Bump shell-quote, react-scripts and @storybook/react in /pharmd-app

[dependabot]

Bumps shell-quote to 1.8.4 and updates ancestor dependencies shell-quote, react-scripts and @storybook/react. These dependencies need to be updated together.

Updates shell-quote from 1.7.2 to 1.8.4

Changelog

Sourced from shell-quote's changelog.

v1.8.4 - 2026-05-22

Commits

• [Fix] quote: validate object-token shapes 4378a6e
• [Dev Deps] update @ljharb/eslint-config, auto-changelog, eslint, npmignore 22ebec0
• [Tests] increase coverage 9f3caa3
• [readme] replace runkit CI badge with shields.io check-runs badge 3344a04
• [Dev Deps] update @ljharb/eslint-config 699c511

v1.8.3 - 2025-06-01

Fixed

• [Fix] remove unnecessary backslash escaping in single quotes [#15](https://github.com/ljharb/shell-quote/issues/15)

v1.8.2 - 2024-11-27

Fixed

• [Fix] quote: preserve empty strings [#18](https://github.com/ljharb/shell-quote/issues/18)

Commits

• [meta] fix changelog tags 0fb9fd8
• [actions] split out node 10-20, and 20+ 819bd84
• [Dev Deps] update @ljharb/eslint-config, auto-changelog, npmignore, tape fc56408
• [actions] update npm for windows tests fdeb0fd
• [Dev Deps] update @ljharb/eslint-config, aud, tape b8a4a3b
• [actions] prevent node 14 on ARM mac from failing 9eecafc
• [meta] exclude more files from the package 4044e7f
• [Tests] replace aud with npm audit 8cfdbd8
• [meta] add missing engines.node 843820e
• [Dev Deps] add missing peer dep 4c3b88d
• [Dev Deps] pin jackspeak since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6 80322ed

v1.8.1 - 2023-04-07

Fixed

• [Fix] parse: preserve whitespace in comments [#6](https://github.com/ljharb/shell-quote/issues/6)
• [Fix] properly support the escape option [#5](https://github.com/ljharb/shell-quote/issues/5)

Commits

• [Refactor] parse: hoist getVar to module level b42ac73
• [Refactor] hoist some vars to module level 8f0c5c3
• [Refactor] parse: use slice over substr, cache some values fcb2e1a
• [Refactor] parse: a bit of cleanup 6780ec5
• [Refactor] parse: tweak the regex to not match nothing 227d474

... (truncated)

Commits

• ff166e2 v1.8.4
• 4378a6e [Fix] quote: validate object-token shapes
• 22ebec0 [Dev Deps] update @ljharb/eslint-config, auto-changelog, eslint, `npmig...
• 9f3caa3 [Tests] increase coverage
• 3344a04 [readme] replace runkit CI badge with shields.io check-runs badge
• 699c511 [Dev Deps] update @ljharb/eslint-config
• 487a9b4 v1.8.3
• 01faaff [Fix] remove unnecessary backslash escaping in single quotes
• b19fc77 v1.8.2
• 59d29ea [Fix] quote: preserve empty strings
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for shell-quote since your current version.

Install script changes

This version adds prepublish script that runs during installation. Review the package contents before updating.

Updates react-scripts from 3.3.0 to 5.0.1

Changelog

Sourced from react-scripts's changelog.

3.4.4 (2020-10-20)

v3.4.4 release bumps resolve-url-loader to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.3 to 3.4.4

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.4

or

yarn add --exact react-scripts@3.4.4

3.4.3 (2020-08-12)

v3.4.3 release bumps terser-webpack-plugin to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.2 to 3.4.3

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.3

or

yarn add --exact react-scripts@3.4.3

3.4.2 (2020-08-11)

v3.4.2 release bumps webpack-dev-server to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.1 to 3.4.2

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.2

or

... (truncated)

Commits

• 19fa58d Publish
• 9802941 fix: webpack noise printed only if error or warning (#12245)
• 2eef1d0 Update templates to use React 18 createRoot (#12220)
• 221e511 Publish
• 5614c87 Add support for Tailwind (#11717)
• 20edab4 fix(webpackDevServer): disable overlay for warnings (#11413)
• 3afbbc0 Update all dependencies (#11624)
• f5467d5 feat(eslint-config-react-app): support ESLint 8.x (#11375)
• c7627ce Update webpack and dev server (#11646)
• 544befe Update package.json (#11597)
• Additional commits viewable in compare view

Updates @storybook/react from 5.3.21 to 10.4.3

Release notes

Sourced from @​storybook/react's releases.

v10.4.3

10.4.3

• Addon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - #34496, thanks @​NYCU-Chung!
• Core: Respect !dev tag on MDX docs in sidebar - #35031, thanks @​JReinhold!
• React: Add support for resolving subcomponents attached as properties of a parent component - #34967, thanks @​yatishgoel!
• UI: Prevent docs page scroll reset on HMR re-render - #35021, thanks @​LongTangGithub!

v10.4.2

10.4.2

• Bug: Fix Windows command resolution for non-Node package managers - #33534, thanks @​copilot-swe-agent!
• Build: Upgrade type-fest to latest version 5.6.0 - #34791, thanks @​tobiasdiez!
• CSF: Fix parsing of string literal export names - #34901, thanks @​shilman!
• Publish: Add npm provenance attestations - #34936, thanks @​copilot-swe-agent!

v10.4.1

10.4.1

• Angular: Detect model() signal outputs (type inference + compodoc autodocs + runtime binding) - #34833, thanks @​valentinpalkovic!
• Build: Upgrade type-fest to latest version 5.6.0 - #34791, thanks @​tobiasdiez!
• CLI: Run `npx expo install --fix` after init for Expo projects - #34803, thanks @​ndelangen!
• CLI: Support `peerDependencies` in framework detection for component libraries - #34516, thanks @​zhyd1997!
• Next.js: Add useLinkStatus mock to next/link export mock - #34593, thanks @​philwolstenholme!
• Vue3: Specify a specific version for non-dev dependency - #34794, thanks @​ScopeyNZ!

v10.4.0

10.4.0

AI-assisted setup, change-aware review, and stronger framework support

Storybook 10.4 contains hundreds of fixes and improvements including:

• 🤖 Agentic Setup: New CLI workflow for AI-assisted Storybook setup and onboarding
• 🔍 Change review: Sidebar filtering to highlight new, modified, and related stories based on git changes
• 🧭 Sidebar review tools: Status filtering, URL-persisted filters, and clearer review signals in the sidebar
• ⚛️ TanStack React: New `@storybook/tanstack-react` framework with routing and server function support
• 🧩 React MCP: Faster, more accurate component docgen powered by the TypeScript Language Server
• 📱 React Native: Zero config RN project initialization
• 🤝 Sharing: Easily publish and share your local Storybook with teammates, powered by Chromatic

• A11y: Add aria-live announcements via @​react-aria/live-announcer - #33970, thanks @​copilot-swe-agent!
• A11y: Improve boolean control contrast in forced colors mode - #34204, thanks @​anchmelev!
• Actions: Fix state mutation and keep newest actions when limit reached - #34286, thanks @​Sidnioulz!
• Addon-Docs: Add Reset story button to re-render stories in docs - #34086, thanks @​6810779s!
• Addon-Docs: Avoid rerendering static Source blocks - #34206, thanks @​anchmelev!
• Addon-Vitest: Use Vitest's provide-API for injecting values - #34518, thanks @​JReinhold!

... (truncated)

Changelog

Sourced from @​storybook/react's changelog.

10.4.3

• Addon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - #34496, thanks @​NYCU-Chung!
• Core: Respect !dev tag on MDX docs in sidebar - #35031, thanks @​JReinhold!
• React: Add support for resolving subcomponents attached as properties of a parent component - #34967, thanks @​yatishgoel!
• UI: Prevent docs page scroll reset on HMR re-render - #35021, thanks @​LongTangGithub!

10.4.2

• Bug: Fix Windows command resolution for non-Node package managers - #33534, thanks @​copilot-swe-agent!
• Build: Upgrade type-fest to latest version 5.6.0 - #34791, thanks @​tobiasdiez!
• CSF: Fix parsing of string literal export names - #34901, thanks @​shilman!
• Publish: Add npm provenance attestations - #34936, thanks @​copilot-swe-agent!

10.4.1

• Angular: Detect model() signal outputs (type inference + compodoc autodocs + runtime binding) - #34833, thanks @​valentinpalkovic!
• Build: Upgrade type-fest to latest version 5.6.0 - #34791, thanks @​tobiasdiez!
• CLI: Run npx expo install --fix after init for Expo projects - #34803, thanks @​ndelangen!
• CLI: Support peerDependencies in framework detection for component libraries - #34516, thanks @​zhyd1997!
• Next.js: Add useLinkStatus mock to next/link export mock - #34593, thanks @​philwolstenholme!
• Vue3: Specify a specific version for non-dev dependency - #34794, thanks @​ScopeyNZ!

10.4.0

AI-assisted setup, change-aware review, and stronger framework support

Storybook 10.4 contains hundreds of fixes and improvements including:

• 🤖 Agentic Setup: New CLI workflow for AI-assisted Storybook setup and onboarding
• 🔍 Change review: Sidebar filtering to highlight new, modified, and related stories based on git changes
• 🧭 Sidebar review tools: Status filtering, URL-persisted filters, and clearer review signals in the sidebar
• ⚛️ TanStack React: New @storybook/tanstack-react framework with routing and server function support
• 🧩 React MCP: Faster, more accurate component docgen powered by the TypeScript Language Server
• 📱 React Native: Zero config RN project initialization
• 🤝 Sharing: Easily publish and share your local Storybook with teammates, powered by Chromatic

• A11y: Add aria-live announcements via @​react-aria/live-announcer - #33970, thanks @​copilot-swe-agent!
• A11y: Improve boolean control contrast in forced colors mode - #34204, thanks @​anchmelev!
• Actions: Fix state mutation and keep newest actions when limit reached - #34286, thanks @​Sidnioulz!
• Addon-Docs: Add Reset story button to re-render stories in docs - #34086, thanks @​6810779s!
• Addon-Docs: Avoid rerendering static Source blocks - #34206, thanks @​anchmelev!
• Addon-Vitest: Use Vitest's provide-API for injecting values - #34518, thanks @​JReinhold!
• Agentic Setup: Add --extensive for an extra prompt - #34730, thanks @​Sidnioulz!
• Agentic Setup: Allow failed stories to persist - #34717, thanks @​Sidnioulz!
• Agentic Setup: Keep sample content if users want onboarding - #34704, thanks @​Sidnioulz!
• Agentic Setup: Rework ai-init-opt-in logic - #34739, thanks @​Sidnioulz!

... (truncated)

Commits

• 624e618 Bump version from "10.4.2" to "10.4.3" [skip ci]
• 44d8c0b Remove test accidentally sneaked in by a merge commit
• 6cd2367 Merge pull request #34967 from yatishgoel/fix/20486-subcomponent-display-names
• 298dea2 Bump version from "10.4.1" to "10.4.2" [skip ci]
• fad8dd2 Merge pull request #34791 from tobiasdiez/type-fest-upgrade
• cc19ae1 Bump version from "10.4.0" to "10.4.1" [skip ci]
• f8c16d1 Bump version from "10.4.0-beta.0" to "10.4.0" [skip ci]
• e02da0b Bump version from "10.4.0-alpha.19" to "10.4.0-beta.0" [skip ci]
• 429fb3e Bump version from "10.4.0-alpha.18" to "10.4.0-alpha.19" [skip ci]
• 488dd08 Bump version from "10.4.0-alpha.17" to "10.4.0-alpha.18" [skip ci]
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​storybook/react since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.