Bump the npm_and_yarn group across 1 directory with 51 updates

[dependabot]

Bumps the npm_and_yarn group with 32 updates in the /openhtf/output/web_gui directory:

Package	From	To
@angular/core	4.4.6	10.2.5
webpack-dev-server	2.3.0	3.1.11
adm-zip	0.4.4	0.5.14
protractor	4.0.14	7.0.0
async	2.6.0	2.6.4
browserify-sign	4.2.1	4.2.3
y18n	4.0.0	4.0.3
y18n	3.2.1	4.0.3
minimist	1.2.0	1.2.8
mkdirp	0.5.1	0.5.6
handlebars	4.0.11	4.7.8
tslint	4.5.1	6.1.3
typedoc	0.5.10	0.25.13
decode-uri-component	0.2.0	0.2.2
eventsource	0.1.6	2.0.2
sockjs-client	1.1.4	1.6.1
json-schema	0.2.3	0.4.0
jsprim	1.4.1	1.4.2
lodash	4.17.5	4.17.21
karma-coverage	1.1.1	1.1.2
karma-webpack	2.0.2	2.0.13
postcss	5.2.18	8.4.38
autoprefixer	6.7.7	10.4.19
css-loader	0.28.11	7.1.2
postcss-loader	1.3.3	8.1.1
js-yaml	3.7.0	3.14.1
mixin-deep	1.3.1	1.3.2
serialize-javascript	1.4.0	6.0.2
copy-webpack-plugin	4.5.1	12.0.2
set-value	2.0.0	2.0.1
union-value	1.0.0	1.0.1
socket.io-parser	4.2.1	4.2.4
webpack-dev-middleware	1.12.2	removed
karma-webpack	2.0.13	5.0.1
webpack-dev-server	3.1.11	5.0.4

Updates @angular/core from 4.4.6 to 10.2.5

Changelog

Sourced from @​angular/core's changelog.

10.2.5 (2021-04-14)

Bug Fixes

• compiler-cli: show a more specific error for Ivy NgModules (#41534) (#41598) (f630f33)
• core: fix possible XSS attack in development through SSR (#40525) (ba8da74)

10.2.4 (2020-12-17)

Bug Fixes

• core: fix possible XSS attack in development through SSR. (#40152) (0b8e3d5)
• core: set ngDevMode to false when calling enableProdMode() (#40160) (90570c0)

10.2.3 (2020-11-09)

Bug Fixes

• compiler: ensure that i18n message-parts have the correct source-span (#39589) (e67a331)
• compiler: skipping leading whitespace should not break placeholder source-spans (#39589) (2b684b7), closes #39195
• compiler-cli: avoid duplicate diagnostics about unknown pipes (#39517) (861e4fa)
• compiler-cli: do not drop non-Angular decorators when downleveling (#39577) (1c6cf8a), closes #39574

10.2.2 (2020-11-04)

Bug Fixes

• compiler-cli: report missing pipes when fullTemplateTypeCheck is disabled (#39320) (71d0063), closes #38195
• core: markDirty() should only mark flags when really scheduling tick. (#39316) (8c82106), closes #39296
• router: Ensure all outlets are used when commands have a prefix (#39456) (85d5242)

Performance Improvements

• core: do not recurse into modules that have already been registered (#39514) (812355c), closes #39487

... (truncated)

Commits

• ba8da74 fix(core): fix possible XSS attack in development through SSR (#40525)
• 90570c0 fix(core): set ngDevMode to false when calling enableProdMode() (#40160)
• 0b8e3d5 fix(core): fix possible XSS attack in development through SSR. (#40152)
• 1aee8b3 refactor(compiler): store the fullStart location on ParseSourceSpans (#39...
• 812355c perf(core): do not recurse into modules that have already been registered (#3...
• 8f36c21 refactor(router): Small refactor of createUrlTree and extra tests (#39456)
• 90acb91 docs: tView.preOrderHooks and tView.preOrderCheckHooks docs update (#39497)
• 8c82106 fix(core): markDirty() should only mark flags when really scheduling tick. (#...
• 0b37249 docs(core): update a typo in the comment of ngZoneEventCoalescing (#39423)
• 3b779a1 docs: fix typo in initializeInputAndOutputAliases docstring (#39438)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by google-wombot, a new releaser for @​angular/core since your current version.

Updates webpack-dev-server from 2.3.0 to 3.1.11

Release notes

Sourced from webpack-dev-server's releases.

v3.1.11

3.1.11 (2018-12-21)

Bug Fixes

• bin/options: correct check for color support (options.color) (#1555) (55398b5)
• package: update spdy v3.4.1...4.0.0 (assertion error) (#1491) (#1563) (7a3a257)
• Server: correct node version checks (#1543) (927a2b3)
• Server: mime type for wasm in contentBase directory (#1575) (#1580) (fadae5d)
• add url for compatibility with webpack@5 (#1598) (#1599) (68dd49a)
• check origin header for websocket connection (#1603) (b3217ca)

v3.1.10

2018-10-23

Bug Fixes

• options: add writeToDisk option to schema (#1520) (d2f4902)
• package: update sockjs-client v1.1.5...1.3.0 (url-parse vulnerability) (#1537) (e719959)
• Server: set tls.DEFAULT_ECDH_CURVE to 'auto' (#1531) (c12def3)

v3.1.9

No release notes provided.

v3.1.8

2018-09-06

Bug Fixes

• package: yargs security vulnerability (dependencies) (#1492) (8fb67c9)
• utils/createLogger: ensure quiet always takes precedence (options.quiet) (#1486) (7a6ca47)

v3.1.7

2018-08-29

Bug Fixes

• Server: don't use spdy on node >= v10.0.0 (#1451) (8ab9eb6)

v3.1.6

2018-08-26

Bug Fixes

... (truncated)

Changelog

Sourced from webpack-dev-server's changelog.

3.1.11 (2018-12-21)

Bug Fixes

• bin/options: correct check for color support (options.color) (#1555) (55398b5)
• package: update spdy v3.4.1...4.0.0 (assertion error) (#1491) (#1563) (7a3a257)
• Server: correct node version checks (#1543) (927a2b3)
• Server: mime type for wasm in contentBase directory (#1575) (#1580) (fadae5d)
• add url for compatibility with webpack@5 (#1598) (#1599) (68dd49a)
• check origin header for websocket connection (#1603) (b3217ca)

3.1.10 (2018-10-23)

Bug Fixes

• options: add writeToDisk option to schema (#1520) (d2f4902)
• package: update sockjs-client v1.1.5...1.3.0 (url-parse vulnerability) (#1537) (e719959)
• Server: set tls.DEFAULT_ECDH_CURVE to 'auto' (#1531) (c12def3)

3.1.9 (2018-09-24)

3.1.8 (2018-09-06)

Bug Fixes

• package: yargs security vulnerability (dependencies) (#1492) (8fb67c9)
• utils/createLogger: ensure quiet always takes precedence (options.quiet) (#1486) (7a6ca47)

3.1.7 (2018-08-29)

Bug Fixes

• Server: don't use spdy on node >= v10.0.0 (#1451) (8ab9eb6)

... (truncated)

Commits

• ff2874f chore(release): 3.1.11
• b3217ca fix: check origin header for websocket connection (#1603)
• 68dd49a fix: add url for compatibility with webpack@5 (#1598) (#1599)
• fadae5d fix(Server): mime type for wasm in contentBase directory (#1575) (#1580)
• 7a3a257 fix(package): update spdy v3.4.1...4.0.0 (assertion error) (#1491) (#1563)
• 1fe82de ci(travis): Node 11 (on OS X) crashes, use 10 for now (#1588)
• 55398b5 fix(bin/options): correct check for color support (options.color) (#1555)
• 927a2b3 fix(Server): correct node version checks (#1543)
• fa96a76 chore(PULL_REQUEST_TEMPLATE): allow features (#1539)
• fe3219f chore(release): 3.1.10
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack-dev-server since your current version.

Updates adm-zip from 0.4.4 to 0.5.14

Release notes

Sourced from adm-zip's releases.

v0.5.14

Fixed an issue introduced on version 0.1.13 requiring a new mandatory parameter on the inflater on nodejs version >= 15

v0.5.13

• Fixed extractAllToAsync callback @​5saviahv
• Fixed issue with "toAsyncBuffer" where after that command all entries are gone @​5saviahv
• Minor fixes (tests, typos etc) @​5saviahv
• Added a an option to specificy the maximum expectedLength of the file to protect against zip bombs or limit memory usage @​undefined-moe
• Add check for invalid large disk entries @​criyle

v0.5.12

Fixed extraction error

v0.5.11

Add support for Info-Zip password check spec for ZipCrypto @​lukemalcolm Extraction of password protected zip entries @​Santa77 Fixed unnecessary scanning a local file headers (except in the case of corrupted archives) @​likev

v0.5.10

Add Unix mode attribute even when archive is created from Windows Fixed an issue where addLocalFolderAsync causes stack overflow when a lot of files are filtered Support to unzip symlinks Fix parameter initialization bug of extractAllToAsync Allow for custom stat or permissions value in addLocalFolder Various small fixes and tests

.

No release notes provided.

Changelog

Sourced from adm-zip's changelog.

0.5.4 / 2021-03-08

• Fixed relative paths
• Added zipcrypto encryption
• Lower verMade for macOS when generating zip file

0.5.3 / 2021-02-07

• Fixed filemode when unzipping

0.5.2 / 2021-01-27

• Fixed path traversal issue (GHSL-2020-198)

0.5.1 / 2020-11-27

• Incremented version (cthackers)
• Fixed outFileName (cthackers)

0.5.0 / 2020-11-19

• Added extra parameter to extractEntryTo so target filename can be renamed (cthackers)
• Updated dev dependency (cthackers)
• modified addLocalFolder method (5saviahv)
• modified addLocalFile method (5saviahv)
• Deflate needs min V2.0 (5saviahv)
• Node v6 (5saviahv)
• Added ZipCrypto decrypting ability (5saviahv)
• LICENSE filename in package.json (5saviahv)
• add multibyte-encoded comment with byte length instead of character length (Kosuke Suzuki)
• Bump lodash from 4.17.15 to 4.17.19 (dependabot[bot])
• now it works in browser (Emiliano Necciari)

0.4.16 / 2020-06-23

• Updated mocha version to fix vulnerability (cthackers)
• Update project version (cthackers)
• fix: throw real exception objects on error (Matthew Sainsbury)
• Version number incremented (Saqib M)
• Update zipFile.js (Saqib M)
• Update README.md with the latest URLs (Takuya Noguchi)
• Update Node.js version to use in CI tests (Takuya Noguchi)
• process.versions is null when the library is used in browser (Emiliano Necciari)

0.4.14 / 2020-02-06

• Version increment for npm publish (cthackers)
• Iterate over entries without storing their metadata (Pierre Lehnen)
• Add partial support for zip64 (larger number of entries) (Pierre Lehnen)

... (truncated)

Commits

• 8bc4111 Fixed error on new added param
• c13733a update CI naming (#495)
• 9314b32 Incremented version number
• a14a71a Merge pull request #494 from cthackers/dev
• 063cbc8 Merge pull request #493 from 5saviahv/issues
• 3fbc83c added test for 438
• 9c37fa8 minor fixes found from issues
• d3f5d7b Merge pull request #483 from criyle/disk_entries
• 3b154d2 Merge pull request #480 from undefined-moe/windows
• 52facfc Merge pull request #490 from 5saviahv/headers
• Additional commits viewable in compare view

Updates protractor from 4.0.14 to 7.0.0

Release notes

Sourced from protractor's releases.

5.4.3

typescript 3.7 compatibility

Resolves #5348 which was causing incompatibility with TypeScript 3.7

Changelog

Sourced from protractor's changelog.

7.0.0

• (9d2e18e) refactor: use console.log instead of util.puts

  utils.puts is no longer available in Node.JS 12

• (c281157) refactor: remove debugger and explore methods

  BREAKING CHANGE: Debugger and explore methods are not compatable with Node 8+. Use debugger keyword instead. See: https://goo.gl/MvWqFh

• (7cdb978) build: update several dev packages that have security issues

• (8e82835) build: update webdriver-manager

• (a1fe5f2) ci: update tests to run on Node 10 and 12

• (3fc9220) fix: prototype Pollution vulnerability through outdated yargs package

  BREAKING CHANGE:

  Node.Js version 6 and 8 are no longer supported. Please update to Node.Js 10+

  Closes #5431

5.4.4

Fixes

• fix: security prototype pollution

5.4.3

Fixes

fix(index.ts): Fix exports to unbreak TypeScript 3.7 build

5.4.2

Features

• (db1b638) feat(saucelabs): add sauceRegion support for eu datacenters (#5083)

... (truncated)

Commits

• 71771de release: 7.0.0
• 9d2e18e refactor: use console.log instead of util.puts
• c281157 refactor: remove debugger and explore methods
• 7cdb978 build: update several dev packages that have security issues
• 8e82835 build: update webdriver-manager
• a1fe5f2 ci: update tests to run on Node 10 and 12
• 3fc9220 fix: prototype Pollution vulnerability through outdated yargs package
• a0ffa9b release: 5.4.4
• 8b3ebf8 fix: security prototype pollution
• 162f9e5 ci: Log sauce connect proxy to stdout, remove travis_wait, upgrade proxy to 4...
• Additional commits viewable in compare view

Updates ajv from 4.11.8 to 5.5.2

Release notes

Sourced from ajv's releases.

v5.5.0

Support chaining of methods add* and remove* (#625, @​pithu), see Api.

v5.4.0

Option logger to disable logging or to specify a custom logger (#618, @​meirotstein).

v5.3.0

Replace json-stable-stringify with a faster fork without jsonify.

5.2.0

Refactor: separate "equal" into package fast-deep-equal

v5.1.0

Changed order of type validation - "type" keyword is now validated before keywords that apply to all types.

5.0.4-beta.3

Added format "url"

5.0.4-beta.1

More comprehencive uri-reference format in {format: "full"} mode.

5.0.4-beta.0

Rename format uri-ref to uri-reference Cross-platform scripts Update draft-6 meta-schema

5.0.0

This release is fully backward compatible, but it may require either migrating your schemas (recommended, e.g. using "migrate" command of ajv-cli) or changing your code that uses Ajv.

You can still use draft-04 and v5 schemas with this release (see Migration guide below).

The changes below are based on 4.11.7 version.

JSON-Schema draft-06 support

• Support for boolean schemas: wherever a schema is required, true/false can be used in order to always pass/fail validation.
• $id keyword is used as schema URI (previously id).
• exclusiveMaximum and exclusiveMinimum keywords must be numbers (previously boolean).
• additional validation keywords: const, contains, propertyNames.
• additional formats: uri-reference, uri-template.

See Internet drafts: JSON Schema, JSON Schema Validation.

Migrating from Ajv 4.x.x

Migrate your schemas

It is a recommended approach.

... (truncated)

Commits

• cecd4ec 5.5.2
• b915832 docs: update performance chart
• 90bd281 chore: update typescript
• 33efef3 Merge branch 'Delagen-master'
• ef0fc0f Merge branch 'master' of ssh://github.com/Delagen/ajv into Delagen-master
• 7a7812f chore: regenerator semver
• 217c5e3 Merge branch 'greenkeeper/regenerator-0.12.2'
• 88b3018 replace Object to object due (Object=any), add CompilationContext interface
• 2e75568 chore(package): update regenerator to version 0.12.2
• 2d4ca22 Merge pull request #642 from epoberezkin/greenkeeper/json-schema-test-2.0.0
• Additional commits viewable in compare view

Updates braces from 1.8.5 to 2.3.2

Changelog

Sourced from braces's changelog.

[2.3.2] - 2018-04-08

• start refactoring
• cover sets
• better range handling

[2.3.1] - 2018-02-17

• Remove unnecessary escape in Regex. (#14)

[2.3.0] - 2017-10-19

• minor code reorganization
• optimize regex
• expose maxLength option

[2.2.1] - 2017-05-30

• don't condense when braces contain extglobs

[2.2.0] - 2017-05-28

• ensure word boundaries are preserved
• fixes edge case where extglob characters precede a brace pattern

[2.1.1] - 2017-04-27

• use snapdragon-node
• handle edge case
• optimizations, lint

[2.0.4] - 2017-04-11

• pass opts to compiler
• minor optimization in create method
• re-write parser handlers to remove negation regex

[2.0.3] - 2016-12-10

• use split-string
• clear queue at the end
• adds sequences example
• add unit tests

[2.0.2] - 2016-10-21

• fix comma handling in nested extglobs

[2.0.1] - 2016-10-20

... (truncated)

Commits

• See full diff in compare view

Updates async from 2.6.0 to 2.6.4

Changelog

Sourced from async's changelog.

v2.6.4

• Fix potential prototype pollution exploit (#1828)

v2.6.3

• Updated lodash to squelch a security warning (#1675)

v2.6.2

• Updated lodash to squelch a security warning (#1620)

v2.6.1

• Updated lodash to prevent npm audit warnings. (#1532, #1533)
• Made async-es more optimized for webpack users (#1517)
• Fixed a stack overflow with large collections and a synchronous iterator (#1514)
• Various small fixes/chores (#1505, #1511, #1527, #1530)

Commits

• c6bdaca Version 2.6.4
• 8870da9 Update built files
• 4df6754 update changelog
• 8f7f903 Fix prototype pollution vulnerability (#1828)
• f1d8383 Version 2.6.3
• 2b674c1 update changelog
• eab740f fix: udpate lodash. closes #1675
• eaf32be Version 2.6.2
• 684b42e Update built files
• e1bd3da update changelog
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by hargasinski, a new releaser for async since your current version.

Updates browserify-sign from 4.2.1 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

• [patch] widen support to 0.12 9247adf
• [patch] drop minimum node support to v1 4d0ee49
• [Dev Deps] update aud, npmignore, tape 87f3a35
• [actions] remove redundant finisher 37a4758
• [Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12
• [Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)
• [Deps] update elliptic fb261ce
• [Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

• [Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

• Only apps should have lockfiles 09a8995
• [eslint] switch to eslint 83fe463
• [meta] add npmignore and auto-changelog 4418183
• [meta] fix package.json indentation 9ac5a5e
• [Tests] migrate from travis to github actions d845d85
• [Fix] sign: throw on unsupported padding scheme 8767739
• [Fix] properly check the upper bound for DSA signatures 85994cd
• [Tests] handle openSSL not supporting a scheme f5f17c2
• [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
• [Dev Deps] update nyc, standard, tape cc5350b
• [Tests] always run coverage; downgrade nyc 75ce1d5
• [meta] add safe-publish-latest dcf49ce
• [Tests] add npm run posttest 75dd8fd
• [Dev Deps] update tape 3aec038
• [Tests] skip unsupported schemes 703c83e
• [Tests] node < 6 lacks array includes 3aa43cf
• [Dev Deps] fix eslint range 98d4e0d

Commits

• bf2c3ec v4.2.3
• 9247adf [patch] widen support to 0.12
• f427270 [Deps] update `parse-asn1
• 87f3a35 [Dev Deps] update aud, npmignore, tape
• fb261ce [Deps] update elliptic
• 4d0ee49 [patch] drop minimum node support to v1
• 9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
• 168e16f [Deps] pin elliptic due to a breaking change
• 37a4758 [actions] remove redundant finisher
• 4af5a90 v4.2.2
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.

Updates y18n from 4.0.0 to 4.0.3

Changelog

Sourced from y18n's changelog.

4.0.3 (2021-04-07)

Bug Fixes

• release: 4.x.x should not enforce Node 10 (#126) (1e21a53)

4.0.1 (2020-11-30)

Bug Fixes

• address prototype pollution issue (#108) (a9ac604)

Commits

• 0aa97c5 chore: release 4.x.x (#128)
• a8e7f04 build(release-please): configure branch properly (#127)
• 1e21a53 fix(release): 4.x.x should not enforce Node 10 (#126)
• 8dc7580 docs: update CHANGELOG
• 7de58ca fix: address prototype pollution issue
• See full diff in compare view

Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.

Updates y18n from 3.2.1 to 4.0.3

Changelog

Sourced from y18n's changelog.

4.0.3 (2021-04-07)

Bug Fixes

• release: 4.x.x should not enforce Node 10 (#126) (1e21a53)

4.0.1 (2020-11-30)

Bug Fixes

• address prototype pollution issue (#108) (a9ac604)

Commits

• 0aa97c5 chore: release 4.x.x (#128)
• a8e7f04 build(release-please): configure branch properly (#127)
• 1e21a53 fix(release): 4.x.x should not enforce Node 10 (#126)
• 8dc7580 docs: update CHANGELOG
• 7de58ca fix: address prototype pollution issue
• See full diff in compare view

Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.

Updates minimist from 1.2.0 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

• [Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)
• [Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)
• [Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

• [Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)
• [Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)
• [Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)
• [Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)
• [Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

• Merge tag 'v0.2.3' a026794
• [eslint] fix indentation and whitespace 5368ca4
• [eslint] fix indentation and whitespace e5f5067
• [eslint] more cleanup 62fde7d
• [eslint] more cleanup 36ac5d0
• [meta] add auto-changelog 73923d2
• [actions] add reusable workflows d80727d
• [eslint] add eslint; rules to enable later are warnings 48bc06a
• [eslint] fix indentation 34b0f1c
• [readme] rename and add badges 5df0fe4
• [Dev Deps] switch from covert to nyc a48b128
• [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
• [meta] create FUNDING.yml; add funding in package.json 3639e0c
• [meta] use npmignore to autogenerate an npmignore file be2e038
• Only apps should have lockfiles 282b570
• isConstructorOrProto adapted from PR ef9153f
• [Dev Deps] update @ljharb/eslint-config, aud 098873c
• [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
• [meta] add safe-publish-latest 4b927de
• [Tests] add aud in posttest b32d9bd
• [meta] update repo URLs f9fdfc0
• [actions] Avoid 0.6 tests due to build failures ba92fe6
• [Dev Deps] update tape 950eaa7
• [Dev Deps] add missing npmignore dev dep 3226afa
• Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits

• 6901ee2 v1.2.8
• a026794 Merge tag 'v0.2.3'
• c0b2661 v0.2.3
• 63b8fee [Fix] Fix long option followed by single dash (#17)
• 72239e6 [Tests] Remove duplicate test (#12)
• 34b0f1c [eslint] fix indentation
•