Bump the npm_and_yarn at /. security update group with 3 updates

[dependabot]

Bumps the npm_and_yarn at /. security update group with 3 updates: next, @storybook/react and postcss.

Updates next from 13.0.5 to 13.5.6

Release notes

Sourced from next's releases.

v13.5.6

Core Changes

• Upgrade edge-runtime/cookies #57021
• Patch React with fix for write-after-close for ReadableStream #57011

Credits

Huge thanks to @​ijjk @​huozhi @​gnoff for helping!

v13.5.6-canary.8

Core Changes

• Revert "chore(next/image): remove deprecation of onLoadingComplete temporarily": #57024
• Improve performance of String.prototype.split uses: #56746
• chore: support progressive jpg with sharp: #56617
• Move ImageResponse to next/og: #56662
• Prefer module over main on main fields for app router server compiler: #56960

Documentation Changes

• Fix typos in duplicate-sass.mdx: #57045

Misc Changes

• chore: revert back to moving files w/ fs-extra: #57030
• Update CNA tests to avoid publish conflict: #57025

Credits

Huge thanks to @​styfle, @​Yovach, @​nil1511, @​SukkaW, @​Bsodoge, @​ijjk, and @​huozhi for helping!

v13.5.6-canary.7

Core Changes

• add better logs around worker restarts: #57004
• Handle Promise Rejections for Streams: #56976
• Web Streams cleanup: #56819
• chore(next/image): remove deprecation of onLoadingComplete temporarily: #57020

Documentation Changes

• chore(docs): fix missing fallback on next/image sizes example: #56718

Misc Changes

• Add .yarn/install-state.gz to .gitignore: #56637
• chore(test): add logs for create-next-app tests: #56957

Credits

... (truncated)

Commits

• 9051bc4 v13.5.6
• a9e796e update version script
• 70f93bf update ci config
• 7db2ce3 Upgrade edge-runtime/cookies (#57021)
• 40965eb Patch React with fix for write-after-close for ReadableStream (#57011)
• 54145b4 v13.5.5
• 1609da2 v13.5.5-canary.19
• 8a51ebc Revert "feat(turbopack): support basic next/dynamic" (#56885)
• c1c419f v13.5.5-canary.18
• 4e435e2 Skip webpack specific tests in Turbopack test run (#56877)
• Additional commits viewable in compare view

Updates @storybook/react from 6.5.13 to 7.5.1

Release notes

Sourced from @​storybook/react's releases.

v7.5.1

7.5.1

• Angular: update wrong type for webpackStatsJson in start-storybook schema.json - #24494, thanks @​LucaVazz!
• Themes: Run postinstall in shell for windows - #24389, thanks @​Integrayshaun!

v7.5.0

7.5.0

Storybook 7.5 enhances your Storybook experience with several key updates:

• 💃🏼 Now supports Lit 3.0 and Vite 5
• 👻 storiesOf and storyStoreV6 officially deprecated
• 🔨 Fix Webpack5 build errors not being propagated
• 🀄 Support rename font import for Next.js
• ⬆️ Upgrade react-docgen to 6.0.x and improve argTypes
• ✨ Many Angular improvements such as introducing argsToTemplate , new schema debugging options, support for standalone directives, etc.

• Angular: Introduce argsToTemplate for property and event Bindings - #24434, thanks @​valentinpalkovic!
• Angular: Add schema options (debugWebpack, webpackStatsJson, and more) - #24388, thanks @​yannbf!
• Angular: Categorize legacy build options error - #24014, thanks @​yannbf!
• Angular: Fix Angular 15 support and add zone.js v0.14.x support - #24367, thanks @​valentinpalkovic!
• Angular: Allow loading standalone directives - #24448, thanks @​osnoser1!
• CLI: Inform the user how to dedupe and strip color from info command - #24087, thanks @​kasperpeulen!
• CLI: Add more information to storybook info command - #24003, thanks @​JReinhold!
• CLI: Change /Date$/ to /Dates$/i - #24195, thanks @​arup1221!
• CLI: Improve sanitization logic in crash reports - #24028, thanks @​yannbf!
• CLI: Remove random commas in storybook upgrade logs - #22333, thanks @​joaonunomota!
• Controls: Fix select / multiselect when value contains multiple spaces - #22334, thanks @​oxcened!
• Core: Add class name to Storybook error name - #24371, thanks @​yannbf!
• Core: Deprecate storyStoreV6 (including storiesOf) and storyIndexers - #23938, thanks @​JReinhold!
• Doc Blocks: Add title to Meta prop types - #23370, thanks @​iqbalcodes6602!
• ManagerAPI: Fix bug with story redirection when URL has partial storyId - #24345, thanks @​ndelangen!
• NextJS: Support rename font import - #24406, thanks @​yoshi2no!
• NextJS: Change babel plugins from proposal-... to transform-... - #24290, thanks @​roottool!
• NextJS: Fix default next image loader when src has params - #24187, thanks @​json-betsec!
• NextJS: Fix Image Context re-use via singleton - #24146, thanks @​martinnabhan!
• NextJS: Improve support for Windows-style paths - #23695, thanks @​T99!
• React: Upgrade react-docgen to 6.0.x and improve argTypes - #23825, thanks @​shilman!
• Svelte: Fix docs generating when using lang="ts" or optional chaining - #24096, thanks @​j3rem1e!
• UI: Filter some manager errors - #24217, thanks @​yannbf!
• UI: Fix className missing in syntaxhighlighter - #24491, thanks @​ndelangen!
• UI: Update ScrollArea with radix - #24413, thanks @​cdedreuille!
• UI: Improve contrast ratio between focus / hover - #24205, thanks @​chocoscoding!
• Vite: Move mdx-plugin from @storybook/builder-vite to @storybook/addon-docs - #24166, thanks @​bryanjtc!
• Vite: Support Vite 5 - #24395, thanks @​IanVS!

... (truncated)

Changelog

Sourced from @​storybook/react's changelog.

5.3.7 (January 20, 2020)

Bug Fixes

• Node-logger: Move @types/npmlog to dependencies (#9538)
• Core: Fix legacy story URLs (#9545)
• Addon-docs: Convert default prop value to string (#9525)
• Addon-docs: Preserve Source indentation by default (#9513)

5.3.6 (January 17, 2020)

Bug Fixes

• Source-loader: Bypass if file has no exports (#9505)
• Core: Fix default sorting of docs-only stories (#9504)

5.3.5 (January 17, 2020)

Bug Fixes

• Core: Fix typo for loading addon-notes/register-panel (#9497)
• Source-loader: Add imports to top of file (#9492)

5.3.4 (January 16, 2020)

Bug Fixes

• Core: Fix presets register panel (#9486)
• Core: Fix addon/preset detection for local addons (#9485)
• Core: Fix default story sort (#9482)

5.3.3 (January 14, 2020)

Bug Fixes

• UI: Fix edge case where only one legacy separator is defined (#9425)
• Core: Preserve kind load order on HMR when no sortFn is provided (#9424)
• Angular: Fix missing architect properties (#9390)
• Addon-knobs: Fix null knob values in select (#9416)
• Source-loader: Disable linting altogether (#9417)

5.3.2 (January 13, 2020)

Bug Fixes

• Source-loader: Disable eslint entirely for generated code (#9410)

5.3.1 (January 12, 2020)

Bug Fixes

... (truncated)

Commits

• 6ceb141 Bump version from "7.5.0" to "7.5.1" [skip ci]
• fea453a Bump version from "7.5.0-alpha.7" to "7.5.0" [skip ci]
• 0a6e94c Bump version from "7.5.0-alpha.6" to "7.5.0-alpha.7" [skip ci]
• 25af33c Bump version from "7.5.0-alpha.5" to "7.5.0-alpha.6" [skip ci]
• 1fc5ed4 upgrade to node18 in a backwards compatible way
• 816e86e Bump version from "7.5.0-alpha.4" to "7.5.0-alpha.5" [skip ci]
• ac738ec Restore chromatic ignore
• 60748de Fix snapshots
• 617666d Fix types
• 31704fc Merge branch 'next' into shilman/fix-react-docgen-enum
• Additional commits viewable in compare view

Updates postcss from 8.4.16 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by @​romainmenke).

8.4.29

• Fixed Node#source.offset (by @​idoros).
• Fixed docs (by @​coliff).

8.4.28

• Fixed Root.source.end for better source map (by @​romainmenke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by @​romainmenke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

8.4.23

• Fixed warnings in TypeDoc.

8.4.22

• Fixed TypeScript support with node16 (by @​remcohaszing).

8.4.21

• Fixed Input#error types (by @​hudochenkov).

8.4.20

• Fixed source map generation for childless at-rules like @layer.

8.4.19

• Fixed whitespace preserving after AST transformations (by @​romainmenke).

8.4.18

• Fixed an error on absolute: true with empty sourceContent (by @​KingSora).

8.4.17

• Fixed Node.before() unexpected behavior (by @​romainmenke).
• Added TOC to docs (by @​muddv).

Changelog

Sourced from postcss's changelog.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by Romain Menke).

8.4.29

• Fixed Node#source.offset (by Ido Rosenthal).
• Fixed docs (by Christian Oliff).

8.4.28

• Fixed Root.source.end for better source map (by Romain Menke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by Romain Menke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

8.4.23

• Fixed warnings in TypeDoc.

8.4.22

• Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

• Fixed Input#error types (by Aleks Hudochenkov).

8.4.20

• Fixed source map generation for childless at-rules like @layer.

8.4.19

• Fixed whitespace preserving after AST transformations (by Romain Menke).

8.4.18

• Fixed an error on absolute: true with empty sourceContent (by Rene Haas).

8.4.17

• Fixed Node.before() unexpected behavior (by Romain Menke).
• Added TOC to docs (by Mikhail Dedov).

Commits

• 90208de Release 8.4.31 version
• 58cc860 Fix carrier return parsing
• 4fff8e4 Improve pnpm test output
• cd43ed1 Update dependencies
• caa916b Update dependencies
• 8972f76 Typo
• 11a5286 Typo
• 45c5501 Release 8.4.30 version
• bc3c341 Update linter
• b2be58a Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
market	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Oct 23, 2023 8:23am

1 Ignored Deployment

Name	Status	Preview	Comments	Updated (UTC)
dubai-challenge	⬜️ Ignored (Inspect)	Visit Preview		Oct 23, 2023 8:23am

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.