Bump jsonata and node-red

[dependabot[bot]]

Bumps jsonata to 1.8.7 and updates ancestor dependency node-red. These dependencies need to be updated together.

Updates jsonata from 1.8.6 to 1.8.7

Release notes

Sourced from jsonata's releases.

1.8.7 Maintenance Release

• Prevent writing to the object prototype or constructor (PR jsonata-js/jsonata#681)

Changelog

Sourced from jsonata's changelog.

1.8.7 Maintenance Release

• Prevent writing to the object prototype or constructor (PR jsonata-js/jsonata#681)

Commits

• 220b45a Publish version 1.8.7 (#682)
• 1d579db Prevent writing to the object prototype or constructor (v1 port) (#681)
• ebdb02a Add workflow
• See full diff in compare view

Updates node-red from 3.1.5 to 3.1.7

Release notes

Sourced from node-red's releases.

3.1.7: Maintenance Release

What's Changed

• Update jsonata version by @​hardillb in node-red/node-red#4593
• Add Japanese translation for v3.1.6 by @​kazuhitoyokoi in node-red/node-red#4603
• Bump for 3.1.7 release by @​knolleary in node-red/node-red#4608

Full Changelog: https://github.com/node-red/node-red/compare/3.1.6...3.1.7

3.1.6: Maintenance Release

Editor

• Do not flag env var in num typedInput as error (#4582) @​knolleary
• Fix example flow name in import dialog (#4578) @​kazuhitoyokoi
• Fix missing node icons in workspace (#4570) @​knolleary

Runtime

• Handle undefined env vars (#4581) @​knolleary
• fix: Removed offending MD5 crypto hash and replaced with SHA1 and SHA256 … (#4568) @​JaysonHurst
• chore: remove never use import code (#4580) @​giscafer

Nodes

• fix: template node zh-CN translation (#4575) @​giscafer

Changelog

Sourced from node-red's changelog.

3.1.7: Maintenance Release

• Add Japanese translation for v3.1.6 (#4603) @​kazuhitoyokoi
• Update jsonata version (#4593) @​hardillb

3.1.6: Maintenance Release

Editor

• Do not flag env var in num typedInput as error (#4582) @​knolleary
• Fix example flow name in import dialog (#4578) @​kazuhitoyokoi
• Fix missing node icons in workspace (#4570) @​knolleary

Runtime

• Handle undefined env vars (#4581) @​knolleary
• fix: Removed offending MD5 crypto hash and replaced with SHA1 and SHA256 … (#4568) @​JaysonHurst
• chore: remove never use import code (#4580) @​giscafer

Nodes

• fix: template node zh-CN translation (#4575) @​giscafer

Commits

• 179032c Merge pull request #4608 from node-red/rel317
• 6a6f0d0 Bump for 3.1.7 release
• add4d97 Merge pull request #4603 from kazuhitoyokoi/master-addjpn
• a0d3ea6 Add Japanese translation for v3.1.6
• 7447e88 Merge pull request #4593 from hardillb/hardillb-patch-1
• a193b79 Bump jsonata to match utils
• da380f7 Update jsonata version
• 269cf02 Merge pull request #4586 from node-red/rel316
• fb50e27 Bump for 3.1.6 release
• 058c971 Merge pull request #4582 from node-red/3795-allow-env-var-in-num-field-valida...
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.