chore(deps): bump the npm_and_yarn group across 5 directories with 52 updates

[dependabot]

Bumps the npm_and_yarn group with 1 update in the / directory: standard-version.
Bumps the npm_and_yarn group with 21 updates in the /frontend directory:

Package	From	To
ansi-regex	3.0.0	5.0.1
ansi-regex	5.0.0	5.0.1
ansi-regex	4.1.0	5.0.1
dot-prop	5.2.0	5.3.0
handlebars	4.7.7	4.7.8
minimatch	3.0.4	3.1.2
@storybook/addon-essentials	6.3.6	6.5.16
@storybook/react	6.3.6	6.5.16
react-scripts	4.0.3	5.0.1
minimist	1.2.5	1.2.8
immer	9.0.6	10.1.1
@babel/traverse	7.14.7	7.25.4
braces	3.0.2	3.0.3
http-proxy-middleware	0.19.1	3.0.0
@storybook/addon-essentials	6.5.16	8.2.9
@storybook/react	6.5.16	8.2.9
snapshot-diff	0.6.1	0.10.0
date-and-time	0.11.0	0.14.2
@google-cloud/storage	4.1.3	4.7.2
ejs	2.7.4	removed
webpack-bundle-analyzer	3.6.1	4.10.2
follow-redirects	1.6.1	1.15.6
json-schema	0.2.3	0.4.0
jsprim	1.4.1	1.4.2
word-wrap	1.2.3	1.2.5

Bumps the npm_and_yarn group with 26 updates in the /frontend/server directory:

Package	From	To
yargs-parser	16.1.0	18.1.3
ts-jest	25.2.1	25.5.1
minimatch	3.0.4	3.1.2
minimist	1.2.5	1.2.8
shelljs	0.8.3	0.8.5
y18n	4.0.1	4.0.3
@babel/traverse	7.9.5	7.25.4
braces	2.3.2	3.0.3
http-proxy-middleware	0.18.0	3.0.0
jest	25.3.0	29.7.0
qs	6.5.2	6.5.3
express	4.17.1	4.19.2
node-fetch	2.6.1	2.6.7
ajv	6.12.0	6.12.6
date-and-time	0.6.3	removed
@google-cloud/storage	2.5.0	7.12.1
ws	6.2.2	6.2.3
json-schema	0.2.3	0.4.0
jsprim	1.4.1	1.4.2
word-wrap	1.2.3	1.2.5
axios	0.21.1	0.28.0
crypto-js	3.3.0	4.2.0
underscore	1.9.2	1.12.1
jsonpath	1.0.2	1.1.1
xml2js	0.4.23	0.5.0
minio	7.0.14	7.1.3

Bumps the npm_and_yarn group with 1 update in the /samples/contrib/pytorch-samples directory: npm.
Bumps the npm_and_yarn group with 4 updates in the /test/frontend-integration-test directory: semver, request, selenium-standalone and webdriverio.

Updates standard-version from 8.0.0 to 9.5.0

Release notes

Sourced from standard-version's releases.

v9.5.0

9.5.0 (2022-05-15)

Features

• deprecated: add deprecation message (#907) (61b41fa)

Bug Fixes

• deps: update dependency conventional-changelog to v3.1.25 (#865) (4c938a2)
• deps: update dependency conventional-changelog-conventionalcommits to v4.6.3 (#866) (6c75ed0)

v9.4.0

9.4.0 (2021-12-31)

Features

• add .cjs config file (#717) (eceaedf)

Bug Fixes

• Ensures provided packageFiles arguments are merged with bumpFiles when no bumpFiles argument is specified (default). (#534) (2785023), closes #533

standard-version v9.3.2

Bug Fixes

• deps: update dependency conventional-changelog-conventionalcommits to v4.6.1 (#752) (bb8869d)

standard-version v9.3.1

Bug Fixes

• updater: npm7 package lock's inner version not being updated (#713) (a316dd0)

standard-version v9.3.0

Features

• add --lerna-package flag used to extract tags in case of lerna repo (#503) (f579ff0)

standard-version v9.2.0

... (truncated)

Changelog

Sourced from standard-version's changelog.

9.5.0 (2022-05-15)

Features

• deprecated: add deprecation message (#907) (61b41fa)

Bug Fixes

• deps: update dependency conventional-changelog to v3.1.25 (#865) (4c938a2)
• deps: update dependency conventional-changelog-conventionalcommits to v4.6.3 (#866) (6c75ed0)

9.4.0 (2021-12-31)

Features

• add .cjs config file (#717) (eceaedf)

Bug Fixes

• Ensures provided packageFiles arguments are merged with bumpFiles when no bumpFiles argument is specified (default). (#534) (2785023), closes #533

9.3.2 (2021-10-17)

Bug Fixes

• deps: update dependency conventional-changelog-conventionalcommits to v4.6.1 (#752) (bb8869d)

9.3.1 (2021-07-14)

Bug Fixes

• updater: npm7 package lock's inner version not being updated (#713) (a316dd0)

9.3.0 (2021-05-04)

Features

• add --lerna-package flag used to extract tags in case of lerna repo (#503) (f579ff0)

9.2.0 (2021-04-06)

Features

... (truncated)

Commits

• 017dcb6 chore(master): release 9.5.0 (#867)
• 61b41fa feat(deprecated): add deprecation message (#907)
• 6c75ed0 fix(deps): update dependency conventional-changelog-conventionalcommits to v4...
• 4c938a2 fix(deps): update dependency conventional-changelog to v3.1.25 (#865)
• fd05681 chore(master): release 9.4.0 (#864)
• e510623 build: run tests on label
• eceaedf feat: add .cjs config file (#717)
• 366a498 build: update publish configuration
• 095e1eb test: updates .gitignore test to check against a default package and bump fil...
• fb3f3fa chore: Move to native fs.access, removes fs-access package. (#840)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for standard-version since your current version.

Updates ansi-regex from 5.0.0 to 5.0.1

Release notes

Sourced from ansi-regex's releases.

v5.0.1

Fixes (backport of 6.0.1 to v5)

This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in #38.

• Fix ReDoS in certain cases (#37) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.

CVE-2021-3807

https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1

Thank you @​yetingli for the patch and reproduction case!

v5.0.0

Breaking

• Require Node.js 8 166a0d5

Enhancements

• Add TypeScript definition (#32) e77ea17

chalk/ansi-regex@v4.1.0...v5.0.0

v4.1.0

• Support more escape code like links (#29) 96200bb

chalk/ansi-regex@v4.0.0...v4.1.0

Commits

• a9babce 5.0.1
• 4657833 fix incorrect format
• c3c0b3f Fix potential ReDoS (#37)
• 178363b Move to GitHub Actions (#35)
• 0755e66 Add @​Qix- to funding.yml
• 2b56fb0 5.0.0
• f26f7fe Meta tweaks
• e77ea17 Add TypeScript definition (#32)
• 166a0d5 Require Node.js 8
• f115fca Tidelift tasks
• Additional commits viewable in compare view

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

• 2f8fd41 #585 better handling of whitespace (#585) (@​joaomoreno, @​lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

• 2f8fd41 #585 better handling of whitespace (#585) (@​joaomoreno, @​lukekarrys)

5.7

• Add minVersion method

5.6

• Move boolean loose param to an options object, with backwards-compatibility protection.
• Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

• Add version coercion capabilities

5.4

• Add intersection checking

5.3

• Add minSatisfying method

5.2

• Add prerelease(v) that returns prerelease components

5.1

• Add Backus-Naur for ranges
• Remove excessively cute inspection methods

5.0

• Remove AMD/Browserified build artifacts
• Fix ltr and gtr when using the * range
• Fix for range * with a prerelease identifier

Commits

• f8cc313 chore: release 5.7.2
• 2f8fd41 fix: better handling of whitespace (#585)
• deb5ad5 chore: @​npmcli/template-oss@​4.16.0
• c83c18c 5.7.1
• 956e228 Correct typo in README
• See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates yargs-parser from 10.1.0 to 20.2.9

Changelog

Sourced from yargs-parser's changelog.

18.1.3 (2020-04-16)

Bug Fixes

• setArg: options using camel-case and dot-notation populated twice (#268) (f7e15b9)

18.1.2 (2020-03-26)

Bug Fixes

• array, nargs: support -o=--value and --option=--value format (#262) (41d3f81)

18.1.1 (2020-03-16)

Bug Fixes

• __proto__ will now be replaced with ___proto___ in parse (#258), patching a potential prototype pollution vulnerability. This was reported by the Snyk Security Research Team.(63810ca)

18.1.0 (2020-03-07)

Features

• introduce single-digit boolean aliases (#255) (9c60265)

18.0.0 (2020-03-02)

⚠ BREAKING CHANGES

• the narg count is now enforced when parsing arrays.

Features

• NaN can now be provided as a value for nargs, indicating "at least" one value is expected for array (#251) (9db4be8)

17.1.0 (2020-03-01)

Features

• introduce greedy-arrays config, for specifying whether arrays consume multiple positionals (#249) (60e880a)

17.0.1 (2020-02-29)

... (truncated)

Commits

• d301a56 chore: release 18.1.3 (#269)
• f7e15b9 fix(setArg): options using camel-case and dot-notation populated twice (#268)
• 78014fc chore: release 18.1.2 (#263)
• 41d3f81 fix(array, nargs): support -o=--value and --option=--value format (#262)
• b96b989 chore: release 18.1.1 (#259)
• 63810ca fix: proto will now be replaced with proto in parse (#258)
• 48b6d9c chore: release 18.1.0 (#257)
• 9c60265 feat: introduce single-digit boolean aliases (#255)
• 87e0a21 test: use bin to enforce coverage thresholds (#256)
• 88f36c3 force release
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.

Updates dot-prop from 3.0.0 to 5.3.0

Release notes

Sourced from dot-prop's releases.

v5.3.0

• Make .delete() return a boolean (#66) 24916ff

sindresorhus/dot-prop@v5.2.0...v5.3.0

Commits

• 614e74a 5.3.0
• 24916ff Make .delete() return a boolean (#66)
• be84f79 Simplify unit tests (#67)
• See full diff in compare view

Updates handlebars from 4.7.6 to 4.7.8

Release notes

Sourced from handlebars's releases.

v4.7.8

• Make library compatible with workers (#1894) - 3d3796c
• Don't rely on Node.js global object (#1776) - 2954e7e
• Fix compiling of each block params in strict mode (#1855) - 30dbf04
• Fix rollup warning when importing Handlebars as ESM - 03d387b
• Fix bundler issue with webpack 5 (#1862) - c6c6bbb
• Use https instead of git for mustache submodule - 88ac068

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.8 - July 27th, 2023

• Make library compatible with workers (#1894) - 3d3796c
• Don't rely on Node.js global object (#1776) - 2954e7e
• Fix compiling of each block params in strict mode (#1855) - 30dbf04
• Fix rollup warning when importing Handlebars as ESM - 03d387b
• Fix bundler issue with webpack 5 (#1862) - c6c6bbb
• Use https instead of git for mustache submodule - 88ac068

Commits

Commits

• 8dc3d25 v4.7.8
• 668c4fb Fix browser tests in CI pipeline
• c65c6cc Test on Node 18
• 3d3796c Make library compatible with workers
• 075b354 Fix sync issue with npm lock-file
• 30dbf04 Fix compiling of each block params in strict mode
• e3a5448 Fix bundler issue with webpack 5
• 8e23642 Fix integration-tests issue with npm >= 7
• 88ac068 use https instead of git for mustache submodule
• c68bc08 Fix typo
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.

Updates ini from 1.3.5 to 1.3.8

Commits

• a2c5da8 1.3.8
• af5c6bb Do not use Object.create(null)
• 8b648a1 don't test where our devdeps don't even work
• c74c8af 1.3.7
• 024b8b5 update deps, add linting
• 032fbaf Use Object.create(null) to avoid default object property hazards
• 2da9039 1.3.6
• cfea636 better git push script, before publish instead of after
• 56d2805 do not allow invalid hazardous string as section name
• See full diff in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for ini since your current version.

Updates lodash from 4.17.15 to 4.17.21

Commits

• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• ded9bc6 Bump to v4.17.20.
• 63150ef Documentation fixes.
• 00f0f62 test.js: Remove trailing comma.
• 846e434 Temporarily use a custom fork of lodash-cli.
• 5d046f3 Re-enable Travis tests on 4.17 branch.
• aa816b3 Remove /npm-package.
• d7fbc52 Bump to v4.17.19
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Updates minimatch from 3.0.4 to 3.1.2

Commits

• 699c459 3.1.2
• 2f2b5ff fix: trim pattern
• 25d7c0d 3.1.1
• 55dda29 fix: treat nocase:true as always having magic
• 5e1fb8d 3.1.0
• f8145c5 Add 'allowWindowsEscape' option
• 570e8b1 add publishConfig for v3 publishes
• 5b7cd33 3.0.6
• 20b4b56 [fix] revert all breaking syntax changes
• 2ff0388 document, expose, and test 'partial:true' option
• Additional commits viewable in compare view

Updates minimist from 1.2.5 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

• [Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)
• [Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)
• [Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

• [Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)
• [Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)
• [Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)
• [Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)
• [Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

• Merge tag 'v0.2.3' a026794
• [eslint] fix indentation and whitespace 5368ca4
• [eslint] fix indentation and whitespace e5f5067
• [eslint] more cleanup 62fde7d
• [eslint] more cleanup 36ac5d0
• [meta] add auto-changelog 73923d2
• [actions] add reusable workflows d80727d
• [eslint] add eslint; rules to enable later are warnings 48bc06a
• [eslint] fix indentation 34b0f1c
• [readme] rename and add badges 5df0fe4
• [Dev Deps] switch from covert to nyc a48b128
• [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
• [meta] create FUNDING.yml; add funding in package.json 3639e0c
• [meta] use npmignore to autogenerate an npmignore file be2e038
• Only apps should have lockfiles 282b570
• isConstructorOrProto adapted from PR ef9153f
• [Dev Deps] update @ljharb/eslint-config, aud 098873c
• [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
• [meta] add safe-publish-latest 4b927de
• [Tests] add aud in posttest b32d9bd
• [meta] update repo URLs f9fdfc0
• [actions] Avoid 0.6 tests due to build failures ba92fe6
• [Dev Deps] update tape 950eaa7
• [Dev Deps] add missing npmignore dev dep 3226afa
• Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits

• 6901ee2 v1.2.8
• a026794 Merge tag 'v0.2.3'
• c0b2661 v0.2.3
• 63b8fee [Fix] Fix long option followed by single dash (#17)
• 72239e6 [Tests] Remove duplicate test (#12)
• 34b0f1c [eslint] fix indentation
• 3226afa [Dev Deps] add missing npmignore dev dep
• 098873c [Dev Deps] update @ljharb/eslint-config, aud
• 9ec4d27 [Fix] Fix long option followed by single dash
• ba92fe6 [actions] Avoid 0.6 tests due to build failures
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

Updates y18n from 4.0.0 to 5.0.8

Changelog

Sourced from y18n's changelog.

4.0.3 (2021-04-07)

Bug Fixes

• release: 4.x.x should not enforce Node 10 (#126) (1e21a53)

Commits

• 0aa97c5 chore: release 4.x.x (#128)
• a8e7f04 build(release-please): configure branch properly (#127)
• 1e21a53 fix(release): 4.x.x should not enforce Node 10 (#126)
• 8dc7580 docs: update CHANGELOG
• 7de58ca fix: address prototype pollution issue
• 45d2568 chore(release): 4.0.0
• 9f11b1e chore: add standard-version as npm run release (#54)
• d6fa907 chore(package): update mocha to version 4.0.1 (#52)
• 0594bc4 chore(package): update coveralls to version 3.0.0 (#51)
• f69b8ca chore(package): update chai to version 4.0.1 (#46)
• Additional commits viewable in compare view

Updates ansi-regex from 3.0.0 to 5.0.1

Release notes

Sourced from ansi-regex's releases.

v5.0.1

Fixes (backport of 6.0.1 to v5)

This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in #38.

• Fix ReDoS in certain cases (#37) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.

CVE-2021-3807

https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1

Thank you @​yetingli for the patch and reproduction case!

v5.0.0

Breaking

• Require Node.js 8 166a0d5

Enhancements

• Add TypeScript definition (#32) e77ea17

chalk/ansi-regex@v4.1.0...v5.0.0

v4.1.0

• Support more escape code like links (#29) 96200bb

chalk/ansi-regex@v4.0.0...v4.1.0

Commits

• a9babce 5.0.1
• 4657833 fix incorrect format
• c3c0b3f Fix potential ReDoS (#37)
• 178363b Move to GitHub Actions (#35)
• 0755e66 Add @​Qix- to funding.yml
• 2b56fb0 5.0.0
• f26f7fe Meta tweaks
• e77ea17 Add TypeScript definition (#32)
• 166a0d5 Require Node.js 8
• f115fca Tidelift tasks
• Additional commits viewable in compare view

Updates ansi-regex from 5.0.0 to 5.0.1

Release notes

Sourced from ansi-regex's releases.

v5.0.1

Fixes (backport of 6.0.1 to v5)

This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in #38.

• Fix ReDoS in certain cases (#37) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.

CVE-2021-3807

https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1

Thank you @​yetingli for the patch and reproduction case!

v5.0.0

Breaking

• Require Node.js 8 166a0d5

Enhancements

• Add TypeScript definition (#32) e77ea17

chalk/ansi-regex@v4.1.0...v5.0.0

v4.1.0

• Support more escape code like links (#29) 96200bb

chalk/ansi-regex@v4.0.0...v4.1.0

Commits

• a9babce 5.0.1
• 4657833 fix incorrect format
• c3c0b3f Fix potential ReDoS (#37)
• 178363b Move to GitHub Actions (#35)
• 0755e66 Add @​Qix- to funding.yml
• 2b56fb0 5.0.0
• f26f7fe Meta tweaks
• e77ea17 Add TypeScript definition (#32)
• 166a0d5 Require Node.js 8
• f115fca Tidelift tasks
• Additional commits viewable in compare view

Updates ansi-regex from 4.1.0 to 5.0.1

Release notes

Sourced from ansi-regex's releases.

v5.0.1

Fixes (backport of 6.0.1 to v5)

This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in #38.

• Fix ReDoS in certain cases (#37) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.

CVE-2021-3807

https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1

Thank you @​yetingli for the patch and reproduction case!

v5.0.0

Breaking

• Require Node.js 8 166a0d5

Enhancements

• Add TypeScript definition (#32) e77ea17

chalk/ansi-regex@v4.1.0...v5.0.0

v4.1.0

• Support more escape code like links (#29) 96200bb

chalk/ansi-regex@v4.0.0...v4.1.0

Commits

• a9babce 5.0.1
• 4657833 fix incorrect format
• c3c0b3f Fix potential ReDoS (#37)
• 178363b Move to GitHub Actions (#35)
• 0755e66 Add @​Qix- to funding.yml
• 2b56fb0 5.0.0
• f26f7fe Meta tweaks
• e77ea17 Add TypeScript definition (#32)
• 166a0d5 Require Node.js 8
• f115fca Tidelift tasks
• Additional commits viewable in compare view

Updates dot-prop from 5.2.0 to 5.3.0

Release notes

Sourced from dot-prop's releases.

v5.3.0

• Make .delete() return a boolean (#66) 24916ff

sindresorhus/dot-prop@v5.2.0...v5.3.0

Commits

• 614e74a 5.3.0
• 24916ff Make .delete() return a boolean (#66)