chore(deps): bump the patch-deps-updates-main group across 1 directory with 3 updates

[dependabot]

Bumps the patch-deps-updates-main group with 3 updates in the / directory: @zip.js/zip.js, modern-tar and release-it.

Updates @zip.js/zip.js from 2.8.14 to 2.8.23

Release notes

Sourced from @​zip.js/zip.js's releases.

v2.8.23

• Fixed zip64 auto-detection with keepOrder set to false in ZipWriter

Zip files containing entries larger than 4 GB or larger than 4 GB are now handled correctly when entries are written in parallel with keepOrder set to false. The zip64 extra field in the central directory is now built from actual offset and disk number values at close time, rather than being predicted at entry creation time.

• Updated dev dependencies

v2.8.22

Fixed support of option keepOrder when set to false in ZipWriter (the option is set to true by default)

v2.8.21

Implemented workaround (feature test) for DOMException serialization bug in Deno version 2.6.x (fix gildas-lormeau/zip.js#636)

v2.8.20

• Fixed inadvertently removed createTempStream option into ZipWriter
• Added transferStreams support in ZipWriter

v2.8.19

Removed unwanted web-worker dependency inadvertently added in the package.json file of version 2.8.17

v2.8.18

• Added createTempStream option to ZipWriter, used when adding entries in parallel, for custom temporary buffered write storage (e.g. filesystem, OPFS, network) instead of the default in-memory TransformStream (see this test for a usage example)
• Improved buffering implementation in ZipWriter by removing the Blob/Response usage
• Fixed minor regression introduced in version 2.8.16 when the web worker URI is not a data or blob URI (workers were not working with code using ES6 import) (see related test)

v2.8.17

Fixed support of Web Workers when running zip.js with Bun (see #638)

v2.8.16

• Implemented lazy evaluation of the existence of the Worker API to facilitate the use of polyfills on Node.js (e.g. web-worker), see How to use Web Workers on Node.js? gildas-lormeau/zip.js#635 (comment) for more info
• Updated dev dependencies

v2.8.15

• Fixed NPM Access Token expiration issue (see gildas-lormeau/zip.js#633)
• Fixed minor issues in the documentation

Commits

• 0cc3a3c update doc
• e33c46e update built files
• b881447 bump up version
• c1bc3b9 update dev dependencies
• bab735c build zip64 central directory extra fields at close time
• 0e83f81 bump up version
• 8387a92 update doc
• cb98d94 update built files
• 72c15c0 update dev dependencies
• 01edd8f fix keepOrder
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​zip.js/zip.js since your current version.

Updates modern-tar from 0.7.3 to 0.7.5

Release notes

Sourced from modern-tar's releases.

v0.7.5

Overview

• fix(options): strip relative hardlink linknames by @​ayuhito in ayuhito/modern-tar#118

Full Changelog: ayuhito/modern-tar@v0.7.4...v0.7.5

v0.7.4

Overview

A few correctness fixes and security enhancements 🛡️

• Fix parsing of archives with type=link entries with size!=0 by @​ayuhito in ayuhito/modern-tar#116
• Fix parsing of archives with directories that have type=FILE name=.../ by @​ayuhito in ayuhito/modern-tar#115
• fix(tar): prevent prototype pollution in PAX headers by @​ayuhito in ayuhito/modern-tar#117
• fix(fs): strip sticky bits ayuhito/modern-tar@857578e

Full Changelog: ayuhito/modern-tar@v0.7.3...v0.7.4

Commits

• 79e4d4b fix(options): strip relative hardlink linknames (#118)
• 98df8be chore: bump version to 0.7.4
• 857578e fix(fs): strip sticky bits
• e223bfb fix(tar): prevent prototype pollution in PAX headers (#117)
• 76efe5c fix: parsing of archives with directories that have type=FILE name=.../ (#115)
• 0aae183 Fix parsing of archives with type=link entries with size!=0 (#116)
• b7cd92c chore: bump version to 0.7.3
• See full diff in compare view

Updates release-it from 19.2.3 to 19.2.4

Release notes

Sourced from release-it's releases.

Release 19.2.4

• chore: update dependencies to resolve security vulnerabilities (#1273) (b45dd1aa3749d74ce279600dea242cb3c9dd5e8d) - thanks @​Yeom-JinHo!
• Update a few dev deps (cd8acdc8fdb50cf60ba45e8bd5128c4669a04f00)

Commits

• aa30853 Release 19.2.4
• cd8acdc Update a few dev deps
• b45dd1a chore: update dependencies to resolve security vulnerabilities (#1273)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions