Bump the npm_and_yarn group across 1 directory with 10 updates

[dependabot]

Bumps the npm_and_yarn group with 9 updates in the / directory:

Package	From	To
axios	0.21.4	1.7.2
@serverless/platform-client	4.3.2	4.5.1
braces	3.0.2	3.0.3
got	11.8.3	11.8.6
jszip	3.7.1	3.10.1
simple-git	3.4.0	3.25.0
ws	7.5.7	7.5.10
xml2js	0.4.19	0.6.2
aws-sdk	2.1102.0	2.1643.0

Updates axios from 0.21.4 to 1.7.2

Release notes

Sourced from axios's releases.

Release v1.7.2

Release notes:

Bug Fixes

• fetch: enhance fetch API detection; (#6413) (4f79aef)

Contributors to this release

• Dmitriy Mozgovoy

Release v1.7.1

Release notes:

Bug Fixes

• fetch: fixed ReferenceError issue when TextEncoder is not available in the environment; (#6410) (733f15f)

Contributors to this release

• Dmitriy Mozgovoy

Release v1.7.0

Release notes:

Features

• adapter: add fetch adapter; (#6371) (a3ff99b)

Bug Fixes

• core/axios: handle un-writable error stack (#6362) (81e0455)

Contributors to this release

• Dmitriy Mozgovoy
• Jay
• Alexandre ABRIOUX

Release v1.7.0-beta.2

Release notes:

Bug Fixes

• fetch: capitalize HTTP method names; (#6395) (ad3174a)
• fetch: fix & optimize progress capturing for cases when the request data has a nullish value or zero data length (#6400) (95a3e8e)
• fetch: fix headers getting from a stream response; (#6401) (870e0a7)

Contributors to this release

• Dmitriy Mozgovoy

Release v1.7.0-beta.1

Release notes:

... (truncated)

Changelog

Sourced from axios's changelog.

1.7.2 (2024-05-21)

Bug Fixes

• fetch: enhance fetch API detection; (#6413) (4f79aef)

Contributors to this release

• Dmitriy Mozgovoy

1.7.1 (2024-05-20)

Bug Fixes

• fetch: fixed ReferenceError issue when TextEncoder is not available in the environment; (#6410) (733f15f)

Contributors to this release

• Dmitriy Mozgovoy

1.7.0 (2024-05-19)

Features

• adapter: add fetch adapter; (#6371) (a3ff99b)

Bug Fixes

• core/axios: handle un-writable error stack (#6362) (81e0455)

Contributors to this release

• Dmitriy Mozgovoy
• Jay
• Alexandre ABRIOUX

1.7.0-beta.2 (2024-05-19)

Bug Fixes

• fetch: capitalize HTTP method names; (#6395) (ad3174a)
• fetch: fix & optimize progress capturing for cases when the request data has a nullish value or zero data length (#6400) (95a3e8e)
• fetch: fix headers getting from a stream response; (#6401) (870e0a7)

Contributors to this release

... (truncated)

Commits

• 0e4f9fa chore(release): v1.7.2 (#6414)
• 4f79aef fix(fetch): enhance fetch API detection; (#6413)
• 67d1373 chore(release): v1.7.1 (#6411)
• 733f15f fix(fetch): fixed ReferenceError issue when TextEncoder is not available in t...
• 3041c61 [Release] v1.7.0 (#6408)
• 18b13cb chore(docs): add fetch adapter docs; (#6407)
• e62099b fix(fetch): fixed a possible memory leak in the AbortController for the strea...
• b49aa8e chore(release): v1.7.0-beta.2 (#6403)
• d57f03a chore(ci): bump create-pull-request version to fix a bug; (#6405)
• 097b0d1 chore(ci): add tag resolution for npm releases based on package version; (#6404)
• Additional commits viewable in compare view

Updates @serverless/platform-client from 4.3.2 to 4.5.1

Updates braces from 3.0.2 to 3.0.3

Commits

• 74b2db2 3.0.3
• 88f1429 update eslint. lint, fix unit tests.
• 415d660 Snyk js braces 6838727 (#40)
• 190510f fix tests, skip 1 test in test/braces.expand
• 716eb9f readme bump
• a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
• 2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
• 9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
• 98414f9 remove funding file
• 665ab5d update keepEscaping doc (#27)
• Additional commits viewable in compare view

Updates follow-redirects from 1.14.9 to 1.15.6

Commits

• 35a517c Release version 1.15.6 of the npm package.
• c4f847f Drop Proxy-Authorization across hosts.
• 8526b4a Use GitHub for disclosure.
• b1677ce Release version 1.15.5 of the npm package.
• d8914f7 Preserve fragment in responseUrl.
• 6585820 Release version 1.15.4 of the npm package.
• 7a6567e Disallow bracketed hostnames.
• 05629af Prefer native URL instead of deprecated url.parse.
• 1cba8e8 Prefer native URL instead of legacy url.resolve.
• 72bc2a4 Simplify _processResponse error handling.
• Additional commits viewable in compare view

Updates got from 11.8.3 to 11.8.6

Release notes

Sourced from got's releases.

v11.8.6

• Destroy request object after successful response

sindresorhus/got@v11.8.5...v11.8.6

v11.8.5

• Backport security fix sindresorhus/got@861ccd9
  • CVE-2022-33987

sindresorhus/got@v11.8.4...v11.8.5

Commits

• 2b1482c 11.8.6
• 2d1497e Destroy request object after successful response (#2187)
• 5e17bb7 11.8.5
• bce8ce7 Backport 861ccd9ac2237df762a9e2beed7edd88c60782dc
• 8ced192 Fix build
• 670eb04 11.8.4
• 20f29fe Backport #1543: Initialize globalResponse in case of ignored HTTPError (#2017)
• See full diff in compare view

Updates jszip from 3.7.1 to 3.10.1

Changelog

Sourced from jszip's changelog.

v3.10.1 2022-08-02

• Add sponsorship files.
  • If you appreciate the time spent maintaining JSZip then I would really appreciate your sponsorship.
• Consolidate metadata types and expose OnUpdateCallback #851 and #852
• use const instead var in example from README.markdown #828
• Switch manual download link to HTTPS #839

Internals:

• Replace jshint with eslint #842
• Add performance tests #834

v3.10.0 2022-05-20

• Change setimmediate dependency to more efficient one. Fixes Stuk/jszip#617 (see #829)
• Update types of currentFile metadata to include null (see #826)

v3.9.1 2022-04-06

• Fix recursive definition of InputFileFormat introduced in 3.9.0.

v3.9.0 2022-04-04

• Update types JSZip#loadAsync to accept a promise for data, and remove arguments from new JSZip() (see #752)
• Update types for compressionOptions to JSZipFileOptions and JSZipGeneratorOptions (see #722)
• Add types for generateInternalStream (see #774)

v3.8.0 2022-03-30

• Santize filenames when files are loaded with loadAsync, to avoid "zip slip" attacks. The original filename is available on each zip entry as unsafeOriginalName. See the documentation. Many thanks to McCaulay Hudson for reporting.

Commits

• 0f2f1e4 3.10.1
• cae5510 Updates for v3.10.1
• 179c9a0 Update changelog for 3.10.1
• 61e1df5 Add Jekyll files to gitignore
• f299cce Merge pull request #852 from Stuk/metadata-ts
• 852887a Consolidate metadata types and expose OnUpdateCallback
• 5be00df Add sponsorship files
• dabe864 Update package-lock for benchmark
• cc554da Merge pull request #841 from stevennyman/patch-2
• caefbc0 Merge pull request #834 from Stuk/benchmark
• Additional commits viewable in compare view

Updates simple-git from 3.4.0 to 3.25.0

Release notes

Sourced from simple-git's releases.

[email protected]

Minor Changes

• 0a5378d: Add support for parsing count-objects

Patch Changes

• 4aceb15: Upgrade dependencies and build tools

[email protected]

Minor Changes

• c355317: Enable the use of a two part custom binary

[email protected]

Minor Changes

• 9bfdf08: Bump package manager from yarn v1 to v4

Patch Changes

• 8a3118d: Fixed a performance issue when parsing stat diff summaries
• 9f1a174: Update build tools and workflows for Yarn 4 compatibility

[email protected]

Minor Changes

• df14065: add status to DiffResult when using --name-status

[email protected]

Minor Changes

• 709d80e: Add firstCommit utility interface

Patch Changes

• b4ab430: Add trailing callback support to git.firstCommit
• d3f9320: chore(deps): bump @​babel/traverse from 7.9.5 to 7.23.2
• b76857f: chore(deps): bump axios from 1.1.3 to 1.6.1

[email protected]

Minor Changes

• 2eda817: Use pathspec in git.log to allow use of previously deleted files in file argument

[email protected]

Patch Changes

• 2ab1936: keep path splitter without path specs

... (truncated)

Changelog

Sourced from simple-git's changelog.

3.25.0

Minor Changes

• 0a5378d: Add support for parsing count-objects

Patch Changes

• 4aceb15: Upgrade dependencies and build tools

3.24.0

Minor Changes

• c355317: Enable the use of a two part custom binary

3.23.0

Minor Changes

• 9bfdf08: Bump package manager from yarn v1 to v4

Patch Changes

• 8a3118d: Fixed a performance issue when parsing stat diff summaries
• 9f1a174: Update build tools and workflows for Yarn 4 compatibility

3.22.0

Minor Changes

• df14065: add status to DiffResult when using --name-status

3.21.0

Minor Changes

• 709d80e: Add firstCommit utility interface

Patch Changes

• b4ab430: Add trailing callback support to git.firstCommit
• d3f9320: chore(deps): bump @​babel/traverse from 7.9.5 to 7.23.2
• b76857f: chore(deps): bump axios from 1.1.3 to 1.6.1

3.20.0

Minor Changes

• 2eda817: Use pathspec in git.log to allow use of previously deleted files in file argument

... (truncated)

Commits

• 859699d Version Packages
• 0a5378d Add support for git count-objects as git.countObjects
• 4aceb15 Upgrade dependencies (#999)
• 016317d Version Packages
• c355317 Feature/array custom binary (#987)
• 4119a2c Version Packages
• 8a3118d fix: stat diff summary performance
• 6883522 Prettier and helper script to format the project
• 91be7c7 Integration test covering error reported in #977
• 9f1a174 Chore/updates (#980)
• Additional commits viewable in compare view

Updates ws from 7.5.7 to 7.5.10

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

• Backported e55e5106 to the 7.x release line (22c28763).

7.5.9

Bug fixes

• Backported bc8bd34e to the 7.x release line (0435e6e1).

7.5.8

Bug fixes

• Backported 0fdcc0af to the 7.x release line (2758ed35).
• Backported d68ba9e1 to the 7.x release line (dc1781bc).

Commits

• d962d70 [dist] 7.5.10
• 22c2876 [security] Fix crash when the Upgrade header cannot be read (#2231)
• 8a78f87 [dist] 7.5.9
• 0435e6e [security] Fix same host check for ws+unix: redirects
• 4271f07 [dist] 7.5.8
• dc1781b [security] Drop sensitive headers when following insecure redirects
• 2758ed3 [fix] Abort the handshake if the Upgrade header is invalid
• See full diff in compare view

Updates xml2js from 0.4.19 to 0.6.2

Commits

• cf3e061 New release, 0.6.2
• cb2f77e Fix read-only constraint via mistyped key name
• 8e9a120 Update version number for release 0.6.1
• 30f9d61 Replace filtering of names with defineProperty
• ba46e54 Update package lock
• 0e29f0e Release new version
• a25035c Remove old unused files
• 1de4688 Merge pull request #680 from Leonidas-from-XIV/zap-dependency-fix
• 3b97ae5 Merge pull request #681 from Leonidas-from-XIV/cve-compat-fix
• 167a385 Fix zap to be the original dependency
• Additional commits viewable in compare view

Updates aws-sdk from 2.1102.0 to 2.1643.0

Release notes

Sourced from aws-sdk's releases.

Release v2.1643.0

See changelog for more information.

Release v2.1642.0

See changelog for more information.

Release v2.1641.0

See changelog for more information.

Release v2.1640.0

See changelog for more information.

Release v2.1639.0

See changelog for more information.

Release v2.1638.0

See changelog for more information.

Release v2.1637.0

See changelog for more information.

Release v2.1636.0

See changelog for more information.

Release v2.1635.0

See changelog for more information.

Release v2.1634.0

See changelog for more information.

Release v2.1633.0

See changelog for more information.

Release v2.1632.0

See changelog for more information.

Release v2.1631.0

See changelog for more information.

Release v2.1630.0

See changelog for more information.

Release v2.1629.0

See changelog for more information.

Release v2.1628.0

See changelog for more information.

Release v2.1627.0

See changelog for more information.

... (truncated)

Commits

• 9dedd83 Updates SDK to v2.1643.0
• 352b71f Updates SDK to v2.1642.0
• f23d102 Updates SDK to v2.1641.0
• 0dfc2d5 fix: update region-checker allowlist (#4648)
• e295aa5 typing: add loadSsoSessionsFrom and expose private util methods to IniLoader ...
• 4bcdd9a docs(cognito_identity_credentials): Explain limitation of CognitoIden… (#4455)
• ae46271 Updates SDK to v2.1640.0
• 37d581c Deprecate Service: BackupStorage (#4647)
• 6bf0b7d Updates SDK to v2.1639.0
• 7a40a3b Updates SDK to v2.1638.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.