Bump braces and hexo

[dependabot]

Bumps braces to 2.3.2 and updates ancestor dependency hexo. These dependencies need to be updated together.

Updates braces from 1.8.5 to 2.3.2

Changelog

Sourced from braces's changelog.

[2.3.2] - 2018-04-08

• start refactoring
• cover sets
• better range handling

[2.3.1] - 2018-02-17

• Remove unnecessary escape in Regex. (#14)

[2.3.0] - 2017-10-19

• minor code reorganization
• optimize regex
• expose maxLength option

[2.2.1] - 2017-05-30

• don't condense when braces contain extglobs

[2.2.0] - 2017-05-28

• ensure word boundaries are preserved
• fixes edge case where extglob characters precede a brace pattern

[2.1.1] - 2017-04-27

• use snapdragon-node
• handle edge case
• optimizations, lint

[2.0.4] - 2017-04-11

• pass opts to compiler
• minor optimization in create method
• re-write parser handlers to remove negation regex

[2.0.3] - 2016-12-10

• use split-string
• clear queue at the end
• adds sequences example
• add unit tests

[2.0.2] - 2016-10-21

• fix comma handling in nested extglobs

[2.0.1] - 2016-10-20

... (truncated)

Commits

• See full diff in compare view

Updates hexo from 3.8.0 to 3.9.0

Release notes

Sourced from hexo's releases.

3.9.0

New Features

• Updated hexo-renderer-marked to 1.0.1 (#3571)
• Updated hexo-fs to 1.0.0 (#3301)
• TOC: Seek anchor id from parent nodes when target is not available (#3404)
• tag/include_code now can include ranged code lines (#3393)

Bug Fixes

• DisableNunjucks: true should render markdown code block (#3573)
• Changing source config should generate assets (#3399)

Refactor

• Spread function: Hexo built-in plugin blockquote (#3291)
• ES6 block scoping refactor (#3294)
• Use spread syntax (#3333)

Housekeeping

• #3326 #3324 #3315 #3300 #3329 #3359 #3369 #3368 #3367 #3569

It is a great release and thanks for hardworking from all contributors. 🤗

Commits

• 7fba3c1 3.9.0
• 9d09d2e DisableNunjucks: true should render markdown code block (#3573)
• 61cbc62 chore(stale): stale bot limit to only issue (#3555)
• 6e6ee20 add another test case (disableNunjucks === false) for PR #3573
• d21aa32 add unit test for disableNunjucks property of renderer; PR #3573 https://gith...
• 61781ad chore(deps-dev): replace deprecated istanbul with nyc (#3570)
• 995097e fix the issue that code blocks in markdown are rendered as placeholder after ...
• 1b432c3 Merge pull request #3571 from weyusi/marked
• 18aa36c chore: remove .npmignore (#3569)
• 1345eaf test: fix new line
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.