Bump the npm_and_yarn group across 2 directories with 6 updates

[dependabot]

Bumps the npm_and_yarn group with 6 updates in the / directory:

Package	From	To
@azure/identity	4.0.1	4.2.1
ejs	3.1.9	3.1.10
ip	2.0.0	removed
socks	2.7.1	2.8.3
tar	6.2.0	6.2.1
@oclif/plugin-plugins	4.2.4	5.2.4

Bumps the npm_and_yarn group with 1 update in the /legacy_azgo_files directory: @azure/identity.

Updates @azure/identity from 4.0.1 to 4.2.1

Commits

• 183d301 Upgrade to a version ESRP Release that supports federated auth (#29612)
• 9a2afdf [identity] Prep for release (#29981)
• 3caf203 [identity] Prepare identity for May release (#29441)
• 0a69729 [core] CHANGELOG date for @​azure-rest/core-client release (#29440)
• 88d244a Sync eng/common directory with azure-sdk-tools for PR 8158 (#29423)
• 7706373 [template-dpg] Suppress build failure (#29437)
• 769c1b1 [EngSys] Update name of @​azure-tools/test-utils NO_CI
• 8cd5bc2 [core] New multipart/form-data primitive in core-client-rest (#29047)
• 73b9faa [identity] Add changelog entry for MSALClient migration (#29419)
• b8e63a5 Post release automated changes for notificationhubs releases (#29431)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by microsoft1es, a new releaser for @​azure/identity since your current version.

Updates ejs from 3.1.9 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

Commits

• d3f807d Version 3.1.10
• 9ee26dd Mocha TDD
• e469741 Basic pollution protection
• 715e950 Merge pull request #756 from Jeffrey-mu/main
• cabe314 Include advanced usage examples
• 29b076c Added header
• 11503c7 Merge branch 'main' of github.com:mde/ejs into main
• 7690404 Added security banner to README
• f47d7ae Update SECURITY.md
• 828cea1 Update SECURITY.md
• Additional commits viewable in compare view

Removes ip

Updates socks from 2.7.1 to 2.8.3

Release notes

Sourced from socks's releases.

2.8.3

No release notes provided.

2.8.2

No release notes provided.

2.8.1

Fixes issue with lock file in 2.7.3 and 2.8.0

2.7.3

Removed ip package dependency.

Commits

• a2a06d9 2.8.3
• 992b002 Fix bug with ipv6 conversion in ipToBuffer (#101)
• 99633ae v280 (#98)
• 89d8c07 Fix package lock for 2.7.x (#97)
• 66b7f73 remove ip package (#94)
• See full diff in compare view

Updates tar from 6.2.0 to 6.2.1

Commits

• bef7b1e 6.2.1
• fe8cd57 prevent extraction in excessively deep subfolders
• fe7ebfd remove security.md
• See full diff in compare view

Updates @oclif/plugin-plugins from 4.2.4 to 5.2.4

Release notes

Sourced from @​oclif/plugin-plugins's releases.

5.2.4

Bug Fixes

• deps: bump npm from 10.8.0 to 10.8.1 (#889) (cc916da)

5.2.3

Bug Fixes

• dont use config.dataDir in description (#887) (1cae7b5)

5.2.2

Bug Fixes

• core v4 (bd761e3)

5.2.1

Bug Fixes

• deps: bump @​oclif/core from 4.0.0-beta.11 to 4.0.0-beta.13 (#885) (827ce49)

5.2.0

5.1.3-dev.0 (2024-05-24)

Bug Fixes

• use ansis instead of chalk (61aad8b)

Features

• use core v4 (4d3852e)

5.1.3

Bug Fixes

• remove config from json response (#878) (0305a8c)

5.1.3-qa.0

Bug Fixes

• remove config from json response (5cf8d76)

5.1.3-dev.0

Bug Fixes

• use ansis instead of chalk (61aad8b)

Features

... (truncated)

Changelog

Sourced from @​oclif/plugin-plugins's changelog.

5.2.4 (2024-06-09)

Bug Fixes

• deps: bump npm from 10.8.0 to 10.8.1 (#889) (cc916da)

5.2.3 (2024-06-05)

Bug Fixes

• dont use config.dataDir in description (#887) (1cae7b5)

5.2.2 (2024-06-04)

Bug Fixes

• core v4 (bd761e3)

5.2.1 (2024-06-01)

Bug Fixes

• deps: bump @​oclif/core from 4.0.0-beta.11 to 4.0.0-beta.13 (#885) (827ce49)

5.2.0 (2024-05-31)

5.1.3 (2024-05-24)

Bug Fixes

• remove config from json response (#878) (0305a8c)

5.1.3-dev.0 (2024-05-24)

Bug Fixes

• use ansis instead of chalk (61aad8b)

Features

• use core v4 (4d3852e)

5.1.3 (2024-05-24)

Bug Fixes

• remove config from json response (#878) (0305a8c)

5.1.2 (2024-05-18)

... (truncated)

Commits

• cfb22b0 chore(release): 5.2.4 [skip ci]
• cc916da fix(deps): bump npm from 10.8.0 to 10.8.1 (#889)
• 32a0039 chore(dev-deps): bump @​oclif/test from 4.0.2 to 4.0.3 (#890)
• db984ee chore(dev-deps): bump prettier from 3.2.5 to 3.3.1 (#891)
• 7bc4905 chore(dev-deps): bump oclif from 4.12.0 to 4.13.1 (#892)
• 08f9b0f chore(dev-deps): bump @​oclif/plugin-help from 6.1.0 to 6.2.0 (#893)
• 0ca59ff chore(release): 5.2.3 [skip ci]
• 1cae7b5 fix: dont use config.dataDir in description (#887)
• 66d04c4 chore(release): 5.2.2 [skip ci]
• bd761e3 fix: core v4
• Additional commits viewable in compare view

Updates @azure/identity from 2.0.5 to 4.2.1

Commits

• 183d301 Upgrade to a version ESRP Release that supports federated auth (#29612)
• 9a2afdf [identity] Prep for release (#29981)
• 3caf203 [identity] Prepare identity for May release (#29441)
• 0a69729 [core] CHANGELOG date for @​azure-rest/core-client release (#29440)
• 88d244a Sync eng/common directory with azure-sdk-tools for PR 8158 (#29423)
• 7706373 [template-dpg] Suppress build failure (#29437)
• 769c1b1 [EngSys] Update name of @​azure-tools/test-utils NO_CI
• 8cd5bc2 [core] New multipart/form-data primitive in core-client-rest (#29047)
• 73b9faa [identity] Add changelog entry for MSALClient migration (#29419)
• b8e63a5 Post release automated changes for notificationhubs releases (#29431)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by microsoft1es, a new releaser for @​azure/identity since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[dependabot]

Superseded by #413.