Bump @koa/cors and local-web-server in /platform/JS/V8/v8/tools/turbolizer

[dependabot]

Bumps @koa/cors to 5.0.0 and updates ancestor dependency local-web-server. These dependencies need to be updated together.

Updates @koa/cors from 2.2.2 to 5.0.0

Changelog

Sourced from @​koa/cors's changelog.

5.0.0 / 2023-12-11

others

• [f31dac9] - Merge pull request from GHSA-qxrj-hx23-xp82 (fengmk2 )

4.0.0 / 2022-10-08

fixes

• [7358ab3] - fix: Calling all options even if origin header is not present (#87) (Cleber Rossi )

others

• [d19090f] - refactor: [BREAKING] drop node 8, 10, 12 support (#88) (fengmk2 )

3.4.3 / 2022-10-08

others

• [208b86c] - Revert "fix: Calling all options even if origin header is not present (#87)" (fengmk2 )

3.4.2 / 2022-10-06

fixes

• [2e8da5b] - fix: Calling all options even if origin header is not present (#87) (Cleber Rossi )

3.4.1 / 2022-08-19

fixes

• [1205356] - fix: must specify an origin value instead of "*" wildcard (#85) (Tyreal Hu )

3.4.0 / 2022-08-19

others

• [2cd4789] - 🤖 TEST: Run test on Node.js 18 (#86) (fengmk2 )
• [ae56e05] - Create codeql-analysis.yml (fengmk2 )
• [c4b5d21] - refactor: use friendlier promise checking (#84) (Swain Molster )
• [fbe33bc] - 📖 DOC: Add privateNetworkAccess js to README (fengmk2 )

3.3.0 / 2022-03-29

features

• [c279fc3] - feat: Add support for "Private Network Access" (#83) (Chi Ma )

others

• [97d9220] - chore: credentials jsdoc (#80) (Jing Yi Wang )

... (truncated)

Commits

• c33bd69 Release 5.0.0
• f31dac9 Merge pull request from GHSA-qxrj-hx23-xp82
• 0f3f948 Release 4.0.0
• d19090f refactor: [BREAKING] drop node 8, 10, 12 support (#88)
• 7358ab3 fix: Calling all options even if origin header is not present (#87)
• b49b085 Release 3.4.3
• 208b86c Revert "fix: Calling all options even if origin header is not present (#87)"
• d5456f7 Release 3.4.2
• 2e8da5b fix: Calling all options even if origin header is not present (#87)
• ea0ca7b Release 3.4.1
• Additional commits viewable in compare view

Updates local-web-server from 2.6.0 to 5.3.1

Release notes

Sourced from local-web-server's releases.

v5.3.0

New features since v5.2.1

• Added support for Private Network Access. To enable, set the --cors.private-network-access flag.

v5.1.0

New features since v5.0.0

• Support extended back to Node.js v12.20
  • This is because support for exports, conditional exports and exports patterns have been retro-fitted back to v12 (see the Package module history)

Upgrade notes

Users of Node.js v12.20 and above may now use local-web-server (previously, you needed a minimum of node v14). There are no further changes.

v5.0.0

This is a refresher release - there are no functional or behavioural changes to the web server itself.

Breaking changes since v4.2.1

• Dropped support for Node.js < v14
• Dropped support for CommonJS in general
• Dropped support for plugin prefixes
  • Previously, you could omit the lws- in plugin names, (i.e. you could use --stack static instead of --stack lws-static). This was ambigious and introduced the risk of incorrectly loading a module named static, if it existed.
• Several of the API methods have changed from sync to async, most importantly the Lws.create method. You now need to await the result.

  const lws = await Lws.create()
  

New feature

• The default config file lws.config.js may now also be named lws.config.mjs or lws.config.cjs if preferred.

Other improvements

• All source code converted from CommonJS to ECMAScript modules.
• All dependencies upgraded.

Upgrade notes

• If you previously used shortened plugin names (e.g. --stack static) please use the full name (e.g. --stack lws-static)
• If you launch a server using Lws.create you must now await the result.
• Lws can now only be used programmatically from ECMAScript modules - you must use import to load the library.

v4.2.0

New features since v4.1.0

• Added a command-line tool to help develop and debug --rewrite rules. This greatly speeds up the development of custom rewrites. Full documentation here.
  • An example, testing a rewrite to a remote server:

... (truncated)

Commits

• 9f45cc4 5.3.1
• 1f30517 upgrade @​koa/cors to address security advisory
• 88839a0 5.3.0
• c5750e6 add --cors.private-network-access option
• e94cea0 add node v19 to CI
• 1afdc57 5.2.1
• 3a01457 upgrade deps to fix a couple of issues introduced by node v18
• 5e6580c 5.2.0
• 9f9fb49 add node v17 to CI
• 25c2d74 lws-cors: support 'Cross-Origin-Opener-Policy' and 'Cross-Origin-Embedder-Pol...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.