Bump got, snyk and critical

[dependabot[bot]]

Bumps got, snyk and critical. These dependencies needed to be updated together. Updates got from 8.3.2 to 11.8.5

Release notes

Sourced from got's releases.

v11.8.5

• Backport security fix https://github.com/sindresorhus/got/commit/861ccd9ac2237df762a9e2beed7edd88c60782dc
  • CVE-2022-33987

https://github.com/sindresorhus/got/compare/v11.8.4...v11.8.5

v11.8.3

• Bump cacheable-request dependency (#1921) 9463bb6
• Fix HTTPError missing .code property (#1739) 0e167b8

https://github.com/sindresorhus/got/compare/v11.8.2...v11.8.3

v11.8.2

• Make the dnsCache option lazy (#1529) 3bd245f This slightly improves Got startup performance and fixes an issue with Jest.

https://github.com/sindresorhus/got/compare/v11.8.1...v11.8.2

v11.8.1

• Do not throw on custom stack traces (#1491) 4c815c3a609eb74d0eb139414d9996b4f65dc3c0

v11.8.0

• Fix for sending files with size 0 on stat (#1488) 7acd380
• beforeRetry allows stream body if different from original (#1501) 3dd2273
• Set default value for an options object (#1495) 390b145

https://github.com/sindresorhus/got/compare/v11.7.0...v11.8.0

v11.7.0

Improvements

• Add pfx HTTPS option (#1364) c33df7f
• Update body after beforeRequest (#1453) e1c1844
• Don't allocate buffer twice (#1403) 7bc69d9

Fixes

• Fix a regression where body was sent after redirect 88b32ea
• Fix destructure error on promise.json() c97ce7c
• Do not ignore userinfo on a redirect to the same origin 52de13b

https://github.com/sindresorhus/got/compare/v11.6.2...v11.7.0

v11.6.2

Bug fixes

• Inherit the prefixUrl option from parent if it's undefined (#1448) a3da70a78aeb7f44dd3e0d0fa47cebe9541eb91e
• Prepare a fix for hanging promise on Node.js 14.10.x 29d4e325b110ccf7571d4265d40760be4175f7ff
• Prepare for Node.js 15.0.0 c126ff19c4e893975cbf6c2c8bebce6ed7631276

... (truncated)

Commits

• 5e17bb7 11.8.5
• bce8ce7 Backport 861ccd9ac2237df762a9e2beed7edd88c60782dc
• 8ced192 Fix build
• 670eb04 11.8.4
• 20f29fe Backport #1543: Initialize globalResponse in case of ignored HTTPError (#2017)
• 0da732f 11.8.3
• 9463bb6 Bump cacheable-request dependency (#1921)
• 0e167b8 HTTPError code set to 'HTTPError' #1711 (#1739)
• f896aa5 11.8.2
• 3bd245f Instantiate CacheableLookup only when needed (#1529)
• Additional commits viewable in compare view

Updates snyk from 1.661.0 to 1.990.0

Release notes

Sourced from snyk's releases.

v1.990.0

1.990.0 (2022-08-22)

Bug Fixes

• none custom policies severity issues should be filtered out before sending them to registry (4acacd2)

v1.989.0

1.989.0 (2022-08-19)

Bug Fixes

• downgrade snyk-go-plugin to 1.19.0 (4643026)
• increase buffer size (8079fe3)
• update golang plugin (a0e30d9)
• upgrade-docker-registry-v2-client (275afb1)

Features

• pass remote-repo-url arg to snyk-iac-test (18e8c87)

v1.988.0

1.988.0 (2022-08-17)

Bug Fixes

• return exit code 3 when no resources can be found (9d2e41f)
• upgrade docker-registry-v2-client lib (374ba55)

Features

• pass target-name arg to snyk-iac-test (4352122)
• stop caching rules (71c866e)

v1.987.0

1.987.0 (2022-08-15)

Bug Fixes

• correct broken URLs for license issues (8a46931)
• Ensured the test spinner stops (5d9d15f)

Features

... (truncated)

Commits

• c3095cf Merge pull request #3606 from snyk/fix/none-custom-policies-filtering
• 0a5a129 Merge pull request #3611 from snyk/fix/regression_tests
• 4643026 fix: downgrade snyk-go-plugin to 1.19.0
• 2a573e3 Merge pull request #3607 from snyk/fix/upgrade-docker-registry-v2-client
• 275afb1 fix: upgrade-docker-registry-v2-client
• 4acacd2 fix: none custom policies severity issues should be filtered out before sendi...
• d347279 Merge pull request #3598 from snyk/fix/update-golang-plugin
• 43dcec6 Merge pull request #3599 from snyk/chore/add-remote-repo-url-iac-v2
• 18e8c87 feat: pass remote-repo-url arg to snyk-iac-test
• 3b9f91b chore: Updated snyk-iac-test version to v0.21.0
• Additional commits viewable in compare view

Updates critical from 1.3.10 to 4.0.1

Release notes

Sourced from critical's releases.

v4.0.1

• Adds support for media attribute on link elements (#510) f6aadc9
• Npm audit fix 24e2266
• Bump normalize-url from 4.5.0 to 4.5.1 (#502) 4c8988c
• Bump trim-newlines from 3.0.0 to 3.0.1 (#501) 8e5beb8

https://github.com/addyosmani/critical/compare/v4.0.0...v4.0.1

v4.0.0

Maintenance

• Bump dependencies 26e8b7c
• Bump ws from 6.2.1 to 6.2.2 (#500) 712122d
• Adds node 16 to ci matrix 143c398
• Removes link to changelog c2b14d9
• Fix config test fdd5705
• Fix linter af99878
• Bump inline-critical && fix tests f058e45

Bugfixes

• Support web pages that use media=print for async CSS (#487) 03d0455

Breaking

• Removed minify option 86aaa4a

https://github.com/addyosmani/critical/compare/v3.1.0...v4.0.0

v3.1.0

• npm audit fix d4599e0
• Adds support for inline styles & data-uris (#498) 3ed099c
• Bump hosted-git-info from 2.8.8 to 2.8.9 (#493) 1fb431b

https://github.com/addyosmani/critical/compare/v3.0.1...v3.1.0

v3.0.1

• Bump dependencies (#492) f3bd111
• Fix: dedupe stylesheet hrefs found in document b7d2e27

https://github.com/addyosmani/critical/compare/v3.0.0...v3.0.1

v3.0.0

• Bump dependencies (#483) 6b3e957
• Slice cssString in debug output 719cc52

BREAKING

• Drop support for node versions 11 & 13

https://github.com/addyosmani/critical/compare/v2.0.6...v3.0.0

v2.0.6

• Chore/bump deps (#472) 0619caa

... (truncated)

Changelog

Sourced from critical's changelog.

v2.0.0 / 2020-06-16

• Drop support for Node.js < 10
• Bump dependencies
• Use Jest for testing
• Drop include and timeout options as they can be specified in the penthouse options.
• Drop options styleTarget & dest in favour of target You can specify either a css file, an html file or an object {css: dest.css, html: dest.html} if you want to store both. We may also add an extract target here in a future release.
• Drop options destFolder, folder and pathPrefix. We tried our best to improve the way critical auto-detects the paths to used assets in the critical css which should suit for most cases. If this doesn't work out you can use the new rebase option to either specify the location of the css & the html file like this: {from: '/styles/main.css', to: '/en/test.html'}. You can also pass a callback function to dynamically compute the path or specify a cdn for example. We utilize postcss-url for this task.
• Due to some limitations with modern css features we replaced filter-css as the library of choice for handling ignores with postcss-discard. We tried to keep things backwards compatible but you may have to change your ignore configuration.
• Add concurrency option to specify how many operations can run in parallel.
• Add the ability to specify used css files using file globs. See supported minimatch patterns.

v1.3.4 / 2018-07-19

• fix: return Promise.reject instead of re-throw
• fix: handle PAGE_UNLOADED_DURING_EXECUTION error (#314)
• output warning on invalid extract setting
• Add user agent option (#316)
• Bump dependencies
• npm audit fix

v1.3.3 / 2018-06-06

• Bump dependencies
• Docs: fix typo (#310)
• Reduced vulnerabilities (#308)

v1.3.2 / 2018-05-15

• Switched to async-exit-hook

v1.3.1 / 2018-05-14

• Bump dependencies
• Removed process.exit on cleanup
• Adding html-webpack-critical-plugin to README (#306)

v1.3.0 / 2018-05-02

• Add basic auth option (#295)

v1.2.2 / 2018-04-02

• Improved handling of protocol-relative asset URLs (#288)
• Adjust test files according to (#293)
• Improve error reporting (#258)
• Replace gutil with fancy-log (#297)
• Update README.md (#296)

... (truncated)

Commits

• 6555d6d 4.0.1
• f6aadc9 Adds support for media attribute on link elements (#510)
• 24e2266 Npm audit fix
• 4c8988c Bump normalize-url from 4.5.0 to 4.5.1 (#502)
• 8e5beb8 Bump trim-newlines from 3.0.0 to 3.0.1 (#501)
• 34ed7c7 4.0.0
• 26e8b7c Bump dependencies
• 03d0455 Support web pages that use media=print for async CSS (#487)
• 712122d Bump ws from 6.2.1 to 6.2.2 (#500)
• 143c398 Adds node 16 to ci matrix
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.