Update dependency bcrypt to v5 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
bcrypt	3.0.6 -> 5.0.0

GitHub Vulnerability Alerts

CVE-2020-7689

In bcrypt (npm package) before version 5.0.0, data is truncated wrong when its length is greater than 255 bytes.

---

Release Notes

kelektiv/node.bcrypt.js

v5.0.0

Compare Source

• Fix the bcrypt "wrap-around" bug. It affects passwords with lengths >= 255.
  It is uncommon but it's a bug nevertheless. Previous attempts to fix the bug
  was unsuccessful.
  • Experimental support for z/OS
  • Fix a bug related to NUL in password input
  • Update node-pre-gyp to 0.15.0

v4.0.1

Compare Source

• Fix compilation errors in Alpine linux

v4.0.0

Compare Source

• Switch to NAPI bcrypt
  • Drop support for NodeJS 8

v3.0.8

Compare Source

• Update node-pre-gyp to 0.14
  • Pre-built binaries for NodeJS 13

v3.0.7

Compare Source

• Update nan to 2.14.0
  • Update node-pre-gyp to 0.13

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.