Bump the npm_and_yarn group across 2 directories with 4 updates

[dependabot]

Bumps the npm_and_yarn group with 4 updates in the /VolunteeringUkraineMap directory: pnpm, postcss, vite and @babel/traverse.
Bumps the npm_and_yarn group with 2 updates in the /VolunteeringUkraineUserGeneratedMap directory: postcss and vite.

Updates pnpm from 8.6.6 to 8.6.8

Release notes

Sourced from pnpm's releases.

v8.6.8

Patch Changes

• When the same file is appended multiple times into a tarball, the last occurrence is selected when unpacking the tarball.
• Fixed a bug in which pnpm passed the wrong scheme to git ls-remote, causing a fallback to git+ssh and resulting in a 'host key verification failed' issue #6805.
• Added support for publishConfig.registry in package.json for publishing #6775.
• pnpm rebuild now uploads the built artifacts to the content-addressable store.
• If a command cannot be created in .bin, the exact error message is now displayed.
• Treat linked dependencies with a tag version type as up-to-date #6592.
• pnpm setup now prints more details when it cannot detect the active shell.

Our Gold Sponsors

Our Silver Sponsors

... (truncated)

Commits

• a35ec3f chore(release): 8.6.8
• 6fe0b60 fix(git-resolver): wrong scheme to git ls-remote (#6806)
• e958707 perf: don't random ID to temp file names (#6817)
• 250f7e9 Merge pull request from GHSA-5r98-f33j-g8h7
• 1565a31 test: don't print the output of registry-mock
• 3c6144b chore: replace npm-run-all with concurrently
• e0fb391 chore: remove redundant scripts
• a70c77a test: use jest global setup/teardown to manage the registry mock (#6813)
• 7567305 chore(deps): update
• aa2ae8f feat: publishConfig.registry (#6803)
• Additional commits viewable in compare view

Updates postcss from 8.4.25 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by @​romainmenke).

8.4.29

• Fixed Node#source.offset (by @​idoros).
• Fixed docs (by @​coliff).

8.4.28

• Fixed Root.source.end for better source map (by @​romainmenke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

Changelog

Sourced from postcss's changelog.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by Romain Menke).

8.4.29

• Fixed Node#source.offset (by Ido Rosenthal).
• Fixed docs (by Christian Oliff).

8.4.28

• Fixed Root.source.end for better source map (by Romain Menke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

Commits

• 90208de Release 8.4.31 version
• 58cc860 Fix carrier return parsing
• 4fff8e4 Improve pnpm test output
• cd43ed1 Update dependencies
• caa916b Update dependencies
• 8972f76 Typo
• 11a5286 Typo
• 45c5501 Release 8.4.30 version
• bc3c341 Update linter
• b2be58a Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...
• Additional commits viewable in compare view

Updates vite from 4.4.1 to 4.4.12

Changelog

Sourced from vite's changelog.

4.4.12 (2023-12-04)

• fix: backport #15223, proxy html path should be encoded (#15226) (#15227) (fe8b209), closes #15223 #15226 #15227

4.4.11 (2023-10-05)

• revert: "fix: use string manipulation instead of regex to inject esbuild helpers (54e1275), closes #14094

4.4.10 (2023-10-03)

• fix: add source map to Web Workers (fix #14216) (#14217) (df6f32f), closes #14216 #14217
• fix: handle errors during hasWorkspacePackageJSON function (#14394) (6f6e5de), closes #14394
• fix: handle sourcemap correctly when multiple line import exists (#14232) (218861f), closes #14232
• fix: if host is specified check whether it is valid (#14013) (b1b816a), closes #14013
• fix: include vite/types/* in exports field (#14296) (40e99a1), closes #14296
• fix: initWasm options should be optional (#14152) (119c074), closes #14152
• fix: restore builtins list (f8b9adb)
• fix: use string manipulation instead of regex to inject esbuild helpers (#14094) (128ad8f), closes #14094
• fix: ws never connects after restarting server if server.hmr.server is set (#14127) (441642e), closes #14127
• fix(analysis): warnings for dynamic imports that use static template literals (#14458) (0c6d289), closes #14458
• fix(cli): convert special base (#14283) (d4bc0fb), closes #14283
• fix(css): remove pure css chunk sourcemap (#14290) (cd7e033), closes #14290
• fix(css): reset render cache on renderStart (#14326) (d334b3d), closes #14326
• fix(glob): trigger HMR for glob in a package (#14117) (0f582bf), closes #14117
• fix(import-analysis): preserve importedUrls import order (#14465) (269aa43), closes #14465
• fix(manifest): preserve pure css chunk assets (#14297) (3d63ae6), closes #14297
• fix(optimizer): define crawlDeps after scanProcessing and optimizationResult are complete (fix #1428 (fcaf749), closes #14284 #14285
• fix(resolve): support submodules of optional peer deps (#14489) (104971d), closes #14489
• fix(vite): precisely check if files are in dirs (#14241) (c4758d1), closes #14241
• feat: improve deno and bun support (#14379) (8bc1f9d), closes #14379

4.4.9 (2023-08-07)

• chore: fix eslint warnings (#14031) (4021a0e), closes #14031
• chore(deps): update all non-major dependencies (#13938) (a1b519e), closes #13938
• fix: dynamic import vars ignored warning (#14006) (4479431), closes #14006
• fix(build): silence warn dynamic import module when inlineDynamicImports true (#13970) (7a77aaf), closes #13970
• perf: improve build times and memory utilization (#14016) (9d7d45e), closes #14016
• perf: replace startsWith with === (#14005) (f5c1224), closes #14005

4.4.8 (2023-07-31)

... (truncated)

Commits

• 09626f8 release: v4.4.12
• fe8b209 fix: backport #15223, proxy html path should be encoded (#15226) (#15227)
• b50db04 release: v4.4.11
• 54e1275 revert: "fix: use string manipulation instead of regex to inject esbuild helpers
• f3a3e77 release: v4.4.10
• f8b9adb fix: restore builtins list
• 104971d fix(resolve): support submodules of optional peer deps (#14489)
• 0c6d289 fix(analysis): warnings for dynamic imports that use static template literals...
• 269aa43 fix(import-analysis): preserve importedUrls import order (#14465)
• 6f6e5de fix: handle errors during hasWorkspacePackageJSON function (#14394)
• Additional commits viewable in compare view

Updates @babel/traverse from 7.22.5 to 7.23.5

Release notes

Sourced from @​babel/traverse's releases.

v7.23.5 (2023-11-29)

👓 Spec Compliance

• babel-plugin-proposal-decorators
  • #16138 Class binding is in TDZ during decorators initialization (@​nicolo-ribaudo)
• babel-helpers, babel-plugin-proposal-decorators
  • #16132 Allow addInitializer in field decorator context (@​JLHwung)

🐛 Bug Fix

• babel-traverse, babel-types
  • #16131 Do not remove bindings when removing assignment expression path (@​nicolo-ribaudo)
• babel-plugin-transform-classes
  • #16135 Require class properties transform when compiling class with private fields (@​nicolo-ribaudo)
• babel-generator
  • #16122 fix: Missing parentheses after line break (@​liuxingbaoyu)
• babel-helpers
  • #16130 Fix helpers internal fns names conflict resolution (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties, babel-plugin-transform-typescript
  • #16123 Simplify class fields injetion after super() (@​nicolo-ribaudo)
• babel-generator, babel-plugin-transform-modules-commonjs, babel-plugin-transform-parameters, babel-plugin-transform-typescript, babel-traverse
  • #16110 fix: Unexpected duplication of comments (@​liuxingbaoyu)
• babel-eslint-plugin
  • #16023 Add @babel/eslint-plugin/no-undef to fix no-undef with accessor props (@​nicolo-ribaudo)

🔬 Output optimization

• babel-helpers
  • #16129 Optimize decorator helper size (@​liuxingbaoyu)

Committers: 4

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu

v7.23.4 (2023-11-20)

🐛 Bug Fix

• babel-generator
  • #16104 fix: Pure comments missing parentheses (@​liuxingbaoyu)

Committers: 4

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu

v7.23.3 (2023-11-09)

🐛 Bug Fix

• babel-plugin-transform-typescript

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.23.5 (2023-11-29)

👓 Spec Compliance

• babel-plugin-proposal-decorators
  • #16138 Class binding is in TDZ during decorators initialization (@​nicolo-ribaudo)
• babel-helpers, babel-plugin-proposal-decorators
  • #16132 Allow addInitializer in field decorator context (@​JLHwung)

🐛 Bug Fix

• babel-traverse, babel-types
  • #16131 Do not remove bindings when removing assignment expression path (@​nicolo-ribaudo)
• babel-plugin-transform-classes
  • #16135 Require class properties transform when compiling class with private fields (@​nicolo-ribaudo)
• babel-generator
  • #16122 fix: Missing parentheses after line break (@​liuxingbaoyu)
• babel-helpers
  • #16130 Fix helpers internal fns names conflict resolution (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties, babel-plugin-transform-typescript
  • #16123 Simplify class fields injetion after super() (@​nicolo-ribaudo)
• babel-generator, babel-plugin-transform-modules-commonjs, babel-plugin-transform-parameters, babel-plugin-transform-typescript, babel-traverse
  • #16110 fix: Unexpected duplication of comments (@​liuxingbaoyu)
• babel-eslint-plugin
  • #16023 Add @babel/eslint-plugin/no-undef to fix no-undef with accessor props (@​nicolo-ribaudo)

🔬 Output optimization

• babel-helpers
  • #16129 Optimize decorator helper size (@​liuxingbaoyu)

v7.23.4 (2023-11-20)

🐛 Bug Fix

• babel-generator
  • #16104 fix: Pure comments missing parentheses (@​liuxingbaoyu)

v7.23.3 (2023-11-09)

🐛 Bug Fix

• babel-plugin-transform-typescript
  • #16071 Strip type-only TS namespaces (@​colinaaa)
• babel-generator
  • #16078 Fix indentation when generating comments with concise: true (@​liuxingbaoyu)
• babel-compat-data, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-preset-env
  • #14295 Add a bugfix plugin for https://crbug.com/v8/12421 (@​nicolo-ribaudo)
• babel-plugin-transform-object-super
  • #15948 fix: super.x in a loop (@​liuxingbaoyu)
• babel-helper-module-transforms, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd
  • #16015 fix: handle __proto__ exports name in CJS/AMD/UMD (@​magic-akari)

📝 Documentation

• #16044 docs: Update links in @​babel/eslint-parser README (@​aryehb)

🏠 Internal

... (truncated)

Commits

• 8479012 v7.23.5
• da7dc40 Do not remove bindings when removing assignment expression path (#16131)
• fadc081 fix: Unexpected duplication of comments (#16110)
• 13a5c83 v7.23.4
• 5e1c5f0 Use prettier 3.1 (#16098)
• 1bce5c9 v7.23.3
• 4fb4fa6 Avoid dynamic dispatch when calling wrapCheck (#16060)
• 6d9725c [babel 8] Inline toSequenceExpression into @babel/traverse (#16057)
• b4b9942 v7.23.2
• b13376b Only evaluate own String/Number/Math methods (#16033)
• Additional commits viewable in compare view

Updates postcss from 8.4.29 to 8.4.32

Release notes

Sourced from postcss's releases.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by @​romainmenke).

8.4.29

• Fixed Node#source.offset (by @​idoros).
• Fixed docs (by @​coliff).

8.4.28

• Fixed Root.source.end for better source map (by @​romainmenke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

Changelog

Sourced from postcss's changelog.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by Romain Menke).

8.4.29

• Fixed Node#source.offset (by Ido Rosenthal).
• Fixed docs (by Christian Oliff).

8.4.28

• Fixed Root.source.end for better source map (by Romain Menke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

Commits

• 90208de Release 8.4.31 version
• 58cc860 Fix carrier return parsing
• 4fff8e4 Improve pnpm test output
• cd43ed1 Update dependencies
• caa916b Update dependencies
• 8972f76 Typo
• 11a5286 Typo
• 45c5501 Release 8.4.30 version
• bc3c341 Update linter
• b2be58a Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...
• Additional commits viewable in compare view

Updates vite from 4.4.9 to 4.4.12

Changelog

Sourced from vite's changelog.

4.4.12 (2023-12-04)

• fix: backport #15223, proxy html path should be encoded (#15226) (#15227) (fe8b209), closes #15223 #15226 #15227

4.4.11 (2023-10-05)

• revert: "fix: use string manipulation instead of regex to inject esbuild helpers (54e1275), closes #14094

4.4.10 (2023-10-03)

• fix: add source map to Web Workers (fix #14216) (#14217) (df6f32f), closes #14216 #14217
• fix: handle errors during hasWorkspacePackageJSON function (#14394) (6f6e5de), closes #14394
• fix: handle sourcemap correctly when multiple line import exists (#14232) (218861f), closes #14232
• fix: if host is specified check whether it is valid (#14013) (b1b816a), closes #14013
• fix: include vite/types/* in exports field (#14296) (40e99a1), closes #14296
• fix: initWasm options should be optional (#14152) (119c074), closes #14152
• fix: restore builtins list (f8b9adb)
• fix: use string manipulation instead of regex to inject esbuild helpers (#14094) (128ad8f), closes #14094
• fix: ws never connects after restarting server if server.hmr.server is set (#14127) (441642e), closes #14127
• fix(analysis): warnings for dynamic imports that use static template literals (#14458) (0c6d289), closes #14458
• fix(cli): convert special base (#14283) (d4bc0fb), closes #14283
• fix(css): remove pure css chunk sourcemap (#14290) (cd7e033), closes #14290
• fix(css): reset render cache on renderStart (#14326) (d334b3d), closes #14326
• fix(glob): trigger HMR for glob in a package (#14117) (0f582bf), closes #14117
• fix(import-analysis): preserve importedUrls import order (#14465) (269aa43), closes #14465
• fix(manifest): preserve pure css chunk assets (#14297) (3d63ae6), closes #14297
• fix(optimizer): define crawlDeps after scanProcessing and optimizationResult are complete (fix #1428 (fcaf749), closes #14284 #14285
• fix(resolve): support submodules of optional peer deps (#14489) (104971d), closes #14489
• fix(vite): precisely check if files are in dirs (#14241) (c4758d1), closes #14241
• feat: improve deno and bun support (#14379) (8bc1f9d), closes #14379

4.4.9 (2023-08-07)

• chore: fix eslint warnings (#14031) (4021a0e), closes #14031
• chore(deps): update all non-major dependencies (#13938) (a1b519e), closes #13938
• fix: dynamic import vars ignored warning (#14006) (4479431), closes #14006
• fix(build): silence warn dynamic import module when inlineDynamicImports true (#13970) (7a77aaf), closes #13970
• perf: improve build times and memory utilization (#14016) (9d7d45e), closes #14016
• perf: replace startsWith with === (#14005) (f5c1224), closes #14005

4.4.8 (2023-07-31)

... (truncated)

Commits

• 09626f8 release: v4.4.12
• fe8b209 fix: backport #15223, proxy html path should be encoded (#15226) (#15227)
• b50db04 release: v4.4.11
• 54e1275 revert: "fix: use string manipulation instead of regex to inject esbuild helpers
• f3a3e77 release: v4.4.10
• f8b9adb fix: restore builtins list
• 104971d fix(resolve): support submodules of optional peer deps (#14489)
• 0c6d289 fix(analysis): warnings for dynamic imports that use static template literals...
• 269aa43 fix(import-analysis): preserve importedUrls import order (#14465)
• 6f6e5de fix: handle errors during hasWorkspacePackageJSON function (#14394)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[netlify]

✅ Deploy Preview for volunteeringukraine ready!

Name	Link
🔨 Latest commit	47b1e7a
🔍 Latest deploy log	https://app.netlify.com/sites/volunteeringukraine/deploys/6575f2bb8121ea0008dc75b4
😎 Deploy Preview	https://deploy-preview-6--volunteeringukraine.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.