chore(deps): update node dependencies

[ggrossetie]

This PR contains the following updates:

Package	Type	Update	Change
mermaid	devDependencies	minor	10.8.0 -> 10.9.0
node	volta	patch	18.19.0 -> 18.19.1
pino (source)	dependencies	minor	8.18.0 -> 8.19.0
vega	dependencies	minor	5.27.0 -> 5.28.0
wavedrom (source)	dependencies	minor	3.4.0 -> 3.5.0

---

Release Notes

mermaid-js/mermaid

v10.9.0

Compare Source

Release Notes

We now have Katex support!

Demo

🚀 Features

• Bump @​zenuml/core and update render options in mermaid-zenuml (#​5257) @​dontry
• Implement "until" keyword in gantt charts (#​5224) @​fzag
• Integrated Katex typesetting into flowcharts (#​2885) @​NicolasNewman

🧰 Maintenance

• Add gitgraph parallel commits to docs (#​5336) @​NicolasCwy
• Update recommended Vitest extension (#​5322) @​NicolasCwy
• Correcting path to docker-entrypoint.sh (#​5327) @​bstordrup
• Fix chrome webstore url causing 404 (#​5352) @​Abrifq
• Fix color and arrow for merge commit (gitGraph) (#​5152) @​macherel
• Fix link to Contributors section in README (#​5298) @​BaumiCoder
• Fix macOS onboarding issues (#​5262) @​thedustin
• Fix netlify deploy (#​5332) @​sidharthv96
• Link to webhelp (#​5316) @​BaumiCoder
• Update contribute (#​5268) @​FutzMonitor
• Updates Timeline Documentation (#​5315) @​FutzMonitor
• [Docs] Updated chrome extension url's to new store (#​5297) @​Abrifq
• chore: Update CSpell configuration (#​5286) @​Jason3S
• feat: add name field to the actors (#​5284) @​ad1992
• fix typo cutomers => customers (#​5269) @​elgalu

📚 Documentation

• Add new extension to integrations (#​5287) @​BoDonkey
• Added link to Blazorade Mermaid to the community integrations page. (#​5333) @​MikaBerglund
• Replace version number placeholder (#​5304) @​BaumiCoder

🎉 Thanks to all contributors helping with this release! 🎉

nodejs/node

v18.19.1

Compare Source

Notable changes

This is a security release.

Notable changes

• CVE-2024-21892 - Code injection and privilege escalation through Linux capabilities- (High)
• CVE-2024-22019 - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High)
• CVE-2023-46809 - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#​1 v1.5 padding) - (Medium)
• CVE-2024-22025 - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium)
• undici version 5.28.3
• npm version 10.2.4

Commits

• [69e0a1dba8] - crypto: update root certificates to NSS 3.95 (Node.js GitHub Bot) #​50805
• [d3d357ab09] - crypto: disable PKCS#​1 padding for privateDecrypt (Michael Dawson) nodejs-private/node-private#​525
• [3d27175c42] - deps: fix GHSA-f74f-cvh7-c6q6/CVE-2024-24806 (Santiago Gimeno) #​51614
• [331558b8ab] - deps: update archs files for openssl-3.0.13+quic1 (Node.js GitHub Bot) #​51614
• [99b77dfb9c] - deps: upgrade openssl sources to quictls/openssl-3.0.13+quic1 (Node.js GitHub Bot) #​51614
• [6cdc71bff1] - deps: upgrade npm to 10.2.4 (npm team) #​50751
• [911cb33cda] - http: add maximum chunk extension size (Paolo Insogna) nodejs-private/node-private#​520
• [f48b89689d] - lib: update undici to v5.28.3 (Matteo Collina) nodejs-private/node-private#​536
• [e6b4c105e0] - src: fix HasOnly(capability) in node::credentials (Tobias Nießen) nodejs-private/node-private#​505
• [97c49076cd] - test: skip test-child-process-stdio-reuse-readable-stdio on Windows (Joyee Cheung) #​49621
• [60affdde8e] - tools: add macOS notarization verification step (Ulises Gascón) #​50833
• [ccc676a327] - tools: use macOS keychain to notarize the releases (Ulises Gascón) #​50715
• [31f1ceb380] - tools: remove unused file (Ulises Gascon) #​50622
• [bd5f6fb92a] - tools: add macOS notarization stapler (Ulises Gascón) #​50625
• [4168c4f71b] - tools: improve macOS notarization process output readability (Ulises Gascón) #​50389
• [4622f775aa] - tools: remove unused version function (Ulises Gascón) #​50390
• [b90804b1e7] - win,tools: upgrade Windows signing to smctl (Stefan Stojanovic) #​50956
• [f31d47e135] - zlib: pause stream if outgoing buffer is full (Matteo Collina) nodejs-private/node-private#​542

pinojs/pino

v8.19.0

Compare Source

What's Changed

• api.md: Fix link declaration by @​homersimpsons in https://github.com/pinojs/pino/pull/1900
• Update transports.md by @​huijiewei in https://github.com/pinojs/pino/pull/1897
• Add a basic formatters option to the browser pino by @​KatelynKim in https://github.com/pinojs/pino/pull/1898
• setLevel should respect level comparison option by @​obrus-corcentric in https://github.com/pinojs/pino/pull/1901
• Add formatters log option by @​KatelynKim in https://github.com/pinojs/pino/pull/1905

New Contributors

• @​homersimpsons made their first contribution in https://github.com/pinojs/pino/pull/1900
• @​huijiewei made their first contribution in https://github.com/pinojs/pino/pull/1897
• @​KatelynKim made their first contribution in https://github.com/pinojs/pino/pull/1898

Full Changelog: pinojs/pino@v8.18.0...v8.19.0

vega/vega

v5.28.0

Compare Source

changes from v5.27.0

docs

• addition of the serpentine timeline example (via #​3858). (Thanks @​Giammaria!)
• update to the zoomable circle packing example (via #​3857). (Thanks @​Giammaria and @​domoritz!)
• update vega datasets (via #​3863). (Thanks @​domoritz!)

vega-parser

• allow signals in scale nice (via #​3887). (Thanks @​lsh!)

vega-scenegraph

• convert some of the scenegraph types to classes (via #​3864). (Thanks @​lsh!)

vega-typings

• add missing aggregate_params to window transform type (#​3874). (Thanks @​julieg18!)
• bump typings to 1.2 (Thanks @​domoritz!)

wavedrom/wavedrom

v3.5.0

Compare Source

---

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by Renovate Bot.