build(deps): bump the npm_and_yarn group across 4 directories with 8 updates

[dependabot]

Bumps the npm_and_yarn group with 1 update in the / directory: cross-spawn.
Bumps the npm_and_yarn group with 2 updates in the /src/flagd-ui directory: next and nanoid.
Bumps the npm_and_yarn group with 4 updates in the /src/frontend directory: next, nanoid, cookie and cookies-next.
Bumps the npm_and_yarn group with 5 updates in the /src/react-native-app directory:

Package	From	To
cross-spawn	6.0.5	6.0.6
undici	6.21.0	6.21.1
nanoid	3.3.7	3.3.8
send	0.18.0	0.19.1
expo	51.0.39	52.0.26

Updates cross-spawn from 7.0.3 to 7.0.6

Changelog

Sourced from cross-spawn's changelog.

7.0.6 (2024-11-18)

Bug Fixes

• update cross-spawn version to 7.0.5 in package-lock.json (f700743)

7.0.5 (2024-11-07)

Bug Fixes

• fix escaping bug introduced by backtracking (640d391)

7.0.4 (2024-11-07)

Bug Fixes

• disable regexp backtracking (#160) (5ff3a07)

Commits

• 77cd97f chore(release): 7.0.6
• 6717de4 chore: upgrade standard-version
• f700743 fix: update cross-spawn version to 7.0.5 in package-lock.json
• 9a7e3b2 chore: fix build status badge
• 0852683 chore(release): 7.0.5
• 640d391 fix: fix escaping bug introduced by backtracking
• bff0c87 chore: remove codecov
• a7c6abc chore: replace travis with github workflows
• 9b9246e chore(release): 7.0.4
• 5ff3a07 fix: disable regexp backtracking (#160)
• Additional commits viewable in compare view

Updates next from 14.2.5 to 14.2.21

Release notes

Sourced from next's releases.

v14.2.21

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Upgrade React from 14898b6a9 to 178c267a4e: vercel/next.js#74115
• Fix unstable_allowDynamic when used with pnpm: vercel/next.js#73765

Misc Changes

• chore(docs): add missing search: '' on remotePatterns: vercel/next.js#73927
• chore(docs): update version history of next/image: vercel/next.js#73926

Credits

Huge thanks to @​unstubbable, @​ztanner, and @​styfle for helping!

v14.2.20

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Fix fetch cloning bug (vercel/next.js#73532)

Credits

Huge thanks to @​wyattjoh for helping!

v14.2.19

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• ensure worker exits bubble to parent process (#73433)
• Increase max cache tags to 128 (#73125)

Misc Changes

• Update max tag items limit in docs (#73445)

Credits

Huge thanks to @​ztanner and @​ijjk for helping!

Commits

• 2655f6e v14.2.21
• 8803d2b Backport (v14): Upgrade React from 14898b6a9 to 178c267a4e (#74115)
• 6e35243 chore(docs): add missing search: '' on remotePatterns (#73925) (#73927)
• 54919d2 chore(docs): update version history of next/image (#73926)
• 049a690 Backport: Fix unstable_allowDynamic when used with pnpm (#73765)
• 663fa9c Fix SWC and React versions for 14-2-1 branch (#73791)
• ed78a4a v14.2.20
• 530421d [backport] Fix/dedupe fetch clone (#73532)
• cbc62ad v14.2.19
• 92280dc [backport] Update max tag items limit in docs (#73445)
• Additional commits viewable in compare view

Updates nanoid from 3.3.7 to 3.3.8

Changelog

Sourced from nanoid's changelog.

3.3.8

• Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

Commits

• 3044cd5 Release 3.3.8 version
• 4fe3495 Update size limit
• d643045 Fix pool pollution, infinite loop (#510)
• See full diff in compare view

Updates next from 14.2.5 to 14.2.21

Release notes

Sourced from next's releases.

v14.2.21

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Upgrade React from 14898b6a9 to 178c267a4e: vercel/next.js#74115
• Fix unstable_allowDynamic when used with pnpm: vercel/next.js#73765

Misc Changes

• chore(docs): add missing search: '' on remotePatterns: vercel/next.js#73927
• chore(docs): update version history of next/image: vercel/next.js#73926

Credits

Huge thanks to @​unstubbable, @​ztanner, and @​styfle for helping!

v14.2.20

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Fix fetch cloning bug (vercel/next.js#73532)

Credits

Huge thanks to @​wyattjoh for helping!

v14.2.19

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• ensure worker exits bubble to parent process (#73433)
• Increase max cache tags to 128 (#73125)

Misc Changes

• Update max tag items limit in docs (#73445)

Credits

Huge thanks to @​ztanner and @​ijjk for helping!

Commits

• 2655f6e v14.2.21
• 8803d2b Backport (v14): Upgrade React from 14898b6a9 to 178c267a4e (#74115)
• 6e35243 chore(docs): add missing search: '' on remotePatterns (#73925) (#73927)
• 54919d2 chore(docs): update version history of next/image (#73926)
• 049a690 Backport: Fix unstable_allowDynamic when used with pnpm (#73765)
• 663fa9c Fix SWC and React versions for 14-2-1 branch (#73791)
• ed78a4a v14.2.20
• 530421d [backport] Fix/dedupe fetch clone (#73532)
• cbc62ad v14.2.19
• 92280dc [backport] Update max tag items limit in docs (#73445)
• Additional commits viewable in compare view

Updates nanoid from 3.3.7 to 3.3.8

Changelog

Sourced from nanoid's changelog.

3.3.8

• Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

Commits

• 3044cd5 Release 3.3.8 version
• 4fe3495 Update size limit
• d643045 Fix pool pollution, infinite loop (#510)
• See full diff in compare view

Updates cookie from 0.6.0 to 0.7.2

Release notes

Sourced from cookie's releases.

v0.7.2

Fixed

• Fix object assignment of hasOwnProperty (#177) bc38ffd

jshttp/cookie@v0.7.1...v0.7.2

0.7.1

Fixed

• Allow leading dot for domain (#174)
  • Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec
• Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

• perf: parse cookies ~10% faster (#144 by @​kurtextrem and #170)
• fix: narrow the validation of cookies to match RFC6265 (#167 by @​bewinsnw)
• fix: add main to package.json for rspack (#166 by @​proudparrot2)

jshttp/cookie@v0.6.0...v0.7.0

Commits

• d19eaa1 0.7.2
• bc38ffd Fix object assignment of hasOwnProperty (#177)
• cf4658f 0.7.1
• 6a8b8f5 Allow leading dot for domain (#174)
• 58015c0 Remove more code and perf wins (#172)
• ab057d6 0.7.0
• 5f02ca8 Migrate history to GitHub releases
• a5d591c Migrate history to GitHub releases
• 51968f9 Skip isNaN
• 9e7ca51 perf(parse): cache length, return early (#144)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.

Updates cookies-next from 4.2.1 to 4.3.0

Release notes

Sourced from cookies-next's releases.

v4.3.0

What's Changed

• Update cookie dependency. by @​jeffbum in andreizanik/cookies-next#80

New Contributors

• @​jeffbum made their first contribution in andreizanik/cookies-next#80

Full Changelog: andreizanik/cookies-next@v4.2.1...v4.3.0

Commits

• 8dc34e5 4.3.0
• f0e2fe9 Merge pull request #80 from jeffbum/update_cookie_dependency
• 8d81e44 Update cookie dependency.
• See full diff in compare view

Updates cross-spawn from 6.0.5 to 6.0.6

Changelog

Sourced from cross-spawn's changelog.

7.0.6 (2024-11-18)

Bug Fixes

• update cross-spawn version to 7.0.5 in package-lock.json (f700743)

7.0.5 (2024-11-07)

Bug Fixes

• fix escaping bug introduced by backtracking (640d391)

7.0.4 (2024-11-07)

Bug Fixes

• disable regexp backtracking (#160) (5ff3a07)

Commits

• 77cd97f chore(release): 7.0.6
• 6717de4 chore: upgrade standard-version
• f700743 fix: update cross-spawn version to 7.0.5 in package-lock.json
• 9a7e3b2 chore: fix build status badge
• 0852683 chore(release): 7.0.5
• 640d391 fix: fix escaping bug introduced by backtracking
• bff0c87 chore: remove codecov
• a7c6abc chore: replace travis with github workflows
• 9b9246e chore(release): 7.0.4
• 5ff3a07 fix: disable regexp backtracking (#160)
• Additional commits viewable in compare view

Updates undici from 6.21.0 to 6.21.1

Release notes

Sourced from undici's releases.

v6.21.1

⚠️ Security Release ⚠️

Fixes CVE CVE-2025-22150 GHSA-c76h-2ccp-4975 (embargoed until 22-01-2025).

What's Changed

• fix(#3736): back-port 183f8e9 to v6.x by @​ggoodman in nodejs/undici#3855
• fix(#3817): send servername for SNI on TLS (#3821) [backport] by @​metcoder95 in nodejs/undici#3864
• fix: sending formdata bodies with http2 (#3863) [backport] by @​metcoder95 in nodejs/undici#3866
• [Backport v6.x] fix: Fixed the issue that there is no running request when http2 goaway by @​github-actions in nodejs/undici#3877
• types: [backport] Update return type of RetryCallback (#3851) by @​metcoder95 in nodejs/undici#3876

Full Changelog: nodejs/undici@v6.21.0...v6.21.1

Commits

• e260e7b Bumped v6.21.1
• c3acc60 Merge commit from fork
• 2414bc9 Update return type of RetryCallback (#3851) (#3876)
• be8cd0a [Backport v6.x] fix: Fixed the issue that there is no running request when ht...
• ee6176c fix: sending formdata bodies with http2 (#3863) [backport] (#3866)
• a0220f1 fix(#3817): send servername for SNI on TLS (#3821) [backport] (#3864)
• 353ab63 fix(#3736): back-port 183f8e9 to v6.x (#3855)
• See full diff in compare view

Updates nanoid from 3.3.7 to 3.3.8

Changelog

Sourced from nanoid's changelog.

3.3.8

• Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

Commits

• 3044cd5 Release 3.3.8 version
• 4fe3495 Update size limit
• d643045 Fix pool pollution, infinite loop (#510)
• See full diff in compare view

Updates send from 0.18.0 to 0.19.1

Release notes

Sourced from send's releases.

0.19.0

What's Changed

• Remove link renderization in html while redirecting (pillarjs/send#235)

New Contributors

• @​UlisesGascon made their first contribution in pillarjs/send#235

Full Changelog: pillarjs/send@0.18.0...0.19.0

Changelog

Sourced from send's changelog.

1.1.0 / 2024-09-10

• Changes from 0.19.0

1.0.0 / 2024-07-25

• Drop support for Node.js <18.0
• statuses@^2.0.1
• range-parser@^1.2.1
• on-finished@^2.4.1
• ms@^2.1.3
• mime-types@^2.1.35
• http-errors@^2.0.0
• fresh@^0.5.2
• etag@^1.8.1
• escape-html@^1.0.3
• encodeurl@^2.0.0
• destroy@^1.2.0
• debug@^4.3.5

1.0.0-beta.2 / 2024-03-04

• Changes from 0.18.0

1.0.0-beta.1 / 2022-02-04

• Drop support for Node.js 0.8
• Remove hidden option -- use dotfiles option
• Remove from alias to root -- use root directly
• Remove send.etag() -- use etag in options
• Remove send.index() -- use index in options
• Remove send.maxage() -- use maxAge in options
• Remove send.root() -- use root in options
• Use mime-types for file to content type mapping -- removed send.mime
• deps: debug@3.1.0
  • Add DEBUG_HIDE_DATE environment variable
  • Change timer to per-namespace instead of global
  • Change non-TTY date format
  • Remove DEBUG_FD environment variable support
  • Support 256 namespace colors

0.19.0 / 2024-09-10

• Remove link renderization in html while redirecting

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for send since your current version.

Updates expo from 51.0.39 to 52.0.26

Changelog

Sourced from expo's changelog.

Changelog

This is the log of notable changes to the Expo client that are developer-facing. Package-specific changes not released in any SDK will be added here just before the release. Until then, you can find them in changelogs of the individual packages (see packages directory).

Unpublished

📚 3rd party library updates

🛠 Breaking changes

🎉 New features

🐛 Bug fixes

52.0.0 — 2024-11-08

📚 3rd party library updates

• Updated react-native-svg from 15.2.0 to 15.7.1. (#31567 by @​lukmccall)

🛠 Breaking changes

• unimodules-app-loader
  • Bumped iOS deployment target to 15.1. (#30840 by @​tsapeta)
• expo-web-browser
  • Bumped iOS deployment target to 15.1. (#30840, #30864 by @​tsapeta)
• expo-video-thumbnails
  • Bumped iOS deployment target to 15.1. (#30840 by @​tsapeta)
• expo-task-manager
  • Bumped iOS deployment target to 15.1. (#30840 by @​tsapeta)
• expo-store-review
  • Bumped iOS deployment target to 15.1. (#30840 by @​tsapeta)
• expo-sqlite
  • Bumped iOS deployment target to 15.1. (#30840 by @​tsapeta)
  • Removed deprecated legacy expo-sqlite. (#31766 by @​kudo)
  • Removed next export. (#32184 by @​reichhartd)
• expo-secure-store
  • Bumped iOS deployment target to 15.1. (#30840 by @​tsapeta)
• expo-sms
  • Bumped iOS deployment target to 15.1. (#30840 by @​tsapeta)
• expo-speech
  • Bumped iOS deployment target to 15.1. (#30840 by @​tsapeta)
• expo-sensors
  • Bumped iOS deployment target to 15.1. (#30840 by @​tsapeta)
• expo-screen-capture
  • Make permissions auto-grant on Android 14+. (#31865 by @​aleqsio)
  • Bumped iOS deployment target to 15.1. (#30840 by @​tsapeta)
• expo-sharing
  • Bumped iOS deployment target to 15.1. (#30840 by @​tsapeta)

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Dependabot couldn't fetch all your path-based dependencies. Because of this, Dependabot cannot update this pull request.

[dependabot]

Dependabot couldn't fetch all your path-based dependencies. Because of this, Dependabot cannot update this pull request.