Bump the npm_and_yarn group group with 7 updates (#2982)

Bumps the npm_and_yarn group group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) |
`5.0.11` | `5.0.12` |
|
[wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler)
| `3.16.0` | `3.19.0` |
| [semver](https://github.com/npm/node-semver) | `7.5.4` | `7.6.0` |
| [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.62` | `0.10.64`
|
| [ip](https://github.com/indutny/node-ip) | `1.1.8` | `1.1.9` |
|
[miniflare](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare)
| `3.20231030.0` | `3.20231030.3` |
| [undici](https://github.com/nodejs/undici) | `5.28.2` | `5.28.3` |

Updates `vite` from 5.0.11 to 5.0.12
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v5.0.12/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.0.12 (2024-01-19)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: await <code>configResolved</code> hooks of worker plugins (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15597">#15597</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15605">#15605</a>)
(<a href="https://github.com/vitejs/vite/commit/ef89f80">ef89f80</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15597">#15597</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/15605">#15605</a></li>
<li>fix: fs deny for case insensitive systems (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15653">#15653</a>)
(<a href="https://github.com/vitejs/vite/commit/91641c4">91641c4</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15653">#15653</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ee81e19676"><code>ee81e19</code></a>
release: v5.0.12</li>
<li><a
href="91641c4da0"><code>91641c4</code></a>
fix: fs deny for case insensitive systems (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15653">#15653</a>)</li>
<li><a
href="ef89f8092f"><code>ef89f80</code></a>
fix: await <code>configResolved</code> hooks of worker plugins (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15597">#15597</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15605">#15605</a>)</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite/commits/v5.0.12/packages/vite">compare
view</a></li>
</ul>
</details>
<br />

Updates `wrangler` from 3.16.0 to 3.19.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cloudflare/workers-sdk/releases">wrangler's
releases</a>.</em></p>
<blockquote>
<h2>wrangler@3.19.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4547">#4547</a>
<a
href="86c81ff0d5"><code>86c81ff0</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: listen on IPv4 loopback only by default on Windows</p>
<p>Due to a <a
href="https://redirect.github.com/cloudflare/workerd/issues/1408">known
issue</a>, <code>workerd</code> will only listen on the IPv4 loopback
address <code>127.0.0.1</code> when it's asked to listen on
<code>localhost</code>. On Node.js &gt; 17, <code>localhost</code> will
resolve to the IPv6 loopback address, meaning requests to
<code>workerd</code> would fail. This change switches to using the IPv4
loopback address throughout Wrangler on Windows, while <a
href="https://redirect.github.com/cloudflare/workerd/issues/1408">workerd#1408</a>
gets fixed.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4535">#4535</a>
<a
href="29df8e1754"><code>29df8e17</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
Reintroduces some internal refactorings of wrangler dev servers
(including <code>wrangler dev</code>, <code>wrangler dev
--remote</code>, and <code>unstable_dev()</code>).</p>
<p>These changes were released in 3.13.0 and reverted in 3.13.1 -- we
believe the changes are now more stable and ready for release again.</p>
<p>There are no changes required for developers to opt-in. Improvements
include:</p>
<ul>
<li>fewer 'address in use' errors upon reloads</li>
<li>upon config/source file changes, requests are buffered to guarantee
the response is from the new version of the Worker</li>
</ul>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4521">#4521</a>
<a
href="6c5bc704c5"><code>6c5bc704</code></a>
Thanks <a href="https://github.com/zebp"><code>@​zebp</code></a>! - fix:
init from dash specifying explicit usage model in wrangler.toml for
standard users</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550">#4550</a>
<a
href="63708a94fb"><code>63708a94</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: validate <code>Host</code> and <code>Orgin</code> headers where
appropriate</p>
<p><code>Host</code> and <code>Origin</code> headers are now checked
when connecting to the inspector and Miniflare's magic proxy. If these
don't match what's expected, the request will fail.</p>
</li>
<li>
<p>Updated dependencies [<a
href="71fb0b86cf"><code>71fb0b86</code></a>,
<a
href="63708a94fb"><code>63708a94</code></a>]:</p>
<ul>
<li>miniflare@3.20231030.3</li>
</ul>
</li>
</ul>
<h2>wrangler@3.18.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4532">#4532</a>
<a
href="311ffbd506"><code>311ffbd5</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: change <code>wrangler (pages) dev</code> to listen on
<code>localhost</code> by default</p>
<p>Previously, Wrangler listened on all interfaces (<code>*</code>) by
default. This change switches <code>wrangler (pages) dev</code> to just
listen on local interfaces. Whilst this is technically a breaking
change, we've decided the security benefits outweigh the potential
disruption caused. If you need to access your dev server from another
device on your network, you can use <code>wrangler (pages) dev --ip
*</code> to restore the previous behaviour.</p>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [<a
href="1b34878287"><code>1b348782</code></a>]:
<ul>
<li>miniflare@3.20231030.2</li>
</ul>
</li>
</ul>
<h2>wrangler@3.17.1</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4474">#4474</a>
<a
href="382ef8f580"><code>382ef8f5</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: open browser to correct url pressing <code>b</code> in
<code>--remote</code> mode</p>
<p>This change ensures Wrangler doesn't try to open
<code>http://*</code> when <code>*</code> is used as the dev server's
hostname. Instead, Wrangler will now open
<code>http://127.0.0.1</code>.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4488">#4488</a>
<a
href="3bd5723852"><code>3bd57238</code></a>
Thanks <a
href="https://github.com/RamIdeas"><code>@​RamIdeas</code></a>! -
Changes the default directory for log files to workaround frameworks
that are watching the entire <code>.wrangler</code> directory in the
project root for changes</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/cloudflare/workers-sdk/blob/main/packages/wrangler/CHANGELOG.md">wrangler's
changelog</a>.</em></p>
<blockquote>
<h2>3.19.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4547">#4547</a>
<a
href="86c81ff0d5"><code>86c81ff0</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: listen on IPv4 loopback only by default on Windows</p>
<p>Due to a <a
href="https://redirect.github.com/cloudflare/workerd/issues/1408">known
issue</a>, <code>workerd</code> will only listen on the IPv4 loopback
address <code>127.0.0.1</code> when it's asked to listen on
<code>localhost</code>. On Node.js &gt; 17, <code>localhost</code> will
resolve to the IPv6 loopback address, meaning requests to
<code>workerd</code> would fail. This change switches to using the IPv4
loopback address throughout Wrangler on Windows, while <a
href="https://redirect.github.com/cloudflare/workerd/issues/1408">workerd#1408</a>
gets fixed.</p>
</li>
</ul>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4535">#4535</a>
<a
href="29df8e1754"><code>29df8e17</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
Reintroduces some internal refactorings of wrangler dev servers
(including <code>wrangler dev</code>, <code>wrangler dev
--remote</code>, and <code>unstable_dev()</code>).</p>
<p>These changes were released in 3.13.0 and reverted in 3.13.1 -- we
believe the changes are now more stable and ready for release again.</p>
<p>There are no changes required for developers to opt-in. Improvements
include:</p>
<ul>
<li>fewer 'address in use' errors upon reloads</li>
<li>upon config/source file changes, requests are buffered to guarantee
the response is from the new version of the Worker</li>
</ul>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4521">#4521</a>
<a
href="6c5bc704c5"><code>6c5bc704</code></a>
Thanks <a href="https://github.com/zebp"><code>@​zebp</code></a>! - fix:
init from dash specifying explicit usage model in wrangler.toml for
standard users</li>
</ul>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550">#4550</a>
<a
href="63708a94fb"><code>63708a94</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: validate <code>Host</code> and <code>Orgin</code> headers where
appropriate</p>
<p><code>Host</code> and <code>Origin</code> headers are now checked
when connecting to the inspector and Miniflare's magic proxy. If these
don't match what's expected, the request will fail.</p>
</li>
<li>
<p>Updated dependencies [<a
href="71fb0b86cf"><code>71fb0b86</code></a>,
<a
href="63708a94fb"><code>63708a94</code></a>]:</p>
<ul>
<li>miniflare@3.20231030.3</li>
</ul>
</li>
</ul>
<h2>3.18.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4532">#4532</a>
<a
href="311ffbd506"><code>311ffbd5</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: change <code>wrangler (pages) dev</code> to listen on
<code>localhost</code> by default</p>
<p>Previously, Wrangler listened on all interfaces (<code>*</code>) by
default. This change switches <code>wrangler (pages) dev</code> to just
listen on local interfaces. Whilst this is technically a breaking
change, we've decided the security benefits outweigh the potential
disruption caused. If you need to access your dev server from another
device on your network, you can use <code>wrangler (pages) dev --ip
*</code> to restore the previous behaviour.</p>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [<a
href="1b34878287"><code>1b348782</code></a>]:
<ul>
<li>miniflare@3.20231030.2</li>
</ul>
</li>
</ul>
<h2>3.17.1</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4474">#4474</a>
<a
href="382ef8f580"><code>382ef8f5</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: open browser to correct url pressing <code>b</code> in
<code>--remote</code> mode</p>
<p>This change ensures Wrangler doesn't try to open
<code>http://*</code> when <code>*</code> is used as the dev server's
hostname. Instead, Wrangler will now open
<code>http://127.0.0.1</code>.</p>
</li>
</ul>
<ul>
<li><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4488">#4488</a>
<a
href="3bd5723852"><code>3bd57238</code></a>
Thanks <a
href="https://github.com/RamIdeas"><code>@​RamIdeas</code></a>! -
Changes the default directory for log files to workaround frameworks
that are watching the entire <code>.wrangler</code> directory in the
project root for changes</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5e67ea176a"><code>5e67ea1</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4536">#4536</a>)</li>
<li><a
href="63708a94fb"><code>63708a9</code></a>
fix: validate <code>Host</code>/<code>Origin</code> headers in magic
proxy and `InspectorProxyWorke...</li>
<li><a
href="86c81ff0d5"><code>86c81ff</code></a>
fix: listen on IPv4 loopback only by default on Windows (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4547">#4547</a>)</li>
<li><a
href="6c5bc704c5"><code>6c5bc70</code></a>
fix: init from dash using explicit usage model for standard accounts (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4521">#4521</a>)</li>
<li><a
href="29df8e1754"><code>29df8e1</code></a>
Revert &quot;Revert &quot;startDevWorker - Milestone 1 (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4497">#4497</a>)&quot;
(<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4531">#4531</a>)&quot;
(<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4535">#4535</a>)</li>
<li><a
href="97727de053"><code>97727de</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4495">#4495</a>)</li>
<li><a
href="311ffbd506"><code>311ffbd</code></a>
[wrangler] fix: change <code>wrangler (pages) dev</code> to listen on
<code>localhost</code> by def...</li>
<li><a
href="310281a48a"><code>310281a</code></a>
Revert &quot;startDevWorker - Milestone 1 (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4497">#4497</a>)&quot;
(<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4531">#4531</a>)</li>
<li><a
href="01eda78025"><code>01eda78</code></a>
startDevWorker - Milestone 1 (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4497">#4497</a>)</li>
<li><a
href="961c8eaaf3"><code>961c8ea</code></a>
remove unused npx-import dependency (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4477">#4477</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cloudflare/workers-sdk/commits/wrangler@3.19.0/packages/wrangler">compare
view</a></li>
</ul>
</details>
<br />

Updates `semver` from 7.5.4 to 7.6.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/releases">semver's
releases</a>.</em></p>
<blockquote>
<h2>v7.6.0</h2>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0">7.6.0</a>
(2024-01-31)</h2>
<h3>Features</h3>
<ul>
<li><a
href="a7ab13a462"><code>a7ab13a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/671">#671</a>
preserve pre-release and build parts of a version on coerce (<a
href="https://redirect.github.com/npm/node-semver/issues/671">#671</a>)
(<a href="https://github.com/madtisa"><code>@​madtisa</code></a>,
madtisa, <a
href="https://github.com/wraithgar"><code>@​wraithgar</code></a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="816c7b2cbf"><code>816c7b2</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667">#667</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="0bd24d943c"><code>0bd24d9</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667">#667</a>
bump <code>@​npmcli/template-oss</code> from 4.21.1 to 4.21.3 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="e521932f11"><code>e521932</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="8873991808"><code>8873991</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a>
chore: chore: postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="f317dc8689"><code>f317dc8</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a>
bump <code>@​npmcli/template-oss</code> from 4.19.0 to 4.21.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="7303db1fe5"><code>7303db1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/658">#658</a>
add clean() test for build metadata (<a
href="https://redirect.github.com/npm/node-semver/issues/658">#658</a>)
(<a
href="https://github.com/jethrodaniel"><code>@​jethrodaniel</code></a>)</li>
<li><a
href="6240d75a7c"><code>6240d75</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/656">#656</a>
add missing quotes in README.md (<a
href="https://redirect.github.com/npm/node-semver/issues/656">#656</a>)
(<a href="https://github.com/zyxkad"><code>@​zyxkad</code></a>)</li>
<li><a
href="14d263faa1"><code>14d263f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625">#625</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="7c34e1ac1b"><code>7c34e1a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625">#625</a>
bump <code>@​npmcli/template-oss</code> from 4.18.1 to 4.19.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="123e0b0328"><code>123e0b0</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622">#622</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="737d5e1cf1"><code>737d5e1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622">#622</a>
bump <code>@​npmcli/template-oss</code> from 4.18.0 to 4.18.1 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="cce61804ba"><code>cce6180</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598">#598</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="b914a3d0d2"><code>b914a3d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598">#598</a>
bump <code>@​npmcli/template-oss</code> from 4.17.0 to 4.18.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/blob/main/CHANGELOG.md">semver's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0">7.6.0</a>
(2024-01-31)</h2>
<h3>Features</h3>
<ul>
<li><a
href="a7ab13a462"><code>a7ab13a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/671">#671</a>
preserve pre-release and build parts of a version on coerce (<a
href="https://redirect.github.com/npm/node-semver/issues/671">#671</a>)
(<a href="https://github.com/madtisa"><code>@​madtisa</code></a>,
madtisa, <a
href="https://github.com/wraithgar"><code>@​wraithgar</code></a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="816c7b2cbf"><code>816c7b2</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667">#667</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="0bd24d943c"><code>0bd24d9</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667">#667</a>
bump <code>@​npmcli/template-oss</code> from 4.21.1 to 4.21.3 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="e521932f11"><code>e521932</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="8873991808"><code>8873991</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a>
chore: chore: postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="f317dc8689"><code>f317dc8</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a>
bump <code>@​npmcli/template-oss</code> from 4.19.0 to 4.21.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="7303db1fe5"><code>7303db1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/658">#658</a>
add clean() test for build metadata (<a
href="https://redirect.github.com/npm/node-semver/issues/658">#658</a>)
(<a
href="https://github.com/jethrodaniel"><code>@​jethrodaniel</code></a>)</li>
<li><a
href="6240d75a7c"><code>6240d75</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/656">#656</a>
add missing quotes in README.md (<a
href="https://redirect.github.com/npm/node-semver/issues/656">#656</a>)
(<a href="https://github.com/zyxkad"><code>@​zyxkad</code></a>)</li>
<li><a
href="14d263faa1"><code>14d263f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625">#625</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="7c34e1ac1b"><code>7c34e1a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625">#625</a>
bump <code>@​npmcli/template-oss</code> from 4.18.1 to 4.19.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="123e0b0328"><code>123e0b0</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622">#622</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="737d5e1cf1"><code>737d5e1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622">#622</a>
bump <code>@​npmcli/template-oss</code> from 4.18.0 to 4.18.1 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="cce61804ba"><code>cce6180</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598">#598</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="b914a3d0d2"><code>b914a3d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598">#598</a>
bump <code>@​npmcli/template-oss</code> from 4.17.0 to 4.18.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="377f709718"><code>377f709</code></a>
chore: release 7.6.0 (<a
href="https://redirect.github.com/npm/node-semver/issues/661">#661</a>)</li>
<li><a
href="a7ab13a462"><code>a7ab13a</code></a>
feat: preserve pre-release and build parts of a version on coerce (<a
href="https://redirect.github.com/npm/node-semver/issues/671">#671</a>)</li>
<li><a
href="816c7b2cbf"><code>816c7b2</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="0bd24d943c"><code>0bd24d9</code></a>
chore: bump <code>@​npmcli/template-oss</code> from 4.21.1 to
4.21.3</li>
<li><a
href="e521932f11"><code>e521932</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="8873991808"><code>8873991</code></a>
chore: chore: chore: postinstall for dependabot template-oss PR</li>
<li><a
href="f317dc8689"><code>f317dc8</code></a>
chore: bump <code>@​npmcli/template-oss</code> from 4.19.0 to
4.21.0</li>
<li><a
href="7303db1fe5"><code>7303db1</code></a>
chore: add clean() test for build metadata (<a
href="https://redirect.github.com/npm/node-semver/issues/658">#658</a>)</li>
<li><a
href="6240d75a7c"><code>6240d75</code></a>
chore: add missing quotes in README.md (<a
href="https://redirect.github.com/npm/node-semver/issues/656">#656</a>)</li>
<li><a
href="14d263faa1"><code>14d263f</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li>Additional commits viewable in <a
href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `es5-ext` from 0.10.62 to 0.10.64
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/medikoo/es5-ext/releases">es5-ext's
releases</a>.</em></p>
<blockquote>
<h2>0.10.64 (2024-02-27)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Revert update to postinstall script meant to fix Powershell issue,
as it's a regression for some Linux terminals (<a
href="c2e2bb90c2">c2e2bb9</a>)</li>
</ul>
<hr />
<p><a
href="https://github.com/medikoo/es5-ext/compare/v0.10.63...v0.10.64">Comparison
since last release</a></p>
<h2>0.10.63 (2024-02-23)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Do not rely on problematic regex (<a
href="3551cdd7b2">3551cdd</a>),
addresses <a
href="https://redirect.github.com/medikoo/es5-ext/issues/201">#201</a></li>
<li>Support ES2015+ function definitions in
<code>function#toStringTokens()</code> (<a
href="a52e957366">a52e957</a>),
addresses <a
href="https://redirect.github.com/medikoo/es5-ext/issues/021">#021</a></li>
<li>Ensure postinstall script does not crash on Windows, fixes <a
href="https://redirect.github.com/medikoo/es5-ext/issues/181">#181</a>
(<a
href="bf8ed799d5">bf8ed79</a>)</li>
</ul>
<h3>Maintenance Improvements</h3>
<ul>
<li>Simplify the manifest message (<a
href="7855319f41">7855319</a>)</li>
</ul>
<hr />
<p><a
href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.63">Comparison
since last release</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md">es5-ext's
changelog</a>.</em></p>
<blockquote>
<h3><a
href="https://github.com/medikoo/es5-ext/compare/v0.10.63...v0.10.64">0.10.64</a>
(2024-02-27)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>Revert update to postinstall script meant to fix Powershell issue,
as it's a regression for some Linux terminals (<a
href="c2e2bb90c2">c2e2bb9</a>)</li>
</ul>
<h3><a
href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.63">0.10.63</a>
(2024-02-23)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>Do not rely on problematic regex (<a
href="3551cdd7b2">3551cdd</a>),
addresses <a
href="https://redirect.github.com/medikoo/es5-ext/issues/201">#201</a></li>
<li>Support ES2015+ function definitions in
<code>function#toStringTokens()</code> (<a
href="a52e957366">a52e957</a>),
addresses <a
href="https://redirect.github.com/medikoo/es5-ext/issues/021">#021</a></li>
<li>Ensure postinstall script does not crash on Windows, fixes <a
href="https://redirect.github.com/medikoo/es5-ext/issues/181">#181</a>
(<a
href="bf8ed799d5">bf8ed79</a>)</li>
</ul>
<h3>Maintenance Improvements</h3>
<ul>
<li>Simplify the manifest message (<a
href="7855319f41">7855319</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f76b03d8c4"><code>f76b03d</code></a>
chore: Release v0.10.64</li>
<li><a
href="2881acda50"><code>2881acd</code></a>
chore: Bump dependencies</li>
<li><a
href="c2e2bb90c2"><code>c2e2bb9</code></a>
fix: Revert update meant to fix Powershell issue, as it's a
regression</li>
<li><a
href="16f2b7253d"><code>16f2b72</code></a>
docs: Fix date in the changelog</li>
<li><a
href="de4e03c477"><code>de4e03c</code></a>
chore: Release v0.10.63</li>
<li><a
href="3fd53b755e"><code>3fd53b7</code></a>
chore: Upgrade<code> lint-staged</code> to v13</li>
<li><a
href="bf8ed799d5"><code>bf8ed79</code></a>
chore: Ensure postinstall script does not crash on Windows</li>
<li><a
href="2cbbb0717b"><code>2cbbb07</code></a>
chore: Bump dependencies</li>
<li><a
href="22d0416ea1"><code>22d0416</code></a>
chore: Bump LICENSE year</li>
<li><a
href="a52e957366"><code>a52e957</code></a>
fix: Support ES2015+ function definitions in
<code>function#toStringTokens()</code></li>
<li>Additional commits viewable in <a
href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.64">compare
view</a></li>
</ul>
</details>
<br />

Updates `ip` from 1.1.8 to 1.1.9
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1ecbf2fd8c"><code>1ecbf2f</code></a>
1.1.9</li>
<li><a
href="6a3ada9b47"><code>6a3ada9</code></a>
lib: fixed CVE-2023-42282 and added unit test</li>
<li>See full diff in <a
href="https://github.com/indutny/node-ip/compare/v1.1.8...v1.1.9">compare
view</a></li>
</ul>
</details>
<br />

Updates `miniflare` from 3.20231030.0 to 3.20231030.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cloudflare/workers-sdk/releases">miniflare's
releases</a>.</em></p>
<blockquote>
<h2>miniflare@3.20231030.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4466">#4466</a>
<a
href="71fb0b86cf"><code>71fb0b86</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: ensure unused KV and Cache blobs cleaned up</p>
<p>When storing data in KV, Cache and R2, Miniflare uses both an SQL
database and separate blob store. When writing a key/value pair, a blob
is created for the new value and the old blob for the previous value (if
any) is deleted. A few months ago, we introduced a change that prevented
old blobs being deleted for KV and Cache. R2 was unaffected. This
shouldn't have caused any problems, but could lead to persistence
directories growing unnecessarily as they filled up with garbage blobs.
This change ensures garbage blobs are deleted.</p>
<p>Note existing garbage will not be cleaned up. If you'd like to do
this, download this Node script (<a
href="https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076">https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076</a>).
If you're using the default Wrangler persistence directory, run
<code>node gc.mjs kv .wrangler/state/v3/kv &lt;namespace_id_1&gt;
&lt;namespace_id_2&gt; ...</code> and <code>node gc.mjs cache
.wrangler/state/v3/cache default named:&lt;cache_name_1&gt;
named:&lt;cache_name_2&gt; ...</code> with each of your KV namespace IDs
(not binding names) and named caches.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550">#4550</a>
<a
href="63708a94fb"><code>63708a94</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: validate <code>Host</code> and <code>Orgin</code> headers where
appropriate</p>
<p><code>Host</code> and <code>Origin</code> headers are now checked
when connecting to the inspector and Miniflare's magic proxy. If these
don't match what's expected, the request will fail.</p>
</li>
</ul>
<h2>miniflare@3.20231030.2</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4505">#4505</a>
<a
href="1b34878287"><code>1b348782</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: remove <code>__STATIC_CONTENT_MANIFEST</code> from module worker
<code>env</code></p>
<p>When using Workers Sites with a module worker, the asset manifest
must be imported from the <code>__STATIC_CONTENT_MANIFEST</code> virtual
module. Miniflare provided this module, but also erroneously added
<code>__STATIC_CONTENT_MANIFEST</code> to the <code>env</code> object
too. Whilst this didn't break anything locally, it could cause users to
develop Workers that ran locally, but not when deployed. This change
ensures <code>env</code> doesn't contain
<code>__STATIC_CONTENT_MANIFEST</code>.</p>
</li>
</ul>
<h2>miniflare@3.20231030.1</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4348">#4348</a>
<a
href="be2b9cf5a9"><code>be2b9cf5</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
feat: add support for wrapped bindings</p>
<p>This change adds a new <code>wrappedBindings</code> worker option for
configuring
<code>workerd</code>'s <a
href="bfcef2d850/src/workerd/server/workerd.capnp (L469-L487)">wrapped
bindings</a>.
These allow custom bindings to be written as JavaScript functions
accepting an
<code>env</code> parameter of &quot;inner bindings&quot; and returning
the value to bind. For more
details, refer to the <a
href="https://github.com/cloudflare/workers-sdk/blob/main/packages/miniflare/README.md#core">API
docs</a>.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4341">#4341</a>
<a
href="d990874338"><code>d9908743</code></a>
Thanks <a
href="https://github.com/RamIdeas"><code>@​RamIdeas</code></a>! - Added
a <code>handleRuntimeStdio</code> which enables wrangler (or any other
direct use of Miniflare) to handle the <code>stdout</code> and
<code>stderr</code> streams from the workerd child process. By default,
if this option is not provided, the previous behaviour is retained which
splits the streams into lines and calls
<code>console.log</code>/<code>console.error</code>.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/cloudflare/workers-sdk/blob/main/packages/miniflare/CHANGELOG.md">miniflare's
changelog</a>.</em></p>
<blockquote>
<h2>3.20231030.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4466">#4466</a>
<a
href="71fb0b86cf"><code>71fb0b86</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: ensure unused KV and Cache blobs cleaned up</p>
<p>When storing data in KV, Cache and R2, Miniflare uses both an SQL
database and separate blob store. When writing a key/value pair, a blob
is created for the new value and the old blob for the previous value (if
any) is deleted. A few months ago, we introduced a change that prevented
old blobs being deleted for KV and Cache. R2 was unaffected. This
shouldn't have caused any problems, but could lead to persistence
directories growing unnecessarily as they filled up with garbage blobs.
This change ensures garbage blobs are deleted.</p>
<p>Note existing garbage will not be cleaned up. If you'd like to do
this, download this Node script (<a
href="https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076">https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076</a>).
If you're using the default Wrangler persistence directory, run
<code>node gc.mjs kv .wrangler/state/v3/kv &lt;namespace_id_1&gt;
&lt;namespace_id_2&gt; ...</code> and <code>node gc.mjs cache
.wrangler/state/v3/cache default named:&lt;cache_name_1&gt;
named:&lt;cache_name_2&gt; ...</code> with each of your KV namespace IDs
(not binding names) and named caches.</p>
</li>
</ul>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550">#4550</a>
<a
href="63708a94fb"><code>63708a94</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: validate <code>Host</code> and <code>Orgin</code> headers where
appropriate</p>
<p><code>Host</code> and <code>Origin</code> headers are now checked
when connecting to the inspector and Miniflare's magic proxy. If these
don't match what's expected, the request will fail.</p>
</li>
</ul>
<h2>3.20231030.2</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4505">#4505</a>
<a
href="1b34878287"><code>1b348782</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: remove <code>__STATIC_CONTENT_MANIFEST</code> from module worker
<code>env</code></p>
<p>When using Workers Sites with a module worker, the asset manifest
must be imported from the <code>__STATIC_CONTENT_MANIFEST</code> virtual
module. Miniflare provided this module, but also erroneously added
<code>__STATIC_CONTENT_MANIFEST</code> to the <code>env</code> object
too. Whilst this didn't break anything locally, it could cause users to
develop Workers that ran locally, but not when deployed. This change
ensures <code>env</code> doesn't contain
<code>__STATIC_CONTENT_MANIFEST</code>.</p>
</li>
</ul>
<h2>3.20231030.1</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4348">#4348</a>
<a
href="be2b9cf5a9"><code>be2b9cf5</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
feat: add support for wrapped bindings</p>
<p>This change adds a new <code>wrappedBindings</code> worker option for
configuring
<code>workerd</code>'s <a
href="bfcef2d850/src/workerd/server/workerd.capnp (L469-L487)">wrapped
bindings</a>.
These allow custom bindings to be written as JavaScript functions
accepting an
<code>env</code> parameter of &quot;inner bindings&quot; and returning
the value to bind. For more
details, refer to the <a
href="https://github.com/cloudflare/workers-sdk/blob/main/packages/miniflare/README.md#core">API
docs</a>.</p>
</li>
</ul>
<ul>
<li><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4341">#4341</a>
<a
href="d990874338"><code>d9908743</code></a>
Thanks <a
href="https://github.com/RamIdeas"><code>@​RamIdeas</code></a>! - Added
a <code>handleRuntimeStdio</code> which enables wrangler (or any other
direct use of Miniflare) to handle the <code>stdout</code> and
<code>stderr</code> streams from the workerd child process. By default,
if this option is not provided, the previous behaviour is retained which
splits the streams into lines and calls
<code>console.log</code>/<code>console.error</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5e67ea176a"><code>5e67ea1</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4536">#4536</a>)</li>
<li><a
href="63708a94fb"><code>63708a9</code></a>
fix: validate <code>Host</code>/<code>Origin</code> headers in magic
proxy and `InspectorProxyWorke...</li>
<li><a
href="71fb0b86cf"><code>71fb0b8</code></a>
fix: ensure unused KV and Cache blobs cleaned up (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4466">#4466</a>)</li>
<li><a
href="97727de053"><code>97727de</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4495">#4495</a>)</li>
<li><a
href="311ffbd506"><code>311ffbd</code></a>
[wrangler] fix: change <code>wrangler (pages) dev</code> to listen on
<code>localhost</code> by def...</li>
<li><a
href="1b34878287"><code>1b34878</code></a>
fix: remove <code>__STATIC_CONTENT_MANIFEST</code> from module worker
<code>env</code> (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4505">#4505</a>)</li>
<li><a
href="f728503bd3"><code>f728503</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4463">#4463</a>)</li>
<li><a
href="be2b9cf5a9"><code>be2b9cf</code></a>
feat: add support for wrapped bindings (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4348">#4348</a>)</li>
<li><a
href="d990874338"><code>d990874</code></a>
Intercept workerd logs + write all debug logs to a hidden file (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4341">#4341</a>)</li>
<li>See full diff in <a
href="https://github.com/cloudflare/workers-sdk/commits/miniflare@3.20231030.3/packages/miniflare">compare
view</a></li>
</ul>
</details>
<br />

Updates `undici` from 5.28.2 to 5.28.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nodejs/undici/releases">undici's
releases</a>.</em></p>
<blockquote>
<h2>v5.28.3</h2>
<h2>⚠️ Security Release ⚠️</h2>
<p>Fixes:</p>
<ul>
<li><a
href="https://github.com/nodejs/undici/security/advisories/GHSA-3787-6prv-h9w3">CVE-2024-24758
Proxy-Authorization header not cleared on cross-origin redirect in
fetch</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3">https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e71cb4c88f"><code>e71cb4c</code></a>
Bumped v5.28.3</li>
<li><a
href="20c65b89f4"><code>20c65b8</code></a>
Fix tests for Node.js v20.11.0 (<a
href="https://redirect.github.com/nodejs/undici/issues/2618">#2618</a>)</li>
<li><a
href="8ec52cde66"><code>8ec52cd</code></a>
Fix tests for Node.js v21 (<a
href="https://redirect.github.com/nodejs/undici/issues/2609">#2609</a>)</li>
<li><a
href="d3aa574b12"><code>d3aa574</code></a>
Merge pull request from GHSA-3787-6prv-h9w3</li>
<li>See full diff in <a
href="https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts).

</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mitja Bezenšek <mitja.bezensek@gmail.com>

apps/dotcom-asset-upload/package.json

@@ -23,7 +23,7 @@
 		"@cloudflare/workers-types": "^4.20230821.0",
 		"@types/ws": "^8.5.9",
 		"lazyrepo": "0.0.0-alpha.27",
-		"wrangler": "3.16.0"
+		"wrangler": "3.19.0"
 	},
 	"jest": {
 		"preset": "config/jest/node",

apps/dotcom-worker/package.json

@@ -41,7 +41,7 @@
 		"lazyrepo": "0.0.0-alpha.27",
 		"picocolors": "^1.0.0",
 		"typescript": "^5.3.3",
-		"wrangler": "3.16.0"
+		"wrangler": "3.19.0"
 	},
 	"jest": {
 		"preset": "config/jest/node",

apps/health-worker/package.json

@@ -16,6 +16,6 @@
 		"@types/node": "~20.11",
 		"discord-api-types": "^0.37.67",
 		"typescript": "^5.3.3",
-		"wrangler": "3.16.0"
+		"wrangler": "3.19.0"
 	}
 }

yarn.lock

@@ -7230,7 +7230,7 @@ __metadata:
     strip-ansi: "npm:^7.1.0"
     toucan-js: "npm:^2.7.0"
     typescript: "npm:^5.3.3"
-    wrangler: "npm:3.16.0"
+    wrangler: "npm:3.19.0"
   languageName: unknown
   linkType: soft
 
@@ -11608,7 +11608,7 @@ __metadata:
     itty-cors: "npm:^0.3.4"
     itty-router: "npm:^4.0.13"
     lazyrepo: "npm:0.0.0-alpha.27"
-    wrangler: "npm:3.16.0"
+    wrangler: "npm:3.19.0"
   languageName: unknown
   linkType: soft
 
@@ -12028,14 +12028,15 @@ __metadata:
   languageName: node
   linkType: hard
 
-"es5-ext@npm:^0.10.35, es5-ext@npm:^0.10.50":
-  version: 0.10.62
-  resolution: "es5-ext@npm:0.10.62"
+"es5-ext@npm:^0.10.35, es5-ext@npm:^0.10.50, es5-ext@npm:^0.10.62, es5-ext@npm:~0.10.14":
+  version: 0.10.64
+  resolution: "es5-ext@npm:0.10.64"
   dependencies:
     es6-iterator: "npm:^2.0.3"
     es6-symbol: "npm:^3.1.3"
+    esniff: "npm:^2.0.1"
     next-tick: "npm:^1.1.0"
-  checksum: 3f6a3bcdb7ff82aaf65265799729828023c687a2645da04005b8f1dc6676a0c41fd06571b2517f89dcf143e0268d3d9ef0fdfd536ab74580083204c688d6fb45
+  checksum: 0c5d8657708b1695ddc4b06f4e0b9fbdda4d2fe46d037b6bedb49a7d1931e542ec9eecf4824d59e1d357e93229deab014bb4b86485db2d41b1d68e54439689ce
   languageName: node
   linkType: hard
 
@@ -13011,6 +13012,18 @@ __metadata:
   languageName: node
   linkType: hard
 
+"esniff@npm:^2.0.1":
+  version: 2.0.1
+  resolution: "esniff@npm:2.0.1"
+  dependencies:
+    d: "npm:^1.0.1"
+    es5-ext: "npm:^0.10.62"
+    event-emitter: "npm:^0.3.5"
+    type: "npm:^2.7.2"
+  checksum: f6a2abd2f8c5fe57c5fcf53e5407c278023313d0f6c3a92688e7122ab9ac233029fd424508a196ae5bc561aa1f67d23f4e2435b1a0d378030f476596129056ac
+  languageName: node
+  linkType: hard
+
 "espree@npm:^9.6.0, espree@npm:^9.6.1":
   version: 9.6.1
   resolution: "espree@npm:9.6.1"
@@ -13175,6 +13188,16 @@ __metadata:
   languageName: node
   linkType: hard
 
+"event-emitter@npm:^0.3.5":
+  version: 0.3.5
+  resolution: "event-emitter@npm:0.3.5"
+  dependencies:
+    d: "npm:1"
+    es5-ext: "npm:~0.10.14"
+  checksum: a7f5ea80029193f4869782d34ef7eb43baa49cd397013add1953491b24588468efbe7e3cc9eb87d53f33397e7aab690fd74c079ec440bf8b12856f6bdb6e9396
+  languageName: node
+  linkType: hard
+
 "event-target-shim@npm:^5.0.0":
   version: 5.0.1
   resolution: "event-target-shim@npm:5.0.1"
@@ -14750,7 +14773,7 @@ __metadata:
     "@types/node": "npm:~20.11"
     discord-api-types: "npm:^0.37.67"
     typescript: "npm:^5.3.3"
-    wrangler: "npm:3.16.0"
+    wrangler: "npm:3.19.0"
   languageName: unknown
   linkType: soft
 
@@ -15210,9 +15233,9 @@ __metadata:
   linkType: hard
 
 "ip@npm:^1.1.5":
-  version: 1.1.8
-  resolution: "ip@npm:1.1.8"
-  checksum: 52975ebf84a090162d561fc6948fbc4c53775a8054c05371f09cfcb40e30a53aa225b4efb624f630cff5af2dd8124c82dd68e4df065dc1d1ca91d04e850e9cde
+  version: 1.1.9
+  resolution: "ip@npm:1.1.9"
+  checksum: 29261559b806f64929ada21e6d7e3bf4e67f2b43a4cb67500fdb72cead2e655ce97451a2e325eca3f404081c634ff5c3a68472814744b7f2148ddffc0fdfe66c
   languageName: node
   linkType: hard
 
@@ -18465,9 +18488,9 @@ __metadata:
   languageName: node
   linkType: hard
 
-"miniflare@npm:3.20231030.0":
-  version: 3.20231030.0
-  resolution: "miniflare@npm:3.20231030.0"
+"miniflare@npm:3.20231030.3":
+  version: 3.20231030.3
+  resolution: "miniflare@npm:3.20231030.3"
   dependencies:
     acorn: "npm:^8.8.0"
     acorn-walk: "npm:^8.2.0"
@@ -18483,7 +18506,7 @@ __metadata:
     zod: "npm:^3.20.6"
   bin:
     miniflare: bootstrap.js
-  checksum: f5b752cff7ddf6146a20aef8a345e64364f752079e5a271dc569aa05c7e91a6864e86dcdd9f327f1eaf7d0e80ecd41e712069ec5017e66d30d24292dfaf6f766
+  checksum: 988bec15ebef26770c5e6f3b8d1012748fcac404cb1040a2a806a097918c6cb3b45170238abca8b48060dfef74c433f66d50c422dac2995f7ad6000d6fa48e92
   languageName: node
   linkType: hard
 
@@ -20129,14 +20152,14 @@ __metadata:
   languageName: node
   linkType: hard
 
-"postcss@npm:^8.4.19, postcss@npm:^8.4.27, postcss@npm:^8.4.32, postcss@npm:^8.4.4":
-  version: 8.4.33
-  resolution: "postcss@npm:8.4.33"
+"postcss@npm:^8.4.19, postcss@npm:^8.4.27, postcss@npm:^8.4.35, postcss@npm:^8.4.4":
+  version: 8.4.35
+  resolution: "postcss@npm:8.4.35"
   dependencies:
     nanoid: "npm:^3.3.7"
     picocolors: "npm:^1.0.0"
     source-map-js: "npm:^1.0.2"
-  checksum: e22a4594c255f26117f38419fb494d7ecab0f596cd409f7aadc8a6173abf180ed7ea970cd13fd366ab12b5840be901d2a09b25197700c2ebcb5a8077326bf519
+  checksum: 93a7ce50cd6188f5f486a9ca98950ad27c19dfed996c45c414fa242944497e4d084a8760d3537f078630226f2bd3c6ab84b813b488740f4432e7c7039cd73a20
   languageName: node
   linkType: hard
 
@@ -21759,7 +21782,18 @@ __metadata:
   languageName: node
   linkType: hard
 
-"semver@npm:^7.0.0, semver@npm:^7.3.4, semver@npm:^7.3.5, semver@npm:^7.3.7, semver@npm:^7.3.8, semver@npm:^7.5.3, semver@npm:^7.5.4, semver@npm:~7.5.4":
+"semver@npm:^7.0.0, semver@npm:^7.3.4, semver@npm:^7.3.5, semver@npm:^7.3.7, semver@npm:^7.3.8, semver@npm:^7.5.3, semver@npm:^7.5.4":
+  version: 7.6.0
+  resolution: "semver@npm:7.6.0"
+  dependencies:
+    lru-cache: "npm:^6.0.0"
+  bin:
+    semver: bin/semver.js
+  checksum: 1b41018df2d8aca5a1db4729985e8e20428c650daea60fcd16e926e9383217d00f574fab92d79612771884a98d2ee2a1973f49d630829a8d54d6570defe62535
+  languageName: node
+  linkType: hard
+
+"semver@npm:~7.5.4":
   version: 7.5.4
   resolution: "semver@npm:7.5.4"
   dependencies:
@@ -23642,11 +23676,11 @@ __metadata:
   linkType: hard
 
 "undici@npm:^5.22.1, undici@npm:^5.25.4":
-  version: 5.28.2
-  resolution: "undici@npm:5.28.2"
+  version: 5.28.3
+  resolution: "undici@npm:5.28.3"
   dependencies:
     "@fastify/busboy": "npm:^2.0.0"
-  checksum: 07ab8b812c7322f5faba55268562e3626463171ace8a2e5861e5793e69f8901e809bcdeb4013126fe8d1602baac247ea3c0c996073dbf9709516295b0a4dd18f
+  checksum: 779856ce14ba6907c0759df8e4babd61608b1f502569d44de7dd1d014afb7c67a0a2997b4f706e0daff8a55d87ee2f25b830b195fc0202cb6fbd25abe2d941eb
   languageName: node
   linkType: hard
 
@@ -24304,8 +24338,8 @@ __metadata:
   linkType: hard
 
 "vite@npm:^3.0.0 || ^4.0.0, vite@npm:^4.1.4":
-  version: 4.5.1
-  resolution: "vite@npm:4.5.1"
+  version: 4.5.2
+  resolution: "vite@npm:4.5.2"
   dependencies:
     esbuild: "npm:^0.18.10"
     fsevents: "npm:~2.3.2"
@@ -24339,17 +24373,17 @@ __metadata:
       optional: true
   bin:
     vite: bin/vite.js
-  checksum: 2ea9c030a5718ca0adaaa0ecc54402a725cff59131cf80bc84d0237f59c98168803ee59d23e697b98b1184be3af6c6edc2e81517f769c62159f11531b3341a4e
+  checksum: 3feb39f8da038fb2b1ad074c19a9579c263c1d7a872c5c6e0269b82d67805bb8c93cf9fc393e852807483ae9a918b1ac2861c72f73ee92fb3935ea68333a2cf7
   languageName: node
   linkType: hard
 
 "vite@npm:^5.0.0":
-  version: 5.0.11
-  resolution: "vite@npm:5.0.11"
+  version: 5.1.4
+  resolution: "vite@npm:5.1.4"
   dependencies:
     esbuild: "npm:^0.19.3"
     fsevents: "npm:~2.3.3"
-    postcss: "npm:^8.4.32"
+    postcss: "npm:^8.4.35"
     rollup: "npm:^4.2.0"
   peerDependencies:
     "@types/node": ^18.0.0 || >=20.0.0
@@ -24379,7 +24413,7 @@ __metadata:
       optional: true
   bin:
     vite: bin/vite.js
-  checksum: f1a8fea35ed9f162d7a10fd13efb2c96637028b0a319d726aeec8b31e20e4d047272bda5df82167618e7774a520236c66f3093ed172802660aec5227814072f4
+  checksum: e9003b853f0784260f4fe7ce0190124b347fd8fd6bf889a07080facd0d9a9667eaff4022eddb1ba3f0283ef69d15d77f84bca832082e48874a7a62e7f6d66b08
   languageName: node
   linkType: hard
 
@@ -24795,9 +24829,9 @@ __metadata:
   languageName: node
   linkType: hard
 
-"wrangler@npm:3.16.0":
-  version: 3.16.0
-  resolution: "wrangler@npm:3.16.0"
+"wrangler@npm:3.19.0":
+  version: 3.19.0
+  resolution: "wrangler@npm:3.19.0"
   dependencies:
     "@cloudflare/kv-asset-handler": "npm:^0.2.0"
     "@esbuild-plugins/node-globals-polyfill": "npm:^0.2.3"
@@ -24806,7 +24840,7 @@ __metadata:
     chokidar: "npm:^3.5.3"
     esbuild: "npm:0.17.19"
     fsevents: "npm:~2.3.2"
-    miniflare: "npm:3.20231030.0"
+    miniflare: "npm:3.20231030.3"
     nanoid: "npm:^3.3.3"
     path-to-regexp: "npm:^6.2.0"
     resolve.exports: "npm:^2.0.2"
@@ -24820,7 +24854,7 @@ __metadata:
   bin:
     wrangler: bin/wrangler.js
     wrangler2: bin/wrangler.js
-  checksum: 415d2c06d69a0901c9ff2d7a7222e776e45b3a502840bc0b01b0da3b919187324dd969d5c52913e6f74286874facdf18cd878532175cc4825ed86238470a9061
+  checksum: 18ff7dfce24c34c077e77162f978a74021324a7f21653352436956915e7ceaa45220823bf5982bb11bb78233f5ea99c61b88c923f9021ef866709cbf75e12a52
   languageName: node
   linkType: hard