Bump braces, @angular/compiler-cli, chokidar, micromatch, karma and browser-sync

[dependabot]

Bumps braces to 3.0.2 and updates ancestor dependencies braces, @angular/compiler-cli, chokidar, micromatch, karma and browser-sync. These dependencies need to be updated together.

Updates braces from 0.1.5 to 3.0.2

Changelog

Sourced from braces's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

• Changelogs are for humans, not machines.
• There should be an entry for every single version.
• The same types of changes should be grouped.
• Versions and sections should be linkable.
• The latest version comes first.
• The release date of each versions is displayed.
• Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

• Added for new features.
• Changed for changes in existing functionality.
• Deprecated for soon-to-be removed features.
• Removed for now removed features.
• Fixed for any bug fixes.
• Security in case of vulnerabilities.

[3.0.0] - 2018-04-08

v3.0 is a complete refactor, resulting in a faster, smaller codebase, with fewer deps, and a more accurate parser and compiler.

Breaking Changes

• The undocumented .makeRe method was removed

Non-breaking changes

• Caching was removed

[2.3.2] - 2018-04-08

• start refactoring
• cover sets

... (truncated)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by doowb, a new releaser for braces since your current version.

Updates @angular/compiler-cli from 5.2.9 to 14.2.2

Release notes

Sourced from @​angular/compiler-cli's releases.

v14.2.2

14.2.2 (2022-09-14)

animations

Commit	Description
	make sure that the animation function delay is applied (#47285)

common

Commit	Description
	rename rawSrc -> ngSrc in NgOptimizedImage directive (#47362) (#47396)

core

Commit	Description
	imply @​Optional flag when a default value is provided (#47242)

forms

Commit	Description
	don't prevent default behavior for forms with method="dialog" (#47308)

Special Thanks

Abhishek Rawat, Andrew Kushnir, Benjamin Chanudet, Bob Watson, George Kalpakas, Ikko Ashimine, Kristiyan Kostadinov, Marc Wrobel, Mariia Subkov, Pawel Kozlowski, Sebastian, abergquist, dario-piotrowicz, onrails and vyom1611

v14.2.1

14.2.1 (2022-09-07)

common

Commit	Description
	improve formatting of image warnings (#47299)
	use DOCUMENT token to query for preconnect links (#47353)

compiler

Commit	Description
	avoid errors for inputs with Object-builtin names (#47220)

service-worker

Commit	Description
	include headers in requests for assets (#47260)
	only consider GET requests as navigation requests (#47263)

Special Thanks

Aristeidis Bampakos, Asaf M, Bingo's Code, Bob Watson, Daniel Ostrovsky, George Kalpakas, Giovanni Alberto Rivas, Jeremy Elbourn, Jobayer Hossain, Joe Martin (Crowdstaffing), Joey Perrott, JoostK, Kara Erickson, Kristiyan Kostadinov, Maina Wycliffe, Sabareesh Kappagantu, Simona Cotin, Sonu Sindhu, Yann Provoost, abergquist, jaybell and vyom1611

v14.2.0

14.2.0 (2022-08-25)

animations

Commit	Description
	fix stagger timing not handling params (#47208)

common

... (truncated)

Changelog

Sourced from @​angular/compiler-cli's changelog.

14.2.2 (2022-09-14)

animations

Commit	Type	Description
937e6c5b3d	fix	make sure that the animation function delay is applied (#47285)

common

Commit	Type	Description
c9bdf9bab1	fix	rename rawSrc -> ngSrc in NgOptimizedImage directive (#47362) (#47396)

core

Commit	Type	Description
a3e1303f04	fix	imply @​Optional flag when a default value is provided (#47242)

forms

Commit	Type	Description
80c66a1e57	fix	don't prevent default behavior for forms with method="dialog" (#47308)

Special Thanks

Abhishek Rawat, Andrew Kushnir, Benjamin Chanudet, Bob Watson, George Kalpakas, Ikko Ashimine, Kristiyan Kostadinov, Marc Wrobel, Mariia Subkov, Pawel Kozlowski, Sebastian, abergquist, dario-piotrowicz, onrails and vyom1611

15.0.0-next.1 (2022-09-07)

Breaking Changes

compiler-cli

• Angular compiler option enableIvy has been removed as Ivy is the only rendering engine.

localize

• • canParse method has been removed from all translation parsers in @angular/localize/tools. analyze should be used instead.
  • the hint parameter in theparse methods is now mandatory.

common

Commit	Type	Description
220d1203e6	fix	improve formatting of image warnings (#47299)
93d7d9101e	fix	use DOCUMENT token to query for preconnect links (#47353)

compiler

Commit	Type	Description
cf0c53aa1c	fix	avoid errors for inputs with Object-builtin names (#47220)

compiler-cli

Commit	Type	Description
16f96eeabf	refactor	remove enableIvy options (#47346)

localize

Commit	Type	Description
d36fd3d9e4	refactor	remove deprecated canParse method from TranslationParsers (#47275)

service-worker

Commit	Type	Description

... (truncated)

Commits

• 403b970 refactor(common): create an NgFor alias for NgForOf directive (#47309)
• 0e35829 fix(compiler): avoid errors for inputs with Object-builtin names (#47220)
• 59a6fe7 refactor(compiler): replace most usages of getMutableClone (#47167) (#47271)
• b8562ea refactor(compiler): Add a new helper method getOwningNgModule. (#47166)
• 8e9ab02 refactor(compiler): Add a new helper method getPrimaryAngularDecorator. (#4...
• 31429ea feat(core): support TypeScript 4.8 (#47038)
• c01ccc5 test: update ngtsc closure fileoverview tests to reflect suppression updates ...
• ea89677 feat(compiler-cli): support more recent version of tsickle (#47018)
• 598b72b feat(language-service): support fix the component missing member (#46764)
• 4ac2196 docs: fixed typos (#47008)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by google-wombot, a new releaser for @​angular/compiler-cli since your current version.

Updates chokidar from 2.0.3 to 3.5.3

Release notes

Sourced from chokidar's releases.

3.5.3

What's Changed

• types: use correct type def for ignored option by @​iheyunfei in paulmillr/chokidar#1140
• Update chokidar-cli link in README.md by @​mcecode in paulmillr/chokidar#1142
• handle promise rejection when a symlink's target does not exist. Fixe… by @​nicks in paulmillr/chokidar#1010
• fix: improve add and unwatch TypeScript definitions by @​alan-agius4 in paulmillr/chokidar#1157
• Enable dtslinting by @​alan-agius4 in paulmillr/chokidar#1158
• style: delete yarn.lock by @​alan-agius4 in paulmillr/chokidar#1159

New Contributors

• @​iheyunfei made their first contribution in paulmillr/chokidar#1140
• @​mcecode made their first contribution in paulmillr/chokidar#1142
• @​nicks made their first contribution in paulmillr/chokidar#1010
• @​alan-agius4 made their first contribution in paulmillr/chokidar#1157

Full Changelog: paulmillr/chokidar@3.5.2...3.5.3

3.5.2

"Update" glob-parent dependency from ~5.1.0 to ~5.1.2 to silence "vulnerability" warnings

3.5.1

• Symlink fixes

3.5.0

• Support for ARM Macs with Apple Silicon.
• Fixed missing removal of symlinks when the target path was deleted (#1042)

3.4.2

Fixes an ability to watch network drives on windows.

3.4.0

• Support for directory-based symlinks.
• Fix a case on macos when replacing a file with a dir of the same name emitted invalid events.
• Fix error swallowing inside .on() event handlers
• Known issue: followSymlinks: false on macos still follows symlinked directories

3.3.0

FSWatcher#close() method became async. This ensures IO operations are finished properly and fixes a few segfaulty crashes.

3.2.1

Improve Linux RAM usage by 50%. Stability optimizations. Race condition fixes. Windows glob fixes.

3.1.1

Fixes "Expected pattern to be a non-empty string" (#871)

3.1.0

Dotfiles are no longer filtered out by default. Use ignored option if needed.

Improve Linux performance by 50%.

... (truncated)

Commits

• 4804aba Release 3.5.3.
• 9f038a3 Funding.
• 0188634 Merge pull request #1159 from alan-agius4/patch-1
• 54bea80 style: delete yarn.lock
• a851e8b Merge pull request #1158 from alan-agius4/test-async
• b37688a Merge pull request #1157 from alan-agius4/fix-chain-return
• 7230778 ci: add dtslint in the lint workflow
• c8c0c79 style: fix dts lint issue
• 62e4da8 build: add missing typescript
• 3d37a7d test: update close method test
• Additional commits viewable in compare view

Updates micromatch from 3.1.10 to 4.0.5

Release notes

Sourced from micromatch's releases.

4.0.4

• fix: Update picomatch to fix regression #179 (8becb55)

4.0.3

• Enforce newer version of picomatch with bugfixes

Commits

• 002d0d1 4.0.5 - Massive (100x) performance improvement of micromatch.not(), thanks ...
• 4201cb4 fix windows tests
• 32fe3fe add github workflows, upgrade deps
• 9a26c20 Merge pull request #228 from antonyk/patch-1
• 9b9abac Merge pull request #229 from antonyk/patch-2
• 3899055 Merge pull request #233 from joyceerhl/patch-1
• 6598377 Use Set.prototype.has over Array.prototype.includes
• 36ef44e fix parse method's jsdoc
• 20825e4 fix typo in docs
• 34f44b4 Remove tidelift
• Additional commits viewable in compare view

Updates karma from 1.7.1 to 6.4.1

Release notes

Sourced from karma's releases.

v6.4.1

6.4.1 (2022-09-19)

Bug Fixes

• pass integrity value (63d86be)

v6.4.0

6.4.0 (2022-06-14)

Features

• support SRI verification of link tags (dc51a2e)
• support SRI verification of script tags (6a54b1c)

v6.3.20

6.3.20 (2022-05-13)

Bug Fixes

• prefer IPv4 addresses when resolving domains (e17698f), closes #3730

v6.3.19

6.3.19 (2022-04-19)

Bug Fixes

• client: error out when opening a new tab fails (099b85e)

v6.3.18

6.3.18 (2022-04-13)

Bug Fixes

• deps: upgrade socket.io to v4.4.1 (52a30bb)

v6.3.17

6.3.17 (2022-02-28)

Bug Fixes

• deps: update colors to maintained version (#3763) (fca1884)

v6.3.16

... (truncated)

Changelog

Sourced from karma's changelog.

6.4.1 (2022-09-19)

Bug Fixes

• pass integrity value (63d86be)

6.4.0 (2022-06-14)

Features

• support SRI verification of link tags (dc51a2e)
• support SRI verification of script tags (6a54b1c)

6.3.20 (2022-05-13)

Bug Fixes

• prefer IPv4 addresses when resolving domains (e17698f), closes #3730

6.3.19 (2022-04-19)

Bug Fixes

• client: error out when opening a new tab fails (099b85e)

6.3.18 (2022-04-13)

Bug Fixes

• deps: upgrade socket.io to v4.4.1 (52a30bb)

6.3.17 (2022-02-28)

Bug Fixes

• deps: update colors to maintained version (#3763) (fca1884)

6.3.16 (2022-02-10)

Bug Fixes

• security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

... (truncated)

Commits

• 0013121 chore(release): 6.4.1 [skip ci]
• 63d86be fix: pass integrity value
• 84f7cc3 chore(release): 6.4.0 [skip ci]
• f2d0663 docs: add integrity parameter
• dc51a2e feat: support SRI verification of link tags
• 6a54b1c feat: support SRI verification of script tags
• 5e71cf5 chore(release): 6.3.20 [skip ci]
• e17698f fix: prefer IPv4 addresses when resolving domains
• 60f4f79 build: add Node 16 and 18 to the CI matrix
• 6ff5aaf chore(release): 6.3.19 [skip ci]
• Additional commits viewable in compare view

Updates browser-sync from 2.23.6 to 2.27.10

Release notes

Sourced from browser-sync's releases.

2.27.9

What's Changed

• fix(cli): Where's the command help? fixes #1929 by @​shakyShane in BrowserSync/browser-sync#1945

A bug prevented the help output from displaying - it was introduced when the CLI parser yargs was updated, and is now fixed :)

Full Changelog: BrowserSync/browser-sync@v2.27.8...v2.27.9

2.27.8

This release upgrades Socket.io (client+server) to the latest versions - solving the following issues, and silencing security warning :)

PR:

• BrowserSync/browser-sync@58ab4ab

Resolved Issues:

• BrowserSync/browser-sync#1850
• BrowserSync/browser-sync#1892
• BrowserSync/browser-sync#1925
• BrowserSync/browser-sync#1926
• BrowserSync/browser-sync#1933

Thanks to @​lachieh for the original PR, which helped me land this fix

added snippet: boolean option

This release adds a feature to address BrowserSync/browser-sync#1882

Sometimes you don't want Browsersync to auto-inject it's connection snippet into your HTML - now you can disable it globally via either a CLI param or the new snippet option :)

browser-sync . --no-snippet

or in any Browsersync configuration

const config = {
  snippet: false,
};

the original request was related to Eleventy usage, so here's how that would look

eleventyConfig.setBrowserSyncConfig({
  snippet: false,
});

... (truncated)

Commits

• f6965a6 v2.27.10
• e6c7bed Updated portscanner to 2.2.0 (#1960)
• 6a587ec fix readme's
• 91258ae Merge branch 'browser-sync-1946-esbuild'
• f48d6b4 👋 app veyor
• 30c24dc Merge pull request #1947
• 9d24de5 drop webpack from UI
• 7a00341 build client with esbuild
• c30868a v2.27.9
• 9b5fcdc fix(cli): Where's the command help? fixes #1929 (#1945)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.