Bump the npm_and_yarn group with 5 updates

[dependabot]

Bumps the npm_and_yarn group with 5 updates:

Package	From	To
ejs	2.7.4	3.1.10
node-sass	3.13.1	9.0.0
sails	0.12.14	1.5.11
webpack	1.15.0	5.94.0
webpack-dev-server	1.16.5	5.0.4

Updates ejs from 2.7.4 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

v3.1.9

Version 3.1.9

v3.1.8

Version 3.1.8

v3.1.7

Version 3.1.7

v3.1.6

Version 3.1.6

v3.1.5

Version 3.1.5

v3.0.2

No release notes provided.

Commits

• d3f807d Version 3.1.10
• 9ee26dd Mocha TDD
• e469741 Basic pollution protection
• 715e950 Merge pull request #756 from Jeffrey-mu/main
• cabe314 Include advanced usage examples
• 29b076c Added header
• 11503c7 Merge branch 'main' of github.com:mde/ejs into main
• 7690404 Added security banner to README
• f47d7ae Update SECURITY.md
• 828cea1 Update SECURITY.md
• Additional commits viewable in compare view

Updates node-sass from 3.13.1 to 9.0.0

Release notes

Sourced from node-sass's releases.

v9.0.0

What's Changed

• Node 20 support by @​nschonni in sass/node-sass#3355

Breaking changes

• Drop support for Node 14 (@​nschonni)

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	16, 18, 19, 20
OSX	x64	16, 18, 19, 20
Linux*	x64	16, 18, 19, 20
Alpine Linux	x64	16, 18, 19, 20

*Linux support refers to major distributions like Ubuntu, and Debian

v8.0.0

What's Changed

• Fix binaries being partially downloaded by @​xzyfer in sass/node-sass#3313
• Bump node-gyp and nan for node 19 support by @​xzyfer in sass/node-sass#3314
• feat: Node 18 and 19 support and drop Node 17 by @​nschonni in sass/node-sass#3257

Breaking changes

• Drop support for Node 12 (@​nschonni)
• Drop support for Node 17 (@​nschonni)
• Set rejectUnauthorized to true by default (@​scott-ut, #3149)

Features

• Add support for Node 18 (@​nschonni)
• Add support for Node 19 (@​nschonni)
• Replace request with make-fetch-happen (@​CamilleDrapier @​xzyfer, #3193, #3313)

Dependencies

• Bump [email protected]
• Bump node-gyp @​9.0.0
• Bump nan@^2.17.0
• Bump sass-graph@^4.0.1

Misc

• Bump various GitHub Actions dependencies (@​nschonni)

... (truncated)

Changelog

Sourced from node-sass's changelog.

v4.14.0

https://github.com/sass/node-sass/releases/tag/v4.14.0

v4.13.1

https://github.com/sass/node-sass/releases/tag/v4.13.1

v4.13.0

https://github.com/sass/node-sass/releases/tag/v4.13.0

v4.12.0

https://github.com/sass/node-sass/releases/tag/v4.12.0

v4.11.0

https://github.com/sass/node-sass/releases/tag/v4.11.0

v4.10.0

https://github.com/sass/node-sass/releases/tag/v4.10.0

v4.9.4

https://github.com/sass/node-sass/releases/tag/v4.9.4

v4.9.3

https://github.com/sass/node-sass/releases/tag/v4.9.3

v4.9.2

https://github.com/sass/node-sass/releases/tag/v4.9.2

v4.9.1

https://github.com/sass/node-sass/releases/tag/v4.9.1

v4.9.0

https://github.com/sass/node-sass/releases/tag/v4.9.0

v4.8.3

https://github.com/sass/node-sass/releases/tag/v4.8.3

v4.8.2

... (truncated)

Commits

• 87f3899 feat: Node 20 support (#3355)
• 06ae4c7 build(deps): bump coverallsapp/github-action from 2.0.0 to 2.1.0 (#3350)
• e069f73 build(deps): bump coverallsapp/github-action from 1.2.0 to 2.0.0
• c34837d build(deps): bump coverallsapp/github-action from 1.1.3 to 1.2.0
• ee13eb9 8.0.0
• 98e75b3 feat: Node 18 and 19 support and drop Node 17 (#3257)
• e9bb866 Bump node-gyp and nan for node 19 support (#3314)
• ab7840b Fix binaries being partially downloaded (#3313)
• d595abf 7.0.3
• 3b556c1 7.0.2
• Additional commits viewable in compare view

Updates sails from 0.12.14 to 1.5.11

Release notes

Sourced from sails's releases.

v1.5.11

What's Changed

• Deps: bump ejs 3.1.7 » 3.1.10 by @​eashaw in balderdashy/sails#7340
• Deps: Replace request devDependency with @​sailshq/request by @​eashaw in balderdashy/sails#7339

v1.5.9

What's Changed

• Fix #7297 & #7292 by @​eashaw in balderdashy/sails#7301
• RPS hook: Future-proof by @​mikermcneil in balderdashy/sails#7311

v1.5.7

What's Changed

• [fix] update logic to display local URL by @​DominusKelvin in balderdashy/sails#7285
• Upgrade semver dependency (v4.3.6 » v7.5.2) by @​eashaw in balderdashy/sails#7288
• Improve virtual request parsing by @​mikermcneil in balderdashy/sails#7287

Big thanks to @​ThomasRinsma at Codean!

Full Changelog: balderdashy/sails@v1.5.5...v1.5.7

v1.5.5

What's Changed

• ci: test builds on supported node versions by @​alxndrsn in balderdashy/sails#7069
• [misc] Bring documentation into this repo by @​rachaelshaw in balderdashy/sails#7070
• [misc] Change name of documentation folder + update links by @​rachaelshaw in balderdashy/sails#7075
• [patch] fix typo in Events.md by @​DominusKelvin in balderdashy/sails#7086
• [misc][docs] Adding more info about the unique attribute setting by @​eashaw in balderdashy/sails#7078
• Update sails.config.connections.md by @​anilbhanushali in balderdashy/sails#7097
• [proposal] sails-linker.js.md by @​jdsapariya18 in balderdashy/sails#7101
• [patch] fix node 14 warnings by upgrading prompt dependency by @​DominusKelvin in balderdashy/sails#7084
• [patch] change typo --no-front-end to --no-frontend in CLI flag help output by @​DominusKelvin in balderdashy/sails#7109
• [misc] Wrong wording in update.md by @​anurbol in balderdashy/sails#7134
• [misc] Wrong wording in destroy.md by @​anurbol in balderdashy/sails#7135
• [misc] Update mongo tutorial to show usage with latest sails-mongo adapter by @​rachaelshaw in balderdashy/sails#7074
• [patch] Updated "datastore configuration" link by @​AlanConstantino in balderdashy/sails#7079
• [patch] upgrade sails-hook-orm dependency by @​eashaw in balderdashy/sails#7147
• [patch] fix data type in docs (should be optional) by @​mikermcneil in balderdashy/sails#7151
• [patch] Fix node deprecation warnings by @​eashaw in balderdashy/sails#7148
• [fixes #7107] Change trustProxy isNaN check to _.isNaN by @​eashaw in balderdashy/sails#7146
• [patch] Small text correction by @​zsteinkamp in balderdashy/sails#7158
• Fix typo in sails-run.js by @​eltociear in balderdashy/sails#7174
• [proposal] Add documentation regarding a breaking change in SSL connection syntax by @​jarodccrowe in balderdashy/sails#7175
• [patch] correct misspelt waterline by @​DominusKelvin in balderdashy/sails#7176
• [fixes #7168] Add support for latest version of connect-mongo by @​ElizabethForest in balderdashy/sails#7172
• [misc] Add note about undefined attributes to upgrading docs by @​eashaw in balderdashy/sails#7181
• [fixes #7201] Bump up prompt to 1.2.1 by @​dhwaneetbhatt in balderdashy/sails#7202
• [misc] Upgrade sort-route-addresses dependency by @​eashaw in balderdashy/sails#7203
• Update Permissions.md by @​pbkompasz in balderdashy/sails#7219
• Update Travis CI configuration by @​eashaw in balderdashy/sails#7226
• Update minimist dependency to v1.2.6 by @​eashaw in balderdashy/sails#7242

... (truncated)

Changelog

Sourced from sails's changelog.

Sails Changelog

1.2.0

• Added sails migrate for quickly running auto-migrations by hand
• The output of sails inspect no longer includes controller information
• When loading user hooks, if sails.config.loadHooks is specified, skip hooks whose names aren't explicitly included
• Increased time to display warning message in config/bootstrap.js from 5 seconds to 30 seconds
• Switched to using updateOne in the "update" blueprint
• Blueprint queries no longer include fetch: true by default, to avoid warnings from updateOne
• Update error mesage in default serverError response to use flaverr
• In lib/router/res.js, instead of always setting 'content-type' to 'application/json', only set it if res.get('content-type') is falsy
• Update flaverr dependency
• Update i18n-2 dependency to resolve deprecation warning
• Update rc dependency to address potential vulnerabilities
• Update machinepack-process dependency to address potential vulnerabilities
• Update machinepack-redis dependency to address potential vulnerabilities

1.1.0

As always, we owe a debt of gratitude to our contributors-- we mentioned you below next to the features/enhancements/fixes you contributed to. (Apologies to anyone we missed, there was a lot in this release! Let us know and we'll add you to the list.)

We especially want to thank those contributors who helped out with the documentation:

• Rachael Shaw
• Mike McNeil
• Ali Norouzi
• Ronny Medina
• Alex Schwarz
• Xavier Spriet
• Ian Harris
• Vladyslav Piskunov
• Michael Frederick
• Mark Strelecky
• Freddy
• pavan
• Scott Reed
• Mario Colque
• Okoli Lemuel
• ultimate-tester
• @​snidell
• Pika
• AYEDOUN Fiacre
• Tim Wisniewski
• Tom Saleeba
• s-slavchev
• Daniel Harvey
• Julien Le Coupanec
• floriancummings
• Bernardo Gomes
• Eli Peters

... (truncated)

Commits

• eb5fe32 1.5.11
• 80c0354 Deps: Replace request devDependency with @​sailshq/request (#7339)
• 739e0ad bump ejs 3.1.7 » 3.1.10 (#7340)
• caa835b 1.5.10
• 26676ff bump @​sailshq/lodash version (#7332)
• 1d34c89 Update package.json (#7331)
• b6ce20e upgrade express (#7330)
• 6ecb41c Update adapterList.md (#7323)
• 32ae2df Update sails-generate version in package.json (#7322)
• 8139c90 Update dead link in README
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by eashaw, a new releaser for sails since your current version.

Updates webpack from 1.15.0 to 5.94.0

Release notes

Sourced from webpack's releases.

v5.94.0

Bug Fixes

• Added runtime condition for harmony reexport checked
• Handle properly data/http/https protocols in source maps
• Make bigint optimistic when browserslist not found
• Move @​types/eslint-scope to dev deps
• Related in asset stats is now always an array when no related found
• Handle ASI for export declarations
• Mangle destruction incorrect with export named default properly
• Fixed unexpected asi generation with sequence expression
• Fixed a lot of types

New Features

• Added new external type "module-import"
• Support webpackIgnore for new URL() construction
• [CSS] @import pathinfo support

Security

• Fixed DOM clobbering in auto public path

v5.93.0

Bug Fixes

• Generate correct relative path to runtime chunks
• Makes DefinePlugin quieter under default log level
• Fixed mangle destructuring default in namespace import
• Fixed consumption of eager shared modules for module federation
• Strip slash for pretty regexp
• Calculate correct contenthash for CSS generator options

New Features

• Added the binary generator option for asset modules to explicitly keep source maps produced by loaders
• Added the modern-module library value for tree shakable output
• Added the overrideStrict option to override strict or non-strict mode for javascript modules

v5.92.1

Bug Fixes

• Doesn't crash with an error when the css experiment is enabled and contenthash is used

v5.92.0

Bug Fixes

• Correct tidle range's comutation for module federation
• Consider runtime for pure expression dependency update hash
• Return value in the subtractRuntime function for runtime logic

... (truncated)

Commits

• eabf85d chore(release): 5.94.0
• 955e057 security: fix DOM clobbering in auto public path
• 9822387 test: fix
• cbb86ed test: fix
• 5ac3d7f fix: unexpected asi generation with sequence expression
• 2411661 security: fix DOM clobbering in auto public path
• b8c03d4 fix: unexpected asi generation with sequence expression
• f46a03c revert: do not use heuristic fallback for "module-import"
• 60f1898 fix: do not use heuristic fallback for "module-import"
• 66306aa Revert "fix: module-import get fallback from externalsPresets"
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack since your current version.

Updates webpack-dev-server from 1.16.5 to 5.0.4

Release notes

Sourced from webpack-dev-server's releases.

v5.0.4

5.0.4 (2024-03-19)

Bug Fixes

• security: bump webpack-dev-middleware (#5112) (aab576a)

v5.0.3

5.0.3 (2024-03-12)

Bug Fixes

• types: proxy (#5101) (6e1aed3)

v5.0.2

5.0.2 (2024-02-16)

Bug Fixes

• types (#5057) (da2c24d)

v5.0.1

5.0.1 (2024-02-13)

Bug Fixes

• avoid using eval in client (#5045) (7681477)
• overlay and require-trusted-types-for (#5046) (e115436)

v5.0.0

5.0.0 (2024-02-12)

Migration Guide and Changes.

v4.15.2

4.15.2 (2024-03-20)

Bug Fixes

• security: bump webpack-dev-middleware (4116209)

v4.15.1

4.15.1 (2023-06-09)

... (truncated)

Changelog

Sourced from webpack-dev-server's changelog.

5.0.4 (2024-03-19)

Bug Fixes

• security: bump webpack-dev-middleware (#5112) (aab576a)

5.0.3 (2024-03-12)

Bug Fixes

• types: proxy (#5101) (6e1aed3)

5.0.2 (2024-02-16)

Bug Fixes

• types (#5057) (da2c24d)

5.0.1 (2024-02-13)

Bug Fixes

• avoid using eval in client (#5045) (7681477)
• overlay and require-trusted-types-for (#5046) (e115436)

5.0.0 (2024-02-12)

Migration Guide and Changes.

4.15.1 (2023-06-09)

Bug Fixes

• replace :: with localhost before openBrowser() (#4856) (874c44b)
• types: compatibility with @types/ws (#4899) (34bcec2)

4.15.0 (2023-05-07)

Features

• overlay displays unhandled promise rejection (#4849) (d1dd430)

4.14.0 (2023-05-06)

... (truncated)

Commits

• 64a1860 chore(release): 5.0.4
• aab576a fix(security): bump webpack-dev-middleware (#5112)
• fb6f22a chore(deps-dev): bump @​commitlint/config-conventional (#5104)
• ba9dfb6 chore(deps-dev): bump @​commitlint/cli from 19.0.3 to 19.1.0 (#5103)
• 08cab58 chore(release): 5.0.3
• 37f4760 chore(deps-dev): bump @​types/node from 20.11.25 to 20.11.26 (#5102)
• 6e1aed3 fix(types): proxy (#5101)
• 8ea7cb8 chore(deps): bump open from 10.0.4 to 10.1.0 (#5100)
• c6a3586 chore(deps-dev): bump puppeteer from 22.4.0 to 22.4.1 (#5099)
• 2201442 chore(deps): update (#5096)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack-dev-server since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.