Bump semver-regex from 3.1.1 to 4.0.5

[dependabot]

Bumps semver-regex from 3.1.1 to 4.0.5.

Release notes

Sourced from semver-regex's releases.

v4.0.5

• Improve regex b4ff333

Tip: If you use it in a server context, it's a good idea to give the regex a timeout.

sindresorhus/semver-regex@v4.0.4...v4.0.5

v4.0.4

• Fix some false positive matches (#23) e93d9c8

Tip: If you use it in a server context, it's a good idea to give the regex a timeout.

sindresorhus/semver-regex@v4.0.3...v4.0.4

v4.0.3

• Fix ReDoS vulnerability d8ba39a
  • This only affects you if you run the regex on untrusted user input in a server context.
  • Also back-ported to v3 in 3.1.4.
  • CVE pending

sindresorhus/semver-regex@v4.0.2...v4.0.3

v4.0.2

• No changes. Just fixing a npm dist tag.

v4.0.1

• Fix ReDoS vulnerability 11c6624
  • This only affects you if you run the regex on untrusted user input in a server context.
  • Also back-ported to v3 in 3.1.3.
  • CVE-2021-3795

sindresorhus/semver-regex@v4.0.0...v4.0.1

v4.0.0

Breaking

• Require Node.js 12 7b785e3
• This package is now pure ESM. Please read this.

sindresorhus/semver-regex@v3.1.2...v4.0.0

v3.1.4

• Backport of ReDoS fix sindresorhus/semver-regex@7712ba5

v3.1.2

• Fix regex catastrophic backtracking 6baf2cc Working around this meant accepting some obscure false-positives. I don't think it will affect any real code, but it's good to be aware of. See the disabled tests in the commit.

sindresorhus/semver-regex@v3.1.1...v3.1.2

Commits

• 0409850 4.0.5
• 29842b4 Improve regex
• 1d451a6 Add readme note
• e7a2410 4.0.4
• 4bb055f Meta tweaks
• e93d9c8 Fix some false positive matches (#23)
• ddfeb8b Fix CI
• 65fc4a4 4.0.3
• d8ba39a Fix ReDoS vulnerability
• b5894c1 4.0.2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)