Bump semver from 5.4.1 to 7.3.2

[dependabot-preview]

Bumps semver from 5.4.1 to 7.3.2.

Changelog

Sourced from semver's changelog.

changes log

7.3.0

• Add subset(r1, r2) method to determine if r1 range is entirely contained by r2 range.

7.2.3

• Fix handling of includePrelease mode where version ranges like 1.0.0 - 2.0.0 would include 3.0.0-pre and not 1.0.0-pre.

7.2.2

• Fix bug where 2.0.0-pre would be included in ^1.0.0 if includePrerelease was set to true.

7.2.0

• Add simplifyRange method to attempt to generate a more human-readable range expression that is equivalent to a supplied range, for a given set of versions.

7.1.2

• Remove fancy lazy-loading logic, as it was causing problems for webpack users.

7.1.0

• Add require('semver/preload') to load the entire module without using lazy getter methods.

7.0.0

• Refactor module into separate files for better tree-shaking
• Drop support for very old node versions, use const/let, => functions, and classes.

6.3.0

• Expose the token enum on the exports

6.2.0

• Coerce numbers to strings when passed to semver.coerce()
• Add rtl option to coerce from right to left

6.1.3

... (truncated)

Commits

• ce978f9 7.3.2
• 9fb2c19 Exclude prereleases in X-ranges with < comparators
• b97044b 7.3.1
• 059a5ad Always exclude prereleases from range maximums
• f27dcf5 Adding several tests for various 'pre-release' situations.
• 92bccf1 7.3.0
• 100f07a subset(): test if one range is a subset of another
• 33daffe changelog 7.2.3
• 45b1495 7.2.3
• 0365d6f update tap to make npm audit happy
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[dependabot-preview]

Superseded by #562.