Bump the npm_and_yarn group across 3 directories with 15 updates

[dependabot]

Bumps the npm_and_yarn group with 3 updates in the / directory: ws, braces and qs.
Bumps the npm_and_yarn group with 2 updates in the /examples/rollup directory: ws and braces.
Bumps the npm_and_yarn group with 7 updates in the /examples/webpack directory:

Package	From	To
ws	6.2.1	6.2.3
async	2.6.3	2.6.4
braces	2.3.2	3.0.3
@webpack-cli/generators	2.0.0	2.5.0
webpack-dev-server	3.11.2	5.0.4
ejs	2.7.4	3.1.10
@webpack-cli/generators	2.5.0	3.0.7
webpack	5.35.1	5.92.0

Updates ws from 7.5.9 to 7.5.10

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

• Backported e55e5106 to the 7.x release line (22c28763).

Commits

• d962d70 [dist] 7.5.10
• 22c2876 [security] Fix crash when the Upgrade header cannot be read (#2231)
• See full diff in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

• 74b2db2 3.0.3
• 88f1429 update eslint. lint, fix unit tests.
• 415d660 Snyk js braces 6838727 (#40)
• 190510f fix tests, skip 1 test in test/braces.expand
• 716eb9f readme bump
• a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
• 2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
• 9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
• 98414f9 remove funding file
• 665ab5d update keepEscaping doc (#27)
• Additional commits viewable in compare view

Updates qs from 6.11.2 to 6.12.1

Changelog

Sourced from qs's changelog.

6.12.1

• [Fix] parse: Disable decodeDotInKeys by default to restore previous behavior (#501)
• [Performance] utils: Optimize performance under large data volumes, reduce memory usage, and speed up processing (#502)
• [Refactor] utils: use +=
• [Tests] increase coverage

6.12.0

• [New] parse/stringify: add decodeDotInKeys/encodeDotKeys options (#488)
• [New] parse: add duplicates option
• [New] parse/stringify: add allowEmptyArrays option to allow [] in object values (#487)
• [Refactor] parse/stringify: move allowDots config logic to its own variable
• [Refactor] stringify: move option-handling code into normalizeStringifyOptions
• [readme] update readme, add logos (#484)
• [readme] stringify: clarify default arrayFormat behavior
• [readme] fix line wrapping
• [readme] remove dead badges
• [Deps] update side-channel
• [meta] make the dist build 50% smaller
• [meta] add sideEffects flag
• [meta] run build in prepack, not prepublish
• [Tests] parse: remove useless tests; add coverage
• [Tests] stringify: increase coverage
• [Tests] use mock-property
• [Tests] stringify: improve coverage
• [Dev Deps] update @ljharb/eslint-config , aud, has-override-mistake, has-property-descriptors, mock-property, npmignore, object-inspect, tape
• [Dev Deps] pin glob, since v10.3.8+ requires a broken jackspeak
• [Dev Deps] pin jackspeak since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6

Commits

• 29dda21 v6.12.1
• 7e18298 [Fix] parse: Disable decodeDotInKeys by default to restore previous behavior
• fd3cd7a [Tests] increase coverage
• 6d7df02 [Performance] utils: Optimize performance under large data volumes, reduce ...
• 572533c [Refactor] utils: use +=
• c4d29f3 [meta] add tea.yaml
• 062334a v6.12.0
• f09cffc [meta] make the dist build 50% smaller
• 934dfe8 [meta] run build in prepack, not prepublish
• c8a269f [Tests] parse: remove useless tests; add coverage
• Additional commits viewable in compare view

Updates ws from 7.4.5 to 7.5.10

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

• Backported e55e5106 to the 7.x release line (22c28763).

Commits

• d962d70 [dist] 7.5.10
• 22c2876 [security] Fix crash when the Upgrade header cannot be read (#2231)
• See full diff in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

• 74b2db2 3.0.3
• 88f1429 update eslint. lint, fix unit tests.
• 415d660 Snyk js braces 6838727 (#40)
• 190510f fix tests, skip 1 test in test/braces.expand
• 716eb9f readme bump
• a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
• 2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
• 9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
• 98414f9 remove funding file
• 665ab5d update keepEscaping doc (#27)
• Additional commits viewable in compare view

Updates ws from 6.2.1 to 6.2.3

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

• Backported e55e5106 to the 7.x release line (22c28763).

Commits

• d962d70 [dist] 7.5.10
• 22c2876 [security] Fix crash when the Upgrade header cannot be read (#2231)
• See full diff in compare view

Updates async from 2.6.3 to 2.6.4

Changelog

Sourced from async's changelog.

v2.6.4

• Fix potential prototype pollution exploit (#1828)

Commits

• c6bdaca Version 2.6.4
• 8870da9 Update built files
• 4df6754 update changelog
• 8f7f903 Fix prototype pollution vulnerability (#1828)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by hargasinski, a new releaser for async since your current version.

Updates braces from 2.3.2 to 3.0.3

Commits

• 74b2db2 3.0.3
• 88f1429 update eslint. lint, fix unit tests.
• 415d660 Snyk js braces 6838727 (#40)
• 190510f fix tests, skip 1 test in test/braces.expand
• 716eb9f readme bump
• a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
• 2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
• 9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
• 98414f9 remove funding file
• 665ab5d update keepEscaping doc (#27)
• Additional commits viewable in compare view

Updates @webpack-cli/generators from 2.0.0 to 2.5.0

Release notes

Sourced from @​webpack-cli/generators's releases.

v2.1.5

2.1.5 (2018-06-01)

Bug Fixes

• entry: fix a bug when --display-entrypoints=false does not hide entries (#464) (c2398a2)

v2.1.4

2.1.4 (2018-05-23)

Bug Fixes

• dependencies: fix vulnerabilities (#458) (3953648)

v.2.1.3

2.1.0 -> 2.1.3 are regressions and bugfixes from prior commits. 2.1.3 Changelog

v2.1.0

2.1.0 (2018-04-30)

Bug Fixes

• removes debug in migrate (#342) (e9c6800)
• ast: checks validity of an identifier (#360) (f42bdbd)
• init: output file name for single output (#403) (c1c0df0)
• loader,plugin: fix generators path bug (b4bfafb)

Features

• --entry should override config.entry (#155) (#358) (9026556)
• add envinfo as webpack-cli info command (51ab19f)
• support --build-delimiter for opt-in output delimiter (#192) (#340) (d01af47)
• use npm ci for tests (#367) (#368) (0de8a4e)

2.0.14

Changelog found here

v2.0.13

Changelog can be found here.

2.0.12

Changelog can be found here.

... (truncated)

Changelog

Sourced from @​webpack-cli/generators's changelog.

5.1.4 (2023-06-07)

Bug Fixes

• multi compiler progress output (f659624)

5.1.3 (2023-06-04)

Bug Fixes

• regression for custom configurations (#3834) (bb4f8eb)

5.1.2 (2023-06-04)

Bug Fixes

• improve check for custom webpack and webpack-dev-server package existance (0931ab6)
• improve help for some flags (f468614)
• improved support for .cts and .mts extensions (a77daf2)

5.1.1 (2023-05-09)

Bug Fixes

• false positive warning when --watch used (#3783) (c0436ba)

5.1.0 (2023-05-07)

Features

• shareable webpack configs using extends (#3738) (d04d0b9)

Performance Improvements

• simplify logic, reduce extra loops and perf (#3767) (6afe1d3)

5.0.2 (2023-04-21)

Bug Fixes

• error message for missing default export in configuration (#3685) (e0a4a09)
• perf: reduced startup time (3b79059)

5.0.1 (2022-12-05)

Bug Fixes

• make define-process-env-node-env alias node-env (#3514) (346a518)

5.0.0 (2022-11-17)

... (truncated)

Commits

• 20882d4 chore(release): publish new version
• 22f013b docs: remove redundant link (#3292)
• 3e1df05 chore: update package.json (#3289)
• 402c0fe fix: improve parsing of --env flag (#3286)
• ce7352d chore: disable length related commitlint rules (#3287)
• 652cc70 feat: add summary to smoketests (#3288)
• 1072e38 docs: update options (#3285)
• 6075c63 chore(deps-dev): bump @​types/node
• 979dbad chore(deps-dev): bump typescript-eslint
• 9941274 chore(deps-dev): bump webpack-dev-server from 4.9.1 to 4.9.2 (#3282)
• Additional commits viewable in compare view

Updates webpack-dev-server from 3.11.2 to 5.0.4

Release notes

Sourced from webpack-dev-server's releases.

v5.0.4

5.0.4 (2024-03-19)

Bug Fixes

• security: bump webpack-dev-middleware (#5112) (aab576a)

v5.0.3

5.0.3 (2024-03-12)

Bug Fixes

• types: proxy (#5101) (6e1aed3)

v5.0.2

5.0.2 (2024-02-16)

Bug Fixes

• types (#5057) (da2c24d)

v5.0.1

5.0.1 (2024-02-13)

Bug Fixes

• avoid using eval in client (#5045) (7681477)
• overlay and require-trusted-types-for (#5046) (e115436)

v5.0.0

5.0.0 (2024-02-12)

Migration Guide and Changes.

v4.15.2

4.15.2 (2024-03-20)

Bug Fixes

• security: bump webpack-dev-middleware (4116209)

v4.15.1

4.15.1 (2023-06-09)

... (truncated)

Changelog

Sourced from webpack-dev-server's changelog.

5.0.4 (2024-03-19)

Bug Fixes

• security: bump webpack-dev-middleware (#5112) (aab576a)

5.0.3 (2024-03-12)

Bug Fixes

• types: proxy (#5101) (6e1aed3)

5.0.2 (2024-02-16)

Bug Fixes

• types (#5057) (da2c24d)

5.0.1 (2024-02-13)

Bug Fixes

• avoid using eval in client (#5045) (7681477)
• overlay and require-trusted-types-for (#5046) (e115436)

5.0.0 (2024-02-12)

Migration Guide and Changes.

4.15.1 (2023-06-09)

Bug Fixes

• replace :: with localhost before openBrowser() (#4856) (874c44b)
• types: compatibility with @types/ws (#4899) (34bcec2)

4.15.0 (2023-05-07)

Features

• overlay displays unhandled promise rejection (#4849) (d1dd430)

4.14.0 (2023-05-06)

... (truncated)

Commits

• 64a1860 chore(release): 5.0.4
• aab576a fix(security): bump webpack-dev-middleware (#5112)
• fb6f22a chore(deps-dev): bump @​commitlint/config-conventional (#5104)
• ba9dfb6 chore(deps-dev): bump @​commitlint/cli from 19.0.3 to 19.1.0 (#5103)
• 08cab58 chore(release): 5.0.3
• 37f4760 chore(deps-dev): bump @​types/node from 20.11.25 to 20.11.26 (#5102)
• 6e1aed3 fix(types): proxy (#5101)
• 8ea7cb8 chore(deps): bump open from 10.0.4 to 10.1.0 (#5100)
• c6a3586 chore(deps-dev): bump puppeteer from 22.4.0 to 22.4.1 (#5099)
• 2201442 chore(deps): update (#5096)
• Additional commits viewable in compare view

Updates qs from 6.7.0 to 6.11.0

Changelog

Sourced from qs's changelog.

6.12.1

• [Fix] parse: Disable decodeDotInKeys by default to restore previous behavior (#501)
• [Performance] utils: Optimize performance under large data volumes, reduce memory usage, and speed up processing (#502)
• [Refactor] utils: use +=
• [Tests] increase coverage

6.12.0

• [New] parse/stringify: add decodeDotInKeys/encodeDotKeys options (#488)
• [New] parse: add duplicates option
• [New] parse/stringify: add allowEmptyArrays option to allow [] in object values (#487)
• [Refactor] parse/stringify: move allowDots config logic to its own variable
• [Refactor] stringify: move option-handling code into normalizeStringifyOptions
• [readme] update readme, add logos (#484)
• [readme] stringify: clarify default arrayFormat behavior
• [readme] fix line wrapping
• [readme] remove dead badges
• [Deps] update side-channel
• [meta] make the dist build 50% smaller
• [meta] add sideEffects flag
• [meta] run build in prepack, not prepublish
• [Tests] parse: remove useless tests; add coverage
• [Tests] stringify: increase coverage
• [Tests] use mock-property
• [Tests] stringify: improve coverage
• [Dev Deps] update @ljharb/eslint-config , aud, has-override-mistake, has-property-descriptors, mock-property, npmignore, object-inspect, tape
• [Dev Deps] pin glob, since v10.3.8+ requires a broken jackspeak
• [Dev Deps] pin jackspeak since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6

Commits

• 29dda21 v6.12.1
• 7e18298 [Fix] parse: Disable decodeDotInKeys by default to restore previous behavior
• fd3cd7a [Tests] increase coverage
• 6d7df02 [Performance] utils: Optimize performance under large data volumes, reduce ...
• 572533c [Refactor] utils: use +=
• c4d29f3 [meta] add tea.yaml
• 062334a v6.12.0
• f09cffc [meta] make the dist build 50% smaller
• 934dfe8 [meta] run build in prepack, not prepublish
• c8a269f [Tests] parse: remove useless tests; add coverage
• Additional commits viewable in compare view

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

• Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

• Switch to GitHub workflows 76abc93
• Fix issue where decode throws - fixes #6 746ca5d
• Update license (#1) 486d7e2
• Tidelift tasks a650457
• Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

• a0eea46 0.2.2
• 980e0bf Prevent overwriting previously decoded tokens
• 3c8a373 0.2.1
• 76abc93 Switch to GitHub workflows
• 746ca5d Fix issue where decode throws - fixes #6
• 486d7e2 Update license (#1)
• a650457 Tidelift tasks
• 66e1c28 Meta tweaks
• See full diff in compare view

Updates dns-packet from 1.3.1 to 5.6.1

Changelog

Sourced from dns-packet's changelog.

Version 5.6.0 - 2023-04-18

• Feature: Added support for the TLSA record type.

Version 5.5.0 - 2023-03-27

• Feature: Added support for the NAPTR record type.

Version 5.4.0 - 2022-06-14

• Feature: Added support for the SSHFP record type.

Version 5.2.0 - 2019-02-21

• Feature: Added support for de/encoding certain OPT options.

Version 5.1.0 - 2019-01-22

• Feature: Added support for the RP record type.

Version 5.0.0 - 2018-06-01

• Breaking: Node.js 6.0.0 or greater is now required.
• Feature: Added support for DNSSEC record types.

Version 4.1.0 - 2018-02-11

• Feature: Added support for the MX record type.

Version 4.0.0 - 2018-02-04

• Feature: Added streamEncode and streamDecode methods for encoding TCP packets.
• Breaking: Changed the decoded value of TXT records to an array of Buffers. This is to accomodate DNS-SD records which rely on the individual strings record being separated.
• Breaking: Renamed the flag_trunc and flag_auth to flag_tc and flag_aa to match the names of these in the dns standards.

Version 3.0.0 - 2018-01-12

• Breaking: The class option has been changed from integer to string.

Version 2.0.0 - 2018-01-11

• Breaking: Converted module to ES2015, now requires Node.js 4.0 or greater

Commits

• 7b66620 v5.6.1
• 13f19d9 Proper Encoding/Decoding for Email Name Representation for SOA and RP Records...
• 519f55d test node 20
• e50f34c 5.6.0
• f14f483 Add TLSA support (#92)
• ec4d317 sort record types in README alphabetically
• a0687b3 5.5.0
• aca1ff7 implement the NAPTR record (#89)
• 31d3caf 5.4.0
• 0fc249c add SSHFP to readme
• Additional commits viewable in compare view

Updates ejs from 2.7.4 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

v3.1.9

Version 3.1.9

v3.1.8

Version 3.1.8

v3.1.7

Version 3.1.7

v3.1.6

Version 3.1.6

v3.1.5

Version 3.1.5

v3.0.2

No release notes provided.

Commits

• d3f807d Version 3.1.10
• 9ee26dd Mocha TDD
• e469741 Basic pollution protection
• 715e950 Merge pull request #756 from Jeffrey-mu/main
• cabe314 Include advanced usage examples
• 29b076c Added header
• 11503c7 Merge branch 'main' of github.com:mde/ejs into main
• 7690404 Added security banner to README
• f47d7ae Update SECURITY.md
• 828cea1 Update SECURITY.md
• Additional commits viewable in compare view

Updates @webpack-cli/generators from 2.5.0 to 3.0.7

Release notes

Sourced from @​webpack-cli/generators's releases.

v2.1.5

2.1.5 (2018-06-01)

Bug Fixes

• entry: fix a bug when --display-entrypoints=false does not hide entries (#464) (c2398a2)

v2.1.4

2.1.4 (2018-05-23)

Bug Fixes

• dependencies: fix vulnerabilities (#458) (3953648)

v.2.1.3

2.1.0 -> 2.1.3 are regressions and bugfixes from prior commits. 2.1.3 Changelog

v2.1.0

2.1.0 (2018-04-30)

Bug Fixes

• removes debug in migrate (#342) (e9c6800)
• ast: checks validity of an identifier (#360) (f42bdbd)
• init: output file name for single output (#403) (c1c0df0)
• loader,plugin: fix generators path bug (b4bfafb)

Features

• --entry should override config.entry (#155) (#358) (9026556)
• add envinfo as webpack-cli info command (51ab19f)
• support --build-delimiter for opt-in output delimiter (#192) (#340) (d01af47)
• use npm ci for tests (#367) (#368) (0de8a4e)

2.0.14

Changelog found here

v2.0.13

Changelog can be found here.

2.0.12

Changelog can be found here.

... (truncated)

Changelog

Sourced from @​webpack-cli/generators's changelog.

5.1.4 (2023-06-07)

Bug Fixes

• multi compiler progress output (f659624)

5.1.3 (2023-06-04)

Bug Fixes

• regression for custom configurations (#3834) (bb4f8eb)

5.1.2 (2023-06-04)

Bug Fixes

• improve check for custom webpack and webpack-dev-server package existance (0931ab6)
• improve help for some flags (f468614)
• improved support for .cts and .mts extensions (a77daf2)

5.1.1 (2023-05-09)

Bug Fixes

• false positive warning when --watch used (#3783) (c0436ba)

5.1.0 (2023-05-07)

Features

• shareable webpack configs using extends (#3738) (d04d0b9)

Performance Improvements

• simplify logic, reduce extra loops and perf (#3767) (6afe1d3)

5.0.2 (2023-04-21)

Bug Fixes

• error message for missing default export in configuration (#3685) (e0a4a09)
• perf: reduced startup time (3b79059)

5.0.1 (2022-12-05)

Bug Fixes

• make define-process-env-node-env alias node-env (#3514) (346a518)

5.0.0 (2022-11-17)

... (truncated)

Commits

• 20882d4 chore(release): publish new version
• 22f013b docs: remove redundant link (#3292)
• 3e1df05 chore: update package.json (#3289)
• 402c0fe fix: improve parsing of --env flag (#3286)
• ce7352d chore: disable length related commitlint rules (#3287)
• 652cc70 feat: add summary to smoketests (#3288)
• 1072e38 docs: update options (#3285)
• 6075c63 chore(deps-dev): bump @​types/node
• 979dbad chore(deps-dev): bump typescript-eslint
• 9941274 chore(deps-dev): bump webpack-dev-server from 4.9.1 to 4.9.2 (#3282)
• Additional commits viewable in compare view

Updates express from 4.17.1 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

• Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

• Fix ci after location patch by @​wesleytodd in expressjs/express#5552
• fixed un-edited version in history.md for 4.19.0 by @​wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

• fix typo in release date by @​UlisesGascon in expressjs/express#5527
• docs: nominating @​wesleytodd to be project captian by @​wesleytodd in expressjs/express#5511
• docs: loosen TC activity rules by @​wesleytodd in expressjs/express#5510
• Add note on how to update docs for new release by @​crandmck in expressjs/express#5541
• Prevent open redirect allow list bypass due to encodeurl
• Release 4.19.0 by @​wesleytodd in expressjs/express#5551

New Contributors

• @​crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2

Other Changes

• Use https: protocol instead of deprecated git: protocol by @​vcsjones in expressjs/express#5032
• build: Node.js@16.18 and Node.js@18.12 by @​abenhamdine in expressjs/express#5034
• ci: update actions/checkout to v3 by @​armujahid in expressjs/express#5027
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5124
• Remove unused originalIndex from acceptParams by @​raksbisht in expressjs/express#5119
• Fixed typos by @​raksbisht in expressjs/express#5117
• examples: remove unused params by @​raksbisht in expressjs/express#5113
• fix: parameter str is not described in JSDoc by @​raksbisht in expressjs/express#5130
• fix: typos in History.md by @​raksbisht in expressjs/express#5131
• build : add Node.js@19.7 by @​abenhamdine in expressjs/express#5028
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sou...

Description has been truncated

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.