chore(deps): bump shell-quote and concurrently

[dependabot]

Bumps shell-quote to 1.8.4 and updates ancestor dependency concurrently. These dependencies need to be updated together.

Updates shell-quote from 1.8.3 to 1.8.4

Changelog

Sourced from shell-quote's changelog.

v1.8.4 - 2026-05-22

Commits

• [Fix] quote: validate object-token shapes 4378a6e
• [Dev Deps] update @ljharb/eslint-config, auto-changelog, eslint, npmignore 22ebec0
• [Tests] increase coverage 9f3caa3
• [readme] replace runkit CI badge with shields.io check-runs badge 3344a04
• [Dev Deps] update @ljharb/eslint-config 699c511

Commits

• ff166e2 v1.8.4
• 4378a6e [Fix] quote: validate object-token shapes
• 22ebec0 [Dev Deps] update @ljharb/eslint-config, auto-changelog, eslint, `npmig...
• 9f3caa3 [Tests] increase coverage
• 3344a04 [readme] replace runkit CI badge with shields.io check-runs badge
• 699c511 [Dev Deps] update @ljharb/eslint-config
• See full diff in compare view

Updates concurrently from 9.2.1 to 10.0.3

Release notes

Sourced from concurrently's releases.

v10.0.3

Republish of https://github.com/open-cli-tools/concurrently/releases/tag/v10.0.1 with Trusted Publishing enabled (see #595)

Full Changelog: open-cli-tools/concurrently@v10.0.2...v10.0.3

v10.0.2

Test version to restore Trusted Publishing. Not published to npm.

v10.0.1

• Ensure FlowController type is exported - #594

Full Changelog: open-cli-tools/concurrently@v10.0.0...v10.0.1

v10.0.0

💥 Breaking Changes

• Dropped support for Node.js <22.0.0. Older Node.js version have reached end-of-life, and certain features require new-ish JS APIs.
• concurrently is now ESM-only. It's now possible to require(esm). See here for interoperability.
• Prefix colors now default to automatic - #581 The colors used to default to reset (which does nothing). Concurrently now automatically selects a color, out of the box. The list of colors used is not jarring nor carries semantic meaning, and reads well in both dark and light terminal backgrounds.
• Removed deprecated flags and options
  • CLI flag --name-separator: use commas instead.
  • API option killOthers: use killOthersOn instead.

✨ New Features

• Support applying modifiers to hex prefix colors (e.g. #ff0000.bold) - #450
• Support chalk's color functions in prefixes (e.g. rgb(), hex(), bgRgb(), etc) - #578
• Set prefix background color via bg#RRGGBB - #578
• Allow shell override via --shell CLI flag/shell API option - #288, #589, #556 concurrently distinguishes between cmd.exe, powershell, and POSIX-based shells.
• Manual prefix coloring in templates e.g. [{color}{name}{/color}] - #583, #587

🐛 Bug fixes

• Scope quote normalization to CLI input - #582, #585 It should now also be possible to run commands like "/some/command" foo bar"
• Don't throw when color doesn't exist - #580

🔐 Security

• Address vulnerability in shellquote - #591

Other changes

• Warn about running on Snap - #584

New Contributors

• @​philfreo made their first contribution in open-cli-tools/concurrently#566
• @​garretmh made their first contribution in open-cli-tools/concurrently#450
• @​CodeF53 made their first contribution in open-cli-tools/concurrently#574
• @​nkappler made their first contribution in open-cli-tools/concurrently#577

... (truncated)

Commits

• 435f61b 10.0.3
• 5ea69c6 ci: use node 24 in the release workflow
• 18e1281 10.0.2
• e70686f 10.0.1
• a95bceb Rename flow-controller{.d -> }.ts
• ced4245 ci: configure trusted publisher flow
• cf2eaa2 10.0.0
• 1b9bae4 deps: upgrade yargs to v18 (#593)
• b05ee75 Bump min Node.js version to v22
• ae60bc4 Scope quote normalization to CLI input (#585)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for concurrently since your current version.

[paukert]

@dependabot rebase