chore(deps): bump http-cache-semantics and npm

[dependabot]

Bumps http-cache-semantics to 4.1.1 and updates ancestor dependency npm. These dependencies need to be updated together.

Updates http-cache-semantics from 3.8.1 to 4.1.1

Commits

• 2449650 Update mocha
• 560b2d8 Don't use regex to trim whitespace
• b1bdb92 Remove linting package zoo
• c20dc7e Cache 308
• ed83aec Explain trust server date
• 1b35980 rfc 5861 (stale-if-error, stale-while-revalidate)
• 2c2fac2 Drop trustServerDate
• eb7028f Test names
• 84cc9a8 Bump
• ae5ecd5 Add status to tests
• Additional commits viewable in compare view

Updates npm from 6.14.18 to 9.6.4

Release notes

Sourced from npm's releases.

libnpmhook: v9.0.3

9.0.3 (2023-02-07)

Bug Fixes

• 12ec7ee remove unused package.json scripts (@​lukekarrys)

libnpmhook: v9.0.2

9.0.2 (2023-02-01)

Dependencies

• 721fe3f #6118 read-package-json-fast@3.0.2
• a39556f @npmcli/template-oss@4.11.3

libnpmhook: v9.0.1

9.0.1 (2022-12-07)

Dependencies

• 0a3fe00 #5933 minipass@4.0.0
• fee9b66 npm-registry-fetch@14.0.3

libnpmpublish: v7.1.3

7.1.3 (2023-03-30)

Bug Fixes

• 3cf6f0d #6287 update provenance transparency log link (#6287) (@​bdehamer)

libnpmpublish: v7.1.2

7.1.2 (2023-03-14)

Bug Fixes

• 4622b42 #6247 add provenance publish notice (#6247) (@​bdehamer)
• 17adfb7 #6228 provenance build type v2 (#6228) (@​bdehamer, @​feelepxyz)

libnpmpublish: v7.1.1

7.1.1 (2023-03-08)

Bug Fixes

• 26cbe99 #6226 improve permission error for provenance (#6226) (@​bdehamer)

libnpmpublish: v7.1.0

7.1.0 (2023-02-14)

Features

... (truncated)

Changelog

Sourced from npm's changelog.

9.6.4 (2023-04-05)

Documentation

• 54795a3 #6312 filter archives out of version manager search (#6312) (@​ljharb)
• 530c285 #6306 remove reference to npm-packlist (#6306) (@​staff0rd)

Dependencies

• 85935ac #6325 ssri@10.0.2 (#6325)
• f1388b4 #6317 npm update
• 7dd0129 #6317 glob@9.3.2
• deca335 #6317 promise-call-limit@1.0.2
• Workspace: @npmcli/arborist@6.2.7
• Workspace: libnpmdiff@5.0.15
• Workspace: libnpmexec@5.0.15
• Workspace: libnpmfund@4.0.15
• Workspace: libnpmpack@5.0.15

9.6.3 (2023-03-30)

Bug Fixes

• 829503b #6304 don't break up log message across lines (@​wraithgar)
• 1435fcf #6304 do less work loading ./lib/npm.js (@​wraithgar)
• 09b58e4 #6284 make all color output use an npm instance of chalk (#6284) (@​lukekarrys)
• e252532 #6283 do less work looking up commands (#6283) (@​wraithgar)
• 6a4bcba #6275 clean up man sorting (@​wraithgar)
• 8a96b65 #6275 ignore ts and map files (@​wraithgar)
• 94d2b39 #6271 Do not log warnings about log cleanup when logs_max=0 (#6271) (@​jmealo)
• 2def359 #6277 updated ebadplatform messaging to be generated based on the error (#6277) (@​nlf)

Documentation

• 1e2eb81 #6311 replace version manager list with a github search (#6311) (@​wraithgar)
• 9d2be4e #6289 remove npm bin link (#6289) (@​KevinRouchut)

Dependencies

• e652dbd #6308 minimatch@7.4.3 (#6308)
• 01986d1 #6307 sigstore@1.2.0 (#6307)
• ea12627 #6275 minimatch@7.4.2
• ec3e020 #6275 glob@9.3.1
• 952fbed #6275 read-package-json@6.0.1
• dd43d30 #6275 parse-conflict-json@3.0.1
• d5ce7ca #6275 npm-install-checks@6.1.0
• 704cd1e #6275 nopt@7.1.0
• a6da22a #6275 ignore-walk@6.0.2
• 55955fd #6275 cacache@17.0.5
• 839b670 #6275 @npmcli/map-workspaces@3.0.3

... (truncated)

Commits

• b8006ad chore: release 9.6.4
• 85935ac deps: ssri@10.0.2 (#6325)
• f1388b4 deps: npm update
• 7dd0129 deps: glob@9.3.2
• deca335 deps: promise-call-limit@1.0.2
• 54795a3 docs: filter archives out of version manager search (#6312)
• 530c285 docs: remove reference to npm-packlist (#6306)
• 60460ed chore: release 9.6.3
• 1e2eb81 docs: replace version manager list with a github search (#6311)
• 7df8bfa chore: update libnpmpublish mocks for sigstore@1.2.0 (#6309)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.