Bump the npm_and_yarn group across 2 directories with 30 updates

[dependabot]

Bumps the npm_and_yarn group with 15 updates in the / directory:

Package	From	To
chrome-launcher	0.10.2	0.13.2
koa	2.5.3	3.1.2
semver	5.5.1	5.7.2
ajv	5.5.2	6.14.0
async	2.6.1	2.6.4
axios	0.18.1	removed
brace-expansion	1.1.11	1.1.13
braces	2.3.2	3.0.3
form-data	2.3.2	2.5.5
minimatch	3.0.4	3.1.5
minimist	0.0.8	1.2.8
path-to-regexp	1.7.0	1.9.0
ws	6.2.1	6.2.3
qs	6.5.2	6.15.0
thenify	3.3.0	3.3.1

Bumps the npm_and_yarn group with 11 updates in the /middleware directory:

Package	From	To
semver	5.6.0	5.7.2
semver	6.3.0	6.3.1
@babel/traverse	7.6.0	7.29.0
ajv	6.6.1	6.14.0
brace-expansion	1.1.11	1.1.13
braces	3.0.2	3.0.3
minimatch	3.0.4	3.1.5
minimist	1.2.0	1.2.8
got	9.6.0	removed
json-schema	0.2.3	0.4.0
path-to-regexp	0.1.7	0.1.13
request	2.88.0	2.88.2

Updates chrome-launcher from 0.10.2 to 0.13.2

Release notes

Sourced from chrome-launcher's releases.

0.13.2 (Thu, May 7 2020)

• 7c1ea547 deps: bump to is-wsl@2.2.0 (#187)
• 2ae5591d fix: sanitize environment variables used in RegExp (#197)

0.13.1 (Wed, Apr 1 2020)

• bf2957ac deps: update various dependencies (#192)
  • fixes the vulnerability warnings

0.13.0 (Thu, Feb 27 2020)

• 83da1e41 feat: add killAll function (#186)
• b8c89f84 flags: disable the default browser check (#181) (#182)
• 6112555c fix: log taskkill error based on logging opts (#178) (#179)
• 7c935efa docs: add missing quote in README.md example (#180)
• 2e829c7d Skip --disable-setuid-sandbox flag when ignoreDefaultFlags = true (#171)

---

(👋 also... there are a few releases we didnt publish here, but are tagged and published to npm. their changes are detailed in changelog.md)

0.10.4 (Mon, Sep 17 2018)

• 35842ba4 fix: ignore stdio on which call (#121)
• f126c3a0 fix: reject promise on failed kill() (#112)
• 5ee0fde2 Set custom error codes for all errors.
• 841bdf3f Fix picking CHROME_PATH priority over other matches.
• 6b10d748 Fix Travis CI build: GCE for chrome bug (#87)
• d4aa8295 Fix readme's default logLevel (#85)
• 5be71243 Type improvements (#102)
• dd5fdd49 Stricter typing for logLevel (#105)
• c9394cf7 Fix README typo: booelan ==> boolean (#104)
• Update chrome-flags-for-tools.md

0.10.3 (Mon, Sep 17 2018)

UNPUBLISHED. Bad release: had a breaking change.

We'll ship a 1.0.0 later with #124 in it

Changelog

Sourced from chrome-launcher's changelog.

v0.13.2 (Thu, May 7 2020)

• 7c1ea547 deps: bump to is-wsl@2.2.0 (#187)
• 2ae5591d fix: sanitize environment variables used in RegExp (#197)

v0.13.1 (Wed, Apr 1 2020)

• bf2957ac deps: update various dependencies (#192)

v0.13.0 (Thu, Feb 27 2020)

• 83da1e41 feat: add killAll function (#186)
• b8c89f84 flags: disable the default browser check (#181) (#182)
• 6112555c fix: log taskkill error based on logging opts (#178) (#179)
• 7c935efa docs: add missing quote in README.md example (#180)
• 2e829c7d Skip --disable-setuid-sandbox flag when ignoreDefaultFlags = true (#171)

v0.12.0 (Wed, Oct 30 2019)

• 66a5e226 flags: add new --disable flags to reduce noise and disable backgrounding (#170)
  • --disable-component-extensions-with-background-pages
  • --disable-backgrounding-occluded-windows
  • --disable-renderer-backgrounding
  • --disable-background-timer-throttling
• c4890ee3 feat: expose public interface for locating Chrome installations (#177)
  • Launcher.getInstallations() returns an array of paths to available Chrome binaries
• a5ccaa4e deps: update assorted dependencies (#175)
• e67a10df --disable-translation is now --disable-features=TranslateUI (#167)

v0.11.2 (Mon, Jul 29 2019)

• 1928187 fix: prevent mutation of default flags (#162)
• 02a23c2 docs: fix launcher example in README (#160)
• 90dc0e4 update manual-chrome-launcher with fixes from LH

v0.11.1 (Tue, Jul 09 2019)

• ec80f0ca tests: drop support for node 9. continue supporting node 8 LTS (#159)
• 4865f3af deps(security): bump mocha to latest (#158)
• e0d2b09b deps(security): bump handlebars from 4.0.11 to 4.1.2 (#157)
• 982be53f update changelog for v0.10.7 and v0.11.0

v0.11.0 (Tue, Jul 09 2019)

• a860504f [Breaking change] remove enableExtensions. add ignoreDefaultFlags & defaultFlags() (#124)
• 448a1d48 chrome-finder: Add support for MacOS Catalina (#149)
• 55b891bb deps(is-wsl): add support for WSL 2; drop Node 6 (#152)
• 57e18181 deps: upgrade typescript and ts-node (#155)
• a8848116 deps(security): bump lodash from 4.17.4 to 4.17.11 (#147)
• 0a775dab Document that --enable-automation disables automatic page reloads (#140)
• c9f653e2 Removing dead --safebrowsing-disable-auto-update flag. (#139)
• be12d564 yarn.lock add integrity
• e361aa43 Update changelog.md (#137)

v0.10.7 (Wed, May 01 2019)

• 55397e0c deps: update yarn.lock from #142
• 179a3f33 silence grep (#138)

... (truncated)

Commits

• d703582 v0.13.2
• 7c1ea54 deps: bump to is-wsl@2.2.0 (#187)
• 2ae5591 fix: sanitize environment variables used in RegExp (#197)
• 9aa64d6 add prepublish script (#193)
• 2289dcd update changelog
• d4d8221 v0.13.1
• bf2957a deps: update various dependencies (#192)
• c4c72c6 v0.13.0
• 13fbc0f changelog for 0.13.0
• 83da1e4 feat: add killAll function (#186)
• Additional commits viewable in compare view

Updates koa from 2.5.3 to 3.1.2

Release notes

Sourced from koa's releases.

v3.1.2

What's Changed

• fix: typo in troubleshooting.md by @​WuMingDao in koajs/koa#1916
• build(deps-dev): bump qs from 6.14.0 to 6.14.1 by @​dependabot[bot] in koajs/koa#1921
• build(deps): bump http-errors from 2.0.0 to 2.0.1 by @​dependabot[bot] in koajs/koa#1919
• build(deps): bump mime-types from 3.0.1 to 3.0.2 by @​dependabot[bot] in koajs/koa#1918
• docs: use correct term "Server-Sent Events" in guide by @​jtr860830 in koajs/koa#1920
• build(deps): bump content-disposition from 0.5.4 to 1.0.1 by @​dependabot[bot] in koajs/koa#1917
• build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 by @​dependabot[bot] in koajs/koa#1922
• fix(security): Host Header Injection via ctx.hostname by @​killagu GHSA-7gcc-r8m5-44qm

New Contributors

• @​WuMingDao made their first contribution in koajs/koa#1916
• @​jtr860830 made their first contribution in koajs/koa#1920

Full Changelog: koajs/koa@v3.1.1...v3.1.2

v3.1.1

What's Changed

• fix: only original value destroy if the new value is not a stream by @​yowainwright in koajs/koa#1914

Full Changelog: koajs/koa@v3.1.0...v3.1.1

v3.1.0

What's Changed

• feat: fixes mem leak relating to issue-1834 by @​yowainwright in koajs/koa#1893
• fix: adds steam clean up by @​yowainwright in koajs/koa#1910

Full Changelog: koajs/koa@v3.0.3...v3.1.0

v3.0.3

What's Changed

• fix: normalize referer before redirect by @​fengmk2 in koajs/koa#1908

Full Changelog: koajs/koa@v3.0.2...v3.0.3

v3.0.2

What's Changed

• fix: fixes response.attachment behaviour leads to Content-Type Sniffing by @​yowainwright in koajs/koa#1904
• chore: use NPM trusted publishing with semver tag triggers by @​Copilot in koajs/koa#1907

New Contributors

• @​Copilot made their first contribution in koajs/koa#1907

Full Changelog: koajs/koa@v3.0.1...v3.0.2

v3.0.1

... (truncated)

Changelog

Sourced from koa's changelog.

[!IMPORTANT] Moving forwards we are using the GitHub releases page at https://github.com/koajs/koa/releases in combination with np for publishing releases and their changelogs.

---

3.0.0-alpha.3 / 2025-02-11

fixes

• Avoid redos on host and protocol getter

3.0.0-alpha.2 / 2024-11-04

breaking changes

• Update http-errors to v2.0.0 #1486
  • ctx.throw now requires a format of ctx.throw(status, error, properties). See: https://www.npmjs.com/package/http-errors
• Remove res.redirect('back'), add back() method to ctx #1115
• Replace node querystring with URLSearchParams #1828
• Remove obsolete createAsyncCtxStorageMiddleware #1817

features

• Add support for web WHATWG #1830

updates

• Update cookies to ~0.9.1 #1846
• Update statuses to ^2.0.1
• Update supertest to ^7.0.0 #1841

fixes

• Fix exports.defaults in package.json #1630
• Fix leaky handles in tests #1838
• Fix body null checks #1814
• Fix reformatting redirect URLs #1805 #1804
• Fix passing ctx in error handler #1758

migrations

• Migrate from jest to the native node test runner #1845

3.0.0-alpha.1 / 2023-04-12

fixes

• [e98b8d1] - fix: can not get currentContext in error handler (#1758) (Gxkl <gxkl203@gmail.com>)

3.0.0-alpha.0 / 2023-01-02

Breaking Changes

... (truncated)

Commits

• c5a52e0 3.1.2
• 55ab9ba Merge commit from fork
• fecd464 build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (#1922)
• d2066cf build(deps): bump content-disposition from 0.5.4 to 1.0.1 (#1917)
• 8694a06 docs: use correct term "Server-Sent Events" in guide (#1920)
• 096682b build(deps): bump mime-types from 3.0.1 to 3.0.2 (#1918)
• 8215c2e build(deps): bump http-errors from 2.0.0 to 2.0.1 (#1919)
• cfe5ec6 build(deps-dev): bump qs from 6.14.0 to 6.14.1 (#1921)
• 0a6afa5 fix: typo in troubleshooting.md (#1916)
• 2e52fb5 3.1.1
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for koa since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates semver from 5.5.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

• 2f8fd41 #585 better handling of whitespace (#585) (@​joaomoreno, @​lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

• 2f8fd41 #585 better handling of whitespace (#585) (@​joaomoreno, @​lukekarrys)

5.7

• Add minVersion method

5.6

• Move boolean loose param to an options object, with backwards-compatibility protection.
• Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

• Add version coercion capabilities

5.4

• Add intersection checking

5.3

• Add minSatisfying method

5.2

• Add prerelease(v) that returns prerelease components

5.1

• Add Backus-Naur for ranges
• Remove excessively cute inspection methods

5.0

• Remove AMD/Browserified build artifacts
• Fix ltr and gtr when using the * range
• Fix for range * with a prerelease identifier

Commits

• f8cc313 chore: release 5.7.2
• 2f8fd41 fix: better handling of whitespace (#585)
• deb5ad5 chore: @​npmcli/template-oss@​4.16.0
• c83c18c 5.7.1
• 956e228 Correct typo in README
• 8055dda 5.7.0
• 604e73d auto-publishing scripts
• bed01e2 remove the nomin comments, since we don't minify any more anyway
• 9cb68f1 document parse method
• 38d42ca 5.7 changelog
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates ajv from 5.5.2 to 6.14.0

Release notes

Sourced from ajv's releases.

v6.12.6

Fix performance issue of "url" format.

v6.12.5

Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords option (#1270)

v6.12.4

Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

v6.12.3

Pass schema object to processCode function Option for strictNumbers (@​issacgerges, #1128) Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

v6.12.2

Removed post-install script

v6.12.1

Docs and dependency updates

v6.12.0

Improved hostname validation (@​sambauers, #1143) Option keywords to add custom keywords (@​franciscomorais, #1137) Types fixes (@​boenrobot, @​MattiAstedrone) Docs:

• error logging example (@​RadiationSickness)
• TypeScript usage notes (@​thetric)

v6.11.0

Time formats support two digit and colon-less variants of timezone offset (#1061 , @​cjpillsbury) Docs: RegExp related security considerations Tests: Disabled failing typescript test

v6.10.2

Fix: the unknown keywords were ignored with the option strictKeywords: true (instead of failing compilation) in some sub-schemas (e.g. anyOf), when the sub-schema didn't have known keywords.

v6.10.1

Fix types Fix addSchema (#1001) Update dependencies

v6.10.0

Option strictDefaults to report ignored defaults (#957, @​not-an-aardvark) Option strictKeywords to report unknown keywords (#781)

v6.9.0

OpenAPI keyword nullable can be any boolean (and not only true). Custom keyword definition changes:

• dependencies option in to require the presence of keywords in the same schema.

... (truncated)

Commits

• e3af0a7 6.14.0
• b552ed6 add regExp option to address $data exploit via a regular expression (CVE-2025...
• 72f2286 docs: update v7 info
• 231e52b Merge pull request #1320 from philsturgeon/patch-1
• d3475fc Add spectral, an AJV util from a sponsor
• 413afe0 docs: v7.0.0-beta.3
• 11e997b update readme for v7
• fe59143 6.12.6
• d580d3e Merge pull request #1298 from ajv-validator/fix-url
• fd36389 fix: regular expression for "url" format
• Additional commits viewable in compare view

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.

Updates async from 2.6.1 to 2.6.4

Changelog

Sourced from async's changelog.

v2.6.4

• Fix potential prototype pollution exploit (#1828)

v2.6.3

• Updated lodash to squelch a security warning (#1675)

v2.6.2

• Updated lodash to squelch a security warning (#1620)

Commits

• c6bdaca Version 2.6.4
• 8870da9 Update built files
• 4df6754 update changelog
• 8f7f903 Fix prototype pollution vulnerability (#1828)
• f1d8383 Version 2.6.3
• 2b674c1 update changelog
• eab740f fix: udpate lodash. closes #1675
• eaf32be Version 2.6.2
• 684b42e Update built files
• e1bd3da update changelog
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by hargasinski, a new releaser for async since your current version.

Removes axios

Updates brace-expansion from 1.1.11 to 1.1.13

Release notes

Sourced from brace-expansion's releases.

v1.1.12

• pkg: publish on tag 1.x c460dbd
• fmt ccb8ac6
• Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) c3c73c8

---

juliangruber/brace-expansion@v1.1.11...v1.1.12

Commits

• 6c353ca 1.1.13
• 7fd684f Backport fix for GHSA-f886-m6hf-6m8v (#95)
• 44f33b4 1.1.12
• c460dbd pkg: publish on tag 1.x
• ccb8ac6 fmt
• c3c73c8 Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65)
• See full diff in compare view

Updates braces from 2.3.2 to 3.0.3

Changelog

Sourced from braces's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

• Changelogs are for humans, not machines.
• There should be an entry for every single version.
• The same types of changes should be grouped.
• Versions and sections should be linkable.
• The latest version comes first.
• The release date of each versions is displayed.
• Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

• Added for new features.
• Changed for changes in existing functionality.
• Deprecated for soon-to-be removed features.
• Removed for now removed features.
• Fixed for any bug fixes.
• Security in case of vulnerabilities.

[3.0.0] - 2018-04-08

v3.0 is a complete refactor, resulting in a faster, smaller codebase, with fewer deps, and a more accurate parser and compiler.

Breaking Changes

• The undocumented .makeRe method was removed
• Require Node.js >= 8.3

Non-breaking changes

• Caching was removed

Commits

• See full diff in compare view

Updates form-data from 2.3.2 to 2.5.5

Release notes

Sourced from form-data's releases.

v2.5.2

Fixes

• Buffer.from and Buffer.alloc require node 4+
• npmignore temporary build files (#532)
• move util.isArray to Array.isArray (#564)

Tests

• migrate from travis to GHA

Dev Improvements

• Fixed error in the documentations as indicated in #439
• Added remaining combined-stream options to typedef
• Bumped rimraf to 2.7.1 (dev-dep)
• Added constructor options to TypeScript defs
• Fixed error in callback signatures

Added Types

• Added TS types
• Improved documentation

Added getBuffer method

Updated test builds to support node10 and 12.

Changelog

Sourced from form-data's changelog.

v2.5.5 - 2025-07-18

Commits

• [meta] actually ensure the readme backup isn’t published 10626c0
• [Fix] use proper dependency 026abe5

v2.5.4 - 2025-07-17

Fixed

• [Fix] append: avoid a crash on nullish values [#577](https://github.com/form-data/form-data/issues/577)

Commits

• [eslint] update linting config 8bf2492
• [meta] add auto-changelog b5101ad
• [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 0e93122
• [Fix] Switch to using crypto random for boundary values b88316c
• [Fix] validate boundary type in setBoundary() method 131ae5e
• [Tests] Switch to newer v8 prediction library; enable node 24 testing c97cfbe
• [Refactor] use hasown 97ac9c2
• [meta] remove local commit hooks be99d4e
• [Dev Deps] remove unused deps ddbc89b
• [meta] fix scripts to use prepublishOnly e351a97
• [Dev Deps] remove unused script 8f23366
• [Dev Deps] add missing peer dep 02ff026
• [meta] fix readme capitalization 2fd5f61

v2.5.3 - 2025-02-14

Merged

• [Fix] set Symbol.toStringTag when available [#573](https://github.com/form-data/form-data/issues/573)

Fixed

• [Fix] set Symbol.toStringTag when available (#573) [#396](https://github.com/form-data/form-data/issues/396)

Commits

• [Refactor] use Object.prototype.hasOwnProperty.call 6e682d4
• [Dev Deps] update @types/node, browserify, coveralls, eslint, formidable, in-publish, phantomjs-prebuilt, pkgfiles, pre-commit, request, tape, typescript 819f6b7
• Only apps should have lockfiles b170ee2
• [Deps] update combined-stream, mime-types 6b1ca1d
• Bumped version 2.5.3 9457283
• [Dev Deps] pin request which via tough-cookie ^2.4 depends on psl 9dbe192

v2.5.2 - 2024-10-10

... (truncated)

Commits

• 40de5a7 v2.5.5
• 026abe5 [Fix] use proper dependency
• 10626c0 [meta] actually ensure the readme backup isn’t published
• efe6c26 v2.5.4
• c97cfbe [Tests] Switch to newer v8 prediction library; enable node 24 testing
• 0e93122 [Tests] handle predict-v8-randomness failures in node < 17 and node > 23
• b88316c [Fix] Switch to using crypto random for boundary values
• b70869d [Fix] append: avoid a crash on nullish values
• 131ae5e [Fix] validate boundary type in setBoundary() method
• 8bf2492 [eslint] update linting config
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for form-data since your current version.

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.

Updates fsevents from 1.2.9 to 2.3.3

Release notes

Sourced from fsevents's releases.

Release v2.3.3

Released to npm as v2.3.3

Release v2.3.2

Released to npm as v2.3.2

Release v2.3.1

Released to npm as v2.3.1

Release contains universal binary for x86 & amd64 (m1) chips

Release v2.2.2

Released to npm as v2.2.2

Universal Binary Support x86-64 & amd64(m1)

Release v2.2.0

Electron Enabled (no static functions/variables)

Release v1.2.3

No release notes provided.

Release v2.1.2

No release notes provided.

2.1.0

Latest stable release

Release NAPI v2.0.6

Include essential files only.

Release NAPI v2.0.5

No release notes provided.

Release NAPI v2.0.4

No release notes provided.

Release NAPI v2.0.3

Moved NAPI version out of experimental.

NAPI release

No release notes provided.

deprecated

Fixing the API for chokidar since it was calling FSEvents as a constructor

deprecated

We have upgraded to N-API. For that reason we have also dropped support for node < 6.

For that reason, we have made this a major version bump so dependents have to opt in. The actual API remains entirely the same, so if you are depending on fsevents, it should be as simple as changing the version number in your package.json.

... (truncated)

Commits

• 2db891e Release v2.3.3
• 8ec87bf Update nodejs.yml (#392)
• c20c3af readme
• 63709df Merge pull request #384 from aleksanb/subdirs
• a77340f Handle MustScanSubDirs for large projects
• 66be519 Update README.md (#371)
• 2f2a858 Update README.md (#364)
• a7f5d00 Release v2.3.2
• fab136a fix: issue #355 (#356)
• 328ae39 Release v2.3.1
• Additional commits viewable in compare view

Install script changes

This version adds install script that runs during installation. Review the package contents before updating.

Updates chownr from 1.0.1 to 3.0.0

Commits

• 8b9800a 3.0.0
• 222a6d5 modernize
• 8d35541 chore: add copyright year to license
• 8ad52b1 remove FUNDING.yml (coming from .github repo now)
• cf9ac45 funding
• 6573bba update tap
• 800f7e3 chore: add copyright year to license
• 0c447f8 ci: chores
• f9f9d86 2.0.0
• fc69315 drop support for EOL node versions
• Additional commits viewable in compare view

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates minimatch from 3.0.4 to 3.1.5

Commits

• 7bba978 3.1.5
• bd25942 docs: add warning about ReDoS
• 1a9c27c fix partial matching of globstar patterns
• 1a2e084 3.1.4
• ae24656 update lockfile
• b100374 limit recursion for **, improve perf considerably
• 26ffeaa lockfile update
• 9eca892 lock node version to 14
• 00c323b 3.1.3
• 30486b2 update CI matrix and actions
• Additional commits viewable in compare view

Updates minimist from 0.0.8 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

• [Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)
• [Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)
• [Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

• [Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)
• [Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)
• [Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)
• [Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)
• [Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

• Merge tag 'v0.2.3' a026794
• [eslint] fix indentation and whitespace 5368ca4
• [eslint] fix indentation and whitespace e5f5067
• [eslint] more cleanup 62fde7d
• [eslint] more cleanup 36ac5d0
• [meta] add auto-changelog 73923d2
• [actions] add reusable workflows d80727d
• [eslint] add eslint; rules to enable later are warnings 48bc06a
• [eslint] fix indentation 34b0f1c
• [readme] rename and add badges 5df0fe4
• [Dev Deps] switch from covert to nyc a48b128
• [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
• [meta] create FUNDING.yml; add funding in package.json 3639e0c
• [meta] use npmignore to autogenerate an npmignore file be2e038
• Only apps should have lockfiles 282b570
• isConstructorOrProto adapted from PR ef9153f
• [Dev Deps] update @ljharb/eslint-config, aud 098873c
• [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
• [meta] add safe-publish-latest 4b927de
• [Tests] add aud in posttest b32d9bd
• [meta] update repo URLs f9fdfc0
• [actions] Avoid 0.6 tests due to bui...

  Description has been truncated