universalviewer Bump follow-redirects from 1.15.2 to 1.15.6

Bumps follow-redirects from 1.15.2 to 1.15.6.

Commits

35a517c Release version 1.15.6 of the npm package.
c4f847f Drop Proxy-Authorization across hosts.
8526b4a Use GitHub for disclosure.
b1677ce Release version 1.15.5 of the npm package.
d8914f7 Preserve fragment in responseUrl.
6585820 Release version 1.15.4 of the npm package.
7a6567e Disallow bracketed hostnames.
05629af Prefer native URL instead of deprecated url.parse.
1cba8e8 Prefer native URL instead of legacy url.resolve.
72bc2a4 Simplify _processResponse error handling.
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Mar 16 '24 04:03 dependabot[bot]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
universalviewer	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Mar 16, 2024 4:26am

Mar 16 '24 04:03 vercel[bot]

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders
Open Preview

Mar 16 '24 04:03 codesandbox[bot]

This pull request is automatically built and testable in CodeSandbox.

To see build info of the built libraries, click here or the icon next to each commit SHA.

Mar 16 '24 04:03 codesandbox-ci[bot]

This is a very minor update to an indirect dependency, and as far as I can tell, the code behaves the same in this branch as in the dev branch. It's probably safe to merge, but before we merge it, a few questions are raised:

1.) This PR targets main. Should it instead be targeting dev? This further emphasizes the need for us to formalize and document our Git workflows.

2.) If I try to load a manifest that redirects (e.g. http://digital.library.villanova.edu/Item/vudl:60609/Manifest instead of https://digital.library.villanova.edu/Item/vudl:60609/Manifest), it does not work. This problem is present in the dev branch as well as here, so it doesn't seem to be directly related to this specific dependency update. Is this behavior expected?

Mar 18 '24 15:03 demiankatz

@dependabot rebase

Apr 25 '24 11:04 jamesmisson

Looks like follow-redirects is up-to-date now, so this is no longer needed.

Apr 25 '24 11:04 dependabot[bot]