Bump the production-dependencies group with 5 updates

[dependabot]

Bumps the production-dependencies group with 5 updates:

Package	From	To
chokidar	3.6.0	4.0.3
commander	11.1.0	13.1.0
glob	10.4.5	11.0.1
markdown-it	13.0.2	14.1.0
@types/markdown-it	13.0.9	14.1.2

Updates chokidar from 3.6.0 to 4.0.3

Release notes

Sourced from chokidar's releases.

4.0.3

What's Changed

• Fix typescript type of emitted args by @​43081j in paulmillr/chokidar#1397

Full Changelog: paulmillr/chokidar@4.0.2...4.0.3

4.0.2

What's Changed

• Fix test "should detect safe-edit" on FreeBSD by @​tagattie in paulmillr/chokidar#1375
• Remove references to .map files by @​bluwy in paulmillr/chokidar#1383
• feat: strongly type event emitter methods by @​43081j in paulmillr/chokidar#1381

New Contributors

• @​bxt made their first contribution in paulmillr/chokidar#1365
• @​tagattie made their first contribution in paulmillr/chokidar#1375
• @​bluwy made their first contribution in paulmillr/chokidar#1383

Full Changelog: paulmillr/chokidar@4.0.1...4.0.2

4.0.1

• Various fixes and improvements of typescript types

New Contributors

• @​benmccann made their first contribution in paulmillr/chokidar#1349
• @​talentlessguy made their first contribution in paulmillr/chokidar#1356

Full Changelog: paulmillr/chokidar@4.0.0...4.0.1

4.0.0

• Remove glob support
• Remove bundled fsevents
• Decrease dependency count from 13 to 1
• Rewrite in typescript. Makes emitted types more precise
• The package became hybrid common.js / ESM
• Bump minimum node.js requirement to v14+

Special thanks to @​43081j for improvements and help.

Full Changelog: paulmillr/chokidar@3.6.0...4.0.0

Commits

• 1182965 Release 4.0.3.
• 9470932 Merge pull request #1397 from paulmillr/unlink-types
• 322e851 fix: separate error emit from regular events
• 3fa04b5 fix: strongly type unlink events
• 69c115a Release 4.0.2.
• 50cf698 Ignore map
• 5e6daaa Merge pull request #1381 from paulmillr/event-types
• e9cd7f6 Merge pull request #1383 from bluwy/map-ref
• 6981c5d Remove references to .map files
• 7958696 feat: strongly type event emitter methods
• Additional commits viewable in compare view

Updates commander from 11.1.0 to 13.1.0

Release notes

Sourced from commander's releases.

v13.1.0

Added

• support a pair of long option flags to allow a memorable shortened flag, like .option('--ws, --workspace') (#2312)

v13.0.0

Added

• support multiple calls to .parse() with default settings (#2299)
• add .saveStateBeforeParse() and .restoreStateBeforeParse() for use by subclasses (#2299)
• style routines like styleTitle() to add color to help using .configureHelp() or Help subclass (#2251)
• color related support in .configureOutput() for getOutHasColors(), getErrHasColors(), and stripColor() (#2251)
• Help property for minWidthToWrap (#2251)
• Help methods for displayWidth(), boxWrap(), preformatted() et al (#2251)

Changed

• Breaking: excess command-arguments cause an error by default, see migration tips (#2223)
• Breaking: throw during Option construction for unsupported option flags, like multiple characters after single - (#2270)
• Breaking: throw on multiple calls to .parse() if storeOptionsAsProperties: true (#2299)
• TypeScript: include implicit this in parameters for action handler callback (#2197)

Deleted

• Breaking: Help.wrap() refactored into formatItem() and boxWrap() (#2251)

Migration Tips

Excess command-arguments

It is now an error for the user to specify more command-arguments than are expected. (allowExcessArguments is now false by default.)

Old code:

program.option('-p, --port <number>', 'port number');
program.action((options) => {
  console.log(program.args);
});

Now shows an error:

$ node example.js a b c
error: too many arguments. Expected 0 arguments but got 3.

You can declare the expected arguments. The help will then be more accurate too. Note that declaring new arguments will change what is passed to the action handler.

... (truncated)

Changelog

Sourced from commander's changelog.

[13.1.0] (2025-01-21)

Added

• support a pair of long option flags to allow a memorable shortened flag, like .option('--ws, --workspace') (#2312)

[13.0.0] (2024-12-30)

Added

• support multiple calls to .parse() with default settings (#2299)
• add .saveStateBeforeParse() and .restoreStateBeforeParse() for use by subclasses (#2299)
• style routines like styleTitle() to add color to help using .configureHelp() or Help subclass (#2251)
• color related support in .configureOutput() for getOutHasColors(), getErrHasColors(), and stripColor() (#2251)
• Help property for minWidthToWrap (#2251)
• Help methods for displayWidth(), boxWrap(), preformatted() et al (#2251)

Changed

• Breaking: excess command-arguments cause an error by default, see migration tips (#2223)
• Breaking: throw during Option construction for unsupported option flags, like multiple characters after single - (#2270)
  • note: support for dual long option flags added in Commander 13.1
• Breaking: throw on multiple calls to .parse() if storeOptionsAsProperties: true (#2299)
• TypeScript: include implicit this in parameters for action handler callback (#2197)

Deleted

• Breaking: Help.wrap() refactored into formatItem() and boxWrap() (#2251)

Migration Tips

Excess command-arguments

It is now an error for the user to specify more command-arguments than are expected. (allowExcessArguments is now false by default.)

Old code:

program.option('-p, --port <number>', 'port number');
program.action((options) => {
  console.log(program.args);
});

Now shows an error:

$ node example.js a b c
error: too many arguments. Expected 0 arguments but got 3.

... (truncated)

Commits

• e6f56c8 13.1.0
• ad3ecf0 Add 13.1 to CHANGELOG (#2315)
• 2619c99 Fix example code in Readme_zh-CN.md (#2313)
• 8263b7f Add support for dual long options when no short option (#2312)
• bb733f4 Reorder funding with active maintainers first (#2310)
• d6bcb0b 13.0.0
• fa9e5ed Update release date
• fb2c46a Update CHANGELOG for 13.0.0 (#2301)
• 49423a2 Add save/restore state to allow multiple calls to parse (#2299)
• 497c11d Update dependencies (#2295)
• Additional commits viewable in compare view

Updates glob from 10.4.5 to 11.0.1

Changelog

Sourced from glob's changelog.

changeglob

11.0

• Drop support for node before v20

10.4

• Add includeChildMatches: false option
• Export the Ignore class

10.3

• Add --default -p flag to provide a default pattern
• exclude symbolic links to directories when follow and nodir are both set

10.2

• Add glob cli

10.1

• Return '.' instead of the empty string '' when the current working directory is returned as a match.
• Add posix: true option to return / delimited paths, even on Windows.

10.0.0

• No default exports, only named exports

9.3.3

• Upgraded minimatch to v8, adding support for any degree of nested extglob patterns.

9.3

• Add aliases for methods. glob.sync, glob.stream, glob.stream.sync, etc.

9.2

• Support using a custom fs object, which is passed to PathScurry
• add maxDepth option
• add stat option
• add custom Ignore support

9.1

... (truncated)

Commits

• 148ef61 11.0.1
• 41c81e4 fix audit warning
• 08958fa docs: correct ignore method names
• feaf0a8 ci: drop 18
• 9fe7d3a benchmark: test fs.glob, if available
• 561601d 11.0.0
• 57226aa drop node before 20
• See full diff in compare view

Updates markdown-it from 13.0.2 to 14.1.0

Changelog

Sourced from markdown-it's changelog.

[14.1.0] - 2024-03-19

Changed

• Updated CM spec compatibility to 0.31.2, #1009.

Fixed

• Fixed quadratic complexity when parsing references, #996.
• Fixed quadratic output size with pathological user input in tables, #1000.

[14.0.0] - 2023-12-08

Changed

• Drop ancient browsers support (use .fromCodePoint and other features).
• Rewrite to ESM (including all plugins/deps). CJS fallback still available. No signatures changed, except markdown-it-emoji plugin.
• Dropped dist/ folder from repo, build on package publish.
• Set punicode.js as external dependency.

Fixed

• Html tokens inside img alt are now rendered as their original text, #896.
• Hardbreaks inside img alt are now rendered as newlines.

Commits

• 0fe7ccb 14.1.0 released
• a367c44 Fix typo in comments of text.mjs (#1015)
• 7ad8179 add changelog
• 5e90063 simplify logic in scanDelims
• d7ce5ec Merge pull request #1009 from notriddle/spec-0.31.2
• 0bfc57d Update spec to 0.31.2
• cd24778 Update to comply with spec 0.31.2
• eaef476 Fix typo in architecture.md (#994)
• de814ca fix quadratic complexity in reference parser (#1004)
• 00b8a93 limit the number of autocompleted cells in a table
• Additional commits viewable in compare view

Updates @types/markdown-it from 13.0.9 to 14.1.2

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

The following labels could not be found: npm, dependencies.

[socket-security]

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/[email protected] 🔁 npm/[email protected]	None	+1	185 kB	paulmillr
npm/[email protected] 🔁 npm/[email protected]	None	0	201 kB	abetomo
npm/[email protected] 🔁 npm/[email protected]	Transitive: environment, filesystem, shell	+33	3.38 MB	isaacs
npm/[email protected] 🔁 npm/[email protected]	Transitive: environment, filesystem	+6	1.49 MB	vitaly

🚮 Removed packages: npm/@types/[email protected]

View full report↗︎