[Security] Bump semver from 7.3.8 to 7.6.1

Bumps semver from 7.3.8 to 7.6.1. This update includes a security fix.

Vulnerabilities fixed

semver vulnerable to Regular Expression Denial of Service Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.

Patched versions: 7.5.2; 7.5.2 Affected versions: = 7.0.0, < 7.5.2

Release notes

Sourced from semver's releases.

v7.6.1

7.6.1 (2024-05-04)

Bug Fixes

• c570a34 #704 linting: no-unused-vars (@​wraithgar)
• ad8ff11 #704 use internal cache implementation (@​mbtools)
• ac9b357 #682 typo in compareBuild debug message (#682) (@​mbtools)

Dependencies

• 988a8de #709 uninstall lru-cache (#709)
• 3fabe4d #704 remove lru-cache

Chores

• dd09b60 #705 bump @​npmcli/template-oss to 4.22.0 (@​lukekarrys)
• ec49cdc #701 chore: chore: postinstall for dependabot template-oss PR (@​lukekarrys)
• b236c3d #696 add benchmarks (#696) (@​H4ad)
• 692451b #688 various improvements to README (#688) (@​mbtools)
• 5feeb7f #705 postinstall for dependabot template-oss PR (@​lukekarrys)
• 074156f #701 bump @​npmcli/template-oss from 4.21.3 to 4.21.4 (@​dependabot[bot])

v7.6.0

7.6.0 (2024-01-31)

Features

• a7ab13a #671 preserve pre-release and build parts of a version on coerce (#671) (@​madtisa, madtisa, @​wraithgar)

Chores

• 816c7b2 #667 postinstall for dependabot template-oss PR (@​lukekarrys)
• 0bd24d9 #667 bump @​npmcli/template-oss from 4.21.1 to 4.21.3 (@​dependabot[bot])
• e521932 #652 postinstall for dependabot template-oss PR (@​lukekarrys)
• 8873991 #652 chore: chore: postinstall for dependabot template-oss PR (@​lukekarrys)
• f317dc8 #652 bump @​npmcli/template-oss from 4.19.0 to 4.21.0 (@​dependabot[bot])
• 7303db1 #658 add clean() test for build metadata (#658) (@​jethrodaniel)
• 6240d75 #656 add missing quotes in README.md (#656) (@​zyxkad)
• 14d263f #625 postinstall for dependabot template-oss PR (@​lukekarrys)
• 7c34e1a #625 bump @​npmcli/template-oss from 4.18.1 to 4.19.0 (@​dependabot[bot])
• 123e0b0 #622 postinstall for dependabot template-oss PR (@​lukekarrys)
• 737d5e1 #622 bump @​npmcli/template-oss from 4.18.0 to 4.18.1 (@​dependabot[bot])
• cce6180 #598 postinstall for dependabot template-oss PR (@​lukekarrys)
• b914a3d #598 bump @​npmcli/template-oss from 4.17.0 to 4.18.0 (@​dependabot[bot])

v7.5.4

7.5.4 (2023-07-07)

Bug Fixes

... (truncated)

Changelog

Sourced from semver's changelog.

7.6.1 (2024-05-04)

Bug Fixes

• c570a34 #704 linting: no-unused-vars (@​wraithgar)
• ad8ff11 #704 use internal cache implementation (@​mbtools)
• ac9b357 #682 typo in compareBuild debug message (#682) (@​mbtools)

Dependencies

• 988a8de #709 uninstall lru-cache (#709)
• 3fabe4d #704 remove lru-cache

Chores

• dd09b60 #705 bump @​npmcli/template-oss to 4.22.0 (@​lukekarrys)
• ec49cdc #701 chore: chore: postinstall for dependabot template-oss PR (@​lukekarrys)
• b236c3d #696 add benchmarks (#696) (@​H4ad)
• 692451b #688 various improvements to README (#688) (@​mbtools)
• 5feeb7f #705 postinstall for dependabot template-oss PR (@​lukekarrys)
• 074156f #701 bump @​npmcli/template-oss from 4.21.3 to 4.21.4 (@​dependabot[bot])

7.6.0 (2024-01-31)

Features

• a7ab13a #671 preserve pre-release and build parts of a version on coerce (#671) (@​madtisa, madtisa, @​wraithgar)

Chores

• 816c7b2 #667 postinstall for dependabot template-oss PR (@​lukekarrys)
• 0bd24d9 #667 bump @​npmcli/template-oss from 4.21.1 to 4.21.3 (@​dependabot[bot])
• e521932 #652 postinstall for dependabot template-oss PR (@​lukekarrys)
• 8873991 #652 chore: chore: postinstall for dependabot template-oss PR (@​lukekarrys)
• f317dc8 #652 bump @​npmcli/template-oss from 4.19.0 to 4.21.0 (@​dependabot[bot])
• 7303db1 #658 add clean() test for build metadata (#658) (@​jethrodaniel)
• 6240d75 #656 add missing quotes in README.md (#656) (@​zyxkad)
• 14d263f #625 postinstall for dependabot template-oss PR (@​lukekarrys)
• 7c34e1a #625 bump @​npmcli/template-oss from 4.18.1 to 4.19.0 (@​dependabot[bot])
• 123e0b0 #622 postinstall for dependabot template-oss PR (@​lukekarrys)
• 737d5e1 #622 bump @​npmcli/template-oss from 4.18.0 to 4.18.1 (@​dependabot[bot])
• cce6180 #598 postinstall for dependabot template-oss PR (@​lukekarrys)
• b914a3d #598 bump @​npmcli/template-oss from 4.17.0 to 4.18.0 (@​dependabot[bot])

7.5.4 (2023-07-07)

Bug Fixes

• cc6fde2 #588 trim each range set before parsing (@​lukekarrys)
• 99d8287 #583 correctly parse long build ids as valid (#583) (@​lukekarrys)

... (truncated)

Commits

• d777418 chore: release 7.6.1 (#706)
• 988a8de deps: uninstall lru-cache (#709)
• 5feeb7f chore: postinstall for dependabot template-oss PR
• dd09b60 chore: bump @​npmcli/template-oss to 4.22.0
• c570a34 fix(linting): no-unused-vars
• ad8ff11 fix: use internal cache implementation
• 3fabe4d deps: remove lru-cache
• ec49cdc chore: chore: chore: postinstall for dependabot template-oss PR
• 074156f chore: bump @​npmcli/template-oss from 4.21.3 to 4.21.4
• b236c3d chore: add benchmarks (#696)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by npm-cli-ops, a new releaser for semver since your current version.

---

Dependabot commands

You can trigger Dependabot actions by commenting on this MR

• $dependabot rebase will rebase this MR
• $dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts