build(deps): bump the npm_and_yarn group across 1 directory with 36 updates

[dependabot]

Bumps the npm_and_yarn group with 30 updates in the / directory:

Package	From	To
semantic-release	12.2.2	19.0.3
lodash	4.17.10	4.17.21
@commitlint/cli	5.2.5	5.2.8
commitizen	2.9.6	2.10.1
ajv	6.5.0	6.12.6
fsevents	1.1.2	1.2.13
eslint	4.19.1	9.5.0
request	2.86.0	2.88.2
async	2.6.0	2.6.4
browserify-sign	4.0.4	4.2.3
y18n	3.2.1	3.2.2
chownr	1.0.1	1.1.4
minimist	1.2.0	1.2.8
mkdirp	0.5.1	0.5.6
commitizen	2.10.1	4.3.0
handlebars	4.0.11	4.7.8
glob-all	3.1.0	3.3.1
decode-uri-component	0.2.0	0.2.2
ejs	2.6.1	removed
webpack-cli	2.1.3	5.1.4
elliptic	6.4.0	6.5.5
ini	1.3.4	1.3.8
js-yaml	3.10.0	3.14.1
svgo	0.7.2	3.3.2
jsdom	11.10.0	removed
jest	22.4.4	29.7.0
loader-utils	1.1.0	1.4.2
mixin-deep	1.3.1	1.3.2
set-value	2.0.0	2.0.1
union-value	1.0.0	1.0.1
shell-quote	1.6.1	1.8.1

Updates semantic-release from 12.2.2 to 19.0.3

Release notes

Sourced from semantic-release's releases.

v19.0.3

19.0.3 (2022-06-09)

Bug Fixes

• log-repo: use the original form of the repo url to remove the need to mask credentials (#2459) (58a226f), closes #2449

v19.0.2

19.0.2 (2022-01-18)

Bug Fixes

• npm-plugin: upgraded to the stable version (0eca144)

v19.0.1

19.0.1 (2022-01-18)

Bug Fixes

• npm-plugin: upgraded to the latest beta version (8097afb)

v19.0.0

19.0.0 (2022-01-18)

Bug Fixes

• npm-plugin: upgraded to the beta, which upgrades npm to v8 (f634b8c)
• upgrade marked to resolve ReDos vulnerability (#2330) (d9e5bc0)

BREAKING CHANGES

• npm-plugin: @semantic-release/npm has also dropped support for node v15
• node v15 has been removed from our defined supported versions of node. this was done to upgrade to compatible versions of marked and marked-terminal that resolved the ReDoS vulnerability. removal of support of this node version should be low since it was not an LTS version and has been EOL for several months already.

v19.0.0-beta.2

19.0.0-beta.2 (2022-01-17)

Bug Fixes

• npm-plugin: upgraded to the beta, which upgrades npm to v8 (f634b8c)

... (truncated)

Commits

• 58a226f fix(log-repo): use the original form of the repo url to remove the need to ma...
• 17d60d3 build(deps): bump npm from 8.3.1 to 8.12.0 (#2447)
• ab45ab1 chore(lint): disabled rules that dont apply to this project (#2408)
• ea389c3 chore(deps): update dependency yargs-parser to 13.1.2 [security] (#2402)
• fa994db build(deps): bump node-fetch from 2.6.1 to 2.6.7 (#2399)
• b79116b build(deps): bump trim-off-newlines from 1.0.1 to 1.0.3
• 6fd7e56 build(deps): bump minimist from 1.2.5 to 1.2.6
• 2b94bb4 docs: update broken link to CI config recipes (#2378)
• b4bc191 docs: Correct circleci workflow (#2365)
• 2c30e26 Merge pull request #2333 from semantic-release/next
• Additional commits viewable in compare view

Updates lodash from 4.17.10 to 4.17.21

Commits

• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• ded9bc6 Bump to v4.17.20.
• 63150ef Documentation fixes.
• 00f0f62 test.js: Remove trailing comma.
• 846e434 Temporarily use a custom fork of lodash-cli.
• 5d046f3 Re-enable Travis tests on 4.17 branch.
• aa816b3 Remove /npm-package.
• d7fbc52 Bump to v4.17.19
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Updates @commitlint/cli from 5.2.5 to 5.2.8

Release notes

Sourced from @​commitlint/cli's releases.

v5.2.8

Bug Fixes

• allow [0] shorthand (2210dd9)
• correctly resolve parserOpts #115 #95 (7c3d49a)
• sanitize ensure.case #211 (e18dc4c)

v5.2.6

5.2.6 (2017-12-21)

Bug Fixes

• ignore semver commits with chore type (cdbb085), closes #198

Changelog

Sourced from @​commitlint/cli's changelog.

5.2.8 (2017-12-26)

Note: Version bump only for package @​commitlint/cli

5.2.7 (2017-12-26)

Bug Fixes

• correctly resolve parserOpts #115 #95 (7c3d49a)

5.2.6 (2017-12-21)

Note: Version bump only for package @​commitlint/cli

Commits

• 2d347c7 v5.2.8
• 03c7388 v5.2.7
• 7c3d49a fix: correctly resolve parserOpts #115 #95
• a530981 style: lift core/library to own modules
• ef687b2 Revert "chore: update dependency cross-env to v5.1.2"
• 090c63f v5.2.6
• 264f992 chore: update dependency cross-env to v5.1.2
• edeb77f chore: update dependency dependency-check to v2.9.2 (#199)
• See full diff in compare view

Updates commitizen from 2.9.6 to 2.10.1

Release notes

Sourced from commitizen's releases.

v2.10.1

2.10.1 (2018-05-24)

Bug Fixes

• cli: Respect git commit -a original behavior (#376) (#471) (d10c94f4)
• config: prioritized package.json last when looking for config files (#484) (5f8902e7, closes #478)

v2.10.0

2.10.0 (2018-05-24)

Bug Fixes

• lodash Node Security warning (#482) (0023958e)
• adapter: Don't print git root to stdout (#428) (d5e24245)
• cli: Don't print error stack trace if git-cz failed (#436) (#437) (53719a42)

Features

• strategies: respect the --allow-emtpy flag (#477) (495437c1)

Commits

• 5838ce0 chore(deps): update dependency eslint-plugin-standard to v2.3.1 (#492)
• 0dd9183 chore(deps): update dependency node-uuid to v1.4.8 (#494)
• 1df0d8a chore(deps): update dependency nodemon to v1.17.5 (#495)
• ff1268d chore(deps): update dependency mocha to v3.5.3 (#493)
• c3b920b chore(deps): update dependency eslint-plugin-promise to v3.7.0 (#490)
• 94b29de chore(deps): update dependency eslint to v3.19.0 (#489)
• d92b728 chore(deps): update dependency axios to v0.18.0 (#488)
• f856f92 Docs: Updates Angular commit conventions link in Contributing.md (#472)
• d10c94f fix(cli): Respect git commit -a original behavior (#376) (#471)
• 5f8902e fix(config): prioritized package.json last when looking for config files (#484)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by commitizen-bot, a new releaser for commitizen since your current version.

Updates ajv from 6.5.0 to 6.12.6

Release notes

Sourced from ajv's releases.

v6.12.6

Fix performance issue of "url" format.

v6.12.5

Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords option (#1270)

v6.12.4

Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

v6.12.3

Pass schema object to processCode function Option for strictNumbers (@​issacgerges, #1128) Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

v6.12.2

Removed post-install script

v6.12.1

Docs and dependency updates

v6.12.0

Improved hostname validation (@​sambauers, #1143) Option keywords to add custom keywords (@​franciscomorais, #1137) Types fixes (@​boenrobot, @​MattiAstedrone) Docs:

• error logging example (@​RadiationSickness)
• TypeScript usage notes (@​thetric)

v6.11.0

Time formats support two digit and colon-less variants of timezone offset (#1061 , @​cjpillsbury) Docs: RegExp related security considerations Tests: Disabled failing typescript test

v6.10.2

Fix: the unknown keywords were ignored with the option strictKeywords: true (instead of failing compilation) in some sub-schemas (e.g. anyOf), when the sub-schema didn't have known keywords.

v6.10.1

Fix types Fix addSchema (#1001) Update dependencies

v6.10.0

Option strictDefaults to report ignored defaults (#957, @​not-an-aardvark) Option strictKeywords to report unknown keywords (#781)

v6.9.0

OpenAPI keyword nullable can be any boolean (and not only true). Custom keyword definition changes:

• dependencies option in to require the presence of keywords in the same schema.

... (truncated)

Commits

• fe59143 6.12.6
• d580d3e Merge pull request #1298 from ajv-validator/fix-url
• fd36389 fix: regular expression for "url" format
• 490e34c docs: link to v7-beta branch
• 9cd93a1 docs: note about v7 in readme
• 877d286 Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type
• f1c8e45 6.12.5
• 764035e Merge branch 'ChALkeR-chalker/fix-comma'
• 3798160 Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...
• a3c7eba Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...
• Additional commits viewable in compare view

Updates fsevents from 1.1.2 to 1.2.13

Release notes

Sourced from fsevents's releases.

Release v1.2.13

Only build on Mac-OSX

Release v1.2.11

Removing node-pre-gyp so that building fsevents becomes easier and enabled without the download of binaries.

The credentials to the AWS store have been lost. Releasing to AWS is both insecure and no longer possible due to the lost credentials.

Intermediate Release

No release notes provided.

Release v1.2.9 - Node v12 compatibility

No release notes provided.

Release Pre-NAPI v1.2.8

No release notes provided.

Version Bump (bundle node-pre-gyp)

No release notes provided.

Prebuilt v11.x

No release notes provided.

v1.2.3

• Added node v10 for pre-built binaries
• C++ tuning to fix potential SIGILL and cyclic dependency (#204)

v1.2.2

Fixed node-pre-gyp bundling issue

v1.2.1

[unpublished because of errors during publish process]

v1.2.0

• BREAKING: End support for Node v0.12. If you are using Node v0.12 please pin your fsevents dependencies to v1.1.3. Not bumping semver major for this release was a compromise solution discussed in #199 and #201.
  • Node v0.10 should continue to work with local compilation for now, but hosted pre-built binaries will no longer be provided. If this is a constraint for you, please pin to an earlier version.
• Fixed security vulnerability warnings by updating node-pre-gyp to ^0.9.0
• Compatibility updates for nan v2.9.0

v1.1.3

• Added node v9 for pre-built binaries
• Fixed bug related to using --no-bin-links option on install
• Updated node-pre-gyp to latest version (0.6.39)

Commits

• 844a05d Version Bump
• f393f2a Only build fsevents on macOS (#322)
• 6a281a7 [publish binary]
• acc2bce [publish binary]
• f532b6e [publish binary]
• 4c6a1c0 Add node 13 to travis matrix.
• 92e40aa Release 1.2.12.
• 909af26 Release v1.2.11
• 7074adb Release v1.2.10
• 0a052f6 Node.js v12 support for v1.x (#274)
• Additional commits viewable in compare view

Updates eslint from 4.19.1 to 9.5.0

Release notes

Sourced from eslint's releases.

v9.5.0

Features

• b2d256c feat: no-sparse-arrays report on "comma" instead of the whole array (#18579) (fisker Cheung)

Bug Fixes

• 6880286 fix: treat * as a universal pattern (#18586) (Milos Djermanovic)
• 7fbe211 fix: message template for all files ignored (#18564) (Milos Djermanovic)
• 469cb36 fix: Don't lint the same file multiple times (#18552) (Milos Djermanovic)
• 5cff638 fix: improve message for ignored files without a matching config (#18404) (Francesco Trotta)

Documentation

• 455f7fd docs: add section about including .gitignore files (#18590) (Milos Djermanovic)
• 721eafe docs: update info about universal files patterns (#18587) (Francesco Trotta)
• 8127127 docs: Update README (GitHub Actions Bot)
• 55c2a66 docs: Update README (GitHub Actions Bot)
• eb76282 docs: Update README (GitHub Actions Bot)
• ff6e96e docs: baseConfig and overrideConfig can be arrays (#18571) (Milos Djermanovic)
• d2d83e0 docs: Add mention of eslint-transforms to v9 migration guide (#18566) (Nicholas C. Zakas)
• 9ce6832 docs: add callout box for unintuitive behavior (#18567) (Ben McCann)
• b8db99c docs: Add VS Code info to config migration guide (#18555) (Nicholas C. Zakas)
• 518a35c docs: Mention config migrator (#18561) (Nicholas C. Zakas)
• eb440fc docs: specifying files with arbitrary or no extension (#18539) (Francesco Trotta)
• 38c159e docs: Provide example of reading package.json for plugins meta (#18530) (Nicholas C. Zakas)
• d16a659 docs: add link to migration guide for --ext CLI option (#18537) (Milos Djermanovic)
• 73408de docs: add link to configuration file docs before examples (#18535) (Milos Djermanovic)

Chores

• f588160 chore: upgrade @​eslint/js@​9.5.0 (#18591) (Milos Djermanovic)
• 5890841 chore: package.json update for @​eslint/js release (Jenkins)
• e9f4ccd chore: remove unused eslint-disable directive (#18589) (Milos Djermanovic)
• 4b23ffd refactor: Move JS parsing logic into JS language (#18448) (Nicholas C. Zakas)
• 1495b93 chore: update WebdriverIO packages (#18558) (Christian Bromann)
• cea7ede chore: add website donate link instead of opencollective (#18582) (Strek)
• ec94880 chore: package.json update for eslint-config-eslint release (Jenkins)
• 6912586 chore: extract formatting rules into separate config (#18560) (Milos Djermanovic)
• 9738f7e ci: fix CLI flags for c8, raise thresholds (#18554) (Francesco Trotta)
• c6de7bb chore: update dependency markdownlint-cli to ^0.41.0 (#18538) (renovate[bot])
• 2c8fd34 ci: pin @​wdio/browser-runner v8.36.0 (#18540) (唯然)

v9.4.0

Features

• 89a4a0a feat: ignore IIFE's in the no-loop-func rule (#17528) (Nitin Kumar)

Bug Fixes

• f6534d1 fix: skip processor code blocks that match only universal patterns (#18507) (Milos Djermanovic)
• 7226ebd fix: allow implicit undefined return in no-constructor-return (#18515) (Ali Rezvani)
• 389744b fix: use @eslint/config-inspector@latest (#18483) (唯然)
• 70118a5 fix: func-style false positive with arrow functions and super (#18473) (Milos Djermanovic)

Documentation

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.5.0 - June 14, 2024

• f588160 chore: upgrade @​eslint/js@​9.5.0 (#18591) (Milos Djermanovic)
• 5890841 chore: package.json update for @​eslint/js release (Jenkins)
• 455f7fd docs: add section about including .gitignore files (#18590) (Milos Djermanovic)
• e9f4ccd chore: remove unused eslint-disable directive (#18589) (Milos Djermanovic)
• 721eafe docs: update info about universal files patterns (#18587) (Francesco Trotta)
• 4b23ffd refactor: Move JS parsing logic into JS language (#18448) (Nicholas C. Zakas)
• 6880286 fix: treat * as a universal pattern (#18586) (Milos Djermanovic)
• 8127127 docs: Update README (GitHub Actions Bot)
• b2d256c feat: no-sparse-arrays report on "comma" instead of the whole array (#18579) (fisker Cheung)
• 1495b93 chore: update WebdriverIO packages (#18558) (Christian Bromann)
• cea7ede chore: add website donate link instead of opencollective (#18582) (Strek)
• 55c2a66 docs: Update README (GitHub Actions Bot)
• eb76282 docs: Update README (GitHub Actions Bot)
• ff6e96e docs: baseConfig and overrideConfig can be arrays (#18571) (Milos Djermanovic)
• 7fbe211 fix: message template for all files ignored (#18564) (Milos Djermanovic)
• ec94880 chore: package.json update for eslint-config-eslint release (Jenkins)
• d2d83e0 docs: Add mention of eslint-transforms to v9 migration guide (#18566) (Nicholas C. Zakas)
• 6912586 chore: extract formatting rules into separate config (#18560) (Milos Djermanovic)
• 9ce6832 docs: add callout box for unintuitive behavior (#18567) (Ben McCann)
• b8db99c docs: Add VS Code info to config migration guide (#18555) (Nicholas C. Zakas)
• 518a35c docs: Mention config migrator (#18561) (Nicholas C. Zakas)
• 469cb36 fix: Don't lint the same file multiple times (#18552) (Milos Djermanovic)
• 9738f7e ci: fix CLI flags for c8, raise thresholds (#18554) (Francesco Trotta)
• eb440fc docs: specifying files with arbitrary or no extension (#18539) (Francesco Trotta)
• 38c159e docs: Provide example of reading package.json for plugins meta (#18530) (Nicholas C. Zakas)
• c6de7bb chore: update dependency markdownlint-cli to ^0.41.0 (#18538) (renovate[bot])
• 5cff638 fix: improve message for ignored files without a matching config (#18404) (Francesco Trotta)
• d16a659 docs: add link to migration guide for --ext CLI option (#18537) (Milos Djermanovic)
• 73408de docs: add link to configuration file docs before examples (#18535) (Milos Djermanovic)
• 2c8fd34 ci: pin @​wdio/browser-runner v8.36.0 (#18540) (唯然)

v9.4.0 - May 31, 2024

• 010dd2e chore: upgrade to @eslint/[email protected] (#18534) (Francesco Trotta)
• 5e1b5dc chore: package.json update for @​eslint/js release (Jenkins)
• d7ab6f5 docs: update theme when when prefers-color-scheme changes (#18510) (Nitin Kumar)
• 594145f refactor: switch to @eslint/config-array (#18527) (Francesco Trotta)
• 525fdff docs: fix components files (#18519) (Tanuj Kanti)
• 89a4a0a feat: ignore IIFE's in the no-loop-func rule (#17528) (Nitin Kumar)
• 80747d2 docs: refactor prefer-destructuring rule (#18472) (Tanuj Kanti)
• f6534d1 fix: skip processor code blocks that match only universal patterns (#18507) (Milos Djermanovic)
• 7226ebd fix: allow implicit undefined return in no-constructor-return (#18515) (Ali Rezvani)
• f06e0b5 docs: clarify func-style (#18477) (Cameron Steffen)
• 389744b fix: use @eslint/config-inspector@latest (#18483) (唯然)
• 70118a5 fix: func-style false positive with arrow functions and super (#18473) (Milos Djermanovic)

v9.3.0 - May 17, 2024

... (truncated)

Commits

• 5352357 9.5.0
• f425600 Build: changelog update for 9.5.0
• f588160 chore: upgrade @​eslint/js@​9.5.0 (#18591)
• 5890841 chore: package.json update for @​eslint/js release
• 455f7fd docs: add section about including .gitignore files (#18590)
• e9f4ccd chore: remove unused eslint-disable directive (#18589)
• 721eafe docs: update info about universal files patterns (#18587)
• 4b23ffd refactor: Move JS parsing logic into JS language (#18448)
• 6880286 fix: treat * as a universal pattern (#18586)
• 8127127 docs: Update README
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by eslintbot, a new releaser for eslint since your current version.

Updates request from 2.86.0 to 2.88.2

Changelog

Sourced from request's changelog.

Change Log

v2.88.0 (2018/08/10)

• #2996 fix(uuid): import versioned uuid (@​kwonoj)
• #2994 Update to oauth-sign 0.9.0 (@​dlecocq)
• #2993 Fix header tests (@​simov)
• #2904 #515, #2894 Strip port suffix from Host header if the protocol is known. (#2904) (@​paambaati)
• #2791 Improve AWS SigV4 support. (#2791) (@​vikhyat)
• #2977 Update test certificates (@​simov)

v2.87.0 (2018/05/21)

• #2943 Replace hawk dependency with a local implemenation (#2943) (@​hueniverse)

Commits

• See full diff in compare view

Updates async from 2.6.0 to 2.6.4

Changelog

Sourced from async's changelog.

v2.6.4

• Fix potential prototype pollution exploit (#1828)

v2.6.3

• Updated lodash to squelch a security warning (#1675)

v2.6.2

• Updated lodash to squelch a security warning (#1620)

v2.6.1

• Updated lodash to prevent npm audit warnings. (#1532, #1533)
• Made async-es more optimized for webpack users (#1517)
• Fixed a stack overflow with large collections and a synchronous iterator (#1514)
• Various small fixes/chores (#1505, #1511, #1527, #1530)

Commits

• c6bdaca Version 2.6.4
• 8870da9 Update built files
• 4df6754 update changelog
• 8f7f903 Fix prototype pollution vulnerability (#1828)
• f1d8383 Version 2.6.3
• 2b674c1 update changelog
• eab740f fix: udpate lodash. closes #1675
• eaf32be Version 2.6.2
• 684b42e Update built files
• e1bd3da update changelog
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by hargasinski, a new releaser for async since your current version.

Updates browserify-sign from 4.0.4 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

• [patch] widen support to 0.12 9247adf
• [patch] drop minimum node support to v1 4d0ee49
• [Dev Deps] update aud, npmignore, tape 87f3a35
• [actions] remove redundant finisher 37a4758
• [Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12
• [Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)
• [Deps] update elliptic fb261ce
• [Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

• [Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

• Only apps should have lockfiles 09a8995
• [eslint] switch to eslint 83fe463
• [meta] add npmignore and auto-changelog 4418183
• [meta] fix package.json indentation 9ac5a5e
• [Tests] migrate from travis to github actions d845d85
• [Fix] sign: throw on unsupported padding scheme 8767739
• [Fix] properly check the upper bound for DSA signatures 85994cd
• [Tests] handle openSSL not supporting a scheme f5f17c2
• [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
• [Dev Deps] update nyc, standard, tape cc5350b
• [Tests] always run coverage; downgrade nyc 75ce1d5
• [meta] add safe-publish-latest dcf49ce
• [Tests] add npm run posttest 75dd8fd
• [Dev Deps] update tape 3aec038
• [Tests] skip unsupported schemes 703c83e
• [Tests] node < 6 lacks array includes 3aa43cf
• [Dev Deps] fix eslint range 98d4e0d

v4.2.1 - 2020-08-04

Merged

• bump elliptic [#58](https://github.com/crypto-browserify/browserify-sign/issues/58)

<...

Description has been truncated