Bump the npm_and_yarn group across 1 directory with 5 updates

[dependabot[bot]]

Bumps the npm_and_yarn group with 4 updates in the / directory: postcss, @dotlottie/react-player, follow-redirects and ip.

Updates postcss from 8.4.21 to 8.4.35

Release notes

Sourced from postcss's releases.

8.4.35

• Avoid ! in node.parent.nodes type.
• Allow to pass undefined to node adding method to simplify types.

8.4.34

• Fixed AtRule#nodes type (by @​tim-we).
• Cleaned up code (by @​DrKiraDmitry).

8.4.33

• Fixed NoWorkResult behavior difference with normal mode (by @​romainmenke).
• Fixed NoWorkResult usage conditions (by @​ahmdammarr).

8.4.32

• Fixed postcss().process() types (by @​ferreira-tb).

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by @​romainmenke).

8.4.29

• Fixed Node#source.offset (by @​idoros).
• Fixed docs (by @​coliff).

8.4.28

• Fixed Root.source.end for better source map (by @​romainmenke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by @​romainmenke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

8.4.23

• Fixed warnings in TypeDoc.

8.4.22

• Fixed TypeScript support with node16 (by @​remcohaszing).

Changelog

Sourced from postcss's changelog.

8.4.35

• Avoid ! in node.parent.nodes type.
• Allow to pass undefined to node adding method to simplify types.

8.4.34

• Fixed AtRule#nodes type (by Tim Weißenfels).
• Cleaned up code (by Dmitry Kirillov).

8.4.33

• Fixed NoWorkResult behavior difference with normal mode (by Romain Menke).
• Fixed NoWorkResult usage conditions (by @​ahmdammarr).

8.4.32

• Fixed postcss().process() types (by Andrew Ferreira).

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by Romain Menke).

8.4.29

• Fixed Node#source.offset (by Ido Rosenthal).
• Fixed docs (by Christian Oliff).

8.4.28

• Fixed Root.source.end for better source map (by Romain Menke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by Romain Menke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

8.4.23

• Fixed warnings in TypeDoc.

8.4.22

• Fixed TypeScript support with node16 (by Remco Haszing).

Commits

• edda95e Release 8.4.35 version
• 612f360 Merge pull request #1924 from postcss/refactor/types
• 5e7449f Fix node.parent.nodes type
• 65075df Allow to pass undefined to adding methods to simplify type check
• 477b3bb Release 8.4.34 version
• 25af117 Update dependencies
• bb0314a Merge pull request #1922 from tim-we/improve-at-rule-types
• 9dd5a93 Fix at-rule test
• 8322d11 Fix visitor test
• ee7fcd4 Fix Document#nodes
• Additional commits viewable in compare view

Updates @dotlottie/react-player from 1.6.6 to 1.6.18

Release notes

Sourced from @​dotlottie/react-player's releases.

@​dotlottie/react-player@​1.6.18

Patch Changes

• 0587998: fix: 🐛 box-sizing css rule scope

@​dotlottie/react-player@​1.6.17

Patch Changes

• 9c78f2a: chore: 🤖 fix homepage link in package.json

@​dotlottie/react-player@​1.6.16

Patch Changes

• Updated dependencies [163dcc2]
  • @​dotlottie/common@​0.7.10

@​dotlottie/react-player@​1.6.15

Patch Changes

• 82fa43d: fix: upgrade dependencies with vulnerability issues
• Updated dependencies [82fa43d]
  • @​dotlottie/common@​0.7.9

@​dotlottie/react-player@​1.6.14

Patch Changes

• 7f40780: fix: loopComplete event does not fire after first cycle if direction is -1
• Updated dependencies [7f40780]
  • @​dotlottie/common@​0.7.8

@​dotlottie/react-player@​1.6.13

Patch Changes

• 871336a: fix: 🐛 First loopComplete event was not firing when direction is -1
• Updated dependencies [871336a]
  • @​dotlottie/common@​0.7.7

@​dotlottie/react-player@​1.6.12

Patch Changes

• Updated dependencies [477d72e]
  • @​dotlottie/common@​0.7.6

@​dotlottie/react-player@​1.6.11

Patch Changes

• 52e45e3: fix: 🐛 tsconfig jsx compile option for react 16.8 compatibility

@​dotlottie/react-player@​1.6.10

Patch Changes

... (truncated)

Commits

• 2e3cfcb chore: 🤖 update versions (#319)
• 0587998 fix: 🐛 box-sizing css rule scope (#318)
• 87708de chore: 🤖 update versions (#316)
• 9c78f2a chore: 🤖 fix homepage link in package.json (#315)
• 04bfbda chore: 🤖 update versions (#312)
• 163dcc2 refactor: 💡 theming from lss to lottie slots (#311)
• 0687c9b chore: 🤖 update versions (#305)
• 82fa43d chore: 🤖 add missing changeset (#303)
• 970e565 chore: upgrade dependencies with vulnerability issues (#302)
• 3731d4f chore: 🤖 update versions (#301)
• Additional commits viewable in compare view

Updates follow-redirects from 1.15.5 to 1.15.6

Commits

• 35a517c Release version 1.15.6 of the npm package.
• c4f847f Drop Proxy-Authorization across hosts.
• 8526b4a Use GitHub for disclosure.
• See full diff in compare view

Updates ip from 1.1.8 to 1.1.9

Commits

• 1ecbf2f 1.1.9
• 6a3ada9 lib: fixed CVE-2023-42282 and added unit test
• See full diff in compare view

Updates sharp from 0.32.5 to 0.32.6

Changelog

Sourced from sharp's changelog.

v0.32.6 - 18th September 2023

• Upgrade to libvips v8.14.5 for upstream bug fixes.

• Ensure composite tile images are fully decoded (regression in 0.32.0). #3767

• Ensure withMetadata can add ICC profiles to RGB16 output. #3773

• Ensure withMetadata does not reduce 16-bit images to 8-bit (regression in 0.32.5). #3773

• TypeScript: Add definitions for block and unblock. #3799 @​ldrick

Commits

• eefaa99 Release v0.32.6
• dbce6fa Upgrade to libvips v8.14.5
• af0fcb3 Docs: changelog for #3799
• c6f54e5 Bump devDeps
• 846563e TypeScript: add definitions for block and unblock (#3799)
• 9c217ab Ensure withMetadata can add RGB16 profiles #3773
• e7381e5 Alternative fix for 4340d60, uses existing StaySequential
• 4340d60 Ensure composite tile images fully decoded #3767
• 7f64d46 Docs: add missing returns property to raw
• 67e927b Docs: ensure all functions include method signature #3777
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SwissBitcoinPay/app/network/alerts).

[netlify[bot]]

✅ Deploy Preview for app-swiss-bitcoin-pay-ch canceled.

Name	Link
🔨 Latest commit	e37f4c076b05ee216fcbb468270bc01324214e89
🔍 Latest deploy log	https://app.netlify.com/sites/app-swiss-bitcoin-pay-ch/deploys/65f631f6a49e5f00089d7e5f

[dependabot[bot]]

Superseded by #58.