fix(deps): update dependency compression to v1.7.5

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
compression	1.7.4 -> 1.7.5

---

Release Notes

expressjs/compression (compression)

v1.7.5

Compare Source

==========

• deps: Replace accepts with negotiator@~0.6.4
  • Add preference option
• deps: [email protected]
  • Add petabyte (pb) support
  • Fix "thousandsSeparator" incorrecting formatting fractional part
  • Fix return value for un-parsable strings
• deps: compressible@~2.0.18
  • Mark font/ttf as compressible
  • Remove compressible from multipart/mixed
  • deps: mime-db@'>= 1.43.0 < 2'
• deps: [email protected]

---

Configuration

📅 Schedule: Branch creation - "after 7pm every weekday,before 5am every weekday" in timezone Europe/Madrid, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

2 Skipped Deployments

Name	Status	Preview	Comments	Updated (UTC)
unleash-docs	⬜️ Ignored (Inspect)	Visit Preview		Nov 13, 2024 7:39pm
unleash-monorepo-frontend	⬜️ Ignored (Inspect)	Visit Preview		Nov 13, 2024 7:39pm

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/compression	1.7.5	🟢 5.1	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches CI-Tests 🟢 8 11 out of 13 merged PRs checked by a CI test -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 4 found 16 unreviewed changesets out of 29 -- score normalized to 4 Contributors 🟢 10 17 different organizations found -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool ⚠️ 0 no update tool detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Maintained 🟢 10 12 commit(s) out of 30 and 6 issue activity out of 30 found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 no published package detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 SAST 🟢 7 SAST tool detected but not run on all commits Security-Policy ⚠️ 0 security policy file not detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 no vulnerabilities detected
npm/negotiator	0.6.4	🟢 4.7	Details Check Score Reason Code-Review ⚠️ 2 Found 5/25 approved changesets -- score normalized to 2 Maintained 🟢 9 10 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 9 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy 🟢 4 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• yarn.lock