Bump the npm_and_yarn group with 5 updates

[dependabot[bot]]

Bumps the npm_and_yarn group with 5 updates:

Package	From	To
browserslist	4.21.4	4.23.2
cross-fetch	3.1.5	3.1.8
marked	4.1.1	4.3.0
terser	5.15.1	5.31.3
ws	5.2.3	5.2.4

Updates browserslist from 4.21.4 to 4.23.2

Release notes

Sourced from browserslist's releases.

4.23.2

• Updated Firefox ESR.

4.23.1

• Fixed feature query with mobile to desktop when caniuse lags (by @​steverep).

4.23.0

• Added BROWSERSLIST_ROOT_PATH (by @​teleclimber).

Changelog

Sourced from browserslist's changelog.

4.23.2

• Updated Firefox ESR.

4.23.1

• Fixed feature query with mobile to desktop when caniuse lags (by @​steverep).

4.23.0

• Added BROWSERSLIST_ROOT_PATH (by @​teleclimber).

4.22.3

• Fixed white spaces support in supports query (@​g-plane).
• Fixed shared config like @company/package/browserslist-config (@​boucodes).

4.22.2

• Fixed idempotency in time queries with mobileToDesktop (by Aliaksei Sapach).

4.22.1

• Updated Firefox ESR (by @​lerkor).

4.22

• Added fully supports query (by Ben Scott).
• Added partially supports alias for supports query (by Ben Scott).

4.21.11

• Added warning to --update-db to move to new CLI (by Ivan Vasilev).
• Fixed docs (by Tatsunori Uchino).

4.21.10

• Updated Firefox ESR.

4.21.9

• Fixed Opera Mobile edge cases (by Steve Repsher).

4.21.8

• Fixed supports query and mobileToDesktop (by Steve Repsher).

4.21.7

• Fixed last queries for Android (by Steve Repsher).

4.21.6

• Fixed time queries with mobileToDesktop (by Steve Repsher).
• Fixed docs (by Tatsunori Uchino, Will Stone, and Dominik Pschenitschni).

4.21.5

• Fixed running Browserslist in browser environment.

Commits

• cdcfbc0 Release 4.23.2 version
• 9e8188b Update dependencies
• 543fc48 Update Firefox ESR
• edd5309 Release 4.23.1 version
• 9e8ca3d Simplify code
• bbe6821 Update lock
• a36e1ad Update ESLint and dependencies
• 4424c96 Use pnpm 9 for Node.js 20 and 18
• 2185077 Add Node.js 22 to CI
• f78f90c Move to pnpm 9
• Additional commits viewable in compare view

Updates cross-fetch from 3.1.5 to 3.1.8

Release notes

Sourced from cross-fetch's releases.

v3.1.8

What's Changed

• Restored caret range to node-fetch version for automatic feature and fix updates.

Full Changelog: https://github.com/lquixada/cross-fetch/compare/v3.1.7...v3.1.8

v3.1.7

What's Changed

• Updated node-fetch version to 2.6.12

Full Changelog: https://github.com/lquixada/cross-fetch/compare/v3.1.6...v3.1.7

v3.1.6

What's Changed

• Updated node-fetch version to 2.6.11
• Added caret range to node-fetch version for automatic feature and fix updates.

Full Changelog: https://github.com/lquixada/cross-fetch/compare/v3.1.5...v3.1.6

Changelog

Sourced from cross-fetch's changelog.

3.1.8 (2023-07-02)

Bug Fixes

• restored caret on node-fetch version (6669927)

3.1.7 (2023-07-01)

3.1.6 (2023-05-14)

Features

• allowed minor and patch update of node-fetch (#132) (425395b), closes #129

Bug Fixes

• fixed ESTree.StaticBlock error (a66f21b)

Commits

• 0922089 chore(release): 3.1.8
• 6669927 fix: restored caret on node-fetch version
• ff14bdd chore: improved release script
• d625e0d chore: release workflow now uses .nvmrc
• 098ed1e chore: improved release workflow
• cc2663b chore(release): 3.1.7
• 7c1fdde chore: updated node-fetch to 2.6.12
• e298dbb chore: reordered if statement
• 81049e1 chore: removed github publish pipeline
• a80be7c chore: removed console log from specs
• Additional commits viewable in compare view

Updates marked from 4.1.1 to 4.3.0

Release notes

Sourced from marked's releases.

v4.3.0

4.3.0 (2023-03-22)

Bug Fixes

• always return promise if async (#2728) (042dcc5)
• fenced code doesn't need a trailing newline (#2756) (3acbb7f)

Features

• add preprocess and postprocess hooks (#2730) (9b452bc)

v4.2.12

4.2.12 (2023-01-14)

Sorry for all of the quick releases. We were testing out different ways to build the files for releases. v4.2.5 - v4.2.12 have no changes to how marked works. The only addition is the version number in the comment in the build files.

Bug Fixes

• revert to build script in ci (d2ab474)

v4.2.11

4.2.11 (2023-01-14)

Bug Fixes

• just build in version (22ac2cf)

v4.2.10

4.2.10 (2023-01-14)

Bug Fixes

• use version (fd759b3)

v4.2.9

4.2.9 (2023-01-14)

Bug Fixes

• fix version (96380c3)

... (truncated)

Commits

• d65cf63 chore(release): 4.3.0 [skip ci]
• 28f4342 🗜️ build v4.3.0 [skip ci]
• 9b452bc feat: add preprocess and postprocess hooks (#2730)
• 042dcc5 fix: always return promise if async (#2728)
• 3acbb7f fix: fenced code doesn't need a trailing newline (#2756)
• d1f1319 chore(deps-dev): Bump rollup from 3.19.1 to 3.20.0 (#2760)
• 0ced8a5 chore(deps-dev): Bump jasmine from 4.5.0 to 4.6.0 (#2758)
• a5bbe19 chore(deps-dev): Bump @​babel/core from 7.21.0 to 7.21.3 (#2761)
• 00f6e2a chore(deps-dev): Bump semantic-release from 20.1.1 to 20.1.3 (#2759)
• 8c7bca8 chore(deps-dev): Bump node-fetch from 3.3.0 to 3.3.1 (#2754)
• Additional commits viewable in compare view

Updates terser from 5.15.1 to 5.31.3

Changelog

Sourced from terser's changelog.

v5.31.3

• drop_unused: drop unused parameters from IIFEs in some more situations.

v5.31.2

• drop_unused: scan variables in self-referential class declarations that contain side effects.
• Don't add parens to arrow function when it's the default for an argument (#1540)
• Update domprops (#1538)

v5.31.1

• Allow drop-unused to drop the whole assignment (not just the assigned name) in more situations, in order to avoid duplication of long strings.

v5.31.0

• Sync up property mangler exceptions with current contents of Firefox and Chrome environments
• Add more webcomponent properties to property mangler exceptions (#1525)
• Drop non-nullish constants in ...spreads in objects (#1141)

v5.30.4

• Fix parsing #private in ... when next to other operators

v5.30.3

• Fix precedence of #private in ... operator

v5.30.2

• Avoid optimizations inside computed keys, because they can cause js-engine-specific bugs.

v5.30.1

• Removed useless \ escapes for non-ascii characters
• Make modern identifier characters quoted for older environments (#1512)

v5.30.0

• Improve removal of classes referring to themselves

v5.29.2

• Make sure 'computed_props' creates string keys
• Take into account the evaluated size when inlining

v5.29.1

• fix optimisation of all-bits mask check

v5.29.0

• Re-releases previously reverted 5.28.0
• Fix crash while optimizing some bitwise ops
• (internal) Remove needless wrapper for from_moz (#1499)

v5.28.1

(hotfix release)

• Reverts v5.28.0

v5.28.0

• Optimise redundant or shrinkable bitwise operations (|, ^, &, >>, <<)

... (truncated)

Commits

• 0e6c08d 5.31.3
• 6f6b579 update changelog
• b17c72f drop unused parameters of IIFEs in more situations
• 856041a 5.31.2
• 1646f4f update changelog
• f1f325f Update dependency acorn to v8.12.1 (#1543)
• 9862142 fix unpaired surrogates test
• 437be8b drop_unused: scan variables used by self-referential side-effectful class dec...
• 9083832 Bump braces from 3.0.2 to 3.0.3 (#1537)
• cc7ac7c Don't add parens when arrow function is part of a default assign (#1540)
• Additional commits viewable in compare view

Updates ws from 5.2.3 to 5.2.4

Release notes

Sourced from ws's releases.

5.2.4

Bug fixes

• Backported e55e5106 to the 5.x release line (4abd8f6d).

Commits

• aa8fe0a [dist] 5.2.4
• 4abd8f6 [security] Fix crash when the Upgrade header cannot be read (#2231)
• 36a3f4d [lint] Add space before function parentheses
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AdobeDocs/commerce-services/network/alerts).

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.