[Security] Bump https-proxy-agent from 1.0.0 to 2.2.2

[dependabot-preview]

Bumps https-proxy-agent from 1.0.0 to 2.2.2. This update includes security fixes.

Vulnerabilities fixed

Sourced from The GitHub Security Advisory Database.

High severity vulnerability that affects https-proxy-agent
https-proxy-agent passes unsanitized options to Buffer(arg) resulting in DoS and uninitialized memory leak.

Affected versions: < 2.2.0

Sourced from The Node Security Working Group.

Denial of Service
https-proxy-agent passes unsanitized options to Buffer(arg), resulting in DoS and uninitialized memory leak

Affected versions: <=2.1.1

Release notes

Sourced from https-proxy-agent's releases.

2.2.2

Patches

• Remove package-lock.json: c881009b9873707f5c4a0e9c277dde588e1139c7
• Ignore test directory, History.md and .travis.yml when creating npm package. Fixes #42: #45
• Update agent-base to v4.2: #50
• Add TypeScript type definitions: #66
• Feat(typescript): Allow input to be options or string: #68
• Update agent-base to v4.3: #69

Credits

Huge thanks to @​marco-c, @​tareqhs, @​ianhowe76, and @​BYK for helping!

2.2.1

Patches

• Add defaultPort field: #43

Credits

Huge thanks to @​jan-auer for helping!

2.2.0

Minor Changes

• Use Buffer.from(): 1c24219df87524e6ed973127e81f30801d658f07
• Add "engines" to package.json: a27792225b652c5483247c96654d40bda27873d0

Changelog

Sourced from https-proxy-agent's changelog.

2.2.0 / 2018-03-03

• Add "engines" to package.json - requires Node.js >= 4.5.0
• Use Buffer.from()

2.1.1 / 2017-11-28

• Update debug - Security Problems with Previous Version (#38)

2.1.0 / 2017-08-08

• only include the port number in the Host header when non-default port (#22)
• set ALPN to "http 1.1" by default when using tlsproxy (#25)
• only set ALPNProtocols when the property does not already exist
• support SNI (#14)

2.0.0 / 2017-06-26

• rename https-proxy-agent.js to index.js
• update dependencies and remove semver-specific test case
• update agent-base to v4
• remove extend dependency
• ⬆️ update minimum version of debug dependency
• opts/options
• drop Node versions < v4 from Travis-CI
• test Node.js 5, 6, 7 and 8 on Travis-CI
• README: remove outdated secureEndpoint reference
• README: remove secureEndpoint docs, add headers
• https-proxy-agent: add support for proxy "headers"

Commits

• e145714 2.2.2
• 4a7ea92 Update agent-base to v4.3 (#69)
• 13917f6 feat(typescript): Allow input to be options or string (#68)
• c5c4ffc Add TypeScript type definitions (#66)
• 11bc347 Update agent-base to v4.2 (#50)
• 056c843 Ignore test directory, History.md and .travis.yml when creating npm package. ...
• c881009 Remove package-lock.json
• 8c3a75b 2.2.1
• 84a1210 Add defaultPort field (#43)
• b9d5b7e 2.2.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

If all status checks pass Dependabot will automatically merge this pull request.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it). To ignore the version in this PR you can just close it
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

---

⚠️ Dependabot won't automerge this PR as it didn't detect CI on it ⚠️

You have automerging enabled for this repo but Dependabot didn't detect any CI statuses or checks. You can disable automerging on this repo from here.