build(deps): bump the npm_and_yarn group across 1 directory with 5 updates

[dependabot]

Bumps the npm_and_yarn group with 5 updates in the / directory:

Package	From	To
axios	1.6.8	1.7.4
rollup	4.14.0	4.34.8
serialize-javascript	6.0.1	6.0.2
mocha	10.4.0	10.8.2
braces	3.0.2	3.0.3

Updates axios from 1.6.8 to 1.7.4

Release notes

Sourced from axios's releases.

Release v1.7.4

Release notes:

Bug Fixes

• sec: CVE-2024-39338 (#6539) (#6543) (6b6b605)
• sec: disregard protocol-relative URL to remediate SSRF (#6539) (07a661a)

Contributors to this release

• Lev Pachmanov
• Đỗ Trọng Hải

Release v1.7.3

Release notes:

Bug Fixes

• adapter: fix progress event emitting; (#6518) (e3c76fc)
• fetch: fix withCredentials request config (#6505) (85d4d0e)
• xhr: return original config on errors from XHR adapter (#6515) (8966ee7)

Contributors to this release

• Dmitriy Mozgovoy
• Valerii Sidorenko
• prianYu

Release v1.7.2

Release notes:

Bug Fixes

• fetch: enhance fetch API detection; (#6413) (4f79aef)

Contributors to this release

• Dmitriy Mozgovoy

Release v1.7.1

Release notes:

Bug Fixes

• fetch: fixed ReferenceError issue when TextEncoder is not available in the environment; (#6410) (733f15f)

Contributors to this release

• Dmitriy Mozgovoy

Release v1.7.0

Release notes:

Features

... (truncated)

Changelog

Sourced from axios's changelog.

1.7.4 (2024-08-13)

Bug Fixes

• sec: CVE-2024-39338 (#6539) (#6543) (6b6b605)
• sec: disregard protocol-relative URL to remediate SSRF (#6539) (07a661a)

Contributors to this release

• Lev Pachmanov
• Đỗ Trọng Hải

1.7.3 (2024-08-01)

Bug Fixes

• adapter: fix progress event emitting; (#6518) (e3c76fc)
• fetch: fix withCredentials request config (#6505) (85d4d0e)
• xhr: return original config on errors from XHR adapter (#6515) (8966ee7)

Contributors to this release

• Dmitriy Mozgovoy
• Valerii Sidorenko
• prianYu

1.7.2 (2024-05-21)

Bug Fixes

• fetch: enhance fetch API detection; (#6413) (4f79aef)

Contributors to this release

• Dmitriy Mozgovoy

1.7.1 (2024-05-20)

Bug Fixes

• fetch: fixed ReferenceError issue when TextEncoder is not available in the environment; (#6410) (733f15f)

Contributors to this release

• Dmitriy Mozgovoy

... (truncated)

Commits

• abd24a7 chore(release): v1.7.4 (#6544)
• 6b6b605 fix(sec): CVE-2024-39338 (#6539) (#6543)
• 07a661a fix(sec): disregard protocol-relative URL to remediate SSRF (#6539)
• c6cce43 chore(release): v1.7.3 (#6521)
• e3c76fc fix(adapter): fix progress event emitting; (#6518)
• 85d4d0e fix(fetch): fix withCredentials request config (#6505)
• 92cd8ed chore(github): update ISSUE_TEMPLATE.md (#6519)
• 8966ee7 fix(xhr): return original config on errors from XHR adapter (#6515)
• 0e4f9fa chore(release): v1.7.2 (#6414)
• 4f79aef fix(fetch): enhance fetch API detection; (#6413)
• Additional commits viewable in compare view

Updates rollup from 4.14.0 to 4.34.8

Release notes

Sourced from rollup's releases.

v4.34.8

4.34.8

2025-02-17

Bug Fixes

• Do not make assumptions about the value of nested paths in logical expressions if the expression cannot be simplified (#5846)

Pull Requests

• #5846: return UnknownValue if the usedbranch is unkown and the path is not empty (@​TrickyPi)

v4.34.7

4.34.7

2025-02-14

Bug Fixes

• Ensure that calls to parameters are included correctly when using try-catch deoptimization (#5842)

Pull Requests

• #5840: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5842: Fix prop inclusion with try-catch-deoptimization (@​lukastaegert)

v4.34.6

4.34.6

2025-02-07

Bug Fixes

• Retain "void 0" in the output for smaller output and fewer surprises (#5838)

Pull Requests

• #5835: fix(deps): update swc monorepo (major) (@​renovate[bot], @​lukastaegert)
• #5838: replace undefined with void 0 for operator void (@​TrickyPi)

v4.34.5

4.34.5

2025-02-07

Bug Fixes

• Ensure namespace reexports always include all properties of all exports (#5837)

... (truncated)

Changelog

Sourced from rollup's changelog.

4.34.8

2025-02-17

Bug Fixes

• Do not make assumptions about the value of nested paths in logical expressions if the expression cannot be simplified (#5846)

Pull Requests

• #5846: return UnknownValue if the usedbranch is unkown and the path is not empty (@​TrickyPi)

4.34.7

2025-02-14

Bug Fixes

• Ensure that calls to parameters are included correctly when using try-catch deoptimization (#5842)

Pull Requests

• #5840: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5842: Fix prop inclusion with try-catch-deoptimization (@​lukastaegert)

4.34.6

2025-02-07

Bug Fixes

• Retain "void 0" in the output for smaller output and fewer surprises (#5838)

Pull Requests

• #5835: fix(deps): update swc monorepo (major) (@​renovate[bot], @​lukastaegert)
• #5838: replace undefined with void 0 for operator void (@​TrickyPi)

4.34.5

2025-02-07

Bug Fixes

• Ensure namespace reexports always include all properties of all exports (#5837)

Pull Requests

• #5836: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5837: Include all paths of reexports if namespace is used (@​lukastaegert)

... (truncated)

Commits

• 8f667b7 4.34.8
• ba692fe return UnknownValue if the usedbranch is unkown and the path is not empty (#5...
• f9c52f8 4.34.7
• 15a6f73 Fix prop inclusion with try-catch-deoptimization (#5842)
• a724b60 fix(deps): lock file maintenance minor/patch updates (#5840)
• 4b87459 4.34.6
• fe89821 replace undefined with void 0 for operator void (#5838)
• 18cc314 fix(deps): update swc monorepo (major) (#5835)
• 3426b02 4.34.5
• f3aa1f0 Include all paths of reexports if namespace is used (#5837)
• Additional commits viewable in compare view

Updates serialize-javascript from 6.0.1 to 6.0.2

Release notes

Sourced from serialize-javascript's releases.

v6.0.2

• fix: serialize URL string contents to prevent XSS (#173) f27d65d
• Bump @​babel/traverse from 7.10.1 to 7.23.7 (#171) 02499c0
• docs: update readme with URL support (#146) 0d88527
• chore: update node version and lock file e2a3a91
• fix typo (#164) 5a1fa64

yahoo/serialize-javascript@v6.0.1...v6.0.2

Commits

• b71ec23 6.0.2
• f27d65d fix: serialize URL string contents to prevent XSS (#173)
• 02499c0 Bump @​babel/traverse from 7.10.1 to 7.23.7 (#171)
• 0d88527 docs: update readme with URL support (#146)
• e2a3a91 chore: update node version and lock file
• 5a1fa64 fix typo (#164)
• See full diff in compare view

Updates mocha from 10.4.0 to 10.8.2

Release notes

Sourced from mocha's releases.

v10.8.2

10.8.2 (2024-10-30)

🩹 Fixes

• support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
• test link in html reporter (#5224) (f054acc)

📚 Documentation

• indicate 'exports' interface does not work in browsers (#5181) (14e640e)

🧹 Chores

• fix docs builds by re-adding eleventy and ignoring gitignore again (#5240) (881e3b0)

🤖 Automation

• deps: bump the github-actions group with 1 update (#5132) (e536ab2)

v10.8.1

10.8.1 (2024-10-29)

🩹 Fixes

• handle case of invalid package.json with no explicit config (#5198) (f72bc17)
• Typos on mochajs.org (#5237) (d8ca270)
• use accurate test links in HTML reporter (#5228) (68803b6)

v10.8.0

10.8.0 (2024-10-29)

🌟 Features

• highlight browser failures (#5222) (8ff4845)

🩹 Fixes

• remove :is() from mocha.css to support older browsers (#5225) (#5227) (0a24b58)

📚 Documentation

... (truncated)

Changelog

Sourced from mocha's changelog.

10.8.2 (2024-10-30)

🩹 Fixes

• support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
• test link in html reporter (#5224) (f054acc)

📚 Documentation

• indicate 'exports' interface does not work in browsers (#5181) (14e640e)

🧹 Chores

• fix docs builds by re-adding eleventy and ignoring gitignore again (#5240) (881e3b0)

🤖 Automation

• deps: bump the github-actions group with 1 update (#5132) (e536ab2)

10.8.1 (2024-10-29)

🩹 Fixes

• handle case of invalid package.json with no explicit config (#5198) (f72bc17)
• Typos on mochajs.org (#5237) (d8ca270)
• use accurate test links in HTML reporter (#5228) (68803b6)

10.8.0 (2024-10-29)

🌟 Features

• highlight browser failures (#5222) (8ff4845)

🩹 Fixes

• remove :is() from mocha.css to support older browsers (#5225) (#5227) (0a24b58)

📚 Documentation

• add SECURITY.md pointing to Tidelift (#5210) (bd7e63a)
• adopt Collective Funds Guidelines 0.1 (#5199) (2b03d86)
• update README, LICENSE and fix outdated (#5197) (1203e0e)

🧹 Chores

• fix npm scripts on windows (#5219) (1173da0)
• remove trailing whitespace in SECURITY.md (7563e59)

10.7.3 (2024-08-09)

... (truncated)

Commits

• 05097db chore(main): release 10.8.2 (#5239)
• 14e640e docs: indicate 'exports' interface does not work in browsers (#5181)
• 881e3b0 chore: fix docs builds by re-adding eleventy and ignoring gitignore again (#5...
• f054acc fix: test link in html reporter (#5224)
• e536ab2 build(deps): bump the github-actions group with 1 update (#5132)
• ba0fefe fix: support errors with circular dependencies in object values with --parall...
• f44f71b chore(main): release 10.8.1 (#5238)
• f72bc17 fix: handle case of invalid package.json with no explicit config (#5198)
• 68803b6 fix: use accurate test links in HTML reporter (#5228)
• d8ca270 fix: Typos on mochajs.org (#5237)
• Additional commits viewable in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

• 74b2db2 3.0.3
• 88f1429 update eslint. lint, fix unit tests.
• 415d660 Snyk js braces 6838727 (#40)
• 190510f fix tests, skip 1 test in test/braces.expand
• 716eb9f readme bump
• a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
• 2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
• 9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
• 98414f9 remove funding file
• 665ab5d update keepEscaping doc (#27)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.