Bump got and @wordpress/env

[dependabot]

Bumps got to 11.8.5 and updates ancestor dependency @wordpress/env. These dependencies need to be updated together.

Updates got from 10.7.0 to 11.8.5

Release notes

Sourced from got's releases.

v11.8.5

• Backport security fix sindresorhus/got@861ccd9
  • CVE-2022-33987

sindresorhus/got@v11.8.4...v11.8.5

v11.8.3

• Bump cacheable-request dependency (#1921) 9463bb6
• Fix HTTPError missing .code property (#1739) 0e167b8

sindresorhus/got@v11.8.2...v11.8.3

v11.8.2

• Make the dnsCache option lazy (#1529) 3bd245f This slightly improves Got startup performance and fixes an issue with Jest.

sindresorhus/got@v11.8.1...v11.8.2

v11.8.1

• Do not throw on custom stack traces (#1491) 4c815c3a609eb74d0eb139414d9996b4f65dc3c0

v11.8.0

• Fix for sending files with size 0 on stat (#1488) 7acd380
• beforeRetry allows stream body if different from original (#1501) 3dd2273
• Set default value for an options object (#1495) 390b145

sindresorhus/got@v11.7.0...v11.8.0

v11.7.0

Improvements

• Add pfx HTTPS option (#1364) c33df7f
• Update body after beforeRequest (#1453) e1c1844
• Don't allocate buffer twice (#1403) 7bc69d9

Fixes

• Fix a regression where body was sent after redirect 88b32ea
• Fix destructure error on promise.json() c97ce7c
• Do not ignore userinfo on a redirect to the same origin 52de13b

sindresorhus/got@v11.6.2...v11.7.0

v11.6.2

Bug fixes

• Inherit the prefixUrl option from parent if it's undefined (#1448) a3da70a78aeb7f44dd3e0d0fa47cebe9541eb91e
• Prepare a fix for hanging promise on Node.js 14.10.x 29d4e325b110ccf7571d4265d40760be4175f7ff
• Prepare for Node.js 15.0.0 c126ff19c4e893975cbf6c2c8bebce6ed7631276

... (truncated)

Commits

• 5e17bb7 11.8.5
• bce8ce7 Backport 861ccd9ac2237df762a9e2beed7edd88c60782dc
• 8ced192 Fix build
• 670eb04 11.8.4
• 20f29fe Backport #1543: Initialize globalResponse in case of ignored HTTPError (#2017)
• 0da732f 11.8.3
• 9463bb6 Bump cacheable-request dependency (#1921)
• 0e167b8 HTTPError code set to 'HTTPError' #1711 (#1739)
• f896aa5 11.8.2
• 3bd245f Instantiate CacheableLookup only when needed (#1529)
• Additional commits viewable in compare view

Updates @wordpress/env from 4.2.1 to 5.4.0

Changelog

Sourced from @​wordpress/env's changelog.

5.4.0 (2022-10-05)

5.3.0 (2022-09-21)

5.2.0 (2022-08-16)

Enhancement

• Query parameters can now be used in .zip source URLs.

5.1.1 (2022-08-16)

Bug Fix

• Fix a crash when "core" was set to null in a .wp-env.json file. We now use the latest stable WordPress version in that case. This also restores the previous behavior of "core": null in .wp-env.override.json, which was to use the latest stable WordPress version.

5.1.0 (2022-08-10)

Enhancement

• Previously, wp-env used the WordPress version provided by Docker in the WordPress image for installations which don't specify a WordPress version. Now, wp-env will find the latest stable version on WordPress.org and check out the https://github.com/WordPress/WordPress repository at the tag matching that version. In most cases, this will match what Docker provides. The benefit is that wp-env (and WordPress.org) now controls the default WordPress version rather than Docker.

Bug Fix

• Downloading a default WordPress version also resolves a bug where the wrong WordPress test files were used if no core source was specified in wp-env.json. The current trunk test files were downloaded rather than the stable version. Now, the test files will match the default stable version.

5.0.0 (2022-07-27)

Breaking Changes

• Removed the WP_PHPUNIT__TESTS_CONFIG environment variable from the phpunit container. This removes automatic support for the wp-phpunit/wp-phpunit Composer package. To continue using the package, set the following two environment variables in your phpunit.xml file or similar: WP_TESTS_DIR="" and WP_PHPUNIT__TESTS_CONFIG="/wordpress-phpunit/wp-tests-config.php".
• Removed the generated /var/www/html/phpunit-wp-config.php file from the environment.

Enhancement

• Read WordPress' version and include the corresponding PHPUnit test files in the environment.
• Set the WP_TESTS_DIR environment variable in all containers to point at the PHPUnit test files.

Bug Fix

• Restrict WP_TESTS_DOMAIN constant to just hostname rather than an entire URL (e.g. it now excludes scheme, port, etc.) (#41039).

4.8.0 (2022-06-01)

Enhancement

• Removed the need for quotation marks when passing options to wp-env run.
• Setting a config key to null will prevent adding the constant to wp-config.php even if a default value is defined by wp-env.

4.7.0 (2022-05-18)

Enhancement

• Added SSH protocol support for git sources

4.2.0 (2022-01-27)

Enhancement

• Added command wp-env install-path to list the directory used for the environment.

... (truncated)

Commits

• 8d42d2f chore(release): publish
• 934c2fa Update changelog files
• 23e1362 chore(release): publish
• ea6a9c0 Update changelog files
• e4603f9 chore(release): publish
• c6b341e Update changelog files
• 4ad9fa8 Update wp-env changelog
• dd2572f wp-env: Allow .zip source URLs with query parameters (#43200)
• 002058d chore(release): publish
• 0c6dd48 Update changelog files
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by gutenbergplugin, a new releaser for @​wordpress/env since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

[peterwilsoncc]

@dependabot rebase

[dependabot]

Looks like this PR is already up-to-date with develop! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[peterwilsoncc]

@dependabot recreate

[peterwilsoncc]

Testing notes:

• Checkout new branch, npm ci
• Start local environment, npm run env:start
• Manually confirmed ads.txt file works
• Ran cypress test suite (needed to change base URL to WP_SITEURL as it was incorrect. Unreleated to this upgrade.

Everything appears to run as expected.

[peterwilsoncc]

@dkotter Assigning to you for merge in admin mode pending the fix to the cypress tests.