build(deps-dev): bump svgo from 0.7.2 to 2.3.1

[dependabot-preview]

Bumps svgo from 0.7.2 to 2.3.1.

Release notes

Sourced from svgo's releases.

v2.3.1

Fixed vulnerability in css-select dependency (svg/svgo#1485)

Thanks to @​ericcornelissen

v2.3.0

Hey, everybody! We have a big release here.

• The new plugin is added for merging style elements into one. See #1381

Before:

<svg>
  <style media="print">
    .st0{ fill:red; padding-top: 1em; padding-right: 1em; padding-bottom: 1em; padding-left: 1em; }
  </style>
  <style>
    .test { background: red; }
  </style>
</svg>

After:

<svg>
  <style>
    @media print{
      .st0{ fill:red; padding-top: 1em; padding-right: 1em; padding-bottom: 1em; padding-left: 1em; }
    }
    .test { background: red; }
  </style>
</svg>

• CLI got new --exclude flag which uses regexps to exclude some files from --folder. See #1409

svgo --folder=svgs --exclude "invalid-icon" "bad-.+"

• Internal AST is migrated to XAST. This spec makes maintaining plugins easier and may be used as interop with other tools like SVGR.

• The new visitor plugin type combines features of "full", "perItem" and "perItemReverse" plugins without loosing simplicity. Eventually only visitor api will be supported. See #1454

Also small fixes

• override default floatPrecision in plugins with globally specified one (svg/svgo@7389bcd)
• fix rendering -0 in path data (svg/svgo@3d4adb6)
• make browser bundle 30% smaller (svg/svgo@2799622)
• simplified convertPathData plugin (svg/svgo@a04b27a and svg/svgo@6165743)

... (truncated)

Changelog

Sourced from svgo's changelog.

[ > ] 1.3.2 / 30.10.2019

• Fixed TypeError: Cannot set property 'multipassCount' of undefined

[ > ] 1.3.1 / 29.10.2019

• Updated CSSO version to 4.0.2 fixing the issue with empty semicolons ";;" in styles (thanks to @​strarsis and @​lahmatiy).
• prefixIds plugin now runs only once with --multipass option (by @​strarsis).
• cleanupIDs plugin is prevented from producing a preserved ID, including one which matches a preserved prefix, when minifying (by @​thomsj).

[ > ] 1.3.0 / 14.07.2019

• Custom plugins now can be loaded from external js through path plugin param.
• New plugin convertEllipseToCircle to convert ellipse with equal radius measures to circle (by @​tigt).
• New plugin sortDefsChildren for improved compression (by @​davidleston).
• SVGO now removes unnecessary spaces after arcto path command flags.
• removeDimensions plugin now adds viewBox if it's missing (by @​adipascu).
• Fixed removeUnusedNS not counting attributes in <svg> tag itself.
• Fixed an issue with incorrect processing multiple images (by @​cyberalien).
• Fixed an error with incorrect converting multiple segmented curve to an arc.
• Fixed an error with matrix decomposition in convertTransform due to rounding error leading to illegal value.
• Added force option for mergePaths plugin (by @​goyney).
• Added options to prefixIds plugin for selectively prefixing IDs and/or classes (by @​strarsis).
• Exported config function (by @​1000ch).

[ > ] 1.2.2 / 16.04.2019

• Update js-yaml for Code Injection warning (by @​kaungst).

[ > ] 1.2.1 / 04.04.2019

Some goodness from pull-requests.

• Bump up js-yaml version to fix DoS vulnerability (by @​eugestarr).

[ > ] 1.2.0 / 24.02.2019

Some goodness from pull-requests.

• Fixed extra blank lines when processing many files (by @​panczarny).
• Added --recursive option to process folders recursevely with option -f (by @​dartess).
• Added removeAttributesBySelector plugin to remove elements matching a css selector (by @​bmease).
• Added removeOffCanvasPaths plugin to remove elements outside of the viewbox (by @​JoshyPHP).
• removeAttrs plugin: added preserveCurrentColor color (by @​roblevintennis) and 3rd optional filter for a value (by @​Herman-Freund).
• Added reusePaths plugin to replace duplicated elements with link (by @​jhowcrof).
• Added support of comma-separated plugins list in --disable and --enable options (by @​jmwebservices).
• Added option to preserve IDs based on prefix in cleanupIDs plugin (by @​bkotzz).
• Replaced colors dependency with chalk (by @​xPaw).

[ > ] 1.1.1 / 17.09.2018

• Fixed crash in SVGO.optimize() when ‘info’ is absent.
• Removed extra space after cleanupListOfValues plugin.

[ > ] 1.1.0 / 16.09.2018

• Fixed collapseGroups plugin removing property with a child having inherit value.
• version attribute value is not more being rounded.
• Fixed jsAPI clone method with respect to the introduced CSS classes.
• Fixed scaling strokes with vector-effect="non-scaling-stroke" (by @​alexjlockwood).

... (truncated)

Commits

• daf2f88 2.3.1
• 25d0f87 Upgrade css-select from ^3.1.2 to ^4.1.3 (#1485)
• 59876d8 Remove unused artifacts
• 68798eb Mark convertStyleToAttrs as disabled in README (#1472)
• 3d79f57 Convert convertPathData to visitor
• 06110b4 Convert mergePaths to visitor
• 368a67b Convert removeHiddenElems to visitor
• 17aaf36 Cleanup collapseGroups tests
• e381ccc 2.3.0
• 09aec37 Implement exclude pattern cli option (#1409)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by trysound, a new releaser for svgo since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)