Bump braces, browser-sync and nunjucks in /blog-posts/private-page/eleventy-static-page/project

[dependabot]

Bumps braces, browser-sync and nunjucks. These dependencies needed to be updated together.
Updates braces from 3.0.2 to 3.0.3

Commits

• 74b2db2 3.0.3
• 88f1429 update eslint. lint, fix unit tests.
• 415d660 Snyk js braces 6838727 (#40)
• 190510f fix tests, skip 1 test in test/braces.expand
• 716eb9f readme bump
• a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
• 2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
• 9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
• 98414f9 remove funding file
• 665ab5d update keepEscaping doc (#27)
• Additional commits viewable in compare view

Updates browser-sync from 2.26.7 to 2.29.3

Release notes

Sourced from browser-sync's releases.

The one that fixes snippetOptions

What's Changed

• fix: append to head if body not present yet - fixes #2031 by @​shakyShane in BrowserSync/browser-sync#2041

Full Changelog: BrowserSync/browser-sync@v2.29.2...v2.29.3

v2.29.1

What's Changed

• trim-deps by @​shakyShane in BrowserSync/browser-sync#2028

Full Changelog: BrowserSync/browser-sync@v2.29.0...v2.29.1

The one that restores IE11 support 💪

What's Changed

• fix ie11 by @​shakyShane in BrowserSync/browser-sync#2024

esbuild does not support down-level transpiling as far as IE11 - so when I switched to it, it accidentally broke IE11 support 😢

This is an important issue for me - many devs that support old browsers like IE11 are doing so because their projects are used in public services, or internal applications. Not every developer out there has the luxury of supporting evergreen-only browsers.

So, IE11 will work once again 🎉. Please use the issues thread to make me aware of any problem that's preventing you from using Browsersync in your day job 💪 (and be sure to thumbs-up the issues you want to see resolved)

# IE11 works, again
npm install browser-sync@latest

Full Changelog: BrowserSync/browser-sync@v2.28.3...v2.29.0

the one that finally removes document.write

What's Changed

• browser-sync-2017 use chalk everywhere by @​shakyShane in BrowserSync/browser-sync#2018
• fix: remove document.write by @​shakyShane in BrowserSync/browser-sync#2019

Full Changelog: BrowserSync/browser-sync@v2.27.12...v2.28.0

2.27.9

What's Changed

• fix(cli): Where's the command help? fixes #1929 by @​shakyShane in BrowserSync/browser-sync#1945

A bug prevented the help output from displaying - it was introduced when the CLI parser yargs was updated, and is now fixed :)

Full Changelog: BrowserSync/browser-sync@v2.27.8...v2.27.9

... (truncated)

Commits

• 02efdff v2.29.3
• 62d906e fix: append to head if body not present yet - fixes #2031 (#2041)
• f91440e v2.29.2
• d0c50e0 deps: drop qs (#2040)
• 6ffc212 v2.29.1
• 7b07798 v2.29.1-alpha.0
• 497f216 remove client deps
• bed04d4 v2.29.0
• 87421b5 fix: ie11 support (#2024)
• 59eb01a v2.28.3
• Additional commits viewable in compare view

Updates nunjucks from 3.2.0 to 3.2.4

Release notes

Sourced from nunjucks's releases.

v3.2.4

What's Changed

• fix: html encode backslashes if used with escape filter or autoescape by @​fdintino in mozilla/nunjucks#1437. Fixes CVE-2023-2142 ([bugzilla #1825980](https://bugzilla.mozilla.org/show_bug.cgi?id=1825980))

Full Changelog: mozilla/nunjucks@v3.2.3...v3.2.4

v3.2.3

• Add support for nested attributes on sort filter; respect throwOnUndefined if sort attribute is undefined.
• Add base arg to int filter.
• Move chokidar to peerDependencies and mark it optional in peerDependenciesMeta.
• Fix prototype pollution issue for template variables. Merge of #1330; fixes #1331. Thanks ChenKS12138!

v3.2.2

• Add select and reject filters. Merge of #1278 and #1279; fixes #282. Thanks ogonkov!
• Fix precompile binary script TypeError: name.replace is not a function. Fixes #1295.
• Add support for nested attributes on groupby filter; respect throwOnUndefined option, if the groupby attribute is undefined. Merge of #1276; fixes #1198. Thanks ogonkov!
• Fix bug that prevented errors in included templates from being raised when rendering templates synchronously. Fixes #1272.
• The indent filter no longer appends an additional newline. Fixes #1231.

v3.2.1

• Replace yargs with commander to reduce number of dependencies. Merge of #1253. Thanks AlynxZhou.
• Update optional dependency chokidar from ^2.0.0 to ^3.3.0. Merge of #1254. Thanks eklingen.
• Prevent optional dependency Chokidar from loading when not watching. Merge of #1250. Thanks eklingen.

Changelog

Sourced from nunjucks's changelog.

3.2.4 (Apr 13 2023)

• HTML encode backslashes when expressions are passed through the escape filter (including when this is done automatically with autoescape). Merge of #1437.

3.2.3 (Feb 15 2021)

• Add support for nested attributes on sort filter; respect throwOnUndefined if sort attribute is undefined.
• Add base arg to int filter.
• Move chokidar to peerDependencies and mark it optional in peerDependenciesMeta.
• Fix prototype pollution issue for template variables. Merge of #1330; fixes #1331. Thanks ChenKS12138!

3.2.2 (Jul 20 2020)

• Add select and reject filters. Merge of #1278 and #1279; fixes #282. Thanks ogonkov!
• Fix precompile binary script TypeError: name.replace is not a function. Fixes #1295.
• Add support for nested attributes on groupby filter; respect throwOnUndefined option, if the groupby attribute is undefined. Merge of #1276; fixes #1198. Thanks ogonkov!
• Fix bug that prevented errors in included templates from being raised when rendering templates synchronously. Fixes #1272.
• The indent filter no longer appends an additional newline. Fixes #1231.

3.2.1 (Mar 17 2020)

• Replace yargs with commander to reduce number of dependencies. Merge of #1253. Thanks AlynxZhou.
• Update optional dependency chokidar from ^2.0.0 to ^3.3.0. Merge of

... (truncated)

Commits

• 86a77f4 Release v3.2.4
• ec16d21 fix: html encode backslashes if used with escape filter or autoescape (#1437)
• fd50090 Release v3.2.3
• d34fdbf Temporarily comment out codecov action
• cefad41 Replace README.md travis badge with github actions
• 7601ff4 Fixup github actions workflow file
• de9dc67 Add GitHub Workflow for tests. fixes #1333
• aa9e5b9 Fix prototype pollution security issue. fixes #1331
• f51afa3 Move chokidar to peerDependencies and make it optional via peerDependenciesMe...
• f91f1c3 Fix groupby example formatting
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.