Bump the npm_and_yarn group with 4 updates

[dependabot]

Bumps the npm_and_yarn group with 4 updates: serve-static, send, tough-cookie and less.

Updates serve-static from 1.13.2 to 1.16.0

Release notes

Sourced from serve-static's releases.

1.16.0

What's Changed

• Remove link renderization in html while redirecting (expressjs/serve-static#173)

New Contributors

• @​UlisesGascon made their first contribution in expressjs/serve-static#173

Full Changelog: expressjs/serve-static@v1.15.0...1.16.0

1.15.0

• deps: send@0.18.0
  • Fix emitted 416 error missing headers property
  • Limit the headers removed for 304 response
  • deps: depd@2.0.0
  • deps: destroy@1.2.0
  • deps: http-errors@2.0.0
  • deps: on-finished@2.4.1
  • deps: statuses@2.0.1

1.14.2

• deps: send@0.17.2
  • deps: http-errors@1.8.1
  • deps: ms@2.1.3
  • pref: ignore empty http tokens

1.14.1

• Set stricter CSP header in redirect response
• deps: send@0.17.1
  • deps: range-parser@~1.2.1

1.14.0

• deps: parseurl@~1.3.3
• deps: send@0.17.0
  • deps: http-errors@~1.7.2
  • deps: mime@1.6.0
  • deps: ms@2.1.1
  • deps: statuses@~1.5.0
  • perf: remove redundant path.normalize call

Changelog

Sourced from serve-static's changelog.

1.16.0 / 2024-09-10

• Remove link renderization in html while redirecting

1.15.0 / 2022-03-24

• deps: send@0.18.0
  • Fix emitted 416 error missing headers property
  • Limit the headers removed for 304 response
  • deps: depd@2.0.0
  • deps: destroy@1.2.0
  • deps: http-errors@2.0.0
  • deps: on-finished@2.4.1
  • deps: statuses@2.0.1

1.14.2 / 2021-12-15

• deps: send@0.17.2
  • deps: http-errors@1.8.1
  • deps: ms@2.1.3
  • pref: ignore empty http tokens

1.14.1 / 2019-05-10

• Set stricter CSP header in redirect response
• deps: send@0.17.1
  • deps: range-parser@~1.2.1

1.14.0 / 2019-05-07

• deps: parseurl@~1.3.3
• deps: send@0.17.0
  • deps: http-errors@~1.7.2
  • deps: mime@1.6.0
  • deps: ms@2.1.1
  • deps: statuses@~1.5.0
  • perf: remove redundant path.normalize call

Commits

• 48c7397 1.16.0
• 0c11fad Merge commit from fork
• 9b5a12a 1.15.0
• a39a0df docs: update CI link
• d702ea2 build: Node.js@17.8
• ff1510a deps: send@0.18.0
• 813c7e4 build: mocha@9.2.2
• 2e029f9 build: Node.js@17.7
• 3269f31 build: supertest@6.2.2
• 71cd4f8 build: mocha@9.2.1
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for serve-static since your current version.

Updates send from 0.16.2 to 0.18.0

Changelog

Sourced from send's changelog.

0.18.0 / 2022-03-23

• Fix emitted 416 error missing headers property
• Limit the headers removed for 304 response
• deps: depd@2.0.0
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: destroy@1.2.0
• deps: http-errors@2.0.0
  • deps: depd@2.0.0
  • deps: statuses@2.0.1
• deps: on-finished@2.4.1
• deps: statuses@2.0.1

0.17.2 / 2021-12-11

• pref: ignore empty http tokens
• deps: http-errors@1.8.1
  • deps: inherits@2.0.4
  • deps: toidentifier@1.0.1
  • deps: setprototypeof@1.2.0
• deps: ms@2.1.3

0.17.1 / 2019-05-10

• Set stricter CSP header in redirect & error responses
• deps: range-parser@~1.2.1

0.17.0 / 2019-05-03

• deps: http-errors@~1.7.2
  • Set constructor name when possible
  • Use toidentifier module to make class names
  • deps: depd@~1.1.2
  • deps: setprototypeof@1.1.1
  • deps: statuses@'>= 1.5.0 < 2'
• deps: mime@1.6.0
  • Add extensions for JPEG-2000 images
  • Add new font/* types from IANA
  • Add WASM mapping
  • Update .bdoc to application/bdoc
  • Update .bmp to image/bmp
  • Update .m4a to audio/mp4
  • Update .rtf to application/rtf
  • Update .wav to audio/wav
  • Update .xml to application/xml

... (truncated)

Commits

• b69cbb3 0.18.0
• f53edbb Limit the headers removed for 304 response
• 706d6dd docs: add security policy
• b690ba4 docs: fix linux build badge link
• fed09ff docs: update copyright
• aee1a65 deps: destroy@1.2.0
• 6060bda deps: on-finished@2.4.1
• 8055f78 build: Node.js@17.7
• 5364219 build: mocha@9.2.2
• f3cf8a9 deps: statuses@2.0.1
• Additional commits viewable in compare view

Removes tough-cookie

Updates less from 3.8.1 to 3.13.1

Changelog

Sourced from less's changelog.

v3.13.1 (2020-12-18)

• #3575 Fixes #3574 (#3575) (@​matthew-dean)

v3.13.0 (2020-12-12)

• #3572 Fixes #3434 - memory / runtime improvements (#3572) (@​matthew-dean)
• #3550 Examples contain more valid CSS, to test with a new parser (#3550) (@​matthew-dean)
• #3546 Bug fixes - fixes #3446 #3368 (#3546) (@​matthew-dean)

v3.12.2 (2020-07-16)

• #3545 Release 3.12.2 (#3545) (@​matthew-dean)

v3.12.1 (2020-07-16)

• #3544 Fixes #3533 (#3544) (@​matthew-dean)
• #3543 Fixes #3541 (#3543) (@​matthew-dean)

v3.12.0 (2020-07-13)

• #3540 v3.12.0-RC.2 (#3540) (@​matthew-dean)
• #3532 Fixes #3371 Allow conditional evaluation of function args (#3532) (@​matthew-dean)
• #3531 Remove lib folder from git (#3531) (@​matthew-dean)
• #3530 Move changelog to root (#3530) (@​matthew-dean)
• #3529 Duplicate dist files in root for older links (#3529) (@​matthew-dean)
• #3525 Test-data module (#3525) (@​matthew-dean)
• #3523 Fixes #3504 / organizes tests (#3523) (@​matthew-dean)
• #3501 Restore nuked scripts (?), replace dependencies (#3501) (#3522) (@​matthew-dean)
• #3521 Lerna refactor / TS compiling w/o bundling (#3521) (@​matthew-dean)
• #3517 Resolve #3398 Add flag to disable sourcemap url annotation (#3517) (@​hirosato)
• #3294 fix(#3294): use loadFileSync when loading plugins with syncImport: true (#3506) (@​Justineo)

v3.11.3 (2020-06-05)

• #3509 Fixes #3508 (#3509) (@​matthew-dean)

v3.11.2 (2020-06-01)

• #3498 Remove tree caching in import manager (#3498) (@​matthew-dean)
• #3482 issue#3481 ignore missing debugInfo (#3482) (@​5UtJAjiRWj1q)
• #3494 Additional check to avoid evaluating an expression if it is a comment (#3494) (@​rgroothuijsen)
• #3490 fix: Use make-dir instead of mkdirp (#3490) (@​eps1lon)
• #3493 Properly exit calc mode after use (#3493) (@​rgroothuijsen)
• #3477 Convert to auto-changelog (#3477) (@​matthew-dean)

v3.11.1 (2020-02-11)

• #3475 Fixes #3469 - Include tslib dependency (#3475) (@​matthew-dean)

v3.11.0 (2020-02-09)

• #3468 3.11.0 (#3468) (@​matthew-dean)
• #3453 Import file with dots in file name (#3453) (@​life777)
• #3460 - Fixed replacer when visitor returns array of nodes (#3460) (@​lmartorella)
• #3454 Added financial contributors to the README (#3454) (@​monkeywithacupcake)
• #3431 Fixes #3430: Removed unnecessary 'important' from NamespaceValue. (#3431) (@​batchunag)
• #3426 Fixes #3405 (#3426) (@​matthew-dean)

... (truncated)

Commits

• 283b1b4 Fixes #3574 (#3575)
• 5423802 Update CHANGELOG.md
• 257efdd Fixes #3434 - memory / runtime improvements (#3572)
• 0e26859 Examples contain more valid CSS, to test with a new parser (#3550)
• 76132ef Bug fixes - fixes #3446 #3368 (#3546)
• ef4baa5 Release 3.12.2 (#3545)
• b93a085 Fixes #3533 (#3544)
• e188f44 Fixes #3541 (#3543)
• 2870163 Update changelog
• e4f7551 v3.12.0
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[taylortom]

@dependabot recreate

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.