chore(deps): update dependency superagent to v4 (master)

[mend-for-github-com]

This PR contains the following updates:

Package	Type	Update	Change
superagent	dependencies	major	^3.0.0 -> ^4.0.0

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity	CVSS Score	CVE	Reachability
Medium	5.3	CVE-2022-25901

---

Release Notes

ladjs/superagent (superagent)

v4.0.0

Compare Source

Breaking changes

• Node.js v4 has reached it's end of life, so we no longer support it. It's v6+ or later. We recommend Node.js 10.
• We now use ES6 in the browser code, too.
  • If you're using Browserify or Webpack to package code for Internet Explorer, you will also have to use Babel.
  • The pre-built node_modules/superagent.js is still ES5-compatible.
• .end(…) returns undefined instead of the request. If you need the request object after calling .end() (and you probably don't), save it in a variable and call request.end(…). Consider not using .end() at all, and migrating to promises by calling .then() instead.
• In Node, responses with unknown MIME type are buffered by default. To get old behavior, if you use custom unbuffered parsers, add .buffer(false) to requests or set superagent.buffer[yourMimeType] = false.
• Invalid uses of .pipe() throw.

Minor changes

• Throw if req.abort().end() is called
• Throw if using unsupported mix of send and field
• Reject .end() promise on all error events (Kornel Lesiński)
• Set https.servername from the Host header (Kornel Lesiński)
• Leave backticks unencoded in query strings where possible (Ethan Resnick)
• Update node-mime to 2.x (Alexey Kucherenko)
• Allow default buffer settings based on response-type (shrey)
• response.buffered is more accurate.

v3.8.3

Compare Source

• Add flags for 201 & 422 responses (Nikhil Fadnis)
• Emit progress event while uploading Node Buffer via send method (Sergey Akhalkov)
• Fixed setting correct cookies for redirects (Damien Clark)
• Replace .catch with ['catch'] for IE9 Support (Miguel Stevens)

v3.8.2

Compare Source

• Fixed handling of exceptions thrown from callbacks
• Stricter matching of +json MIME types.

v3.8.1

Compare Source

• Clear authorization header on cross-domain redirect

v3.8.0

Compare Source

• Added support for "globally" defined headers and event handlers via superagent.agent(). It now remembers default settings for all its requests.
• Added optional callback to .retry() (Alexander Murphy)
• Unified auth args handling in node/browser (Edmundo Alvarez)
• Fixed error handling in zlib pipes (Kornel)
• Documented that 3xx status codes are errors (Mickey Reiss)

v3.7.0

Compare Source

• Limit maximum response size. Prevents zip bombs (Kornel)
• Catch and pass along errors in .ok() callback (Jeremy Ruppel)
• Fixed parsing of XHR headers without a newline (nsf)

v3.6.3

Compare Source

v3.6.2

Compare Source

• Upgrade MIME type dependency to a newer, secure version
• Recognize PDF MIME as binary
• Fix for error in subsequent require() calls (Steven de Salas)

v3.6.1

Compare Source

v3.6.0

Compare Source

• Support disabling TCP_NODELAY option (#​1240) (xiamengyu)
• Send payload in query string for GET and HEAD shorthand API (Peter Lyons)
• Support passphrase with pfx certificate (Paul Westerdale (ABRS Limited))
• Documentation improvements (Peter Lyons)
• Fixed duplicated query string params (#​1200) (Kornel)

v3.5.2

Compare Source

v3.5.1

Compare Source

• Allow crossDomain errors to be retried (#​1194) (Michael Olson)
• Read responseType property from the correct object (Julien Dupouy)
• Check for ownProperty before adding header (Lucas Vieira)

v3.5.0

Compare Source

• Add errno to distinguish between request timeout and body download timeout (#​1184) (Kornel Lesiński)
• Warn about bogus timeout options (#​1185) (Kornel Lesiński)

v3.4.4

Compare Source

• Treat videos like images (Kornel Lesiński)
• Avoid renaming module (Kornel Lesiński)

v3.4.3

Compare Source

• Fixed being able to define own parsers when their mime type starts with text/ (Damien Clark)
• withCredentials(false) (Andy Woods)
• Use formData.on instead of .once (Kornel Lesiński)
• Ignore attach("file",null) (Kornel Lesiński)

v3.4.2

Compare Source

v3.4.1

Compare Source

• Allow retry() and retry(0) (Alexander Pope)
• Allow optional body/data in DELETE requests (Alpha Shuro)
• Fixed query string on retried requests (Kornel Lesiński)

v3.4.0

Compare Source

• New .retry(n) method and err.retries (Alexander Pope)
• Docs for HTTPS request (Jun Wan Goh)

v3.3.2

Compare Source

v3.3.1

Compare Source

• Fixed "double callback bug" warning on timeouts of gzipped responses

v3.3.0

Compare Source

• Added .ok(callback) that allows customizing which responses are errors (Kornel Lesiński)
• Added .responseType() to Node version (Kornel Lesiński)
• Added .parse() to browser version (jakepearson)
• Fixed parse error when using responseType('blob') (Kornel Lesiński)

v3.2.1

Compare Source

v3.2.0

Compare Source

• Added .timeout({response:ms}), which allows limiting maximum response time independently from total download time (Kornel Lesiński)
• Added warnings when .end() is called more than once (Kornel Lesiński)
• Added response.links to browser version (Lukas Eipert)
• btoa is no longer required in IE9 (Kornel Lesiński)
• Fixed .sortQuery() on URLs without query strings (Kornel Lesiński)
• Refactored common response code into ResponseBase (Lukas Eipert)

v3.1.0

Compare Source

• Added .sortQuery() (vicanso)
• Added support for arrays and bools in .field() (Kornel Lesiński)
• Made superagent.Request subclassable without need to patch all static methods (Kornel Lesiński)

---

• If you want to rebase/retry this PR, check this box