chore(deps): bump the npm_and_yarn group across 1 directory with 5 updates

[dependabot]

Bumps the npm_and_yarn group with 1 update in the / directory: axios.

Removes axios

Updates braces from 2.3.2 to 3.0.2

Changelog

Sourced from braces's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

• Changelogs are for humans, not machines.
• There should be an entry for every single version.
• The same types of changes should be grouped.
• Versions and sections should be linkable.
• The latest version comes first.
• The release date of each versions is displayed.
• Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

• Added for new features.
• Changed for changes in existing functionality.
• Deprecated for soon-to-be removed features.
• Removed for now removed features.
• Fixed for any bug fixes.
• Security in case of vulnerabilities.

[3.0.0] - 2018-04-08

v3.0 is a complete refactor, resulting in a faster, smaller codebase, with fewer deps, and a more accurate parser and compiler.

Breaking Changes

• The undocumented .makeRe method was removed
• Require Node.js >= 8.3

Non-breaking changes

• Caching was removed

Commits

• See full diff in compare view

Updates ws from 3.3.3 to 8.19.0

Release notes

Sourced from ws's releases.

8.19.0

Features

• Added the closeTimeout option (#2308).

Bug fixes

• Handled a forthcoming breaking change in Node.js core (19984854).

8.18.3

Bug fixes

• Fixed a spec violation where the Sec-WebSocket-Version header was not added to the HTTP response if the client requested version was either invalid or unacceptable (#2291).

8.18.2

Bug fixes

• Fixed an issue that, during message decompression when the maximum size was exceeded, led to the emission of an inaccurate error and closure of the connection with an improper close code (#2285).

8.18.1

Bug fixes

• The length of the UNIX domain socket paths in the tests has been shortened to make them work when run via CITGM (021f7b8b).

8.18.0

Features

• Added support for Blob (#2229).

8.17.1

Bug fixes

• Fixed a DoS vulnerability (#2231).

A request with a number of headers exceeding the[server.maxHeadersCount][] threshold could be used to crash a ws server.

const http = require('http');
const WebSocket = require('ws');
const wss = new WebSocket.Server({ port: 0 }, function () {
const chars = "!#$%&'*+-.0123456789abcdefghijklmnopqrstuvwxyz^_`|~".split('');
</tr></table>

... (truncated)

Commits

• 61349ec [dist] 8.19.0
• 3f9ffc6 [feature] Introduce the closeTimeout option (#2308)
• 1998485 [fix] Ensure all remaining data is read as a single chunk
• 726c373 [doc] Sort options alphabetically
• b151f1e [ci] Update actions/checkout action to v6
• dabdd5b [ci] Update actions/setup-node action to v6
• 86eac5b [ci] Test on node 25
• 1891e14 [ci] Update actions/setup-node action to v5
• aa28c77 [ci] Update actions/checkout action to v5
• dabbdec [dist] 8.18.3
• Additional commits viewable in compare view

Updates liquidjs from 6.4.3 to 10.24.0

Release notes

Sourced from liquidjs's releases.

v10.24.0

10.24.0 (2025-10-27)

Features

• filters: Add base64_encode and base64_decode filters for Shopify compatibility (#828) (86fc135)

v10.23.0

10.23.0 (2025-10-23)

Features

• Export specific tokens as types (#824) (4f7d2fd)

v10.22.0

10.22.0 (2025-10-06)

Bug Fixes

• math filters coerce invalid string to 0, #813 (#819) (e8e502c)

Features

• allow context access in liquidMethodMissing, #808 (#820) (e551288)

v10.21.1

10.21.1 (2025-05-14)

Bug Fixes

• block.super with strictVariables, #806 (#807) (025c40f)

v10.21.0

10.21.0 (2025-02-23)

Features

• add find_index, has, and reject filters (#799) (0deb93e)

v10.20.3

10.20.3 (2025-02-09)

Bug Fixes

... (truncated)

Changelog

Sourced from liquidjs's changelog.

10.24.0 (2025-10-27)

Features

• filters: Add base64_encode and base64_decode filters for Shopify compatibility (#828) (86fc135)

10.23.0 (2025-10-23)

Features

• Export specific tokens as types (#824) (4f7d2fd)

10.22.0 (2025-10-06)

Bug Fixes

• math filters coerce invalid string to 0, #813 (#819) (e8e502c)

Features

• allow context access in liquidMethodMissing, #808 (#820) (e551288)

10.21.1 (2025-05-14)

Bug Fixes

• block.super with strictVariables, #806 (#807) (025c40f)

10.21.0 (2025-02-23)

Features

• add find_index, has, and reject filters (#799) (0deb93e)

10.20.3 (2025-02-09)

Bug Fixes

• empty tagToken.args since 10.20.0, fixes #796 (38a0f51)

10.20.2 (2025-01-19)

... (truncated)

Commits

• 9067078 chore(release): 10.24.0 [skip ci]
• a2da822 docs: add rosomri as a contributor for code (#829)
• 86fc135 feat(filters): Add base64_encode and base64_decode filters for Shopify compat...
• 5d95313 docs: add lambdatest to sponsors (#826)
• 2858271 docs: add skynetigor as a contributor for code (#825)
• d22945e chore(release): 10.23.0 [skip ci]
• 4f7d2fd feat: Export specific tokens as types (#824)
• 597ce73 chore(release): 10.22.0 [skip ci]
• d7fa8ba chore: update node version for release workflow
• 1b356d3 chore: fix Github artifact name (#821)
• Additional commits viewable in compare view

Updates send from 0.16.2 to 1.2.1

Release notes

Sourced from send's releases.

1.2.1

What's Changed

• ci: add CodeQl (SAST) by @​Phillip9587 in pillarjs/send#250
• ci: add node.js 24 to test matrix by @​Phillip9587 in pillarjs/send#255
• [StepSecurity] Apply security best practices by @​step-security-bot in pillarjs/send#256
• chore: add funding to package.json by @​bjohansebas in pillarjs/send#265
• build(deps): bump github/codeql-action from 2.23.2 to 3.29.5 by @​dependabot[bot] in pillarjs/send#266
• build(deps): bump ossf/scorecard-action from 2.3.1 to 2.4.2 by @​dependabot[bot] in pillarjs/send#257
• build(deps): bump actions/download-artifact from 4 to 5 by @​dependabot[bot] in pillarjs/send#269
• build(deps): bump github/codeql-action from 3.29.7 to 3.29.11 by @​dependabot[bot] in pillarjs/send#268
• build(deps): bump actions/checkout from 4 to 5 by @​dependabot[bot] in pillarjs/send#267
• build(deps): bump github/codeql-action from 3.29.11 to 4.31.2 by @​dependabot[bot] in pillarjs/send#278
• build(deps): bump actions/download-artifact from 5 to 6 by @​dependabot[bot] in pillarjs/send#277
• build(deps): bump actions/upload-artifact from 4 to 5 by @​dependabot[bot] in pillarjs/send#276
• build(deps): bump actions/setup-node from 4 to 6 by @​dependabot[bot] in pillarjs/send#275
• build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by @​dependabot[bot] in pillarjs/send#272
• build(deps-dev): bump eslint-plugin-import from 2.25.4 to 2.32.0 by @​dependabot[bot] in pillarjs/send#262
• build(deps-dev): bump supertest from 6.2.2 to 6.3.4 by @​dependabot[bot] in pillarjs/send#260
• build(deps): bump actions/checkout from 5 to 6 by @​dependabot[bot] in pillarjs/send#283
• build(deps): bump github/codeql-action from 4.31.2 to 4.31.5 by @​dependabot[bot] in pillarjs/send#282
• chore: remove HISTORY.md from tarball by @​Phillip9587 in pillarjs/send#285
• ci: add Node.js 25 to test matrix by @​Phillip9587 in pillarjs/send#284
• chore: update dependency ranges to latest versions by @​Phillip9587 in pillarjs/send#286
• Release: 1.2.1 by @​UlisesGascon in pillarjs/send#281

New Contributors

• @​step-security-bot made their first contribution in pillarjs/send#256
• @​dependabot[bot] made their first contribution in pillarjs/send#266

Full Changelog: pillarjs/send@1.2.0...1.2.1

1.2.0

What's Changed

• chore(deps): updated dependency fresh to v2 by @​Phillip9587 in pillarjs/send#247
• fix: remove obsolete dependency destroy by @​Phillip9587 in pillarjs/send#245
• docs: remove security file by @​bjohansebas in pillarjs/send#248
• deps: update mime-types to v3.0.1 by @​bjohansebas in pillarjs/send#251
• ci: update ci workflow and remove appveyor by @​Phillip9587 in pillarjs/send#249
• refactor: remove getHeaderNames() polyfill and refactor clearHeaders() by @​Phillip9587 in pillarjs/send#243
• Release 1.2.0 by @​UlisesGascon in pillarjs/send#252

New Contributors

• @​Phillip9587 made their first contribution in pillarjs/send#247
• @​bjohansebas made their first contribution in pillarjs/send#248

Full Changelog: pillarjs/send@1.1.0...1.2.0

1.1.0

What's Changed

• Remove link renderization in html while redirecting (pillarjs/send#235)

... (truncated)

Changelog

Sourced from send's changelog.

1.2.1 / 2025-12-15

• Minor changes (package metadata)
• deps:
  • debug@^4.4.3
  • http-errors@^2.0.1
  • mime-types@^3.0.2
  • statuses@^2.0.2

1.2.0 / 2025-03-27

• deps:
  • mime-types@^3.0.1
  • fresh@^2.0.0
  • removed destroy
• remove getHeaderNames() polyfill and refactor clearHeaders()

1.1.0 / 2024-09-10

• Changes from 0.19.0

1.0.0 / 2024-07-25

• Drop support for Node.js <18.0
• statuses@^2.0.1
• range-parser@^1.2.1
• on-finished@^2.4.1
• ms@^2.1.3
• mime-types@^2.1.35
• http-errors@^2.0.0
• fresh@^0.5.2
• etag@^1.8.1
• escape-html@^1.0.3
• encodeurl@^2.0.0
• destroy@^1.2.0
• debug@^4.3.5

1.0.0-beta.2 / 2024-03-04

• Changes from 0.18.0

1.0.0-beta.1 / 2022-02-04

• Drop support for Node.js 0.8

... (truncated)

Commits

• 096a614 1.2.1 (#281)
• 861e3c6 chore: update depenency ranges to latest versions (#286)
• a40fcd4 ci: add Node.js 25 to test matrix (#284)
• 7740dde chore: remove HISTORY.md from tarball (#285)
• f532f41 build(deps): bump github/codeql-action from 4.31.2 to 4.31.5 (#282)
• f9b651f build(deps): bump actions/checkout from 5 to 6 (#283)
• db2558b build(deps-dev): bump supertest from 6.2.2 to 6.3.4 (#260)
• 136fcf6 build(deps-dev): bump eslint-plugin-import from 2.25.4 to 2.32.0 (#262)
• fac9c3f build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 (#272)
• cd0c253 build(deps): bump actions/setup-node from 4 to 6 (#275)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for send since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.