build(deps): bump socks-proxy-agent from 5.0.1 to 8.0.5

[dependabot]

Bumps socks-proxy-agent from 5.0.1 to 8.0.5.

Release notes

Sourced from socks-proxy-agent's releases.

socks-proxy-agent@8.0.5

Patch Changes

• 913a49a: Only overwrite servername in tls connect when host is not an IP address
• Updated dependencies [1699a09]
  • agent-base@7.1.2

socks-proxy-agent@8.0.4

Patch Changes

• fdeed27: resolve vulnerability in IP package
• 5908e84: Remove net.isIP() check for TLS servername

socks-proxy-agent@8.0.3

Patch Changes

• ada656d: Pass socket_options to SocksClient
• Updated dependencies [e62863c]
  • agent-base@7.1.1

socks-proxy-agent@8.0.2

Patch Changes

• 1d39f6c: Fix Electron support by using Node.js native URL object

socks-proxy-agent@8.0.1

Patch Changes

• 7674748: Update @types/node to v14.18.45
• Updated dependencies [7674748]
  • agent-base@7.0.1

Changelog

Sourced from socks-proxy-agent's changelog.

8.0.5

Patch Changes

• 913a49a: Only overwrite servername in tls connect when host is not an IP address
• Updated dependencies [1699a09]
  • agent-base@7.1.2

8.0.4

Patch Changes

• fdeed27: resolve vulnerability in IP package
• 5908e84: Remove net.isIP() check for TLS servername

8.0.3

Patch Changes

• ada656d: Pass socket_options to SocksClient
• Updated dependencies [e62863c]
  • agent-base@7.1.1

8.0.2

Patch Changes

• 1d39f6c: Fix Electron support by using Node.js native URL object

8.0.1

Patch Changes

• 7674748: Update @types/node to v14.18.45
• Updated dependencies [7674748]
  • agent-base@7.0.1

8.0.0

Major Changes

• d99a7c8: Major version bump for all packages
  • ⚠️ This is a breaking change! The SocksProxyAgent constructor argument has been split into two arguments.

Upgrading from 5.x to 6.x

In version 5.x, the SocksProxyAgent constructor took a single argument of either (A) a string, or (B) an object with specific connection properties.

Now the constructor takes two separate arguments:

... (truncated)

Commits

• 7cf0b79 Version Packages (#352)
• 5fd2546 Run format check in CI (#355)
• 913a49a Only overwrite servername in tls connect when host is not an IP address (#354)
• 5555794 Version Packages (#311)
• fdeed27 Bump socks and pac-resolver versions to mitigate vulnerability in IP package ...
• 70023c1 Add SOCKS auth tests
• 5908e84 Remove net.isIP() check for TLS servername (#312)
• 010fdc3 Fix e2e (#303)
• 1429c7e Version Packages (#301)
• ada656d [socks-proxy-agent] pass socket_options to SocksClient (#302)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

package.json

Package	Version	License	Issue Type
socks-proxy-agent	^8.0.5	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
npm/socks-proxy-agent	^8.0.5	🟢 3.6	Details Check Score Reason Code-Review 🟢 6 Found 15/23 approved changesets -- score normalized to 6 Maintained ⚠️ 2 2 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 2 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy ⚠️ 0 security policy file not detected License ⚠️ 0 license file not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 3 7 existing vulnerabilities detected

Scanned Files

• package.json

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud