Bump the npm_and_yarn group across 8 directories with 19 updates

[dependabot]

Bumps the npm_and_yarn group with 6 updates in the / directory:

Package	From	To
@excalidraw/excalidraw	0.16.1	0.16.4
katex	0.16.15	0.16.21
pdfjs-dist	3.11.174	4.2.67
posthog-js	1.10.2	1.127.0
ip	1.1.9	2.0.1
postcss	8.4.17	8.4.31

Bumps the npm_and_yarn group with 2 updates in the /packages/amplify directory: braces and micromatch.
Bumps the npm_and_yarn group with 8 updates in the /packages/react-tweet-embed directory:

Package	From	To
postcss	8.3.7	8.5.6
braces	3.0.2	3.0.3
cross-spawn	7.0.3	7.0.6
http-cache-semantics	4.1.0	4.2.0
micromatch	4.0.4	4.0.8
semver	5.5.0	5.7.2
word-wrap	1.2.3	1.2.5
ws	8.2.2	8.18.3

Bumps the npm_and_yarn group with 4 updates in the /packages/ui directory: cross-spawn, express, markdown-to-jsx and webpack.
Bumps the npm_and_yarn group with 1 update in the /resources directory: posthog-js.
Bumps the npm_and_yarn group with 1 update in the /scripts directory: cross-spawn.
Bumps the npm_and_yarn group with 4 updates in the /tldraw directory: braces, cross-spawn, micromatch and ws.
Bumps the npm_and_yarn group with 1 update in the /tldraw/cljs-demo directory: ws.

Updates @excalidraw/excalidraw from 0.16.1 to 0.16.4

Commits

• 1863da4 v0.16.4
• 6be752e fix: allow same origin for all necessary domains (#7889)
• 7ba0298 v0.16.3
• b4d9ad4 fix: parse embeddable srcdoc urls strictly & escape attribute url html
• 3ae8af5 v0.16.2
• 053ca90 fix: Gist embed allowing unsafe html (#7883)
• See full diff in compare view

Updates katex from 0.16.15 to 0.16.21

Release notes

Sourced from katex's releases.

v0.16.21

0.16.21 (2025-01-17)

Bug Fixes

• escape \htmlData attribute name (57914ad)
  • See security advisory GHSA-cg87-wmx4-v546

v0.16.20

0.16.20 (2025-01-12)

Bug Fixes

• \providecommand does not overwrite existing macro (#4000) (6d30fe4), closes #3928

v0.16.19

0.16.19 (2024-12-29)

Bug Fixes

• types: improve strict function type (#4009) (4228b4e)

v0.16.18

0.16.18 (2024-12-18)

Bug Fixes

• Actually publish TypeScript type definitions (#4008) (629b873)

v0.16.17

0.16.17 (2024-12-17)

Bug Fixes

• MathML combines multidigit numbers with sup/subscript, comma separators, and multicharacter text when outputting to DOM (#3999) (7d79e22), closes #3995

v0.16.16

0.16.16 (2024-12-17)

Features

• ESM exports, TypeScript types (#3992) (ea9c173)

Changelog

Sourced from katex's changelog.

0.16.21 (2025-01-17)

Bug Fixes

• escape \htmlData attribute name (57914ad)

0.16.20 (2025-01-12)

Bug Fixes

• \providecommand does not overwrite existing macro (#4000) (6d30fe4), closes #3928

0.16.19 (2024-12-29)

Bug Fixes

• types: improve strict function type (#4009) (4228b4e)

0.16.18 (2024-12-18)

Bug Fixes

• Actually publish TypeScript type definitions (#4008) (629b873)

0.16.17 (2024-12-17)

Bug Fixes

• MathML combines multidigit numbers with sup/subscript, comma separators, and multicharacter text when outputting to DOM (#3999) (7d79e22), closes #3995

0.16.16 (2024-12-17)

Features

• ESM exports, TypeScript types (#3992) (ea9c173)

Commits

• 923f2aa chore(release): 0.16.21 [ci skip]
• 57914ad fix: escape \htmlData attribute name
• ff28995 Merge commit from fork
• 28a0bf5 chore(release): 0.16.20 [ci skip]
• 6d30fe4 fix: \providecommand does not overwrite existing macro (#4000)
• 8f47dba chore(deps): update actions/upload-artifact to v4 (#4012)
• 88b5056 chore(release): 0.16.19 [ci skip]
• 4228b4e fix(types): improve strict function type (#4009)
• f934646 chore(release): 0.16.18 [ci skip]
• 629b873 fix: Actually publish TypeScript type definitions (#4008)
• Additional commits viewable in compare view

Updates pdfjs-dist from 3.11.174 to 4.2.67

Release notes

Sourced from pdfjs-dist's releases.

v4.2.67

This release includes a new JPX decoder, based on OpenJPEG, which improves JPX image rendering performance and correctness. Moreover, this release contains improvements for the annotation editor, font conversion and the viewer.

Note that text selection boxes for some PDF files may overlap visually. This is a known issue that we currently track in mozilla/pdf.js#17561.

Changes since v4.1.392

• Bump the stable version in pdfjs.config by @​timvandermeij in mozilla/pdf.js#17924
• Convert the history code to use proper private methods by @​timvandermeij in mozilla/pdf.js#17925
• Update dependencies and translations to the most recent versions by @​timvandermeij in mozilla/pdf.js#17927
• Remove the tag for missing font subset when trying to find a substitution by @​calixteman in mozilla/pdf.js#17930
• Fix resetting of cursor-tools when closing the document (PR 17464 follow-up) by @​Snuffleupagus in mozilla/pdf.js#17933
• Warn when a non-embedded font has an invalid name by @​calixteman in mozilla/pdf.js#17934
• Remove the mkdirp dependency in favor of the built-in Node.js fs.mkdirSync by @​timvandermeij in mozilla/pdf.js#17935
• Improve type definitions for the viewer by @​ex37 in mozilla/pdf.js#17879
• Fix the "must check that invisible fields are made visible" scripting integration test by @​timvandermeij in mozilla/pdf.js#17940
• Remove the rimraf dependency in favor of the built-in Node.js fs.rmSync in the test folder by @​timvandermeij in mozilla/pdf.js#17938
• [api-minor] Update the minimum supported Safari version to 16.4 by @​Snuffleupagus in mozilla/pdf.js#17942
• Fix the "must check that a field has the correct value when a choice is changed" scripting integration test by @​timvandermeij in mozilla/pdf.js#17947
• [api-minor] Add a jpx decoder based on OpenJPEG 2.5.2 by @​calixteman in mozilla/pdf.js#17946
• Bump library version to 4.2 by @​Snuffleupagus in mozilla/pdf.js#17949
• Build the openjpeg-based decoder in a web environment in order to avoid issues when used in node by @​calixteman in mozilla/pdf.js#17954
• Fix JpxImage API issues (PR 17946 follow-up) by @​timvandermeij in mozilla/pdf.js#17951
• [JPX] Throw an exception with the error messages returned by openjpeg by @​calixteman in mozilla/pdf.js#17956
• [Editor] Provide an element to render in the annotation layer after a freetext has been edited (bug 1890535) by @​calixteman in mozilla/pdf.js#17914
• Remove waitForTimeout usage from the helper functions by @​timvandermeij in mozilla/pdf.js#17966
• Remove some event listeners with signal in the viewer by @​Snuffleupagus in mozilla/pdf.js#17964
• [Editor] Don't show the context menu when resizing by @​calixteman in mozilla/pdf.js#17973
• Correctly update the xref table when an annotation is deleted by @​calixteman in mozilla/pdf.js#17970
• Update dependencies and translations to the most recent versions by @​timvandermeij in mozilla/pdf.js#17972
• Improve jpx decoding by around 20% in enabling simd support when compiling OpenJPEG by @​calixteman in mozilla/pdf.js#17983
• [api-minor] Remove the image-related error message prefixes by @​Snuffleupagus in mozilla/pdf.js#17979
• Use the pdf.js warn when using jpx decoder by @​calixteman in mozilla/pdf.js#17985
• Extend the globally cached image main-thread copying to "complex" images as well (PR 17428 follow-up) by @​Snuffleupagus in mozilla/pdf.js#17978
• Update JpxImage.parseImageProperties to support TypedArray data in IMAGE_DECODERS builds by @​Snuffleupagus in mozilla/pdf.js#17977
• Add signal-support in the EventBus, and utilize it in the viewer (PR 17964 follow-up) by @​Snuffleupagus in mozilla/pdf.js#17967
• Set correctly the change property for the event triggered when a choice list is changed by @​calixteman in mozilla/pdf.js#17999
• Remove all waitForTimeout usage from the annotation integration tests by @​timvandermeij in mozilla/pdf.js#17969
• Validate explicit destinations on the worker-thread to prevent DataCloneError (issue 17981) by @​Snuffleupagus in mozilla/pdf.js#17984
• Allow to insert several annotations under the same parent in the structure tree by @​calixteman in mozilla/pdf.js#17986
• Always enable smoothing when rendering downscaled image by @​calixteman in mozilla/pdf.js#17868
• Simplify the way to pass the glyph drawing instructions from the worker to the main thread by @​calixteman in mozilla/pdf.js#18015
• Validate additional font-dictionary properties by @​Snuffleupagus in mozilla/pdf.js#18014
• Add more validation of width-data by @​Snuffleupagus in mozilla/pdf.js#18017
• Reduce code-duplication when caching data in CompiledFont.getPathJs by @​Snuffleupagus in mozilla/pdf.js#18018
• Re-factor SimpleLinkService to extend PDFLinkService by @​Snuffleupagus in mozilla/pdf.js#18013
• [api-minor] Move the page reference/number caching into the API by @​Snuffleupagus in mozilla/pdf.js#18001

v4.1.392

This release features improvements, bugfixes and optimizations for accessibility, annotation rendering, annotation editing, font rendering, form handling, image rendering, text selection and the viewer.

... (truncated)

Commits

• 49b3881 Merge pull request #18001 from Snuffleupagus/api-pageRefCache
• 150964d Remove unnecessary check from PDFLinkService.goToDestination (PR 17984 foll...
• f6cd039 [api-minor] Move the page reference/number caching into the API
• fa69d9a Inline the helper method in PDFLinkService.goToDestination
• 3052e99 Merge pull request #18013 from Snuffleupagus/SimpleLinkService-extends-PDFLin...
• 2b2ade7 Merge pull request #18018 from Snuffleupagus/CompiledFont-tweak-caching
• 627fe2d Merge pull request #18017 from Snuffleupagus/validate-widths
• 85ff8f3 Reduce code-duplication when caching data in CompiledFont.getPathJs
• d411a07 Add more validation of width-data
• 234067e Merge pull request #18014 from Snuffleupagus/validate-font-properties
• Additional commits viewable in compare view

Updates posthog-js from 1.10.2 to 1.127.0

Changelog

Sourced from posthog-js's changelog.

1.127.0 - 2024-04-18

• feat: Added client side capture rate limiting (#1051)
• chore: add a test (#1144)

1.126.0 - 2024-04-17

• fix: Reacting to config changes (#1138)

1.125.0 - 2024-04-16

• Rename $process_person to $process_person_profile (#1143)

1.124.0 - 2024-04-16

• Update docs on versioning (#1142)
• feat: Update support for segment analytics (#1119)

1.123.1 - 2024-04-16

• feat: Update support for segment analytics (#1119)

1.123.0 - 2024-04-16

• feat: Rename process_person config option to person_profiles (#1141)
• feat: readonly event emitter (#1136)
• fix: Allow capturing aria-label attribute on sensitive elements (#1118)
• chore: Autocapture refactor (#1126)
• chore: patch to fix broken worker (#1134)
• fix: continue recording after reset (#1135)
• fix: sampling typescript error (#1129)
• chore: no only tests are allowed (#1128)

1.122.0 - 2024-04-15

• feat: readonly event emitter (#1136)
• fix: Allow capturing aria-label attribute on sensitive elements (#1118)

1.121.4 - 2024-04-15

• chore: Autocapture refactor (#1126)

1.121.3 - 2024-04-15

• chore: patch to fix broken worker (#1134)

1.121.2 - 2024-04-12

• fix: continue recording after reset (#1135)

... (truncated)

Commits

• cb5791a chore: Bump version to 1.127.0
• 5e1b371 feat: Added client side capture rate limiting (#1051)
• 08a80bb chore: add a test (#1144)
• 0796109 chore: Bump version to 1.126.0
• 4998648 fix: Reacting to config changes (#1138)
• e3ca684 chore: Bump version to 1.125.0
• 3eb7fed Rename $process_person to $process_person_profile (#1143)
• b67b781 chore: Bump version to 1.124.0
• 1368822 Update docs on versioning (#1142)
• 69db1bf chore: Bump version to 1.123.1
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by timgl, a new releaser for posthog-js since your current version.

Updates ip from 1.1.9 to 2.0.1

Commits

• 3b0994a 2.0.1
• 32f468f lib: fixed CVE-2023-42282 and added unit test
• 4b2f4e7 2.0.0
• 369d56d lib: use Buffer.alloc
• a1a101a Merge pull request #38 from bryanwayb/master
• 3d4689e Added npm installation information.
• See full diff in compare view

Updates postcss from 8.4.17 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by @​romainmenke).

8.4.29

• Fixed Node#source.offset (by @​idoros).
• Fixed docs (by @​coliff).

8.4.28

• Fixed Root.source.end for better source map (by @​romainmenke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by @​romainmenke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

8.4.23

• Fixed warnings in TypeDoc.

8.4.22

• Fixed TypeScript support with node16 (by @​remcohaszing).

8.4.21

• Fixed Input#error types (by @​hudochenkov).

8.4.20

• Fixed source map generation for childless at-rules like @layer.

8.4.19

• Fixed whitespace preserving after AST transformations (by @​romainmenke).

8.4.18

• Fixed an error on absolute: true with empty sourceContent (by @​KingSora).

Changelog

Sourced from postcss's changelog.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by Romain Menke).

8.4.29

• Fixed Node#source.offset (by Ido Rosenthal).
• Fixed docs (by Christian Oliff).

8.4.28

• Fixed Root.source.end for better source map (by Romain Menke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by Romain Menke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

8.4.23

• Fixed warnings in TypeDoc.

8.4.22

• Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

• Fixed Input#error types (by Aleks Hudochenkov).

8.4.20

• Fixed source map generation for childless at-rules like @layer.

8.4.19

• Fixed whitespace preserving after AST transformations (by Romain Menke).

8.4.18

• Fixed an error on absolute: true with empty sourceContent (by Rene Haas).

Commits

• 90208de Release 8.4.31 version
• 58cc860 Fix carrier return parsing
• 4fff8e4 Improve pnpm test output
• cd43ed1 Update dependencies
• caa916b Update dependencies
• 8972f76 Typo
• 11a5286 Typo
• 45c5501 Release 8.4.30 version
• bc3c341 Update linter
• b2be58a Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...
• Additional commits viewable in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

• 74b2db2 3.0.3
• 88f1429 update eslint. lint, fix unit tests.
• 415d660 Snyk js braces 6838727 (#40)
• 190510f fix tests, skip 1 test in test/braces.expand
• 716eb9f readme bump
• a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
• 2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
• 9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
• 98414f9 remove funding file
• 665ab5d update keepEscaping doc (#27)
• Additional commits viewable in compare view

Updates micromatch from 4.0.5 to 4.0.8

Release notes

Sourced from micromatch's releases.

4.0.8

Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.

Changelog

Sourced from micromatch's changelog.

[4.0.8] - 2024-08-22

• backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch

[4.0.7] - 2024-05-22

• this is basically v4.0.5, with some README updates
• it is vulnerable to CVE-2024-4067
• Updated braces to v3.0.3 to avoid CVE-2024-4068
• does NOT break API compatibility

[4.0.6] - 2024-05-21

• Added hasBraces to check if a pattern contains braces.
• Fixes CVE-2024-4067
• BREAKS API COMPATIBILITY
• Should be labeled as a major release, but it's not.

Commits

• 8bd704e 4.0.8
• a0e6841 run verb to generate README documentation
• 4ec2884 Merge branch 'v4' into hauserkristof-feature/v4.0.8
• 03aa805 Merge pull request #266 from hauserkristof/feature/v4.0.8
• 814f5f7 lint
• 67fcce6 fix: CHANGELOG about braces & CVE-2024-4068, v4.0.5
• 113f2e3 fix: CVE numbers in CHANGELOG
• d9dbd9a feat: updated CHANGELOG
• 2ab1315 fix: use actions/setup-node@v4
• 1406ea3 feat: rework test to work on macos with node 10,12 and 14
• Additional commits viewable in compare view

Updates postcss from 8.3.7 to 8.5.6

Release notes

Sourced from postcss's releases.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by @​romainmenke).

8.4.29

• Fixed Node#source.offset (by @​idoros).
• Fixed docs (by @​coliff).

8.4.28

• Fixed Root.source.end for better source map (by @​romainmenke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by @​romainmenke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

8.4.23

• Fixed warnings in TypeDoc.

8.4.22

• Fixed TypeScript support with node16 (by @​remcohaszing).

8.4.21

• Fixed Input#error types (by @​hudochenkov).

8.4.20

• Fixed source map generation for childless at-rules like @layer.

8.4.19

• Fixed whitespace preserving after AST transformations (by @​romainmenke).

8.4.18

• Fixed an error on absolute: true with empty sourceContent (by @​KingSora).

Changelog

Sourced from postcss's changelog.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by Romain Menke).

8.4.29

• Fixed Node#source.offset (by Ido Rosenthal).
• Fixed docs (by Christian Oliff).

8.4.28

• Fixed Root.source.end for better source map (by Romain Menke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by Romain Menke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

8.4.23

• Fixed warnings in TypeDoc.

8.4.22

• Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

• Fixed Input#error types (by Aleks Hudochenkov).

8.4.20

• Fixed source map generation for childless at-rules like @layer.

8.4.19

• Fixed whitespace preserving after AST transformations (by Romain Menke).

8.4.18

• Fixed an error on absolute: true with empty sourceContent (by Rene Haas).

Commits

• 90208de Release 8.4.31 version
• 58cc860 Fix carrier return parsing
• 4fff8e4 Improve pnpm test output
• cd43ed1 Update dependencies
• caa916b Update dependencies
• 8972f76 Typo
• 11a5286 Typo
• 45c5501 Release 8.4.30 version
• bc3c341 Update linter
• b2be58a Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...
• Additional commits viewable in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

• 74b2db2 3.0.3
• 88f1429 update eslint. lint, fix unit tests.
• 415d660 Snyk js braces 6838727 (#40)
• 190510f fix tests, skip 1 test in test/braces.expand
• 716eb9f readme bump
• a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
• 2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
• 9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
• 98414f9 remove funding file
• 665ab5d update keepEscaping doc (#27)
• Additional commits viewable in compare view

Updates cross-spawn from 7.0.3 to 7.0.6

Changelog

Sourced from cross-spawn's changelog.

7.0.6 (2024-11-18)

Bug Fixes

• update cross-spawn version to 7.0.5 in package-lock.json (f700743)

7.0.5 (2024-11-07)

Bug Fixes

• fix escaping bug introduced by backtracking (640d391)

7.0.4 (2024-11-07)

Bug Fixes

• disable regexp backtracking (#160) (5ff3a07)

Commits

• 77cd97f chore(release): 7.0.6
• 6717de4 chore: upgrade standard-version
• f700743 fix: update cross-spawn version to 7.0.5 in package-lock.json
• 9a7e3b2 chore: fix build status badge
• 0852683 chore(release): 7.0.5
• 640d391 fix: fix escaping bug introduced by backtracking
• bff0c87 chore: remove codecov
• a7c6abc chore: replace travis with github workflows
• 9b9246e chore(release): 7.0.4
• 5ff3a07 fix: disable regexp backtracking (#160)
• Additional commits viewable in compare view

Updates http-cache-semantics from 4.1.0 to 4.2.0

Commits

• See full diff in compare view

Updates micromatch from 4.0.4 to 4.0.8

Release notes

Sourced from micromatch's releases.

4.0.8

Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.

Changelog

Sourced from micromatch's changelog.

[4.0.8] - 2024-08-22

• backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch

[4.0.7] - 2024-05-22

• this is basically v4.0.5, with some README updates
• it is vulnerable to CVE-2024-4067
• Updated braces to v3.0.3 to avoid CVE-2024-4068
• does NOT break API compatibility

[4.0.6] - 2024-05-21

• Added hasBraces to check if a pattern contains braces.
• Fixes CVE-2024-4067
• BREAKS API COMPATIBILITY
• Should be labeled as a major release, but it's not.

Commits

• 8bd704e 4.0.8
• a0e6841 run verb to generate README documentation
• 4ec2884 Merge branch 'v4' into hauserkristof-feature/v4.0.8
• 03aa805 Merge pull request #266 from hauserkristof/feature/v4.0.8
• 814f5f7 lint
• 67fcce6 fix: CHANGELOG about braces & CVE-2024-4068, v4.0.5
• 113f2e3 fix: CVE numbers in CHANGELOG
• d9dbd9a feat: updated CHANGELOG
• 2ab1315 fix: use actions/setup-node@v4
• 1406ea3 feat: rework test to work on macos with node 10,12 and 14
• Additional commits viewable in compare view

Updates semver from 5.5.0 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

• 2f8fd41 #585 better handling of whitespace (#585) (@​joaomoreno, @​lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

• 2f8fd41 #585 better handling of whitespace (#585) (@​joaomoreno, @​lukekarrys)

5.7

• Add minVersion method

5.6

• Move boolean loose param to an options object, with backwards-compatibility protection.
• Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

• Add version coercion capabilities

5.4

• Add intersection checking

5.3

• Add minSatisfying method

5.2

• Add prerelease(v) that returns prerelease components

5.1

• Add Backus-Naur for ranges
• Remove excessively cute inspection methods

5.0

• Remove AMD/Browserified build artifacts
• Fix ltr and gtr when using the * range
• Fix for range * with a prerelease identifier

Commits

• f8cc313 chore: release 5.7.2
• 2f8fd41 fix: better handling of whitespace (#585)
• deb5ad5 chore: @​npmcli/template-oss@​4.16.0
• c83c18c 5.7.1
• 956e228 Correct typo in README
• 8055dda 5.7.0
• 604e73d auto-publishing scripts
• bed01e2 remove the nomin comments, since we don't minify any more anyway
• 9cb68f1 document parse method
• 38d42ca 5.7 changelog
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates word-wrap from 1.2.3 to 1.2.5

Release notes

Sourced from word-wrap's releases.

1.2.5

Changes:

Reverts default value for options.indent to two spaces ' '.

Full Changelog: jonschlinkert/word-wrap@1.2.4...1.2.5

1.2.4

What's Changed

• Remove default indent by @​mohd-akram in jonschlinkert/word-wrap#24
• 🔒fix: CVE 2023 26115 (2) by @​OlafConijn in jonschlinkert/word-wrap#41
• 🔒 fix: CVE-2023-26115 by @​aashutoshrathi in jonschlinkert/word-wrap#33
• chore: publish workflow by @​OlafConijn in jonschlinkert/word-wrap#42

New Contributors

• @​mohd-akram made their first contribution in jonschlinkert/word-wrap#24
• @​OlafConijn made their first contribution in jonschlinkert/word-wrap#41
• @​aashutoshrathi made their first contribution in jonschlinkert/word-wrap#33

Full Changelog: jonschlinkert/word-wrap@1.2.3...1.2.4

Commits

• 207044e 1.2.5
• 9894315 revert default indent
• f64b188 run verb to generate README

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}