chore(deps): bump json5, @antora/cli and @antora/site-generator-default

[dependabot[bot]]

Bumps json5 to 2.2.3 and updates ancestor dependencies json5, @antora/cli and @antora/site-generator-default. These dependencies need to be updated together.

Updates json5 from 0.5.1 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

• Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2

• Fix: Bump minimist to v1.2.5. (#222)

v2.1.1

• New: package.json and package.json5 include a module property so bundlers like webpack, rollup and parcel can take advantage of the ES Module build. (#208)
• Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)
• Fix: Spelling mistakes have been fixed. (#196)

v2.1.0

• New: The index.mjs and index.min.mjs browser builds in the dist directory support ES6 modules. (#187)

v2.0.1

• Fix: The browser builds in the dist directory support ES5. (#182)

v2.0.0

• Major: JSON5 officially supports Node.js v6 and later. Support for Node.js v4 has been dropped. Since Node.js v6 supports ES5 features, the code has been rewritten in native ES5, and the dependence on Babel has been eliminated.

• New: Support for Unicode 10 has been added.

• New: The test framework has been migrated from Mocha to Tap.

• New: The browser build at dist/index.js is no longer minified by default. A minified version is available at dist/index.min.js. (#181)

• Fix: The warning has been made clearer when line and paragraph separators are

... (truncated)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

• Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

• Fix: Bump minimist to v1.2.5. (#222)

v2.1.1 [code, [diff][d2.1.1]]

... (truncated)

Commits

• c3a7524 2.2.3
• 94fd06d docs: update CHANGELOG for v2.2.3
• 3b8cebf docs(security): use GitHub security advisories
• f0fd9e1 docs: publish a security policy
• 6a91a05 docs(template): bug -> bug report
• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• Additional commits viewable in compare view

Updates @antora/cli from 2.3.4 to 3.1.2

Changelog

Sourced from @​antora/cli's changelog.

= Antora Changelog

This document provides a summary of all notable changes to the core Antora components by release. For a detailed view of what's changed, refer to the repository's https://gitlab.com/antora/antora/commits/main[commit history].

This project utilizes semantic versioning.

== 3.2.0-alpha.2 (2022-11-01)

=== Added

• content-classifier: Emit componentsRegistered event after all components and versions have been registered (#1015)
• content-classifier: Store raw files, nav, and startPage data on partially constructed component version until processed (#1015)
• content-classifier: Add readable property named files to component version in ContentCatalog#registerComponentVersionStartPage to get files for component version on access (#1015)
• content-classifier: Add readable property named startPage to component version in ContentCatalog#registerComponentVersionStartPage to look up start page for component version on access (#1015)
• content-classifier: Discover implicit site start page in component version promoted to site root (#1021)
• content-classifier: Update ContentCatalog#registerComponentVersionStartPage to return start page

=== Changed

• content-classifier: Don't recompute resource ID on file from content aggregate if src.family is set (#1026)
• content-classifier: Don't assign fallback value to url property on component version if property is already set
• site-generator: Print site URL instead of file URI in completion message if CI=true

=== Fixed

• playbook-builder: Decouple logic to compute default log format from process environment (#1022)
• playbook-builder: Use consistent formatting for error messages in playbook builder
• playbook-builder: Allow content aggregator to parse value of content.branches and content.tags playbook keys (#1025)
• content-classifier: Add guard to prevent ContentCatalog#registerSiteStartPage from registering alias loop (#1020)
• redirect-producer: Preserve target when creating static route if target is an absolute URL (#1024)
• site-generator: Look for IS_TTY on playbook.env in site generator to decouple check from process environment

== 3.2.0-alpha.1 (2022-10-20)

=== Added

• content-aggregate: Introduce syntax to match branches by worktree name (for inclusion or exclusion) (e.g., [email protected]) (#1016)
• content-aggregate: Allow linked worktree to be used as content source; automatically resolve main repository location and remap HEAD reference in branches (#535)
• content-aggregate: Add support for ref placeholder to insert full name of git ref (e.g., refs/heads/v3.1.x) in value of edit_url key on content source (#1013)
• content-classifier: Use value of versionSegment property on component version in place of version in output path and URL of pages (#1006)
• content-classifier: Set dynamic activeVersionSegment property on component version to indicate which version segment is in use (#1006)
• content-classifier: Add addSplatAlias method to ContentCatalog for adding a splat (directory) alias (#1008)

=== Changed

• playbook-builder: Remove trailing slash from value of site.url when building playbook (#1009)
• content-aggregator: Always assign the value auth-required to origin.private if the server requests credentials (even when credentials are embedded in content source URL) (#1012)
• content-classifier: shorten urlSegment fragment in property names on ContentCatalog to segment (e.g., latestVersionUrlSegment -> latestVersionSegment)
• site-generator: Remove trailing slash from value of site.url after playbookBuilt event (#1009)

... (truncated)

Commits

• f09e3ac release 3.1.2
• 937c40c upgrade dependencies that can be upgraded and refresh dependency lock file
• 5af8e49 refresh dependency lock file
• cdd7223 update release process; automate management of release and tool version attri...
• a8d8e72 merge !964
• 911ae54 update What's New for Antora 3.1.2
• f6fc688 replace raise event with emit event
• 1975bd2 backport fix for #1025 allow content aggregator to parse value of content.bra...
• 7a39895 reclassify CHANGELOG entries
• 34ac3e2 backport fix for #1024 preserve target when creating static route if target i...
• Additional commits viewable in compare view

Updates @antora/site-generator-default from 2.3.4 to 3.1.2

Changelog

Sourced from @​antora/site-generator-default's changelog.

= Antora Changelog

This document provides a summary of all notable changes to the core Antora components by release. For a detailed view of what's changed, refer to the repository's https://gitlab.com/antora/antora/commits/main[commit history].

This project utilizes semantic versioning.

== 3.2.0-alpha.2 (2022-11-01)

=== Added

• content-classifier: Emit componentsRegistered event after all components and versions have been registered (#1015)
• content-classifier: Store raw files, nav, and startPage data on partially constructed component version until processed (#1015)
• content-classifier: Add readable property named files to component version in ContentCatalog#registerComponentVersionStartPage to get files for component version on access (#1015)
• content-classifier: Add readable property named startPage to component version in ContentCatalog#registerComponentVersionStartPage to look up start page for component version on access (#1015)
• content-classifier: Discover implicit site start page in component version promoted to site root (#1021)
• content-classifier: Update ContentCatalog#registerComponentVersionStartPage to return start page

=== Changed

• content-classifier: Don't recompute resource ID on file from content aggregate if src.family is set (#1026)
• content-classifier: Don't assign fallback value to url property on component version if property is already set
• site-generator: Print site URL instead of file URI in completion message if CI=true

=== Fixed

• playbook-builder: Decouple logic to compute default log format from process environment (#1022)
• playbook-builder: Use consistent formatting for error messages in playbook builder
• playbook-builder: Allow content aggregator to parse value of content.branches and content.tags playbook keys (#1025)
• content-classifier: Add guard to prevent ContentCatalog#registerSiteStartPage from registering alias loop (#1020)
• redirect-producer: Preserve target when creating static route if target is an absolute URL (#1024)
• site-generator: Look for IS_TTY on playbook.env in site generator to decouple check from process environment

== 3.2.0-alpha.1 (2022-10-20)

=== Added

• content-aggregate: Introduce syntax to match branches by worktree name (for inclusion or exclusion) (e.g., [email protected]) (#1016)
• content-aggregate: Allow linked worktree to be used as content source; automatically resolve main repository location and remap HEAD reference in branches (#535)
• content-aggregate: Add support for ref placeholder to insert full name of git ref (e.g., refs/heads/v3.1.x) in value of edit_url key on content source (#1013)
• content-classifier: Use value of versionSegment property on component version in place of version in output path and URL of pages (#1006)
• content-classifier: Set dynamic activeVersionSegment property on component version to indicate which version segment is in use (#1006)
• content-classifier: Add addSplatAlias method to ContentCatalog for adding a splat (directory) alias (#1008)

=== Changed

• playbook-builder: Remove trailing slash from value of site.url when building playbook (#1009)
• content-aggregator: Always assign the value auth-required to origin.private if the server requests credentials (even when credentials are embedded in content source URL) (#1012)
• content-classifier: shorten urlSegment fragment in property names on ContentCatalog to segment (e.g., latestVersionUrlSegment -> latestVersionSegment)
• site-generator: Remove trailing slash from value of site.url after playbookBuilt event (#1009)

... (truncated)

Commits

• f09e3ac release 3.1.2
• 937c40c upgrade dependencies that can be upgraded and refresh dependency lock file
• 5af8e49 refresh dependency lock file
• cdd7223 update release process; automate management of release and tool version attri...
• a8d8e72 merge !964
• 911ae54 update What's New for Antora 3.1.2
• f6fc688 replace raise event with emit event
• 1975bd2 backport fix for #1025 allow content aggregator to parse value of content.bra...
• 7a39895 reclassify CHANGELOG entries
• 34ac3e2 backport fix for #1024 preserve target when creating static route if target i...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}