[Snyk] Upgrade leaflet from 1.3.1 to 1.9.4

[emdedeval]

Snyk has created this PR to upgrade leaflet from 1.3.1 to 1.9.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 20 versions ahead of your current version.

• The recommended version was released on a year ago.

Release notes

Package name: leaflet

• 1.9.4 - 2023-05-18
  

  🐞 Bug fixes

  • Fix tile gaps in Chromium-based browsers (#8891 by @ IvanSanchez)
  • Fix vector drifts when zoomAnimation is false and zooming via flyTo or pinch (#8794 by @ plainheart)
  • Ensure toGeoJSON() still works with an empty array (#8737 by @ Falke-Design)
  • Ensure LineUtil and PolyUtil only iterate over array values and not properties (#8840 by @ Falke-Design)
  • Fix rounding errors in center calculation of LineUtil and PolyUtil for small layers (#8784 by @ Falke-Design)
  • Prevent unwanted layer toggle while expanding the Layers control on mobile (#8910 by @ Falke-Design)
  • Fix an error when a focusing on a Tooltip-bound FeatureGroup that contains a layer without a getElement method (#8890 by @ Falke-Design)
  • Fix Tooltip is not showing when loaded dynamically while moving the map (#8672 by @ theGOTOguy)
  • Fix noMoveStart option not applying to fitBounds (#8911 by @ AbdullahSohail-SE)
  • Fix outlines showing up when interacting with the map on Safari 16.4+ (#8917 by @ jonkoops)
• 1.9.3 - 2022-11-18
  

  🙌 Accessibility

  • Expand the layers control on Enter keydown (#8556 by @ larsgw)
  • Align the scale control's alpha transparency with the attribution control (#8547 by @ Malvoz)
  • Allow the scale control's text to overflow the container (#8548 by @ Malvoz)

  🐞 Bug fixes

  • Remove internal usage of L global (#8536 by @ mourner)
  • Fix intermittent wobble when using setMaxBounds(map.getBounds()) (#8534 by @ rjackson)
  • Ensure that latLngsToCoords() does not return references passed to it (#7344 by @ marlo22)
  • Ensure worldCopyJump() behavior is consistent when using a keyboard (#8562 by @ Falke-Design)
  • Ensure correct target is used for the popupopen event (#8571 by @ Belair34)
  • Prevent recursion when panning a Popup (#8520 by @ rjackson)
  • Support CSS position: sticky for map container (#8550 by @ tmiaa)
• 1.9.2 - 2022-10-04
  

  🐞 Bug fixes

  • ⚠️ Drop ESM entrypoint from package because of numerous compatibility issues with plugins (import leaflet/dist/leaflet-src.esm.js explicitly instead to take advantage; ESM by default will come in v2) (#8493 by @ jonkoops)
  • Fix a bug where tooltips could throw an error with canvas renderer (#8498 by @ Falke-Design)
  • Fix a bug with incorrect marker popup location when there are multiple markers registered to the same popup (#8523 by @ raychanks).

  🧪 Tests

  • Fix unit tests suite stopping abruptly on Mac (#8478)

  📝 Docs

  • Fix Bounds equals parameters in docs (#8500 by @ Falke-Design)
• 1.9.1 - 2022-09-23
  
  • Fix Events listens not propagating to parent objects, in particular fixing compatibility with Leaflet.markercluster plugin (#8211 by @ Falke-Design)
• 1.9.0 - 2022-09-22
  

  ⚡ Note on future versions

  The v1.9 release is setting the stage for the first major version bump of Leaflet since 2016! A lot has changed since then, and it's time for Leaflet to grow together with the web platform.

  After this release, we are branching off the 1.x code and putting it in maintenance mode — reserving potential 1.x releases only for critical bugfixes. Although version 2.0 is still far away and will take some time to take shape, we plan to make the following changes:

  • Dropping support for Internet Explorer.
    This has been a long time coming, but now that Internet Explorer is officially end-of-life, it's time to say goodbye. Going forward, Leaflet will move to an evergreen strategy that targets browsers like Firefox, Chrome, Edge and Safari.
  • Embracing modern JavaScript.
    To maintain backwards compatibility, Leaflet is written entirely in ES5, a version of JavaScript supported by legacy browsers. So we have not been able to make use of many great JavaScript features (e.g. standardized classes, instead having to rely on our own implementation). By adopting a more modern version of the ECMAScript standard, we can start working towards aligning Leaflet with what is expected from a modern JavaScript library.
  • Standardized modules.
    When we released Leaflet v1, the landscape in the JavaScript world was very different and full of competing module standards such as CommonJS, AMD and UMD. Today, ECMAScript modules have become the clear way forward to unite the JavaScript ecosystem under one banner. Moving forward, Leaflet will only be distributed in a single standardized module system, greatly reducing complexity of our distributed code.
  • Removing the Leaflet global.
    As a developer using Leaflet, the capital letter L is probably intimately familiar to you. This is the Leaflet global where all of Leaflet's functionality lives. To allow compiler tooling to better eliminate dead-code through a process called tree-shaking, we are removing this global variable. To preserve backwards compatibility with older plugins, we will provide a shim that can be imported manually that will restore this functionality.

  v1.9.0 changelog

  ⚠️ Breaking Changes

  • (This change has been reverted in v1.9.2) Expose ESM entrypoint with Leaflet global (#8329 by @ jonkoops).
  • Update color-adjust to print-color-adjust (#8211 by @ Malvoz)

  ❇️ API changes

  • Add content and latLng options to Popup / Tooltip constructors (#7783 by @ Falke-Design)
  • Extend Bounds to have the same functions as LatLngBounds (#7882 by @ Falke-Design)

  ✨ Improvements

  • Update getCenter() calculation and move it to PolyUtil / LineUtil (#7603 by @ Falke-Design)
  • Remove border styles in overflowing popups (#8260 by @ Malvoz)
  • Fix "listener not found" warning when setting maxBounds (#8168 by @ mourner)
  • Remove "listener not found" warning (#8234 by @ Falke-Design)
  • Extend Events.listens to search for specific function (#8161 by @ Falke-Design)
  • Add noMoveStart option to panTo (#6685 by @ Chivano)
  • Add FeatureCollection handling to geometryToLayer (#8163 by @ Falke-Design)

  🙌 Accessibility

  • Improve Tooltip accessibility (focus and voice over) (#8247 by @ alekzvik)
  • Fix links in accessibility guide (#8198 by @ Malvoz)
  • Remove role="presentation" from image tiles (#8172 by @ Malvoz)

  🐞 Bug fixes

  • Fix invalid GeoJSON on unbalanced arrays (#7637 by @ steff1986)
  • Fix 2 step zooming while using mouse wheel scrolling (#8298 by @ Falke-Design)
  • Fix wrong assigned parameter while calling map._move over requestAnimFrame (#8328 by @ AMDvsTMD)
  • Fix _isClickDisabled to not throw no error if parent is removed from DOM (#8288 by @ Falke-Design)
  • Fix DomEvent.DoubleTap to ignore clicks on <label>s with a for attribute (#8227 by @ IvanSanchez)
  • Fix calling once() twice if same event is fired inside once (#8190 by @ Falke-Design)
  • Fix map.getCenter() returning a mutable object (#8167 by @ mourner)
  • Fix regression about popup close button modifying the URL (#8160 by @ IvanSanchez)
  • Fix min/maxZoom when used in combination with detectRetina (#7328 by @ bozdoz)

  📝 Docs

  • Use preferred tile.openstreetmap.org URL (#8418 by @ Firefishy)
  • Use LocalStorage for dialog sessions (#8382 by @ ChristopherWirtOfficial)
  • Update anchor links for headers and in collapsed accordions (#7780 by @ Falke-Design)
  • Fix typo in reference-1.6.0.html (#8330 by @ eltociear)
  • Add pre-commit linting to CONTRIBUTING.md (#8299 by @ Falke-Design)
  • Ensure no borders on dialog iframe (#8296 by @ Malvoz)
  • Replace Mapbox with OpenStreetMap in tutorials and examples (#7818 by @ Falke-Design)
  • Remove DOCS-TODO.md (#8259 by @ Malvoz)
  • Better PosAnimation example (#7386 by @ stell)
  • Correct heading level in GeoJSON example (#8230 by @ Malvoz)
  • Update Overlay Tutorial (ImageOverlay, VideoOverlay, SVGOverlay) (#8090 by @ KonstantinBiryukov)
  • Change attribute anchor to data-anchor (#8174 by @ KnightJam1)
  • Fix bad markdown causing link to not work (#8156 by @ freyfogle)
  • A couple of site SEO fixes (#8229 by @ Malvoz)
  • Fix attribution flag 1px misalignment on some websites (#8170 by @ mourner)
  • Attribution flag now resizes with font-size changes (#8183 by @ sumitsaurabh927)
  • Add Dialog to website (#8177 by @ Falke-Design and #8193, #8194 by @ Malvoz)

  🔧 Workflow

  • Improve GitHub Workflows security (#8419 by @ sashashura)
  • Update development dependencies
  • Replace deprecated eslint-plugin-script-tags (#8331 by @ jonkoops)
  • Use major version ranges for Github Actions (#8286 by @ jonkoops)
  • Configure YAML issue forms (#8246 by @ Malvoz)
  • Add FUNDING.yml (@ mourner)
  • Add pre-commit hook to fix linting issues (#8212 by @ jonkoops)
  • Remove Dependabot specific labels (#8199 by @ jonkoops)
  • Use shorter bundlemon names (#8195 by @ mourner)
  • Make sure integrity hashes are generated for the built version (@ mourner)

  🧪 Tests

  • Added test cases for map.latLngToLayerPoint method (#8407 by @ kreloaded)
  • Add test for map.panTo (#8390 by @ anurag-dhamala)
  • Add test for map.containerPointToLatLng and map.latLngToContainerPoint (#8384 by @ abhi3315)
  • Add test for Layer._addZoomLimit (#8037 by @ zishiwu123)
  • Add tests for Map (#8206 by @ stephenspol)
  • Add test for CircleMarker._containsPoint (#8340 by @ gernhard1337)
  • Add missing handler tests (#8182 by @ Falke-Design)
  • Cover Rectangle with unit Tests (#8144 by @ stephenspol)

  v1.9.x updates:

  We've since released:

  • v1.9.1 to address compatibility with Leaflet.markercluster plugin.
  • v1.9.2 to fix ESM compatibility issues with other plugins, and fix and issue tooltips & canvas renderer.

  

• 1.8.0 - 2022-04-18
  

  v1.8.0 is a culmination of 1.5 years of development, a huge release focused on bug fixes, major reliability and accessibility improvements, cleaning up legacy code, and numerous improvements to documentation, development workflow and release process. A culmination of hundreds of contributions, and a preparation for bigger changes to come. 🍃

  I'm making this release just as an air raid alert is sounding outside, in Kyiv, warning about an imminent Russian air strike. This release is dedicated to Ukrainian fight for freedom and democracy against the Russian invasion 🇺🇦 (see how you can support Ukraine here).

  From now on, releases will become much more frequent. Thanks to our amazing community for all your help and patience. ❤️🙏 Special thanks to @ johnd0e who revived Leaflet development after long stagnation and made the biggest contributions, @ Falke-Design for doing the bulk of the work organizing development and preparing the release, @ Malvoz for his numerous accessibility contributions, and @ jonkoops for help with workflow automations. ❤️

  ⚠️ Breaking Changes

  • Improve reliability of contextmenu event simulation on mobile Safari by introducing a new TapHold handler, replacing legacy Tap (#7026 by @ johnd0e)
  • Reorganize DivOverlay/Popup/Tooltip APIs (#7540 by @ johnd0e)
    • Move Popup related options from DivOverlay to Popup (#7778 by @ Falke-Design)
    • Change Tooltip class from leaflet-clickable to leaflet-interactive (#7719 by @ Falke-Design)
    • Map.closeTooltip now requires a layer as argument (#7533 by @ johnd0e)
  • Improve error / argument handling for event listeners (#7518 by @ johnd0e)
  • Improve reliability of touch events simulation on non-touch devices (DomEvent.Pointer) (#7059, #7084, #7415 by @ johnd0e)
  • Improve reliability of dblclick event simulation on touch devices (DomEvent.DoubleTap) (#7027 by @ johnd0e)
  • Improve reliability of disableClickPropagation (#7439 by @ johnd0e)
  • Improve Map hasLayer() and LayerGroup hasLayer() to require a layer as argument (#6999 by @ johnd0e)
  • Fix Class.include to not overwrite options (#7756 by @ johnd0e)
  • Fix Class.extend to not modify source props object (#6766 by @ johnd0e)
  • Improve Browser.touch touch devices detection (#7029 by @ johnd0e)
  • Get rid of legacy Android hacks (#7022 by @ johnd0e)
  • Allow fonts to respect users' browser settings by making the font-size relative to the map container. (You can change the font size on leaflet-container to adjust it if needed.) (#7800 by @ Chandu-4444)

  ❇️ API changes

  • Make DivOverlay / Tooltip interactive (#7531, #7532 by @ johnd0e)
  • Add openOn, close, toggle functions to DivOverlay (#6639 by @ johnd0e)
  • Introduce DomEvent.off(el) to remove all listeners (#7125 by @ johnd0e)
  • Allow preventing round-off errors by passing false to Util.formatNum / toGeoJSON (#7100 by @ johnd0e)
  • Add autoPanOnFocus to Marker (#8042 by @ IvanSanchez)
  • Add referrerPolicy to TileLayer (#7945 by @ natevw)
  • Add playsInline to VideoOverlay (#7928 by @ Falke-Design)
  • Add getCenter to ImageOverlay (#7848 by @ Falke-Design)
  • Fire a tileabort event when a TileLayer load is cancelled (#6786 by @ dstndstn)
  • Add crossOrigin to Icon (#7298 by @ syedmuhammadabid)

  ✨ Improvements

  • Improve memory footprint by removing will-change CSS property on tile images (#7872 by @ janjaap)
  • Improve reliability of icons path detection heuristics (#7092 by @ johnd0e)
  • Improve performance of adding tiled sources by avoiding excessive updates in GridLayer.onAdd (#7570 by @ johnd0e)
  • Improve handling of edge cases in panInside (#7469 by @ daverayment)
  • Minify marker icon SVG (#7600 by @ rala72)
  • Allow template keys with spaces in TileLayer URL (#7216 by @ lubojr)
  • Improve behavior of Tooltip bound to ImageOverlay (#7306 by @ IvanSanchez)
  • Remove the gap between Popup tip and content dialog (#7920 by @ Malvoz)
  • Fire mousemove through Canvas to map if it has no layers (#7809 by @ johnd0e)
  • Add print styles to prevent printers from removing background-images in controls (#7851 by @ Malvoz)
  • Move attribution code from Layer to Control.Attribution (#7764 by @ johnd0e)
  • Refactor vmlCreate() so that it does not expose closure to TypeError (#7279 by @ darcyparker)
  • Improve reliability of Control.Layers by not relying on Browser android and touch properties (#7057 by @ johnd0e)
  • Improve reliability of Tooltip by not relying on Browser touch checks (