build(deps): bump the npm_and_yarn group across 1 directory with 36 updates

[dependabot]

Bumps the npm_and_yarn group with 30 updates in the / directory:

Package	From	To
semantic-release	12.2.2	19.0.3
lodash	4.17.10	4.17.21
@commitlint/cli	5.2.5	5.2.8
commitizen	2.9.6	2.10.1
ajv	6.5.0	6.12.6
fsevents	1.1.2	1.2.13
eslint	4.19.1	9.1.1
request	2.86.0	2.88.2
async	2.6.0	2.6.4
browserify-sign	4.0.4	4.2.3
y18n	3.2.1	3.2.2
chownr	1.0.1	1.1.4
minimist	1.2.0	1.2.8
mkdirp	0.5.1	0.5.6
commitizen	2.10.1	4.3.0
handlebars	4.0.11	4.7.8
glob-all	3.1.0	3.3.1
decode-uri-component	0.2.0	0.2.2
ejs	2.6.1	removed
webpack-cli	2.1.3	5.1.4
elliptic	6.4.0	6.5.5
ini	1.3.4	1.3.8
js-yaml	3.10.0	3.14.1
svgo	0.7.2	3.2.0
jsdom	11.10.0	removed
jest	22.4.4	29.7.0
loader-utils	1.1.0	1.4.2
mixin-deep	1.3.1	1.3.2
set-value	2.0.0	2.0.1
union-value	1.0.0	1.0.1
shell-quote	1.6.1	1.8.1

Updates semantic-release from 12.2.2 to 19.0.3

Release notes

Sourced from semantic-release's releases.

v19.0.3

19.0.3 (2022-06-09)

Bug Fixes

• log-repo: use the original form of the repo url to remove the need to mask credentials (#2459) (58a226f), closes #2449

v19.0.2

19.0.2 (2022-01-18)

Bug Fixes

• npm-plugin: upgraded to the stable version (0eca144)

v19.0.1

19.0.1 (2022-01-18)

Bug Fixes

• npm-plugin: upgraded to the latest beta version (8097afb)

v19.0.0

19.0.0 (2022-01-18)

Bug Fixes

• npm-plugin: upgraded to the beta, which upgrades npm to v8 (f634b8c)
• upgrade marked to resolve ReDos vulnerability (#2330) (d9e5bc0)

BREAKING CHANGES

• npm-plugin: @semantic-release/npm has also dropped support for node v15
• node v15 has been removed from our defined supported versions of node. this was done to upgrade to compatible versions of marked and marked-terminal that resolved the ReDoS vulnerability. removal of support of this node version should be low since it was not an LTS version and has been EOL for several months already.

v19.0.0-beta.2

19.0.0-beta.2 (2022-01-17)

Bug Fixes

• npm-plugin: upgraded to the beta, which upgrades npm to v8 (f634b8c)

... (truncated)

Commits

• 58a226f fix(log-repo): use the original form of the repo url to remove the need to ma...
• 17d60d3 build(deps): bump npm from 8.3.1 to 8.12.0 (#2447)
• ab45ab1 chore(lint): disabled rules that dont apply to this project (#2408)
• ea389c3 chore(deps): update dependency yargs-parser to 13.1.2 [security] (#2402)
• fa994db build(deps): bump node-fetch from 2.6.1 to 2.6.7 (#2399)
• b79116b build(deps): bump trim-off-newlines from 1.0.1 to 1.0.3
• 6fd7e56 build(deps): bump minimist from 1.2.5 to 1.2.6
• 2b94bb4 docs: update broken link to CI config recipes (#2378)
• b4bc191 docs: Correct circleci workflow (#2365)
• 2c30e26 Merge pull request #2333 from semantic-release/next
• Additional commits viewable in compare view

Updates lodash from 4.17.10 to 4.17.21

Commits

• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• ded9bc6 Bump to v4.17.20.
• 63150ef Documentation fixes.
• 00f0f62 test.js: Remove trailing comma.
• 846e434 Temporarily use a custom fork of lodash-cli.
• 5d046f3 Re-enable Travis tests on 4.17 branch.
• aa816b3 Remove /npm-package.
• d7fbc52 Bump to v4.17.19
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Updates @commitlint/cli from 5.2.5 to 5.2.8

Release notes

Sourced from @​commitlint/cli's releases.

v5.2.8

Bug Fixes

• allow [0] shorthand (2210dd9)
• correctly resolve parserOpts #115 #95 (7c3d49a)
• sanitize ensure.case #211 (e18dc4c)

v5.2.6

5.2.6 (2017-12-21)

Bug Fixes

• ignore semver commits with chore type (cdbb085), closes #198

Changelog

Sourced from @​commitlint/cli's changelog.

5.2.8 (2017-12-26)

Note: Version bump only for package @​commitlint/cli

5.2.7 (2017-12-26)

Bug Fixes

• correctly resolve parserOpts #115 #95 (7c3d49a)

5.2.6 (2017-12-21)

Note: Version bump only for package @​commitlint/cli

Commits

• 2d347c7 v5.2.8
• 03c7388 v5.2.7
• 7c3d49a fix: correctly resolve parserOpts #115 #95
• a530981 style: lift core/library to own modules
• ef687b2 Revert "chore: update dependency cross-env to v5.1.2"
• 090c63f v5.2.6
• 264f992 chore: update dependency cross-env to v5.1.2
• edeb77f chore: update dependency dependency-check to v2.9.2 (#199)
• See full diff in compare view

Updates commitizen from 2.9.6 to 2.10.1

Release notes

Sourced from commitizen's releases.

v2.10.1

2.10.1 (2018-05-24)

Bug Fixes

• cli: Respect git commit -a original behavior (#376) (#471) (d10c94f4)
• config: prioritized package.json last when looking for config files (#484) (5f8902e7, closes #478)

v2.10.0

2.10.0 (2018-05-24)

Bug Fixes

• lodash Node Security warning (#482) (0023958e)
• adapter: Don't print git root to stdout (#428) (d5e24245)
• cli: Don't print error stack trace if git-cz failed (#436) (#437) (53719a42)

Features

• strategies: respect the --allow-emtpy flag (#477) (495437c1)

Commits

• 5838ce0 chore(deps): update dependency eslint-plugin-standard to v2.3.1 (#492)
• 0dd9183 chore(deps): update dependency node-uuid to v1.4.8 (#494)
• 1df0d8a chore(deps): update dependency nodemon to v1.17.5 (#495)
• ff1268d chore(deps): update dependency mocha to v3.5.3 (#493)
• c3b920b chore(deps): update dependency eslint-plugin-promise to v3.7.0 (#490)
• 94b29de chore(deps): update dependency eslint to v3.19.0 (#489)
• d92b728 chore(deps): update dependency axios to v0.18.0 (#488)
• f856f92 Docs: Updates Angular commit conventions link in Contributing.md (#472)
• d10c94f fix(cli): Respect git commit -a original behavior (#376) (#471)
• 5f8902e fix(config): prioritized package.json last when looking for config files (#484)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by commitizen-bot, a new releaser for commitizen since your current version.

Updates ajv from 6.5.0 to 6.12.6

Release notes

Sourced from ajv's releases.

v6.12.6

Fix performance issue of "url" format.

v6.12.5

Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords option (#1270)

v6.12.4

Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

v6.12.3

Pass schema object to processCode function Option for strictNumbers (@​issacgerges, #1128) Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

v6.12.2

Removed post-install script

v6.12.1

Docs and dependency updates

v6.12.0

Improved hostname validation (@​sambauers, #1143) Option keywords to add custom keywords (@​franciscomorais, #1137) Types fixes (@​boenrobot, @​MattiAstedrone) Docs:

• error logging example (@​RadiationSickness)
• TypeScript usage notes (@​thetric)

v6.11.0

Time formats support two digit and colon-less variants of timezone offset (#1061 , @​cjpillsbury) Docs: RegExp related security considerations Tests: Disabled failing typescript test

v6.10.2

Fix: the unknown keywords were ignored with the option strictKeywords: true (instead of failing compilation) in some sub-schemas (e.g. anyOf), when the sub-schema didn't have known keywords.

v6.10.1

Fix types Fix addSchema (#1001) Update dependencies

v6.10.0

Option strictDefaults to report ignored defaults (#957, @​not-an-aardvark) Option strictKeywords to report unknown keywords (#781)

v6.9.0

OpenAPI keyword nullable can be any boolean (and not only true). Custom keyword definition changes:

• dependencies option in to require the presence of keywords in the same schema.

... (truncated)

Commits

• fe59143 6.12.6
• d580d3e Merge pull request #1298 from ajv-validator/fix-url
• fd36389 fix: regular expression for "url" format
• 490e34c docs: link to v7-beta branch
• 9cd93a1 docs: note about v7 in readme
• 877d286 Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type
• f1c8e45 6.12.5
• 764035e Merge branch 'ChALkeR-chalker/fix-comma'
• 3798160 Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...
• a3c7eba Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...
• Additional commits viewable in compare view

Updates fsevents from 1.1.2 to 1.2.13

Release notes

Sourced from fsevents's releases.

Release v1.2.13

Only build on Mac-OSX

Release v1.2.11

Removing node-pre-gyp so that building fsevents becomes easier and enabled without the download of binaries.

The credentials to the AWS store have been lost. Releasing to AWS is both insecure and no longer possible due to the lost credentials.

Intermediate Release

No release notes provided.

Release v1.2.9 - Node v12 compatibility

No release notes provided.

Release Pre-NAPI v1.2.8

No release notes provided.

Version Bump (bundle node-pre-gyp)

No release notes provided.

Prebuilt v11.x

No release notes provided.

v1.2.3

• Added node v10 for pre-built binaries
• C++ tuning to fix potential SIGILL and cyclic dependency (#204)

v1.2.2

Fixed node-pre-gyp bundling issue

v1.2.1

[unpublished because of errors during publish process]

v1.2.0

• BREAKING: End support for Node v0.12. If you are using Node v0.12 please pin your fsevents dependencies to v1.1.3. Not bumping semver major for this release was a compromise solution discussed in #199 and #201.
  • Node v0.10 should continue to work with local compilation for now, but hosted pre-built binaries will no longer be provided. If this is a constraint for you, please pin to an earlier version.
• Fixed security vulnerability warnings by updating node-pre-gyp to ^0.9.0
• Compatibility updates for nan v2.9.0

v1.1.3

• Added node v9 for pre-built binaries
• Fixed bug related to using --no-bin-links option on install
• Updated node-pre-gyp to latest version (0.6.39)

Commits

• 844a05d Version Bump
• f393f2a Only build fsevents on macOS (#322)
• 6a281a7 [publish binary]
• acc2bce [publish binary]
• f532b6e [publish binary]
• 4c6a1c0 Add node 13 to travis matrix.
• 92e40aa Release 1.2.12.
• 909af26 Release v1.2.11
• 7074adb Release v1.2.10
• 0a052f6 Node.js v12 support for v1.x (#274)
• Additional commits viewable in compare view

Updates eslint from 4.19.1 to 9.1.1

Release notes

Sourced from eslint's releases.

v9.1.1

Bug Fixes

• a26b402 fix: use @​eslint/create-config latest (#18373) (唯然)

v9.1.0

Features

• 03068f1 feat: Provide helpful error message for nullish configs (#18357) (Nicholas C. Zakas)
• 751b518 feat: replace dependency graphemer with Intl.Segmenter (#18110) (Francesco Trotta)
• 4d11e56 feat: add name to eslint configs (#18289) (唯然)
• 1cbe1f6 feat: allow while(true) in no-constant-condition (#18286) (Tanuj Kanti)
• 0db676f feat: add Intl in es6 globals (#18318) (唯然)

Bug Fixes

• 8d18958 fix: Remove name from eslint/js packages (#18368) (Nicholas C. Zakas)
• 594eb0e fix: do not crash on error in fs.walk filter (#18295) (Francesco Trotta)
• 0d8cf63 fix: EMFILE errors (#18313) (Nicholas C. Zakas)
• e1ac0b5 fix: --inspect-config only for flat config and respect -c (#18306) (Nicholas C. Zakas)
• 09675e1 fix: --no-ignore should not apply to non-global ignores (#18334) (Milos Djermanovic)

Documentation

• fb50077 docs: include notes about globals in migration-guide (#18356) (Gabriel Rohden)
• 71c771f docs: Fix missing accessible name for scroll-to-top link (#18329) (Germán Freixinós)
• 200fd4e docs: indicate eslintrc mode for .eslintignore (#18285) (Francesco Trotta)
• 16b6a8b docs: Update README (GitHub Actions Bot)
• df5f8a9 docs: paths and patterns difference in no-restricted-imports (#18273) (Tanuj Kanti)
• c537d76 docs: update npm init @eslint/config generated file names (#18298) (唯然)
• e1e305d docs: fix linebreak-style examples (#18262) (Francesco Trotta)
• 113f51e docs: Mention package.json config support dropped (#18305) (Nicholas C. Zakas)
• 5c35321 docs: add eslintrc-only note to --rulesdir (#18281) (Adam Lui 刘展鹏)

Build Related

• 1fa6622 build: do not use --force flag to install dependencies (#18284) (Francesco Trotta)

Chores

• d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367) (Francesco Trotta)
• 50d406d chore: package.json update for @​eslint/js release (Jenkins)
• 155c71c chore: package.json update for @​eslint/js release (Jenkins)
• 0588fc5 refactor: Move directive gathering to SourceCode (#18328) (Nicholas C. Zakas)
• 9048e21 chore: lint docs/src/_data js files (#18335) (Milos Djermanovic)
• 4820790 chore: upgrade [email protected] dev dependency (#18332) (Milos Djermanovic)
• 698d9ff chore: upgrade jsdoc & unicorn plugins in eslint-config-eslint (#18333) (Milos Djermanovic)
• 32c08cf chore: drop Node < 18 and use @​eslint/js v9 in eslint-config-eslint (#18323) (Milos Djermanovic)
• a76fb55 chore: @​eslint-community/eslint-plugin-eslint-comments v4.3.0 (#18319) (Milos Djermanovic)
• 78e45b1 chore: eslint-plugin-eslint-plugin v6.0.0 (#18316) (唯然)
• 36103a5 chore: eslint-plugin-n v17.0.0 (#18315) (唯然)

v9.0.0

Breaking Changes

• b7cf3bd fix!: correct camelcase rule schema for allow option (#18232) (eMerzh)
• 09bd7fe feat!: move AST traversal into SourceCode (#18167) (Nicholas C. Zakas)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.1.1 - April 22, 2024

• a26b402 fix: use @​eslint/create-config latest (#18373) (唯然)

v9.1.0 - April 19, 2024

• d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367) (Francesco Trotta)
• 03068f1 feat: Provide helpful error message for nullish configs (#18357) (Nicholas C. Zakas)
• 50d406d chore: package.json update for @​eslint/js release (Jenkins)
• 8d18958 fix: Remove name from eslint/js packages (#18368) (Nicholas C. Zakas)
• 155c71c chore: package.json update for @​eslint/js release (Jenkins)
• 594eb0e fix: do not crash on error in fs.walk filter (#18295) (Francesco Trotta)
• 751b518 feat: replace dependency graphemer with Intl.Segmenter (#18110) (Francesco Trotta)
• fb50077 docs: include notes about globals in migration-guide (#18356) (Gabriel Rohden)
• 4d11e56 feat: add name to eslint configs (#18289) (唯然)
• 1cbe1f6 feat: allow while(true) in no-constant-condition (#18286) (Tanuj Kanti)
• 0588fc5 refactor: Move directive gathering to SourceCode (#18328) (Nicholas C. Zakas)
• 0d8cf63 fix: EMFILE errors (#18313) (Nicholas C. Zakas)
• e1ac0b5 fix: --inspect-config only for flat config and respect -c (#18306) (Nicholas C. Zakas)
• 09675e1 fix: --no-ignore should not apply to non-global ignores (#18334) (Milos Djermanovic)
• 9048e21 chore: lint docs/src/_data js files (#18335) (Milos Djermanovic)
• 4820790 chore: upgrade [email protected] dev dependency (#18332) (Milos Djermanovic)
• 698d9ff chore: upgrade jsdoc & unicorn plugins in eslint-config-eslint (#18333) (Milos Djermanovic)
• 71c771f docs: Fix missing accessible name for scroll-to-top link (#18329) (Germán Freixinós)
• 0db676f feat: add Intl in es6 globals (#18318) (唯然)
• 200fd4e docs: indicate eslintrc mode for .eslintignore (#18285) (Francesco Trotta)
• 32c08cf chore: drop Node < 18 and use @​eslint/js v9 in eslint-config-eslint (#18323) (Milos Djermanovic)
• 16b6a8b docs: Update README (GitHub Actions Bot)
• a76fb55 chore: @​eslint-community/eslint-plugin-eslint-comments v4.3.0 (#18319) (Milos Djermanovic)
• df5f8a9 docs: paths and patterns difference in no-restricted-imports (#18273) (Tanuj Kanti)
• c537d76 docs: update npm init @eslint/config generated file names (#18298) (唯然)
• 78e45b1 chore: eslint-plugin-eslint-plugin v6.0.0 (#18316) (唯然)
• 36103a5 chore: eslint-plugin-n v17.0.0 (#18315) (唯然)
• e1e305d docs: fix linebreak-style examples (#18262) (Francesco Trotta)
• 113f51e docs: Mention package.json config support dropped (#18305) (Nicholas C. Zakas)
• 1fa6622 build: do not use --force flag to install dependencies (#18284) (Francesco Trotta)
• 5c35321 docs: add eslintrc-only note to --rulesdir (#18281) (Adam Lui 刘展鹏)

v9.0.0 - April 5, 2024

• 19f9a89 chore: Update dependencies for v9.0.0 (#18275) (Nicholas C. Zakas)
• 7c957f2 chore: package.json update for @​eslint/js release (Jenkins)
• d73a33c chore: ignore /docs/v8.x in link checker (#18274) (Milos Djermanovic)
• d54a412 feat: Add --inspect-config CLI flag (#18270) (Nicholas C. Zakas)
• e151050 docs: update get-started to the new @eslint/create-config (#18217) (唯然)
• 610c148 fix: Support using declarations in no-lone-blocks (#18269) (Kirk Waiblinger)
• 44a81c6 chore: upgrade knip (#18272) (Lars Kappert)
• 94178ad docs: mention about name field in flat config (#18252) (Anthony Fu)
• 1765c24 docs: add Troubleshooting page (#18181) (Josh Goldberg ✨)
• e80b60c chore: remove code for testing version selectors (#18266) (Milos Djermanovic)

... (truncated)

Commits

• b4d2512 9.1.1
• ef36aa4 Build: changelog update for 9.1.1
• a26b402 fix: use @​eslint/create-config latest (#18373)
• b78d831 9.1.0
• e4d9c92 Build: changelog update for 9.1.0
• d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367)
• 03068f1 feat: Provide helpful error message for nullish configs (#18357)
• 50d406d chore: package.json update for @​eslint/js release
• 8d18958 fix: Remove name from eslint/js packages (#18368)
• 155c71c chore: package.json update for @​eslint/js release
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by eslintbot, a new releaser for eslint since your current version.

Updates request from 2.86.0 to 2.88.2

Changelog

Sourced from request's changelog.

Change Log

v2.88.0 (2018/08/10)

• #2996 fix(uuid): import versioned uuid (@​kwonoj)
• #2994 Update to oauth-sign 0.9.0 (@​dlecocq)
• #2993 Fix header tests (@​simov)
• #2904 #515, #2894 Strip port suffix from Host header if the protocol is known. (#2904) (@​paambaati)
• #2791 Improve AWS SigV4 support. (#2791) (@​vikhyat)
• #2977 Update test certificates (@​simov)

v2.87.0 (2018/05/21)

• #2943 Replace hawk dependency with a local implemenation (#2943) (@​hueniverse)

Commits

• See full diff in compare view

Updates async from 2.6.0 to 2.6.4

Changelog

Sourced from async's changelog.

v2.6.4

• Fix potential prototype pollution exploit (#1828)

v2.6.3

• Updated lodash to squelch a security warning (#1675)

v2.6.2

• Updated lodash to squelch a security warning (#1620)

v2.6.1

• Updated lodash to prevent npm audit warnings. (#1532, #1533)
• Made async-es more optimized for webpack users (#1517)
• Fixed a stack overflow with large collections and a synchronous iterator (#1514)
• Various small fixes/chores (#1505, #1511, #1527, #1530)

Commits

• c6bdaca Version 2.6.4
• 8870da9 Update built files
• 4df6754 update changelog
• 8f7f903 Fix prototype pollution vulnerability (#1828)
• f1d8383 Version 2.6.3
• 2b674c1 update changelog
• eab740f fix: udpate lodash. closes #1675
• eaf32be Version 2.6.2
• 684b42e Update built files
• e1bd3da update changelog
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by hargasinski, a new releaser for async since your current version.

Updates browserify-sign from 4.0.4 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

• [patch] widen support to 0.12 9247adf
• [patch] drop minimum node support to v1 4d0ee49
• [Dev Deps] update aud, npmignore, tape 87f3a35
• [actions] remove redundant finisher 37a4758
• [Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12
• [Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)
• [Deps] update elliptic fb261ce
• [Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

• [Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

• Only apps should have lockfiles 09a8995
• [eslint] switch to eslint 83fe463
• [meta] add npmignore and auto-changelog 4418183
• [meta] fix package.json indentation 9ac5a5e
• [Tests] migrate from travis to github actions d845d85
• [Fix] sign: throw on unsupported padding scheme 8767739
• [Fix] properly check the upper bound for DSA signatures 85994cd
• [Tests] handle openSSL not supporting a scheme f5f17c2
• [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
• [Dev Deps] update nyc, standard, tape cc5350b
• [Tests] always run coverage; downgrade nyc 75ce1d5
• [meta] add safe-publish-latest dcf49ce
• [Tests] add npm run posttest 75dd8fd
• [Dev Deps] update tape 3aec038
• [Tests] skip unsupported schemes 703c83e
• [Tests] node < 6 lacks array includes 3aa43cf
• [Dev Deps] fix eslint range 98d4e0d

v4.2.1 - 2020-08-04

Merged

• bump elliptic [#58](https://github.com/crypto-browserify/browserify-sign/issues/58)

v4.2.0 - 2020-05-18

Merged

• switch to safe buffer [#...

  Description has been truncated

[dependabot]

Superseded by #8.