Bump json5 and typescript-plugin-css-modules

[dependabot[bot]]

Bumps json5 to 1.0.2 and updates ancestor dependency typescript-plugin-css-modules. These dependencies need to be updated together.

Updates json5 from 1.0.1 to 1.0.2

Release notes

Sourced from json5's releases.

v1.0.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)

Changelog

Sourced from json5's changelog.

Unreleased [code, diff]

v2.2.3 [code, diff]

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

... (truncated)

Commits

• a62db1e 1.0.2
• e0c23fe docs: update CHANGELOG for v1.0.2
• 62a6540 fix: add proto to objects and arrays
• See full diff in compare view

Updates typescript-plugin-css-modules from 4.1.1 to 4.2.3

Release notes

Sourced from typescript-plugin-css-modules's releases.

v4.2.3

Bug fixes:

• Fixed a bug where named exports were dropped when goToDefinition is enabled (@​mrmckeb, mrmckeb/typescript-plugin-css-modules#208).
• Fixed support for composes in CSS modules (@​mrmckeb, mrmckeb/typescript-plugin-css-modules#210).

Full changelog: https://github.com/mrmckeb/typescript-plugin-css-modules/compare/v4.2.2...v4.2.3

v4.2.2

Bug fixes:

• Fix potentially fatal CSS classname regexp bug (@​mrmckeb, mrmckeb/typescript-plugin-css-modules#205).

Full changelog: https://github.com/mrmckeb/typescript-plugin-css-modules/compare/v4.2.1...v4.2.2

v4.2.1

Bug fixes:

• Correct additionalData typo (@​mrmckeb, mrmckeb/typescript-plugin-css-modules#204).

Full changelog: https://github.com/mrmckeb/typescript-plugin-css-modules/compare/v4.2.0...v4.2.1

v4.2.0

New features:

• Add Less support for goToDefinition (@​mariusGundersen, mrmckeb/typescript-plugin-css-modules#192).
• Add additionalData option to append text content to files before they're processed (@​mrmckeb, mrmckeb/typescript-plugin-css-modules#203).

Bug fixes:

• Fix Sass tilde importer partial support (@​dennispg, mrmckeb/typescript-plugin-css-modules#193).

Other:

• Remove unsupported postcss-* packages (@​mrmckeb, mrmckeb/typescript-plugin-css-modules#201).
• Improve goToDefinition documentation and add additional tests (@​mrmckeb, mrmckeb/typescript-plugin-css-modules#202).

New contributors

• @​mariusGundersen made their first contribution in mrmckeb/typescript-plugin-css-modules#192.
• @​dennispg made their first contribution in mrmckeb/typescript-plugin-css-modules#193.

Full changelog: https://github.com/mrmckeb/typescript-plugin-css-modules/compare/v4.1.1...v4.2.0

Commits

• 0365602 chore: bump version
• 045fc08 fix: add support for composes in CSS modules (#210)
• 644c448 fix: restore named exports for goToDefinition (#208)
• 9809e51 chore: bump version
• 3819676 fix: improve CSS classname regexp (#205)
• 9ef8e07 chore: bump version
• da7b048 fix: correct additionalData typo (#204)
• 161b626 chore: bump version
• 5178720 feat: add additonalData feature (#203)
• c179960 test: add additional goToDefinition tests (#202)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/kmvan/x-prober/network/alerts).

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.