chore(deps): bump urijs from 1.19.5 to 1.19.11

[dependabot[bot]]

Bumps urijs from 1.19.5 to 1.19.11.

Release notes

Sourced from urijs's releases.

1.19.11 (April 3rd 2022)

• SECURITY fixing URI.parse() handle excessive slashes in scheme-relative URLs - disclosed by zeyu2001 via https://huntr.dev/
• SECURITY fixing URI.parse() remove \r (CR), \n, (LF) \t (TAB) - disclosed by haxatron via https://huntr.dev/

1.19.10 (March 5th 2022)

• SECURITY fixing URI.parse() handle excessive colons in protocol delimiter - disclosed by huydoppa via https://huntr.dev/

1.19.9 (March 3rd 2022)

• SECURITY fixing URI.parse() handle leading whitespace - disclosed by p0cas via https://huntr.dev/

1.19.8 (February 15th 2022)

• SECURITY fixing URI.parse() treat scheme case-insenstivie when handling excessive slackes and backslashes - [PR #412](medialize/URI.js#412) by r0hanSH

1.19.7 (July 14th 2021)

• SECURITY fixing URI.parseQuery() to prevent overwriting __proto__ in parseQuery() - disclosed privately by @​NewEraCracker
• SECURITY fixing URI.parse() to handle variable amounts of \ and / in scheme delimiter as Node and Browsers do - disclosed privately by ready-research via https://huntr.dev/
• removed obsolete build tools
• updated jQuery versions (verifying compatibility with 1.12.4, 2.2.4, 3.6.0)

1.19.6 (February 13th 2021)

• SECURITY fixing URI.parse() to rewrite \ in scheme delimiter to / as Node and Browsers do - disclosed privately by Yaniv Nizry from the CxSCA AppSec team at Checkmarx

Changelog

Sourced from urijs's changelog.

1.19.11 (April 3rd 2022)

• SECURITY fixing URI.parse() handle excessive slashes in scheme-relative URLs - disclosed by zeyu2001 via https://huntr.dev/
• SECURITY fixing URI.parse() remove \r (CR), \n, (LF) \t (TAB) - disclosed by haxatron via https://huntr.dev/

1.19.10 (March 5th 2022)

• SECURITY fixing URI.parse() handle excessive colons in protocol delimiter - disclosed by huydoppa via https://huntr.dev/

1.19.9 (March 3rd 2022)

• SECURITY fixing URI.parse() handle leading whitespace - disclosed by p0cas via https://huntr.dev/

1.19.8 (February 15th 2022)

• SECURITY fixing URI.parse() treat scheme case-insenstivie when handling excessive slackes and backslashes - [PR #412](medialize/URI.js#412) by r0hanSH

1.19.7 (July 14th 2021)

• SECURITY fixing URI.parseQuery() to prevent overwriting __proto__ in parseQuery() - disclosed privately by @​NewEraCracker
• SECURITY fixing URI.parse() to handle variable amounts of \ and / in scheme delimiter as Node and Browsers do - disclosed privately by ready-research via https://huntr.dev/
• removed obsolete build tools
• updated jQuery versions (verifying compatibility with 1.12.4, 2.2.4, 3.6.0)

1.19.6 (February 13th 2021)

• SECURITY fixing URI.parse() to rewrite \ in scheme delimiter to / as Node and Browsers do - disclosed privately by Yaniv Nizry from the CxSCA AppSec team at Checkmarx

Commits

• b655c1b chore(build): bumping to version 1.19.11
• b0c9796 fix(parse): handle CR,LF,TAB
• 88805fd fix(parse): handle excessive slashes in scheme-relative URLs
• 926b2aa chore(build): bumping to version 1.19.10
• a8166fe fix(parse): handle excessive colons in scheme delimiter
• 01920b5 chore(build): bumping to version 1.19.9
• 86d1052 fix(parse): remove leading whitespace
• efae1e5 chore(build): bumping to version 1.19.8
• 6ea641c fix(parse): case insensitive scheme - #412
• 19e54c7 chore(build): bumping to version 1.19.7
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Tencent/nohost/network/alerts).

[dependabot[bot]]

Looks like urijs is up-to-date now, so this is no longer needed.