Bump the npm_and_yarn group across 2 directories with 7 updates

[dependabot]

Bumps the npm_and_yarn group with 4 updates in the / directory: semver, shelljs, simple-git and node-fetch.
Bumps the npm_and_yarn group with 2 updates in the /packages/site directory: gatsby and gatsby-plugin-sharp.

Updates semver from 6.3.0 to 6.3.1

Release notes

Sourced from semver's releases.

v6.3.1

6.3.1 (2023-07-10)

Bug Fixes

• 928e56d #591 better handling of whitespace (#591) (@​lukekarrys, @​joaomoreno, @​nicolo-ribaudo)

Changelog

Sourced from semver's changelog.

6.3.1 (2023-07-10)

Bug Fixes

• 928e56d #591 better handling of whitespace (#591) (@​lukekarrys, @​joaomoreno, @​nicolo-ribaudo)

6.2.0

• Coerce numbers to strings when passed to semver.coerce()
• Add rtl option to coerce from right to left

6.1.3

• Handle X-ranges properly in includePrerelease mode

6.1.2

• Do not throw when testing invalid version strings

6.1.1

• Add options support for semver.coerce()
• Handle undefined version passed to Range.test

6.1.0

• Add semver.compareBuild function
• Support * in semver.intersects

6.0

• Fix intersects logic.

  This is technically a bug fix, but since it is also a change to behavior that may require users updating their code, it is marked as a major version increment.

5.7

• Add minVersion method

5.6

• Move boolean loose param to an options object, with backwards-compatibility protection.
• Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

... (truncated)

Commits

• 44d27bc chore: release 6.3.1
• 928e56d fix: better handling of whitespace (#591)
• 39f6326 chore: @​npmcli/template-oss@​4.16.0
• See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates shelljs from 0.8.3 to 0.8.5

Release notes

Sourced from shelljs's releases.

v0.8.5

This was a small security fix for #1058.

v0.8.4

Small patch release to fix a circular dependency warning in node v14. See #973.

Changelog

Sourced from shelljs's changelog.

Change Log

Unreleased

Full Changelog

Closed issues:

• find returns empty array even though directory has files #922
• exec() should support node v10 (maxbuffer change) #915
• grep exit status and extra newlines #900
• Travis CI currently broken #893
• Drop node v4 support #873
• cp -Ru respects the -R but not the -u #808

Merged pull requests:

• feat(options): initial support for long options #926 (nfischer)
• test(touch): add coverage for -d option #925 (nfischer)
• chore(node): add v10 and v11 to CI #921 (nfischer)
• chore(test): no coverage by default #920 (nfischer)
• fix(exec): consistent error message for maxBuffer #919 (nfischer)
• chore(node): drop node v4 and v5 #917 (nfischer)
• chore: script to bump supported node versions #913 (nfischer)
• chore(npm): remove lockfile #911 (nfischer)
• ci: change language to node_js and remove obsolete scripts #910 (DanielRuf)
• chore: remove gitter integration #907 (nfischer)
• fix: Exit 1 with empty string if no match #901 (wyardley)
• feat(cp): support update flag when recursing #889 (joshi-sh)

Commits

• 70668a4 0.8.5
• d919d22 fix(exec): lockdown file permissions (#1060)
• fcf1651 0.8.4
• a1111ee Silence potentially upcoming circular dependency warning (#973)
• See full diff in compare view

Updates simple-git from 1.126.0 to 3.16.0

Release notes

Sourced from simple-git's releases.

[email protected]

Minor Changes

• 97fde2c: Support the use of -B in place of the default -b in checkout methods
• 0a623e5: Adds vulnerability detection to prevent use of --upload-pack and --receive-pack without explicitly opting in.

Patch Changes

• ec97a39: Include restricting the use of git push --exec with other allowUnsafePack exclusions, thanks to @​stsewd for the suggestion.

[email protected]

Patch Changes

• de570ac: Resolves an issue whereby non-strings can be passed into the config switch detector.

[email protected]

Minor Changes

• 7746480: Disables the use of inline configuration arguments to prevent unitentionally allowing non-standard remote protocols without explicitly opting in to this practice with the new allowUnsafeProtocolOverride property having been enabled.

Patch Changes

• 7746480: - Upgrade repo dependencies - lerna and jest
  • Include node@19 in the test matrix

[email protected]

Patch Changes

• 5a2e7e4: Add version parsing support for non-numeric patches (including "built from source" style 1.11.GIT)

[email protected]

Minor Changes

• 19029fc: Create the abort plugin to allow cancelling all pending and future tasks.
• 4259b26: Add .version to return git version information, including whether the git binary is installed.

[email protected]

Minor Changes

• 87b0d75: Increase the level of deprecation notices for use of simple-git/promise, which will be fully removed in the next major
• d0dceda: Allow supplying just one of to/from in the options supplied to git.log

Patch Changes

• 6b3e05c: Use shared test utilities bundle in simple-git tests, to enable consistent testing across packages in the future

[email protected]

Minor Changes

• bfd652b: Add a new configuration option to enable trimming white-space from the response to git.raw

... (truncated)

Changelog

Sourced from simple-git's changelog.

3.16.0

Minor Changes

• 97fde2c: Support the use of -B in place of the default -b in checkout methods
• 0a623e5: Adds vulnerability detection to prevent use of --upload-pack and --receive-pack without explicitly opting in.

Patch Changes

• ec97a39: Include restricting the use of git push --exec with other allowUnsafePack exclusions, thanks to @​stsewd for the suggestion.

3.15.1

Patch Changes

• de570ac: Resolves an issue whereby non-strings can be passed into the config switch detector.

3.15.0

Minor Changes

• 7746480: Disables the use of inline configuration arguments to prevent unitentionally allowing non-standard remote protocols without explicitly opting in to this practice with the new allowUnsafeProtocolOverride property having been enabled.

Patch Changes

• 7746480: - Upgrade repo dependencies - lerna and jest
  • Include node@19 in the test matrix

3.14.1

Patch Changes

• 5a2e7e4: Add version parsing support for non-numeric patches (including "built from source" style 1.11.GIT)

3.14.0

Minor Changes

• 19029fc: Create the abort plugin to allow cancelling all pending and future tasks.
• 4259b26: Add .version to return git version information, including whether the git binary is installed.

3.13.0

Minor Changes

• 87b0d75: Increase the level of deprecation notices for use of simple-git/promise, which will be fully removed in the next major
• d0dceda: Allow supplying just one of to/from in the options supplied to git.log

Patch Changes

... (truncated)

Commits

• 1a12952 Version Packages
• ec97a39 Block unsafe pack (push --exec) (#882)
• 0a623e5 Feat/unsafe pack (#881)
• 97fde2c Add support for using the -B modifier instead of the default -b when usin...
• edfd459 Update readme.md
• c9fc61f Version Packages
• de570ac Fix/non strings (#867)
• d4764bf Version Packages
• 7746480 Chore: bump lerna, jest and create prettier workflow (#862)
• 6b3c631 Create the unsafe plugin to configure how simple-git treats known potenti...
• Additional commits viewable in compare view

Updates minimatch from 3.0.4 to 3.1.2

Commits

• 699c459 3.1.2
• 2f2b5ff fix: trim pattern
• 25d7c0d 3.1.1
• 55dda29 fix: treat nocase:true as always having magic
• 5e1fb8d 3.1.0
• f8145c5 Add 'allowWindowsEscape' option
• 570e8b1 add publishConfig for v3 publishes
• 5b7cd33 3.0.6
• 20b4b56 [fix] revert all breaking syntax changes
• 2ff0388 document, expose, and test 'partial:true' option
• Additional commits viewable in compare view

Updates node-fetch from 2.6.5 to 2.7.0

Release notes

Sourced from node-fetch's releases.

v2.7.0

2.7.0 (2023-08-23)

Features

• AbortError (#1744) (9b9d458)

v2.6.13

2.6.13 (2023-08-18)

Bug Fixes

• Remove the default connection close header (#1765) (65ae25a), closes #1735 #1473 #1736

v2.6.12

2.6.12 (2023-06-29)

Bug Fixes

• socket variable testing for undefined (#1726) (8bc3a7c)

v2.6.11

2.6.11 (2023-05-09)

Reverts

• Revert "fix: handle bom in text and json (#1739)" (#1741) (afb36f6), closes #1739 #1741

v2.6.10

2.6.10 (2023-05-08)

Bug Fixes

• handle bom in text and json (#1739) (29909d7)

v2.6.9

2.6.9 (2023-01-30)

Bug Fixes

• "global is not defined" (#1704) (70f592d)

v2.6.8

2.6.8 (2023-01-13)

... (truncated)

Commits

• 9b9d458 feat: AbortError (#1744)
• 65ae25a fix: Remove the default connection close header (#1765)
• 8bc3a7c fix: socket variable testing for undefined (#1726)
• afb36f6 Revert "fix: handle bom in text and json (#1739)" (#1741)
• 29909d7 fix: handle bom in text and json (#1739)
• 70f592d fix: "global is not defined" (#1704)
• 0f1ebb0 Prevent error when response is null (#1699)
• 6e9464d ci(release): install dependencies
• dd2a0ba ci(release): install dependencies
• 49bef02 ci(release): use latest Node LTS
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by node-fetch-bot, a new releaser for node-fetch since your current version.

Updates gatsby from 2.25.4 to 5.13.3

Release notes

Sourced from gatsby's releases.

v5.13.0

Welcome to [email protected] release (December 2023 #1)

Key highlight of this release:

• Custom Image and File CDN URL generators

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to [email protected] release (August 2023 #1)

Key highlight of this release:

• Adapters

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to [email protected] release (June 2023 #1)

Key highlights of this release:

• RFC: Adapters
• gatsby-source-wordpress: Support for multiple instances

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to [email protected] release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to [email protected] release (April 2023 #1)

... (truncated)

Commits

• b4ce9e6 chore(release): Publish
• c50e8f2 fix: add missing fs method rewrites to handle fetchRemoteFile in dsg/ssr engi...
• d328fd8 perf: use must-revalidate cache-control header as common and only create head...
• b24134d chore(release): Publish
• c74745c fix(gatsby): support builtin modules prefixed with node: on build-html (#...
• c9f8c24 chore: swap babel-plugin-lodash with updated version that doesn't use depreca...
• fc0eea1 fix(gatsby): fix webpack compilation when pnpm is used (#38757) (#38804)
• f6ed443 fix(gatsby): try to automatically recover when parcel segfaults (#38773) (#38...
• 68b0821 fix(gatsby): more robust adapter zero-conf handling (#38778) (#38800)
• 366b54c chore(release): Publish
• Additional commits viewable in compare view

Updates gatsby-plugin-sharp from 2.14.4 to 5.13.1

Release notes

Sourced from gatsby-plugin-sharp's releases.

v5.13.0

Welcome to [email protected] release (December 2023 #1)

Key highlight of this release:

• Custom Image and File CDN URL generators

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to [email protected] release (August 2023 #1)

Key highlight of this release:

• Adapters

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to [email protected] release (June 2023 #1)

Key highlights of this release:

• RFC: Adapters
• gatsby-source-wordpress: Support for multiple instances

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to [email protected] release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to [email protected] release (April 2023 #1)

... (truncated)

Changelog

Sourced from gatsby-plugin-sharp's changelog.

5.13.1 (2024-01-23)

Note: Version bump only for package gatsby-plugin-sharp

5.13.0 (2023-12-18)

🧾 Release notes

Chores

• upgrade sharp to latest v0.32.6 #38374 (ca15ef3)

5.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-sharp

5.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-sharp

5.12.1 (2023-10-09)

Chores

• upgrade sharp to latest v0.32.6 #38374 #38617 (f1a4107)

5.12.0 (2023-08-24)

🧾 Release notes

Bug Fixes

• update dependency semver to ^7.5.3 #38296 (11e64e2)

5.11.0 (2023-06-15)

🧾 Release notes

Chores

• update semver #38171 (208cdef)

5.10.0 (2023-05-16)

🧾 Release notes

Bug Fixes

• update dependency sharp to ^0.32.1 #38024 (d7cccfe)
• update dependency semver to ^7.5.0 #38023 (2564f6b)

... (truncated)

Commits

• b24134d chore(release): Publish
• 18ffcfa chore(release): Publish
• 26871b8 chore(release): Publish next
• 9a26700 chore(changelogs): update changelogs (#38667)
• 7ba63eb chore(changelogs): update changelogs (#38658)
• d90d747 chore(changelogs): update changelogs (#38642)
• ca15ef3 chore(deps): upgrade sharp to latest v0.32.6 (#38374)
• db248ab chore(changelogs): update changelogs (#38526)
• e6e2fb4 chore(release): Publish next pre-minor
• 1ebae56 chore(release): Publish next
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.