build(deps): [security] bump https-proxy-agent from 2.1.0 to 2.2.3

[dependabot-preview]

Bumps https-proxy-agent from 2.1.0 to 2.2.3. This update includes security fixes.

Vulnerabilities fixed

Sourced from The GitHub Security Advisory Database.

High severity vulnerability that affects https-proxy-agent
https-proxy-agent passes unsanitized options to Buffer(arg) resulting in DoS and uninitialized memory leak.

Affected versions: < 2.2.0

Sourced from The Node Security Working Group.

Denial of Service
https-proxy-agent passes unsanitized options to Buffer(arg), resulting in DoS and uninitialized memory leak

Affected versions: <=2.1.1

Release notes

Sourced from https-proxy-agent's releases.

2.2.3

Patches

• Update README with actual secureProxy behavior: #65
• Update proxy to v1.0.0: d0e3c18079119057b05582cb72d4fda21dfc2546
• Remove unreachable code: 46aad0988b471f042856436cf3192b0e09e36fe6
• Test on Node.js 10 and 12: 3535951e482ea52af4888938f59649ed92e81b2b
• Fix compatibility with Node.js >= 10.0.0: #73
• Use an EventEmitter to replay failed proxy connect HTTP requests: #77

Credits

Huge thanks to @​stoically, @​lpinca, and @​zkochan for helping!

2.2.2

Patches

• Remove package-lock.json: c881009b9873707f5c4a0e9c277dde588e1139c7
• Ignore test directory, History.md and .travis.yml when creating npm package. Fixes #42: #45
• Update agent-base to v4.2: #50
• Add TypeScript type definitions: #66
• Feat(typescript): Allow input to be options or string: #68
• Update agent-base to v4.3: #69

Credits

Huge thanks to @​marco-c, @​tareqhs, @​ianhowe76, and @​BYK for helping!

2.2.1

Patches

• Add defaultPort field: #43

Credits

Huge thanks to @​jan-auer for helping!

2.2.0

Minor Changes

• Use Buffer.from(): 1c24219df87524e6ed973127e81f30801d658f07
• Add "engines" to package.json: a27792225b652c5483247c96654d40bda27873d0

Commits

• 0d8e8bf 2.2.3
• 850b835 Revert "Use Mocha 5 for Node 4 support"
• f5f56fa Remove Node 4 from Travis
• bb837b9 Revert "Remove Node 4 from Travis"
• 1e34e0d Use Mocha 5 for Node 4 support
• 36d8cf5 Use an EventEmitter to replay failed proxy connect HTTP requests (#77)
• 5252bb9 Revert "Meh…" (#79)
• 6c804a2 Remove Node 4 from Travis
• 2170151 [TypeScript] Allow port to be a string (#72)
• 590bc8b Remove Node 5 and 7 from Travis
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[dependabot-preview]

Superseded by #36.