases.

v11.0.1

11.0.1 (2024-12-02)

🌟 Features

• bumped glob dependency from 8 to 10 (#5250) (43c3157)

📚 Documentation

• fix examples for linkPartialObjects methods (#5255) (34e0e52)

v11.0.0 Prerelease

11.0.0 (2024-11-11)

⚠ BREAKING CHANGES

• adapt new engine range for Mocha 11 (#5216)

🌟 Features

• allow calling hook methods (#5231) (e3da641)

🩹 Fixes

• adapt new engine range for Mocha 11 (#5216) (80da25a)

📚 Documentation

• downgrade example/tests chai to 4.5.0 (#5245) (eac87e1)

v10.8.2

10.8.2 (2024-10-30)

🩹 Fixes

• support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
• test link in html reporter (#5224) (f054acc)

📚 Documentation

• indicate 'exports' interface does not work in browsers (#5181) (14e640e)

... (truncated)

Changelog

Sourced from mocha's changelog.

11.0.1 (2024-12-02)

🌟 Features

• bumped glob dependency from 8 to 10 (#5250) (43c3157)

📚 Documentation

• fix examples for linkPartialObjects methods (#5255) (34e0e52)

11.0.0 (2024-11-11)

⚠ BREAKING CHANGES

• adapt new engine range for Mocha 11 (#5216)

🌟 Features

• allow calling hook methods (#5231) (e3da641)

🩹 Fixes

• adapt new engine range for Mocha 11 (#5216) (80da25a)

📚 Documentation

• downgrade example/tests chai to 4.5.0 (#5245) (eac87e1)

10.8.2 (2024-10-30)

🩹 Fixes

• support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
• test link in html reporter (#5224) (f054acc)

📚 Documentation

• indicate 'exports' interface does not work in browsers (#5181) (14e640e)

🧹 Chores

• fix docs builds by re-adding eleventy and ignoring gitignore again (#5240) (881e3b0)

🤖 Automation

• deps: bump the github-actions group with 1 update (#5132) (e536ab2)

10.8.1 (2024-10-29)

... (truncated)

Commits

• 4c558fb chore(main): release 11.0.1 (#5257)
• a5bd707 Release v11.0.1
• 43c3157 feat: bumped glob dependency from 8 to 10 (#5250)
• 34e0e52 docs: fix examples for linkPartialObjects methods (#5255)
• d3b2c38 chore(main): release 11.0.0 prerelease (#5241)
• 80da25a fix!: adapt new engine range for Mocha 11 (#5216)
• eac87e1 docs: downgrade example/tests chai to 4.5.0 (#5245)
• e3da641 feat: allow calling hook methods (#5231)
• 05097db chore(main): release 10.8.2 (#5239)
• 14e640e docs: indicate 'exports' interface does not work in browsers (#5181)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by voxpelli, a new releaser for mocha since your current version.

Updates pathval from 1.1.0 to 1.1.1

Release notes

Sourced from pathval's releases.

v1.1.1

Fixes a security issue around prototype pollution.

Commits

• db6c3e3 chore: v1.1.1
• 7859e0e Merge pull request #60 from deleonio/fix/vulnerability-prototype-pollution
• 49ce1f4 style: correct rule in package.json
• c77b9d2 fix: prototype pollution vulnerability + working tests
• 49031e4 chore: remove very old nodejs
• 57730a9 chore: update deps and tool configuration
• a123018 Merge pull request #55 from chaijs/remove-lgtm
• 07eb4a8 Delete MAINTAINERS
• a0147cd Merge pull request #54 from astorije/patch-1
• aebb278 Center repo name on README
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by chai, a new releaser for pathval since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.