Update humanmade/asset-loader requirement from ^0.6.3 to ^0.6.4

[dependabot[bot]]

Updates the requirements on humanmade/asset-loader to permit the latest version.

Release notes

Sourced from humanmade/asset-loader's releases.

v0.6.4

What's Changed

• Add just-the-hm-docs docs site by @​goldenapples in humanmade/asset-loader#52
• Update to Jekyll 4, inherit from theme by @​joeleenk in humanmade/asset-loader#53
• Security enhancements: specific commit to 3rd-party GH Actions, secure href attr on 404.html file by @​MiguelAxcar in humanmade/asset-loader#56

New Contributors

• @​joeleenk made their first contribution in humanmade/asset-loader#53
• @​MiguelAxcar made their first contribution in humanmade/asset-loader#56

Full Changelog: https://github.com/humanmade/asset-loader/compare/v0.6.3...v0.6.4

Changelog

Sourced from humanmade/asset-loader's changelog.

v0.6.4

• Point to specific commit for 3rd-party Github action
• Secure href attribute in 404 page to prevent XSS vulnerabilities

v0.6.3

• Adds support for the composer installers v2 package

v0.6.2

• Ensure that a version string is always set on an asset, even when the built file has a hash string in the file name. This ensures proper cache invalidation in sites using asset concatenation.

v0.6.1

• Fix get_file_uri() when using symlinks

v0.6.0

• Breaking: Remove deprecated autoregister, autoenqueue, and register_assets methods.
• Add filter asset_loader_manifest_contents to allow filtering of loaded asset manifest contents.

v0.5.0

• Support enqueuing scripts in the page <head> by passing 'in-footer' => false in options array.
• Introduce get_active_manifest() function to return the first available manifest in a list.

v0.4.1

• Fix bug where admin namespace was not loaded.

v0.4.0

• Breaking: Remove undocumented Asset_Loader\is_development method.
• Breaking: Remove undocumented Asset_Loader\enqueue_assets method.
• New: Introduce new Asset_Loader\register_asset() and Asset_Loader\enqueue_asset() public API.
  • Assets should now be registered individually.
  • If a bundle exports both a CSS and JS file, both files should be registered or enqueued individually.
• Deprecate Asset_Loader\autoenqueue() method. Use the new, singular enqueue_asset() instead.
• Deprecate Asset_Loader\autoregister() method. Use the new, singular register_asset() instead.
• Deprecate Asset_Loader\register_assets() method. Use the new, singular register_asset() instead.
• Refactor how SSL warning notice behavior gets triggered during asset registration.
• Change how version strings are determined when registering assets
  • If asset is detected to be using a uniquely hashed filename, no version string is used.
  • If an asset manifest is in use, assets are versioned based on a content hash of that manifest.
  • If no other version information can be determined and the loader is running withinAltis, the Altis revision constant is used to version registered assets.

v0.3.4

• Added composer/installers as a dependency to permit custom installation paths when installing this package.

... (truncated)

Commits

• 1cc2bdc Merge pull request #58 from humanmade/prepare-0.6.4-release
• 9dd1897 Prepare v0.6.4 release
• 33cbdd1 Merge pull request #56 from humanmade/security-enhancements
• 13e4ddf Secure href attribute in 404 page to prevent XSS vulnerabilities
• 7f129d0 Point to specific commmit for 3rd-party Github action
• 8df3bb5 Fix deploy to GH pages script
• 5b7f079 Fix deploy to GH pages script
• d5e4ba9 CD to docs first
• fd81065 Try bundle install without the path
• ceaf4f6 Replace path flag in deploy script
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[kovshenin]

@dependabot rebase