Bump the npm_and_yarn group across 1 directory with 2 updates

[dependabot]

Bumps the npm_and_yarn group with 2 updates in the /client directory: shell-quote and react-scripts.

Updates shell-quote from 1.7.2 to 1.8.2

Changelog

Sourced from shell-quote's changelog.

v1.8.2 - 2024-11-27

Fixed

• [Fix] quote: preserve empty strings [#18](https://github.com/ljharb/shell-quote/issues/18)

Commits

• [meta] fix changelog tags 0fb9fd8
• [actions] split out node 10-20, and 20+ 819bd84
• [Dev Deps] update @ljharb/eslint-config, auto-changelog, npmignore, tape fc56408
• [actions] update npm for windows tests fdeb0fd
• [Dev Deps] update @ljharb/eslint-config, aud, tape b8a4a3b
• [actions] prevent node 14 on ARM mac from failing 9eecafc
• [meta] exclude more files from the package 4044e7f
• [Tests] replace aud with npm audit 8cfdbd8
• [meta] add missing engines.node 843820e
• [Dev Deps] add missing peer dep 4c3b88d
• [Dev Deps] pin jackspeak since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6 80322ed

v1.8.1 - 2023-04-07

Fixed

• [Fix] parse: preserve whitespace in comments [#6](https://github.com/ljharb/shell-quote/issues/6)
• [Fix] properly support the escape option [#5](https://github.com/ljharb/shell-quote/issues/5)

Commits

• [Refactor] parse: hoist getVar to module level b42ac73
• [Refactor] hoist some vars to module level 8f0c5c3
• [Refactor] parse: use slice over substr, cache some values fcb2e1a
• [Refactor] parse: a bit of cleanup 6780ec5
• [Refactor] parse: tweak the regex to not match nothing 227d474
• [Tests] increase coverage a66de94
• [Refactor] parse: avoid shadowing a function arg 1d58679

v1.8.0 - 2023-01-30

Commits

• [New] extract parse and quote to their own deep imports 553fdfc
• [Tests] add nyc coverage fd7ddcd
• [New] Add support for here strings (<<<) 9802fb3
• [New] parse: Add syntax support for duplicating input file descriptors 216b198
• [Dev Deps] update @ljharb/eslint-config, aud, tape 85f8e31
• [Tests] add evalmd c5549fc
• [actions] update checkout action 62e9b49

v1.7.4 - 2022-10-12

... (truncated)

Commits

• b19fc77 v1.8.2
• 59d29ea [Fix] quote: preserve empty strings
• 819bd84 [actions] split out node 10-20, and 20+
• 4c3b88d [Dev Deps] add missing peer dep
• fc56408 [Dev Deps] update @ljharb/eslint-config, auto-changelog, npmignore, tape
• 8cfdbd8 [Tests] replace aud with npm audit
• 9eecafc [actions] prevent node 14 on ARM mac from failing
• 843820e [meta] add missing engines.node
• 4044e7f [meta] exclude more files from the package
• fdeb0fd [actions] update npm for windows tests
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for shell-quote since your current version.

Updates react-scripts from 3.4.3 to 5.0.1

Changelog

Sourced from react-scripts's changelog.

3.4.4 (2020-10-20)

v3.4.4 release bumps resolve-url-loader to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Commits

• 19fa58d Publish
• 9802941 fix: webpack noise printed only if error or warning (#12245)
• 2eef1d0 Update templates to use React 18 createRoot (#12220)
• 221e511 Publish
• 5614c87 Add support for Tailwind (#11717)
• 20edab4 fix(webpackDevServer): disable overlay for warnings (#11413)
• 3afbbc0 Update all dependencies (#11624)
• f5467d5 feat(eslint-config-react-app): support ESLint 8.x (#11375)
• c7627ce Update webpack and dev server (#11646)
• 544befe Update package.json (#11597)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Superseded by #6.