Bump the npm_and_yarn group across 1 directory with 38 updates

[dependabot]

Bumps the npm_and_yarn group with 29 updates in the / directory:

Package	From	To
codemirror	5.3.0	5.58.2
jquery	1.11.3	3.5.0
jquery-ui	1.12.1	1.13.2
nunjucks	3.2.3	3.2.4
react	0.13.3	0.14.0
postcss	8.3.9	8.4.31
webpack	5.58.2	5.76.0
fsevents	1.2.10	1.2.13
lodash	4.17.20	4.17.21
lodash	4.17.15	4.17.21
babelify	5.0.4	10.0.0
minimist	1.2.5	1.2.8
minimist	1.2.0	1.2.8
mkdirp	0.5.1	0.5.6
handlebars	4.5.3	4.7.8
mocha	2.3.2	10.4.0
gonzales-pe	4.2.4	4.3.0
@babel/traverse	7.12.13	7.24.7
ajv	6.10.2	6.12.6
ini	1.3.5	1.3.8
y18n	3.2.1	3.2.2
yargs-parser	13.1.1	21.1.1
browser-sync	2.26.7	2.29.3
kss	3.0.0-beta.25	3.1.0
stylelint	11.1.1	16.6.1
loader-utils	1.4.0	1.4.2
decode-uri-component	0.2.0	0.2.2
dot-prop	4.2.0	4.2.1
fast-xml-parser	3.20.3	4.4.0
is-svg	4.3.2	4.4.0
tough-cookie	4.0.0	4.1.4

Updates codemirror from 5.3.0 to 5.58.2

Commits

• See full diff in compare view

Updates jquery from 1.11.3 to 3.5.0

Release notes

Sourced from jquery's releases.

jQuery 3.5.0 Released!

See the blog post: https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ and the upgrade guide: https://jquery.com/upgrade-guide/3.5/

NOTE: Despite being a minor release, this update includes a breaking change that we had to make to fix a security issue ( CVE-2020-11022). Please follow the blog post & the upgrade guide for more details.

Commits

• 7a0a850 3.5.0
• 8570a08 Release: Update AUTHORS.txt
• da3dd85 Ajax: Do not execute scripts for unsuccessful HTTP responses
• 065143c Ajax: Overwrite s.contentType with content-type header value, if any
• 1a4f10d Tests: Blacklist one focusin test in IE
• 9e15d6b Event: Use only one focusin/out handler per matching window & document
• 966a709 Manipulation: Skip the select wrapper for <option> outside of IE 9
• 1d61fd9 Manipulation: Make jQuery.htmlPrefilter an identity function
• 04bf577 Selector: Update Sizzle from 2.3.4 to 2.3.5
• 7506c9c Build: Resolve Travis config warnings
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by mgol, a new releaser for jquery since your current version.

Updates jquery-ui from 1.12.1 to 1.13.2

Release notes

Sourced from jquery-ui's releases.

jQuery UI 1.13.2 Released!

https://blog.jqueryui.com/2022/07/jquery-ui-1-13-2-released/

jQuery UI 1.13.1 Released!

https://blog.jqueryui.com/2022/01/jquery-ui-1-13-1-released/

jQuery UI 1.13.0 released!

https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/

Commits

• d6c028c 1.13.2
• 8cc5bae Checkboxradio: Don't re-evaluate text labels as HTML
• b53e7be All: Remove deprecated .click() usage in demos/tests
• bb00536 Build: Update AUTHORS.txt
• 9d1fc97 Datepicker: Capitalize some Indonesian words
• 1f467ba Selectmenu: Remove a call to the deprecated .focus() method
• ac1866f Build: Update AUTHORS.txt
• 395aa7d Datepicker: Add missing localization for prevText and nextText
• 218c6af Datepicker: Remove symbols in localization
• 3126e12 Datepicker: Remove symbols in localization
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by mgol, a new releaser for jquery-ui since your current version.

Updates nunjucks from 3.2.3 to 3.2.4

Release notes

Sourced from nunjucks's releases.

v3.2.4

What's Changed

• fix: html encode backslashes if used with escape filter or autoescape by @​fdintino in mozilla/nunjucks#1437. Fixes CVE-2023-2142 ([bugzilla #1825980](https://bugzilla.mozilla.org/show_bug.cgi?id=1825980))

Full Changelog: mozilla/nunjucks@v3.2.3...v3.2.4

Changelog

Sourced from nunjucks's changelog.

3.2.4 (Apr 13 2023)

• HTML encode backslashes when expressions are passed through the escape filter (including when this is done automatically with autoescape). Merge of #1437.

Commits

• 86a77f4 Release v3.2.4
• ec16d21 fix: html encode backslashes if used with escape filter or autoescape (#1437)
• See full diff in compare view

Updates react from 0.13.3 to 0.14.0

Release notes

Sourced from react's releases.

v0.14.0

See http://facebook.github.io/react/blog/2015/10/07/react-v0.14.html.

Changelog

Sourced from react's changelog.

0.14.0 (October 7, 2015)

Major changes

• Split the main react package into two: react and react-dom. This paves the way to writing components that can be shared between the web version of React and React Native. This means you will need to include both files and some functions have been moved from React to ReactDOM.
• Addons have been moved to separate packages (react-addons-clone-with-props, react-addons-create-fragment, react-addons-css-transition-group, react-addons-linked-state-mixin, react-addons-perf, react-addons-pure-render-mixin, react-addons-shallow-compare, react-addons-test-utils, react-addons-transition-group, react-addons-update, ReactDOM.unstable_batchedUpdates).
• Stateless functional components - React components were previously created using React.createClass or using ES6 classes. This release adds a new syntax where a user defines a single stateless render function (with one parameter: props) which returns a JSX element, and this function may be used as a component.
• Refs to DOM components as the DOM node itself. Previously the only useful thing you can do with a DOM component is call getDOMNode() to get the underlying DOM node. Starting with this release, a ref to a DOM component is the actual DOM node. Note that refs to custom (user-defined) components work exactly as before; only the built-in DOM components are affected by this change.

Breaking changes

• React.initializeTouchEvents is no longer necessary and has been removed completely. Touch events now work automatically.
• Add-Ons: Due to the DOM node refs change mentioned above, TestUtils.findAllInRenderedTree and related helpers are no longer able to take a DOM component, only a custom component.
• The props object is now frozen, so mutating props after creating a component element is no longer supported. In most cases, React.cloneElement should be used instead. This change makes your components easier to reason about and enables the compiler optimizations mentioned above.
• Plain objects are no longer supported as React children; arrays should be used instead. You can use the createFragment helper to migrate, which now returns an array.
• Add-Ons: classSet has been removed. Use classnames instead.
• Web components (custom elements) now use native property names. Eg: class instead of className.

Deprecations

• this.getDOMNode() is now deprecated and ReactDOM.findDOMNode(this) can be used instead. Note that in the common case, findDOMNode is now unnecessary since a ref to the DOM component is now the actual DOM node.
• setProps and replaceProps are now deprecated. Instead, call ReactDOM.render again at the top level with the new props.
• ES6 component classes must now extend React.Component in order to enable stateless function components. The ES3 module pattern will continue to work.
• Reusing and mutating a style object between renders has been deprecated. This mirrors our change to freeze the props object.
• Add-Ons: cloneWithProps is now deprecated. Use React.cloneElement instead (unlike cloneWithProps, cloneElement does not merge className or style automatically; you can merge them manually if needed).
• Add-Ons: To improve reliability, CSSTransitionGroup will no longer listen to transition events. Instead, you should specify transition durations manually using props such as transitionEnterTimeout={500}.

Notable enhancements

• Added React.Children.toArray which takes a nested children object and returns a flat array with keys assigned to each child. This helper makes it easier to manipulate collections of children in your render methods, especially if you want to reorder or slice this.props.children before passing it down. In addition, React.Children.map now returns plain arrays too.
• React uses console.error instead of console.warn for warnings so that browsers show a full stack trace in the console. (Our warnings appear when you use patterns that will break in future releases and for code that is likely to behave unexpectedly, so we do consider our warnings to be “must-fix” errors.)
• Previously, including untrusted objects as React children could result in an XSS security vulnerability. This problem should be avoided by properly validating input at the application layer and by never passing untrusted objects around your application code. As an additional layer of protection, React now tags elements with a specific ES2015 (ES6) Symbol in browsers that support it, in order to ensure that React never considers untrusted JSON to be a valid element. If this extra security protection is important to you, you should add a Symbol polyfill for older browsers, such as the one included by Babel’s polyfill.
• When possible, React DOM now generates XHTML-compatible markup.
• React DOM now supports these standard HTML attributes: capture, challenge, inputMode, is, keyParams, keyType, minLength, summary, wrap. It also now supports these non-standard attributes: autoSave, results, security.
• React DOM now supports these SVG attributes, which render into namespaced attributes: xlinkActuate, xlinkArcrole, xlinkHref, xlinkRole, xlinkShow, xlinkTitle, xlinkType, xmlBase, xmlLang, xmlSpace.
• The image SVG tag is now supported by React DOM.
• In React DOM, arbitrary attributes are supported on custom elements (those with a hyphen in the tag name or an is="..." attribute).
• React DOM now supports these media events on audio and video tags: onAbort, onCanPlay, onCanPlayThrough, onDurationChange, onEmptied, onEncrypted, onEnded, onError, onLoadedData, onLoadedMetadata, onLoadStart, onPause, onPlay, onPlaying, onProgress, onRateChange, onSeeked, onSeeking, onStalled, onSuspend, onTimeUpdate, onVolumeChange, onWaiting.
• Many small performance improvements have been made.
• Many warnings show more context than before.
• Add-Ons: A shallowCompare add-on has been added as a migration path for PureRenderMixin in ES6 classes.
• Add-Ons: CSSTransitionGroup can now use custom class names instead of appending -enter-active or similar to the transition name.

New helpful warnings

• React DOM now warns you when nesting HTML elements invalidly, which helps you avoid surprising errors during updates.
• Passing document.body directly as the container to ReactDOM.render now gives a warning as doing so can cause problems with browser extensions that modify the DOM.
• Using multiple instances of React together is not supported, so we now warn when we detect this case to help you avoid running into the resulting problems.

... (truncated)

Commits

• 3603d45 v0.14.0
• 693dd35 Update to fbjs@0.3
• 4a4174b 0.14.0-rc1
• c04d02e Add warnings to React module
• 52b4c9e Upgrade to fbjs, fbjs-scripts @ 0.2
• b38509c Merge pull request #4540 from scottburch/ie8-fix
• ecb34de Upgrade ESLint, fix code
• 3f6bca7 0.14.0-beta3
• 5f01a90 Update addons.js
• 1da2b29 added suggested comment to get file to pass es-lint
• Additional commits viewable in compare view

Updates postcss from 8.3.9 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by @​romainmenke).

8.4.29

• Fixed Node#source.offset (by @​idoros).
• Fixed docs (by @​coliff).

8.4.28

• Fixed Root.source.end for better source map (by @​romainmenke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by @​romainmenke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

8.4.23

• Fixed warnings in TypeDoc.

8.4.22

• Fixed TypeScript support with node16 (by @​remcohaszing).

8.4.21

• Fixed Input#error types (by @​hudochenkov).

8.4.20

• Fixed source map generation for childless at-rules like @layer.

8.4.19

• Fixed whitespace preserving after AST transformations (by @​romainmenke).

8.4.18

• Fixed an error on absolute: true with empty sourceContent (by @​KingSora).

8.4.17

• Fixed Node.before() unexpected behavior (by @​romainmenke).
• Added TOC to docs (by @​muddv).

8.4.16

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by Romain Menke).

8.4.29

• Fixed Node#source.offset (by Ido Rosenthal).
• Fixed docs (by Christian Oliff).

8.4.28

• Fixed Root.source.end for better source map (by Romain Menke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by Romain Menke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

8.4.23

• Fixed warnings in TypeDoc.

8.4.22

• Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

• Fixed Input#error types (by Aleks Hudochenkov).

8.4.20

• Fixed source map generation for childless at-rules like @layer.

8.4.19

• Fixed whitespace preserving after AST transformations (by Romain Menke).

8.4.18

• Fixed an error on absolute: true with empty sourceContent (by Rene Haas).

8.4.17

• Fixed Node.before() unexpected behavior (by Romain Menke).
• Added TOC to docs (by Mikhail Dedov).

8.4.16

... (truncated)

Commits

• 90208de Release 8.4.31 version
• 58cc860 Fix carrier return parsing
• 4fff8e4 Improve pnpm test output
• cd43ed1 Update dependencies
• caa916b Update dependencies
• 8972f76 Typo
• 11a5286 Typo
• 45c5501 Release 8.4.30 version
• bc3c341 Update linter
• b2be58a Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...
• Additional commits viewable in compare view

Updates webpack from 5.58.2 to 5.76.0

Release notes

Sourced from webpack's releases.

v5.76.0

Bugfixes

• Avoid cross-realm object access by @​Jack-Works in webpack/webpack#16500
• Improve hash performance via conditional initialization by @​lvivski in webpack/webpack#16491
• Serialize generatedCode info to fix bug in asset module cache restoration by @​ryanwilsonperkin in webpack/webpack#16703
• Improve performance of hashRegExp lookup by @​ryanwilsonperkin in webpack/webpack#16759

Features

• add target to LoaderContext type by @​askoufis in webpack/webpack#16781

Security

• CVE-2022-37603 fixed by @​akhilgkrishnan in webpack/webpack#16446

Repo Changes

• Fix HTML5 logo in README by @​jakebailey in webpack/webpack#16614
• Replace TypeScript logo in README by @​jakebailey in webpack/webpack#16613
• Update actions/cache dependencies by @​piwysocki in webpack/webpack#16493

New Contributors

• @​Jack-Works made their first contribution in webpack/webpack#16500
• @​lvivski made their first contribution in webpack/webpack#16491
• @​jakebailey made their first contribution in webpack/webpack#16614
• @​akhilgkrishnan made their first contribution in webpack/webpack#16446
• @​ryanwilsonperkin made their first contribution in webpack/webpack#16703
• @​piwysocki made their first contribution in webpack/webpack#16493
• @​askoufis made their first contribution in webpack/webpack#16781

Full Changelog: webpack/webpack@v5.75.0...v5.76.0

v5.75.0

Bugfixes

• experiments.* normalize to false when opt-out
• avoid NaN%
• show the correct error when using a conflicting chunk name in code
• HMR code tests existance of window before trying to access it
• fix eval-nosources-* actually exclude sources
• fix race condition where no module is returned from processing module
• fix position of standalong semicolon in runtime code

Features

• add support for @import to extenal CSS when using experimental CSS in node
• add i64 support to the deprecated WASM implementation

Developer Experience

• expose EnableWasmLoadingPlugin
• add more typings
• generate getters instead of readonly properties in typings to allow overriding them

... (truncated)

Commits

• 97b1718 Merge pull request #16781 from askoufis/loader-context-target-type
• b84efe6 Merge pull request #16759 from ryanwilsonperkin/real-content-hash-regex-perf
• c98e9e0 Merge pull request #16493 from piwysocki/patch-1
• 5f34acf feat: Add target to LoaderContext type
• b7fc4d8 Merge pull request #16703 from ryanwilsonperkin/ryanwilsonperkin/fix-16160
• 63ea82d Merge branch 'webpack:main' into patch-1
• 4ba2252 Merge pull request #16446 from akhilgkrishnan/patch-1
• 1acd635 Merge pull request #16613 from jakebailey/ts-logo
• 302eb37 Merge pull request #16614 from jakebailey/html5-logo
• cfdb1df Improve performance of hashRegExp lookup
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack since your current version.

Updates fsevents from 1.2.10 to 1.2.13

Release notes

Sourced from fsevents's releases.

Release v1.2.13

Only build on Mac-OSX

Release v1.2.11

Removing node-pre-gyp so that building fsevents becomes easier and enabled without the download of binaries.

The credentials to the AWS store have been lost. Releasing to AWS is both insecure and no longer possible due to the lost credentials.

Commits

• 844a05d Version Bump
• f393f2a Only build fsevents on macOS (#322)
• 6a281a7 [publish binary]
• acc2bce [publish binary]
• f532b6e [publish binary]
• 4c6a1c0 Add node 13 to travis matrix.
• 92e40aa Release 1.2.12.
• 909af26 Release v1.2.11
• See full diff in compare view

Updates lodash from 4.17.20 to 4.17.21

Commits

• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• See full diff in compare view

Updates lodash from 4.17.15 to 4.17.21

Commits

• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• See full diff in compare view

Updates babelify from 5.0.4 to 10.0.0

Release notes

Sourced from babelify's releases.

v10.0.0

No changes from v10.0.0-beta.1, just re-releasing as stable.

v10.0.0-beta.1

• Revert one change to sources in generated sourcemaps that landed between 9.0.0 and 10.0.0-beta.0 since it was not needed.

v10.0.0-beta.0

• #267 - Fix handling for ignoreed files from Babel
• #262 - Fix README examples that were wrong
• #273 - More updates for Babel 7.x
• A bunch more fixes to make things work well

v9.0.0

• #255 - Initial upgrade to Babel 7.x
• #264 - Use Browserify's basedir as the working directory Babel's config.

This is marked as a prerelease because it was never published as latest on npm.

v8.0.0

• Drop Node 0.10/0.12/5 (similar to everything else in Babel 7)
• Add a peerDep on babel-core (similar to how babel-loader works), this is because people end up using incompatible versions of plugins/presets/tools (especially as we make a new major)

https://github.com/babel/grunt-babel/releases/tag/v7.0.0 https://github.com/babel/gulp-babel/releases/tag/v7.0.0

babel/babelify@02f97ec

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by loganfsmyth, a new releaser for babelify since your current version.

Updates minimist from 1.2.5 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

• [Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)
• [Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)
• [Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

• [Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)
• [Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)
• [Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)
• [Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)
• [Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

• Merge tag 'v0.2.3' a026794
• [eslint] fix indentation and whitespace 5368ca4
• [eslint] fix indentation and whitespace e5f5067
• [eslint] more cleanup 62fde7d
• [eslint] more cleanup 36ac5d0
• [meta] add auto-changelog 73923d2
• [actions] add reusable workflows d80727d
• [eslint] add eslint; rules to enable later are warnings 48bc06a
• [eslint] fix indentation 34b0f1c
• [readme] rename and add badges 5df0fe4
• [Dev Deps] switch from covert to nyc a48b128
• [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
• [meta] create FUNDING.yml; add funding in package.json 3639e0c
• [meta] use npmignore to autogenerate an npmignore file be2e038
• Only apps should have lockfiles 282b570
• isConstructorOrProto adapted from PR ef9153f
• [Dev Deps] update @ljharb/eslint-config, aud 098873c
• [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
• [meta] add safe-publish-latest 4b927de
• [Tests] add aud in posttest b32d9bd
• [meta] update repo URLs f9fdfc0
• [actions] Avoid 0.6 tests due to build failures ba92fe6
• [Dev Deps] update tape 950eaa7
• [Dev Deps] add missing npmignore dev dep 3226afa
• Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits

• 6901ee2 v1.2.8
• a026794 Merge tag 'v0.2.3'
• c0b2661 v0.2.3
• 63b8fee [Fix] Fix long option followed by single dash (#17)
• 72239e6 [Tests] Remove duplicate test (#12)
• 34b0f1c [eslint] fix indentation
• 3226afa [Dev Deps] add missing npmignore dev dep
• 098873c [Dev Deps] update @ljharb/eslint-config, aud
• 9ec4d27 [Fix] Fix long option followed by single dash
• ba92fe6 [actions] Avoid 0.6 tests due to build failures
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

Updates minimist from 1.2.0 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

• [Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)
• [Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)
• [Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

• [Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)
• [Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)
• [Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)
• [Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)
• [Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

• Merge tag 'v0.2.3' a026794
• [eslint] fix indentation and whitespace 5368ca4
• [eslint] fix indentation and whitespace e5f5067
• [eslint] more cleanup 62fde7d
• [eslint] more cleanup 36ac5d0
• [meta] add auto-changelog 73923d2
• [actions] add reusable workflows d80727d
• [eslint] add eslint; rules to enable later are warnings 48bc06a
• [eslint] fix indentation 34b0f1c
• [readme] rename and add badges 5df0fe4
• [Dev Deps] switch from covert to nyc a48b128
• [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
• [meta] create FUNDING.yml; add funding in package.json 3639e0c
• [meta] use npmignore to autogenerate an npmignore file be2e038
• Only apps should have lockfiles 282b570
• isConstructorOrProto adapted from PR ef9153f
• [Dev Deps] update @ljharb/eslint-config, aud 098873c
• [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
• [meta] add safe-publish-latest 4b927de
• [Tests] add aud in posttest b32d9bd
• [meta] update repo URLs f9fdfc0
• [actions] Avoid 0.6 tests due to build failures ba92fe6
• [Dev Deps] update tape 950eaa7
• [Dev Deps] add missing npmignore dev dep 3226afa
• Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits

• 6901ee2 v1.2.8
• a026794 Merge tag 'v0.2.3'
• c0b2661 v0.2.3
• 63b8fee [Fix] Fix long option followed by single dash (#17)
• 72239e6 [Tests] Remove duplicate test (#12)
• 34b0f1c [eslint] fix indentation
• 3226afa [Dev Deps] add missing npmignore dev dep
• 098873c [Dev Deps] update @ljharb/eslint-config, aud
• 9ec4d27 [Fix] Fix long option followed by single dash
• ba92fe6 [actions] Avoid 0.6 tests due to build failures
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

Updates mkdirp from 0.5.1 to 0.5.6

Commits

• 92f086d 0.5.6
• 2a28125 clean up tests
• c905d65 update minimist
• 049cf18 0.5.5
• bea6382 Remove unnecessary umask calls
• 42a012c 0.5.4
• 2867920 fix infinite loop on windows machines
• d784e70 0.5.3
• d612c5d add files list so this package isn't a monster
• b2e7ba0 0.5.2
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for mkdirp since your current version.

Updates handlebars from 4.5.3 to 4.7.8

Release notes

Sourced from handlebars's releases.

v4.7.8

• Make library compatible with workers (#1894) - 3d3796c
• Don't rely on Node.js global object (#1776) - 2954e7e
• Fix compiling of each block params in strict mode (#1855) - 30dbf04
• Fix rollup warning when importing Handlebars as ESM - 03d387b
• Fix bundler issue with webpack 5 (#1862) - c6c6bbb
• Use https instead of git for mustache submodule - 88ac068

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.8 - July 27th, 2023

• Make library compatible with workers (#1894) - 3d3796c
• Don't rely on Node.js global object (#1776) - 2954e7e
• Fix compiling of each block params in strict mode (#1855) - 30dbf04
• Fix rollup warning when importing Handlebars as ESM - 03d387b
• Fix bundler issue with webpack 5 (#1862) - c6c6bbb
• Use https instead of git for mustache submodule - 88ac068