Bump qs and browser-sync

[dependabot[bot]]

Bumps qs to 6.11.1 and updates ancestor dependency browser-sync. These dependencies need to be updated together.

Updates qs from 6.2.3 to 6.11.1

Changelog

Sourced from qs's changelog.

6.11.1

• [Fix] stringify: encode comma values more consistently (#463)
• [readme] add usage of filter option for injecting custom serialization, i.e. of custom types (#447)
• [meta] remove extraneous code backticks (#457)
• [meta] fix changelog markdown
• [actions] update checkout action
• [actions] restrict action permissions
• [Dev Deps] update @ljharb/eslint-config, aud, object-inspect, tape

6.11.0

• [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option (#442)
• [readme] fix version badge

6.10.5

• [Fix] stringify: with arrayFormat: comma, properly include an explicit [] on a single-item array (#434)

6.10.4

• [Fix] stringify: with arrayFormat: comma, include an explicit [] on a single-item array (#441)
• [meta] use npmignore to autogenerate an npmignore file
• [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, object-inspect, tape

6.10.3

• [Fix] parse: ignore __proto__ keys (#428)
• [Robustness] stringify: avoid relying on a global undefined (#427)
• [actions] reuse common workflows
• [Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape

6.10.2

• [Fix] stringify: actually fix cyclic references (#426)
• [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
• [readme] remove travis badge; add github actions/codecov badges; update URLs
• [Docs] add note and links for coercing primitive values (#408)
• [actions] update codecov uploader
• [actions] update workflows
• [Tests] clean up stringify tests slightly
• [Dev Deps] update eslint, @ljharb/eslint-config, aud, object-inspect, safe-publish-latest, tape

6.10.1

• [Fix] stringify: avoid exception on repeated object values (#402)

6.10.0

• [New] stringify: throw on cycles, instead of an infinite loop (#395, #394, #393)
• [New] parse: add allowSparse option for collapsing arrays with missing indices (#312)
• [meta] fix README.md (#399)
• [meta] only run npm run dist in publish, not install
• [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbols, tape
• [Tests] fix tests on node v0.6
• [Tests] use ljharb/actions/node/install instead of ljharb/actions/node/run
• [Tests] Revert "[meta] ignore eclint transitive audit warning"

... (truncated)

Commits

• 9dca37f v6.11.1
• 4c4b23d [Fix] stringify: encode comma values more consistently
• 1778ed4 [Dev Deps] update @ljharb/eslint-config, object-inspect, tape
• 20820fa [Dev Deps] update aud
• 2048fa5 [meta] remove extraneous code backticks
• 7e937fa [actions] update checkout action
• 6ce7665 [Dev Deps] update aud, tape
• e45d713 [actions] restrict action permissions
• 997044d [meta] fix changelog markdown
• 92c746b [readme] add usage of filter option for injecting custom serialization, i.e...
• Additional commits viewable in compare view

Updates browser-sync from 2.26.13 to 2.28.3

Release notes

Sourced from browser-sync's releases.

the one finally removes document.write

What's Changed

• browser-sync-2017 use chalk everywhere by @​shakyShane in BrowserSync/browser-sync#2018
• fix: remove document.write by @​shakyShane in BrowserSync/browser-sync#2019

Full Changelog: https://github.com/BrowserSync/browser-sync/compare/v2.27.12...v2.28.0

2.27.9

What's Changed

• fix(cli): Where's the command help? fixes #1929 by @​shakyShane in BrowserSync/browser-sync#1945

A bug prevented the help output from displaying - it was introduced when the CLI parser yargs was updated, and is now fixed :)

Full Changelog: https://github.com/BrowserSync/browser-sync/compare/v2.27.8...v2.27.9

2.27.8

This release upgrades Socket.io (client+server) to the latest versions - solving the following issues, and silencing security warning :)

PR:

• https://github.com/BrowserSync/browser-sync/commit/58ab4ab861d7c50b4349f25bdd4c7f8871d0ad32

Resolved Issues:

• BrowserSync/browser-sync#1850
• BrowserSync/browser-sync#1892
• BrowserSync/browser-sync#1925
• BrowserSync/browser-sync#1926
• BrowserSync/browser-sync#1933

Thanks to @​lachieh for the original PR, which helped me land this fix

added snippet: boolean option

This release adds a feature to address BrowserSync/browser-sync#1882

Sometimes you don't want Browsersync to auto-inject it's connection snippet into your HTML - now you can disable it globally via either a CLI param or the new snippet option :)

browser-sync . --no-snippet

or in any Browsersync configuration

const config = {
  snippet: false,
};

... (truncated)

Commits

• 59eb01a v2.28.3
• 3fd2720 v2.28.2
• 8487a85 bump logger (#2026)
• a841795 chalk as main dep - fixes #2021 (#2025)
• 9ea395f v2.28.1
• 23c666f fix(deps): loosen range on ua-parser-js - fixes #2009 (#2020)
• 52ab250 v2.28.0
• 019f8ea fix: remove document.write (#2019)
• 3b0581e browser-sync-2017 use chalk everywhere (#2018)
• c1db647 v2.27.12
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hello-ulises/ulises.us/network/alerts).