Bump the npm_and_yarn group across 1 directory with 4 updates

[dependabot]

Bumps the npm_and_yarn group with 4 updates in the /client directory: graphiql, minimatch, minimist and ua-parser-js.

Updates graphiql from 0.5.0 to 1.4.7

Changelog

Sourced from graphiql's changelog.

1.4.7

Patch Changes

• 130ddad6 Thanks @​acao! - CRITICAL SECURITY PATCH for the GraphiQL introspection schema template injection attack

1.4.6

Patch Changes

• d3a88283 #1934 Thanks @​tonyfromundefined! - add react 17, 18 in peerDependencies

• afaa36c1 #1883 Thanks @​Sweetabix1! - Updating font colors for line numbers, comments & brackets from #999 to #666 for accessibility purposes. #666 passes AA accessibility standards for small text, with a contrast ratio of over 5:1.

• 75dbb0b1 #1777 Thanks @​dwwoelfel! - adopt block string parsing for variables in language parser

• Updated dependencies [0e2c1a02, 75dbb0b1]:

  • graphql-language-service@3.1.6
  • codemirror-graphql@1.0.3

1.4.5

Patch Changes

• 86795d5f Thanks @​acao! - Remove bad type definition from subscriptions-transport-ws #1992 closes #1989

• Updated dependencies [86795d5f]:

  • @​graphiql/toolkit@​0.3.2

1.4.4

Patch Changes

• 62e786b5 #1990 Thanks @​acao! - Remove type definition from subscriptions-transport-ws

• Updated dependencies [62e786b5]:

  • @​graphiql/toolkit@​0.3.1

1.4.3

Patch Changes

• 6a459f4c #1968 Thanks @​acao! - Remove optionalDependencies entirely, remove subscriptions-transport-ws which introduces vulnerabilities, upgrade @n1ru4l/push-pull-async-iterable-iterator to 3.0.0, upgrade graphql-ws several minor versions - the graphql-ws@5.x upgrade will come in a later minor release.

• eb2d91fa #1914 Thanks @​harshithpabbati! - fix: history can now be saved even when query history panel is not opened feat: create a new maxHistoryLength prop to allow more than 20 queries in history panel

• 04fad79c #1889 Thanks @​henryqdineen! - feat: export ToolbarSelectOption and ToolbarMenuItem

• cd685435 #1923 Thanks @​cgarnier! - Fix result window theme

... (truncated)

Commits

• 8680b75 Version Packages (#2003)
• cb237ee Merge pull request from GHSA-x4r7-m2q9-69c8
• 672aadf Version Packages (#1994)
• afaa36c fix: updating #999 font colors to #666 (#1883)
• d3a8828 fix(graphiql): add react 17, 18 in peerDependencies (#1934)
• 877a74a Version Packages (#1993)
• 8577c7e Version Packages (#1991)
• 8ad2c0c Version Packages (#1893)
• 6a459f4 fix: @​graphiql/toolkit dependencies (#1968)
• 0436594 Fix typo in README.md (#1948)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by acao, a new releaser for graphiql since your current version.

Updates minimatch from 3.0.4 to 3.1.2

Commits

• 699c459 3.1.2
• 2f2b5ff fix: trim pattern
• 25d7c0d 3.1.1
• 55dda29 fix: treat nocase:true as always having magic
• 5e1fb8d 3.1.0
• f8145c5 Add 'allowWindowsEscape' option
• 570e8b1 add publishConfig for v3 publishes
• 5b7cd33 3.0.6
• 20b4b56 [fix] revert all breaking syntax changes
• 2ff0388 document, expose, and test 'partial:true' option
• Additional commits viewable in compare view

Updates minimist from 1.2.5 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

• [Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)
• [Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)
• [Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

• [Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)
• [Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)
• [Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)
• [Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)
• [Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

• Merge tag 'v0.2.3' a026794
• [eslint] fix indentation and whitespace 5368ca4
• [eslint] fix indentation and whitespace e5f5067
• [eslint] more cleanup 62fde7d
• [eslint] more cleanup 36ac5d0
• [meta] add auto-changelog 73923d2
• [actions] add reusable workflows d80727d
• [eslint] add eslint; rules to enable later are warnings 48bc06a
• [eslint] fix indentation 34b0f1c
• [readme] rename and add badges 5df0fe4
• [Dev Deps] switch from covert to nyc a48b128
• [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
• [meta] create FUNDING.yml; add funding in package.json 3639e0c
• [meta] use npmignore to autogenerate an npmignore file be2e038
• Only apps should have lockfiles 282b570
• isConstructorOrProto adapted from PR ef9153f
• [Dev Deps] update @ljharb/eslint-config, aud 098873c
• [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
• [meta] add safe-publish-latest 4b927de
• [Tests] add aud in posttest b32d9bd
• [meta] update repo URLs f9fdfc0
• [actions] Avoid 0.6 tests due to build failures ba92fe6
• [Dev Deps] update tape 950eaa7
• [Dev Deps] add missing npmignore dev dep 3226afa
• Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits

• 6901ee2 v1.2.8
• a026794 Merge tag 'v0.2.3'
• c0b2661 v0.2.3
• 63b8fee [Fix] Fix long option followed by single dash (#17)
• 72239e6 [Tests] Remove duplicate test (#12)
• 34b0f1c [eslint] fix indentation
• 3226afa [Dev Deps] add missing npmignore dev dep
• 098873c [Dev Deps] update @ljharb/eslint-config, aud
• 9ec4d27 [Fix] Fix long option followed by single dash
• ba92fe6 [actions] Avoid 0.6 tests due to build failures
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

Updates ua-parser-js from 0.7.31 to 0.7.41

Release notes

Sourced from ua-parser-js's releases.

v0.7.41

Version 0.7.41 / 1.0.41

• Add new browser: Daum, Ladybird
• Add new device vendor: HMD
• Add new engine: LibWeb
• Add new os: Windows IoT, Ubuntu Touch
• Improve cpu detection: ARM, x86
• Improve device vendor detection: Apple, Archos, Generic, Google, Honor, Huawei, Infinix, Nvidia, Lenovo, Nokia, OnePlus, Xiaomi
• Improve device type detection: smarttv, wearables
• Improve os detection: Linux, Symbian

Full Changelog: faisalman/ua-parser-js@0.7.40...0.7.41

v0.7.38

Version 0.7.38

• Fix error on getOS() when userAgentData.platform is undefined
• Add new browser: Opera GX, Twitter
• Improve browser detection: DuckDuckGo
• Improve device detection: OPPO Pad, Oculus Quest

v0.7.37

Version 0.7.37

• Fix misidentified WebView token as device model
• Increase UA_MAX_LENGTH to 500
• Add new browser: Alipay, Klarna, Smart Lenovo Browser, Vivo Browser
• Add new device: Ulefone
• Improve device detection: Realme, Xiaomi Redmi
• Rename browser: Avant, Baidu, Samsung Internet, Sogou Explorer, Sogou Mobile, WeChat

Changelog

Sourced from ua-parser-js's changelog.

Version 0.7.41 / 1.0.41

• Add new browser: Daum, Ladybird
• Add new device vendor: HMD
• Add new engine: LibWeb
• Add new os: Windows IoT, Ubuntu Touch
• Improve cpu detection: ARM, x86
• Improve device vendor detection: Apple, Archos, Generic, Google, Honor, Huawei, Infinix, Nvidia, Lenovo, Nokia, OnePlus, Xiaomi
• Improve device type detection: smarttv, wearables
• Improve os detection: Linux, Symbian

Version 0.7.40 / 1.0.40

• Add new browser: 115, LibreWolf, Slimboat, Slimjet
• Add new device: Advan, Cat, Energizer, IMO, Micromax, Smartfren
• Add new engine: ArkWeb, Servo
• Add new os: OpenHarmony
• Improve browser detection: 2345, 360, Dragon, Iron, Maxthon
• Recognize Honor as a separate device vendor from Huawei
• Fix Python Request mistakenly identified as Meta Quest

Version 0.7.39 / 1.0.39

• Add new feature: executable command using npx ua-parser-js "[INSERT-UA-HERE]"
• Add new browser: Helio, Pico Browser, Wolvic
• Add new device vendor: itel, Nothing, TCL
• Improve browser detection: ICEBrowser, Klar, QQBrowser, Quark, Rekonq, Sleipnir
• Improve device detection: Xiaomi Pro, Amazon Echo Show, Samsung Galaxy Watch
• Removed from browser: Viera

Version 0.7.38 / 1.0.38

• Fix error on getOS() when userAgentData.platform is undefined
• Add new browser: Opera GX, Twitter
• Improve browser detection: DuckDuckGo
• Improve device detection: OPPO Pad, Oculus Quest

Version 0.7.37 / 1.0.37

• Fix misidentified WebView token as device model
• Increase UA_MAX_LENGTH to 500
• Add new browser: Alipay, Klarna, Smart Lenovo Browser, Vivo Browser
• Add new device: Ulefone
• Improve device detection: Realme, Xiaomi Redmi
• Rename browser: Avant, Baidu, Samsung Internet, Sogou Explorer, Sogou Mobile, WeChat

Version 0.7.36 / 1.0.36

• Add new browser: Snapchat
• Add new devices: Infinix, Tecno
• Improve device detection: Amazon Fire TV, Xiaomi POCO
• Improve OS detection: iOS

Version 0.7.35 / 1.0.35

• Fix result from user-supplied user-agent being altered
• Add new browser: Heytap, TikTok

... (truncated)

Commits

• af825ff Bump version 0.7.41
• 5925954 Backport - Improve detection for Nokia device & Symbian OS
• fc668ef Backport - Improve device detection for Generic device: capture its device mo...
• 0543fb2 Backport - Improve CPU detection: ARM
• 98f1c00 Backport - Improve device detection for unidentified SmartTV vendors
• d66c971 Backport - Improve detection for Nvidia devices
• cbe6038 Backport - Add Daum app user agent (#773)
• e665bd5 Backport - Add new OS: Ubuntu Touch
• 20c3040 Backport - Add new device: Apple HomePod
• 9057a1d Backport - Add new browser: Ladybird
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by faisalman, a new releaser for ua-parser-js since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.