Bump shell-quote and react-scripts in /client

[dependabot[bot]]

Bumps shell-quote to 1.7.4 and updates ancestor dependency react-scripts. These dependencies need to be updated together.

Updates shell-quote from 1.7.2 to 1.7.4

Changelog

Sourced from shell-quote's changelog.

v1.7.4 - 2022-10-12

Merged

• Add node_modules to .gitignore [#48](https://github.com/ljharb/shell-quote/issues/48)

Commits

• [eslint] fix indentation and whitespace aaa9d1f
• [eslint] additional cleanup 397cb62
• [meta] add auto-changelog 497fca5
• [actions] add reusable workflows 4763c36
• [eslint] add eslint 6ee1437
• [readme] rename, add badges 7eb5134
• [meta] update URLs 67381b6
• [meta] create FUNDING.yml; add funding in package.json 8641572
• [meta] use npmignore to autogenerate an npmignore file 2e2007a
• Only apps should have lockfiles f97411e
• [Dev Deps] update tape 051f608
• [meta] add safe-publish-latest 18cadf9
• [Tests] add aud in posttest dc1cc12

1.7.3

• Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the quoting rules. (CVE-2021-42740)

Commits

• 5409e72 v1.7.4
• 4763c36 [actions] add reusable workflows
• 8641572 [meta] create FUNDING.yml; add funding in package.json
• 497fca5 [meta] add auto-changelog
• 7eb5134 [readme] rename, add badges
• 67381b6 [meta] update URLs
• 2e2007a [meta] use npmignore to autogenerate an npmignore file
• 18cadf9 [meta] add safe-publish-latest
• 397cb62 [eslint] additional cleanup
• aaa9d1f [eslint] fix indentation and whitespace
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for shell-quote since your current version.

Updates react-scripts from 4.0.1 to 5.0.1

Changelog

Sourced from react-scripts's changelog.

4.0.3 (2021-02-22)

v4.0.3 is a maintenance release that includes minor bug fixes and dependency updates.

:bug: Bug Fix

• react-scripts
  • #10590 Upgrade eslint-webpack-plugin to fix opt-out flag (@​mrmckeb)

:house: Internal

• react-dev-utils
  • #10412 update immer to 8.0.1 to address vulnerability (@​wclem4)
• create-react-app
  • #10384 tests: update test case to match the description (@​jamesgeorge007)

Committers: 4

• Brody McKee (@​mrmckeb)
• Dion Woolley (@​Awarua-)
• James George (@​jamesgeorge007)
• Walker Clem (@​wclem4)

Migrating from 4.0.2 to 4.0.3

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@4.0.3

or

yarn add --exact react-scripts@4.0.3

4.0.2 (2021-02-03)

v4.0.2 is a maintenance release that includes minor bug fixes and documentation updates.

:rocket: New Feature

• react-scripts
  • #8986 Add support for new BUILD_PATH advanced configuration variable (@​ajhyndman)

:bug: Bug Fix

• react-scripts
  • #10170 Add opt-out for eslint-webpack-plugin (@​mrmckeb)

... (truncated)

Commits

• 19fa58d Publish
• 9802941 fix: webpack noise printed only if error or warning (#12245)
• 2eef1d0 Update templates to use React 18 createRoot (#12220)
• 221e511 Publish
• 5614c87 Add support for Tailwind (#11717)
• 20edab4 fix(webpackDevServer): disable overlay for warnings (#11413)
• 3afbbc0 Update all dependencies (#11624)
• f5467d5 feat(eslint-config-react-app): support ESLint 8.x (#11375)
• c7627ce Update webpack and dev server (#11646)
• 544befe Update package.json (#11597)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/plaid/pattern/network/alerts).