Bump the npm_and_yarn group across 1 directory with 4 updates

[dependabot]

Bumps the npm_and_yarn group with 3 updates in the /desktop directory: ejs, undici and @angular-devkit/build-angular.

Updates ejs from 3.1.9 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

Commits

• d3f807d Version 3.1.10
• 9ee26dd Mocha TDD
• e469741 Basic pollution protection
• 715e950 Merge pull request #756 from Jeffrey-mu/main
• cabe314 Include advanced usage examples
• 29b076c Added header
• 11503c7 Merge branch 'main' of github.com:mde/ejs into main
• 7690404 Added security banner to README
• f47d7ae Update SECURITY.md
• 828cea1 Update SECURITY.md
• Additional commits viewable in compare view

Updates undici from 6.7.1 to 6.11.1

Release notes

Sourced from undici's releases.

v6.11.1

⚠️ Security Release ⚠️

What's Changed

• Fixes GHSA-m4v8-wqvr-p9f7 CVE-2024-30260
• Fixes GHSA-9qxr-qj54-h672 CVE-2024-30261
• Revert "fix: don't leak internal class (#3024)" by @​mcollina in nodejs/undici#3044

Full Changelog: nodejs/undici@v6.11.0...v6.11.1

v6.11.0

What's Changed

• refactor(#3023): Pass headers as array instead by @​metcoder95 in nodejs/undici#3025
• fix: don't leak internal class by @​ronag in nodejs/undici#3024
• build(deps): bump codecov/codecov-action from 4.1.0 to 4.1.1 by @​dependabot in nodejs/undici#3034
• build(deps-dev): bump tsd from 0.30.7 to 0.31.0 by @​dependabot in nodejs/undici#3038
• build(deps-dev): bump borp from 0.9.1 to 0.10.0 by @​dependabot in nodejs/undici#2947
• missing commits by @​ronag in nodejs/undici#3040
• build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @​dependabot in nodejs/undici#3036
• fix: regexp pattern by @​tsctx in nodejs/undici#3041

Full Changelog: nodejs/undici@v6.10.2...v6.11.0

v6.10.2

What's Changed

• Do not fail test if streams support typed arrays by @​mcollina in nodejs/undici#2978
• fix(fetch): properly redirect non-ascii location header url by @​Xvezda in nodejs/undici#2971
• perf: Remove double-stringify in setCookie by @​peterver in nodejs/undici#2980
• [fix #2982] use DispatcherInterceptor type for Dispatcher#Compose by @​clovis-guillemot in nodejs/undici#2983
• fix: make EventSource properties enumerable by @​MattBidewell in nodejs/undici#2987
• docs: ✏️ fixed benchmark links by @​benhalverson in nodejs/undici#2991
• fix(#2986): bad start check by @​metcoder95 in nodejs/undici#2992
• fix(H2 Client): bind stream 'data' listener only after received 'response' event by @​St3ffGv4 in nodejs/undici#2985
• feat: added search input by @​benhalverson in nodejs/undici#2993
• chore: validate responses can be consumed without a Content-Length or… by @​jacob-ebey in nodejs/undici#2995
• fix error message by @​KhafraDev in nodejs/undici#2998
• Revert "perf: reuse TextDecoder instance (#2863)" by @​panva in nodejs/undici#2999
• test: remove only by @​metcoder95 in nodejs/undici#3001

New Contributors

• @​Xvezda made their first contribution in nodejs/undici#2971
• @​peterver made their first contribution in nodejs/undici#2980
• @​clovis-guillemot made their first contribution in nodejs/undici#2983
• @​MattBidewell made their first contribution in nodejs/undici#2987
• @​benhalverson made their first contribution in nodejs/undici#2991
• @​St3ffGv4 made their first contribution in nodejs/undici#2985
• @​jacob-ebey made their first contribution in nodejs/undici#2995

... (truncated)

Commits

• 6df3c73 Bumped v6.11.1
• c346b66 Revert "fix: don't leak internal class (#3024)"
• d542b8c Merge pull request from GHSA-9qxr-qj54-h672
• 6805746 Merge pull request from GHSA-m4v8-wqvr-p9f7
• ee5f892 Bumped v6.11.0
• 71a6d74 Merge branch 'main' of github.com:nodejs/undici
• 0f0f239 fix: regexp pattern (#3041)
• 31f9e67 build(deps): bump actions/checkout from 4.1.1 to 4.1.2 (#3036)
• c8a43ae fixup
• 8b5e2c8 fixup
• Additional commits viewable in compare view

Updates @angular-devkit/build-angular from 17.3.2 to 17.3.6

Release notes

Sourced from @​angular-devkit/build-angular's releases.

v17.3.6

17.3.6 (2024-04-25)

@​angular-devkit/build-angular

Commit	Description
	properly configure headers for media resources and HTML page

v17.3.5

17.3.5 (2024-04-17)

@​angular-devkit/build-angular

Commit	Description
	address Unable to deserialize cloned data issue with Yarn PnP
	remove type="text/css" from style tag

v17.3.4

17.3.4 (2024-04-11)

@​angular-devkit/build-angular

Commit	Description
	ensure esbuild-based builders exclusively produce ESM output

v17.3.3

@​schematics/angular

Commit	Description
	Revert "fix(@​schematics/angular): rename SSR port env variable"

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

17.3.6 (2024-04-25)

@​angular-devkit/build-angular

Commit	Type	Description
dcec59799	fix	properly configure headers for media resources and HTML page

18.0.0-next.3 (2024-04-17)

Breaking Changes

@​angular/cli

• The ng doc command has been removed without a replacement. To perform searches, please visit www.angular.dev

@​angular-devkit/build-angular

• By default, the index.html file is no longer emitted in the browser directory when using the application builder with SSR. Instead, an index.csr.html file is emitted. This change is implemented because in many cases server and cloud providers incorrectly treat the index.html file as a statically generated page. If you still require the old behavior, you can use the index option to specify the output file name.

  "architect": {
    "build": {
      "builder": "@angular-devkit/build-angular:application",
      "options": {
        "outputPath": "dist/my-app",
        "index": {
          "input": "src/index.html",
          "output": "index.html"
        }
      }
    }
  }

@​angular/cli

Commit	Type	Description
03eee0545	refactor	remove ng doc command

@​angular-devkit/build-angular

Commit	Type	Description
83d1d233a	feat	enhance Sass rebasing importer for resources URL defined in variables and handling of external paths

... (truncated)

Commits

• c6b82f6 release: cut the v17.3.6 release
• 6f1906f docs: add explanation of how to set up a new NPM package in Wombat
• dcec597 fix(@​angular-devkit/build-angular): properly configure headers for media reso...
• c5f20a3 release: cut the v17.3.5 release
• 6191d06 fix(@​angular-devkit/build-angular): address `Unable to deserialize cloned dat...
• 0335d6a fix(@​angular-devkit/build-angular): remove type="text/css" from style tag
• d0bff79 release: cut the v17.3.4 release
• 84ee482 docs: replace links links to aio with links to adev
• 1128bdd fix(@​angular-devkit/build-angular): ensure esbuild-based builders exclusively...
• 1f47a10 build: update vite and undici
• Additional commits viewable in compare view

Updates vite from 5.1.5 to 5.1.7

Changelog

Sourced from vite's changelog.

5.1.7 (2024-03-24)

• fix: fs.deny with globs with directories (#16250) (5a056dd), closes #16250

5.1.6 (2024-03-11)

• chore(deps): update all non-major dependencies (#16131) (a862ecb), closes #16131
• fix: check for publicDir before checking if it is a parent directory (#16046) (b6fb323), closes #16046
• fix: escape single quote when relative base is used (#16060) (8f74ce4), closes #16060
• fix: handle function property extension in namespace import (#16113) (f699194), closes #16113
• fix: server middleware mode resolve (#16122) (8403546), closes #16122
• fix(esbuild): update tsconfck to fix bug that could cause a deadlock (#16124) (fd9de04), closes #16124
• fix(worker): hide "The emitted file overwrites" warning if the content is same (#16094) (60dfa9e), closes #16094
• fix(worker): throw error when circular worker import is detected and support self referencing worker (eef9da1), closes #16103
• style(utils): remove null check (#16112) (0d2df52), closes #16112
• refactor(runtime): share more code between runtime and main bundle (#16063) (93be84e), closes #16063

Commits

• e710c2f release: v5.1.7
• 5a056dd fix: fs.deny with globs with directories (#16250)
• 6f7466e release: v5.1.6
• a862ecb chore(deps): update all non-major dependencies (#16131)
• 8403546 fix: server middleware mode resolve (#16122)
• b6fb323 fix: check for publicDir before checking if it is a parent directory (#16046)
• fd9de04 fix(esbuild): update tsconfck to fix bug that could cause a deadlock (#16124)
• f699194 fix: handle function property extension in namespace import (#16113)
• 0d2df52 style(utils): remove null check (#16112)
• eef9da1 fix(worker): throw error when circular worker import is detected and support ...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.