build(deps): Bump ansi-regex from 3.0.0 to 6.2.2 in /demos/03-dependabot

[dependabot]

Bumps ansi-regex from 3.0.0 to 6.2.2.

Release notes

Sourced from ansi-regex's releases.

v6.2.2

• Fix vulnerability in 6.2.1, see: chalk/chalk#656

v6.2.0

• Support colon separated parameters to control sequences (#62) df7d75f

---

chalk/ansi-regex@v6.1.0...v6.2.0

v6.1.0

• Match cursorSave and cursorRestore escape codes (#45) 02fa893
• Fix: Handle all valid ST characters (#58) 9cba40d

chalk/ansi-regex@v6.0.1...v6.1.0

v6.0.1

Fixes

• Fix ReDoS in certain cases (#37) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.

CVE-2021-3807

chalk/ansi-regex@v6.0.0...v6.0.1

Thank you @​yetingli for the patch and reproduction case!

v6.0.0

Breaking

• Require Node.js 12 1b337ad
• This package is now pure ESM. Please read this.

chalk/ansi-regex@v5.0.0...v6.0.0

v5.0.1

Fixes (backport of 6.0.1 to v5)

This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in #38.

• Fix ReDoS in certain cases (#37) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.

CVE-2021-3807

https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1

Thank you @​yetingli for the patch and reproduction case!

... (truncated)

Commits

• 94983fc 6.2.2
• b7b8c50 6.2.0
• ff7c5f6 Add test for #57
• 72bc570 Simplify regex
• df7d75f Support colon separated parameters to control sequences (#62)
• 827322a Readme update
• f338e18 6.1.0
• 9cba40d Fix: Handle all valid ST characters (#58)
• b630317 Meta tweaks
• 02fa893 Match cursorSave and cursorRestore escape codes (#45)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: demo, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.