Bump semver from 7.1.3 to 7.2.3

[dependabot-preview]

Bumps semver from 7.1.3 to 7.2.3.

Changelog

Sourced from semver's changelog.

7.2.3

• Fix handling of includePrelease mode where version ranges like 1.0.0 - 2.0.0 would include 3.0.0-pre and not 1.0.0-pre.

7.2.2

• Fix bug where 2.0.0-pre would be included in ^1.0.0 if includePrerelease was set to true.

7.2.0

• Add simplifyRange method to attempt to generate a more human-readable range expression that is equivalent to a supplied range, for a given set of versions.

7.1.2

• Remove fancy lazy-loading logic, as it was causing problems for webpack users.

7.1.0

• Add require('semver/preload') to load the entire module without using lazy getter methods.

7.0.0

• Refactor module into separate files for better tree-shaking
• Drop support for very old node versions, use const/let, => functions, and classes.

6.3.0

• Expose the token enum on the exports

6.2.0

• Coerce numbers to strings when passed to semver.coerce()
• Add rtl option to coerce from right to left

6.1.3

• Handle X-ranges properly in includePrerelease mode

6.1.2

• Do not throw when testing invalid version strings

6.1.1

... (truncated)

Commits

• 45b1495 7.2.3
• 0365d6f update tap to make npm audit happy
• 1bd5bdd fix: Handle prereleases properly in 'X - Y' ranges
• 5d0dcda 7.2.2
• 044c54c fix: 2.0.0-rc1 should never be included in ^1.0.0
• 77c95e3 update changelog
• dfe658f 7.2.1
• 6eab8c2 do not include vim swap files in package
• c6581a8 7.2.0
• 2b5ad50 Add method for simplifying ranges
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)