Bump the npm_and_yarn group across 1 directory with 15 updates

[dependabot]

Bumps the npm_and_yarn group with 3 updates in the /ring_hassio directory: hosted-git-info, trim-newlines and ring-client-api.

Updates hosted-git-info from 2.8.8 to 2.8.9

Changelog

Sourced from hosted-git-info's changelog.

2.8.9 (2021-04-07)

Bug Fixes

• backport regex fix from #76 (29adfe5), closes #84

Commits

• 8d4b369 chore(release): 2.8.9
• 29adfe5 fix: backport regex fix from #76
• See full diff in compare view

Maintainer changes

This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.

Updates http-cache-semantics from 4.1.0 to 4.1.1

Commits

• 2449650 Update mocha
• 560b2d8 Don't use regex to trim whitespace
• b1bdb92 Remove linting package zoo
• c20dc7e Cache 308
• See full diff in compare view

Updates ip from 1.1.5 to 1.1.9

Commits

• 1ecbf2f 1.1.9
• 6a3ada9 lib: fixed CVE-2023-42282 and added unit test
• 5dc3b2f 1.1.8
• 8e6f28b lib: even better node 6 support
• 088c9e5 1.1.7
• 1a4ca35 lib: add back support for Node.js 6
• af82ef4 1.1.6
• dba19f6 package: exclude test folder from publishing
• 7cd7f30 ci: use github workflows
• 4de50ae lib: node 18 support
• See full diff in compare view

Updates normalize-url from 3.3.0 to 6.1.0

Release notes

Sourced from normalize-url's releases.

v6.1.0

• Accept a boolean for the removeQueryParameters option (#136) 6216336

sindresorhus/normalize-url@v6.0.1...v6.1.0

v6.0.1

• Fix ReDoS vulnerability for data URLs b1fdb51
  • CVE-2021-33502

Also fixed for v5 in 5.3.1 and for v4 in 4.5.1. Versions below 4.3.0 are not affected by this.

sindresorhus/normalize-url@v6.0.0...v6.0.1

v6.0.0

Breaking

• Add stripTextFragment option (#130) 01a4a91 It should not affect most use-cases, but it is turned on by default and it does change the URL slightly, so it's marked as breaking just to be safe.

sindresorhus/normalize-url@v5.3.0...v6.0.0

v5.3.0

• Throw a friendly error on view-source: input (#124) ddf2584

sindresorhus/normalize-url@v5.2.1...v5.3.0

v5.2.1

• Fix removeSingleSlash option adding slashes (#122) 1e06753

sindresorhus/normalize-url@v5.2.0...v5.2.1

v5.2.0

• Add removeSingleSlash option (#120) 18effbe

sindresorhus/normalize-url@v5.1.0...v5.2.0

v5.1.0

• Improve stripWWW logic (#117) 0ee9d94
• Allow any protocol in the duplicate slashes normalization (#115) 14b79c6

sindresorhus/normalize-url@v5.0.0...v5.1.0

v5.0.0

Note that if you're using normalize-url in the browser, you should probably stay on v4 as this version uses newer syntax not available in all browsers.

Breaking

• Require Node.js 10 (#103) 7b4ad64

... (truncated)

Commits

• 437bf17 6.1.0
• 6216336 Accept a boolean for the removeQueryParameters option (#136)
• 305e3f2 6.0.1
• b1fdb51 Fix ReDoS for data URLs
• b98fe7e 6.0.0
• 01a4a91 Add stripTextFragment option (#130)
• ba37969 Rename master branch to main
• 4dbc81b Move to GitHub Actions
• ededdbe 5.3.0
• ddf2584 Throw a friendly error on view-source: input (#124)
• Additional commits viewable in compare view

Updates parse-path from 4.0.1 to 4.0.4

Release notes

Sourced from parse-path's releases.

4.0.4

Remove the new line characters.

4.0.3

Handle backslash in the input and use query-string, so the module is supported in the browser

4.0.2

Update docs and licence year. 🚀

Commits

• 3795a3c Updated docs
• 16b37d8 ⬆️ 4.0.4 🎉
• 6ff8639 Replace new lines in the input url.
• 5cef694 Merge pull request #32 from ronyeh/master
• 95fd0c5 Use regex to check that the port is a series of digits 0-9.
• 6098fcb Updated docs
• 19a36a2 Use query-string -- fixes #28
• 6bb78e1 ⬆️ 4.0.3 🎉
• 8acac4d Updated docs
• 1add785 ⬆️ 4.0.2 🎉
• See full diff in compare view

Updates parse-url from 5.0.1 to 5.0.8

Release notes

Sourced from parse-url's releases.

5.0.8

Update dependencies

5.0.6

• Added typescript support /cc #25 -- thanks @​Strandor! 🍰
• Fix normalize url default options /cc #27 -- thanks @​icecubed! 🍰

5.0.5

Downgrade the normalize-url version

5.0.3

Update modules, thanks @​andreainnocenti! 🍰

5.0.2

Update docs and licence year. 🚀

Commits

• fa488b2 Updated docs
• 91051cf ⬆️ 5.0.8 🎉
• e8dbac1 Updated docs
• be77c32 Merge branch 'new-version' of github.com:IonicaBizau/parse-url into new-version
• 2e37af3 ⬆️ 6.0.0 🎉
• 802e19a ⬆️ 6.0.0 🎉
• b99cf52 Updated docs
• 74520ff Merge branch 'feature/typescript' of https://github.com/Strandor/parse-url in...
• 76c974b ⬆️ 5.0.6 🎉
• b035d22 Add unit test for normalize:true case
• Additional commits viewable in compare view

Updates path-parse from 1.0.6 to 1.0.7

Commits

• See full diff in compare view

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

• 2f8fd41 #585 better handling of whitespace (#585) (@​joaomoreno, @​lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

• 2f8fd41 #585 better handling of whitespace (#585) (@​joaomoreno, @​lukekarrys)

5.7

• Add minVersion method

5.6

• Move boolean loose param to an options object, with backwards-compatibility protection.
• Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

• Add version coercion capabilities

5.4

• Add intersection checking

5.3

• Add minSatisfying method

5.2

• Add prerelease(v) that returns prerelease components

5.1

• Add Backus-Naur for ranges
• Remove excessively cute inspection methods

5.0

• Remove AMD/Browserified build artifacts
• Fix ltr and gtr when using the * range
• Fix for range * with a prerelease identifier

Commits

• f8cc313 chore: release 5.7.2
• 2f8fd41 fix: better handling of whitespace (#585)
• deb5ad5 chore: @​npmcli/template-oss@​4.16.0
• See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates simple-get from 3.1.0 to 3.1.1

Commits

• 496166d 3.1.1
• 6eb82c0 Bug fix: Thirdparty cookie leak
• See full diff in compare view

Maintainer changes

This version was pushed to npm by linusu, a new releaser for simple-get since your current version.

Updates socket.io-parser from 3.3.0 to 3.3.3

Release notes

Sourced from socket.io-parser's releases.

3.3.3

Bug Fixes

• check the format of the index of each attachment (fb21e42)

Links

• Diff: socketio/socket.io-parser@3.3.2...3.3.3
• Branch: 3.3.x

3.3.2

Bug Fixes

• prevent DoS (OOM) via massive packets (#95) (89197a0)

Links

• Diff: socketio/socket.io-parser@3.3.1...3.3.2

3.3.1

Links

• Diff: socketio/socket.io-parser@3.3.0...3.3.1

Changelog

Sourced from socket.io-parser's changelog.

3.3.3 (2022-11-09)

Bug Fixes

• check the format of the index of each attachment (fb21e42)

3.4.2 (2022-11-09)

Bug Fixes

• check the format of the index of each attachment (04d23ce)

4.2.1 (2022-06-27)

Bug Fixes

• check the format of the index of each attachment (b5d0cb7)

4.0.5 (2022-06-27)

Bug Fixes

• check the format of the index of each attachment (b559f05)

4.2.0 (2022-04-17)

Features

• allow the usage of custom replacer and reviver (#112) (b08bc1a)

4.1.2 (2022-02-17)

Bug Fixes

... (truncated)

Commits

• cd11e38 chore(release): 3.3.3
• fb21e42 fix: check the format of the index of each attachment
• 3b0a392 chore(release): 3.3.2
• 89197a0 fix: prevent DoS (OOM) via massive packets (#95)
• 25ca624 chore(release): 3.3.1
• b51b39b test: use Node.js 10 for the browser tests
• 4184e46 chore: bump component-emitter dependency
• See full diff in compare view

Updates tar from 6.0.2 to 6.2.1

Release notes

Sourced from tar's releases.

v6.1.13

6.1.13 (2022-12-07)

Dependencies

• cc4e0dd #343 bump minipass from 3.3.6 to 4.0.0

v6.1.12

6.1.12 (2022-10-31)

Bug Fixes

• 57493ee #332 ensuring close event is emited after stream has ended (@​webark)
• b003c64 #314 replace deprecated String.prototype.substr() (#314) (@​CommanderRoot, @​lukekarrys)

Documentation

• f129929 #313 remove dead link to benchmarks (#313) (@​yetzt)
• c1faa9f add examples/explanation of using tar.t (@​isaacs)

Changelog

Sourced from tar's changelog.

Changelog

6.2

• Add support for brotli compression

6.1.13 (2022-12-07)

Dependencies

• cc4e0dd #343 bump minipass from 3.3.6 to 4.0.0

6.1.12 (2022-10-31)

Bug Fixes

• 57493ee #332 ensuring close event is emited after stream has ended (@​webark)
• b003c64 #314 replace deprecated String.prototype.substr() (#314) (@​CommanderRoot, @​lukekarrys)

Documentation

• f129929 #313 remove dead link to benchmarks (#313) (@​yetzt)
• c1faa9f add examples/explanation of using tar.t (@​isaacs)

6.0

• Drop support for node 6 and 8
• fix symlinks and hardlinks on windows being packed with \-style path targets

5.0

• Address unpack race conditions using path reservations
• Change large-numbers errors from TypeError to Error
• Add TAR_* error codes
• Raise TAR_BAD_ARCHIVE warning/error when there are no valid entries found in an archive
• do not treat ignored entries as an invalid archive
• drop support for node v4
• unpack: conditionally use a file mapping to write files on Windows
• Set more portable 'mode' value in portable mode
• Set portable gzip option in portable mode

4.4

• Add 'mtime' option to tar creation to force mtime
• unpack: only reuse file fs entries if nlink = 1
• unpack: rename before unlinking files on Windows
• Fix encoding/decoding of base-256 numbers
• Use stat instead of lstat when checking CWD

... (truncated)

Commits

• bef7b1e 6.2.1
• fe8cd57 prevent extraction in excessively deep subfolders
• fe7ebfd remove security.md
• 5bc9d40 6.2.0
• fe1ef5e changelog 6.2
• e483220 get rid of npm lint stuff
• 689928a ci that works outside of npm org
• db6f539 file inference improvements for .tbr and .tgz
• 336fa8f refactor: dry and other pr comments
• eeba222 chore: lint fixes
• Additional commits viewable in compare view

Removes trim-newlines

Updates ring-client-api from 9.12.4 to 12.1.0

Release notes

Sourced from ring-client-api's releases.

ring-client-api@12.1.0

Minor Changes

• 7354a21 Thanks @​dgreif! - Update dependencies

ring-client-api@12.0.1

Patch Changes

• 3604f30 Thanks @​dgreif! - Update dependencies

ring-client-api@12.0.0

Breaking Changes

• Dropped Node 16 support. Node 18 is the current LTS, so please upgrade to Node 18 or Node 20. Note, Node 16 may still work after this update, but will likely break without warning in future updates.
• Video streaming has been condensed to use a single API, rather than a separate setup between Ring Cloud and Ring Edge streaming. This should allow all cameras to stream, including those using HEVC which were unable to be put into Legacy Mode.
• The StreamingConnectionBase class has been removed, with all of the methods and properties moved to the `WebrtcConnection`` class.
• Implementations of the BasicPeerConnection class no longer need to implement the createAnswer method.

Patch Changes

• Fix streaming for all camera models by switching to a new streaming API from Ring
• Fix 2-way audio
• Updated dependencies

A huge thank you to @​tsightler who did all the discovery and refactor work for streaming and 2-way audio!

ring-client-api@12.0.0-beta.4

No release notes provided.

ring-client-api@12.0.0-beta.3

Patch Changes

• d54168d Thanks @​dgreif! - Wait to activate camera speaker until camera is connected to call. This prevents race conditions in two-way audio. Thanks to @​tsightler for tracking this down!

ring-client-api@12.0.0-beta.2

Patch Changes

• 02304ba Thanks @​dgreif! - Another attempt at fixing pvtsutils version

ring-client-api@12.0.0-beta.1

Patch Changes

• 2c8ce6f Thanks @​dgreif! - Pin pvtsutils to 1.3.2 to fix RangeError: offset is out of bounds error

ring-client-api@12.0.0-beta.0

Major Changes

• fa6d3b9 Thanks @​dgreif! - Video streaming has been condensed to use a single API, rather than a separate setup between Ring Cloud and Ring Edge streaming. This should allow all cameras to stream, including those using HEVC which were unable to be put into Legacy Mode.

  Huge shoutout to @​tsightler for figuring out this new API and getting the client updated!

... (truncated)

Commits

• 4b4e561 Version Packages (#1377)
• 7354a21 Update dependencies
• 088acfe Bump axios from 1.5.0 to 1.6.1 (#1357)
• 7be94d3 Update camera utils package and homebridge ui info (#1352)
• ea472dd Bump @​babel/traverse from 7.20.1 to 7.23.2 (#1336)
• dae7970 Update ring-types.ts (#1334)
• 26eebc8 Bump systeminformation from 5.21.5 to 5.21.7 (#1314)
• 1a22a8c Bump graphql from 16.6.0 to 16.8.1 (#1315)
• 0584b7d Version Packages (#1310)
• 3604f30 Update dependencies
• Additional commits viewable in compare view

Updates xmlhttprequest-ssl from 1.5.5 to 1.6.3

Commits

• 711bd4a Prepare release 1.6.3
• 4e8322f Merge pull request #8 from mrcarlberg/mjwwit_unescape_url_pathname_when_loadi...
• ee1e81f Fix CVE-2020-28502
• 6a0a91d Unescape pathname from url when loading from local filesystem
• bf53329 Fix issue where rejectUnauthorized would default to false instead of true
• ae38832 1.6.0
• 534b586 Remove superfluous + operator
• a9d93fb Replace deprecated sys.puts calls with console.log in tests
• efc39e9 Merge pull request #6 from wesgarland/master
• b9fedb0 pushed version to 1.5.6
• Additional commits viewable in compare view

Updates yargs-parser from 10.1.0 to 21.1.1

Release notes

Sourced from yargs-parser's releases.

yargs-parser: v21.1.1

21.1.1 (2022-08-04)

Bug Fixes

• typescript: ignore .cts files during publish (#454) (d69f9c3), closes #452

yargs-parser: v21.1.0

21.1.0 (2022-08-03)

Features

• allow the browser build to be imported (#443) (a89259f)

Bug Fixes

• halt-at-non-option: prevent known args from being parsed when "unknown-options-as-args" is enabled (#438) (c474bc1)
• node version check now uses process.versions.node (#450) (d07bcdb)
• parse options ending with 3+ hyphens (#434) (4f1060b)

yargs-parser: v21.0.1

21.0.1 (2022-02-27)

Bug Fixes

• return deno env object (#432) (b00eb87)

yargs-parser yargs-parser-v21.0.0

⚠ BREAKING CHANGES

• drops support for 10 (#421)

Bug Fixes

• esm json import (#416) (90f970a)
• parser should preserve inner quotes (#407) (ae11f49)

Code Refactoring

• drops support for 10 (#421) (3aaf878)

yargs-parser yargs-parser-v20.2.9

... (truncated)

Changelog

Sourced from yargs-parser's changelog.

21.1.1 (2022-08-04)

Bug Fixes

• typescript: ignore .cts files during publish (#454) (d69f9c3), closes #452

21.1.0 (2022-08-03)

Features

• allow the browser build to be imported (#443) (a89259f)

Bug Fixes

• halt-at-non-option: prevent known args from being parsed when "unknown-options-as-args" is enabled (#438) (c474bc1)
• node version check now uses process.versions.node (#450) (d07bcdb)
• parse options ending with 3+ hyphens (#434) (4f1060b)

21.0.1 (2022-02-27)

Bug Fixes

• return deno env object (#432) (b00eb87)

21.0.0 (2021-11-15)

⚠ BREAKING CHANGES

• drops support for 10 (#421)

Bug Fixes

• esm json import (#416) (90f970a)
• parser should preserve inner quotes (#407) (ae11f49)

Code Refactoring

• drops support for 10 (#421) (3aaf878)

20.2.9 (2021-06-20)

Bug Fixes

... (truncated)

Commits

• 3aba24c chore(main): release yargs-parser 21.1.1 (#455)
• d69f9c3 fix(typescript): ignore .cts files during publish (#454)
• 90067a0 chore(main): release yargs-parser 21.1.0 (#446)
• d07bcdb fix: node version check now uses process.versions.node (#450)
• c0c6079 chore(deps): update dependency puppeteer to v16 (#451)
• a89259f feat: allow the browser build to be imported (#443)
• c474bc1 fix(halt-at-non-option): prevent known args from being parsed when "unknown-o...
• fd30238 chore(deps): update dependency serve to v14 (#449)
• a072f9a chore(deps): update dependency puppeteer to v15 (#444)
• 4f1060b fix: parse options ending with 3+ hyphens (#434)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.