chore(deps): bump hexo from 4.2.1 to 5.3.0

[dependabot-preview]

Bumps hexo from 4.2.1 to 5.3.0.

Release notes

Sourced from hexo's releases.

v5.3.0

New features

• expose escape_html helper method for string manipulation to templates @awwong1 #4581
• list_tags: span element & custom class for label @noraj #4578

Fixes

• fix(load_plugins): ignore plugin whose name is started with "hexo-theme" @stevenjoezhang #4592
• fix(codeblock): closing code fence may be followed only by spaces @stevenjoezhang #4574

Refactor

• Replace process.mainModule with require.main @stevenjoezhang #4583

Docs

• docs(badge): replace david-dm with more reliable shields.io @curbengh #4538

5.2.0

Changes

• perf(external_link): faster regexp @SukkaW #4536
  • prioritise http(s):// over //
• feat: support 'disableNunjucks' in front-matter @curbengh #4518
  • Enable this option to disable tag plugin
  • Setting this option in front-matter will override the same option set by the renderer (e.g. hexo-renderer-marked)

  ---
  title: foo
  date: 2020-01-02 03:04:05
  disableNunjucks: true|false
  ---

• fix: avoid escaping front-matter if unnecessary @curbengh #4522
  • using variable (e.g. {{ title }}) with special characters no longer result in double-quote wrap
• fix: validate value of config.url @curbengh #4520
  • config.url should starts with "http://" or "https://"
• fix(router): convert string to buffer in route stream @ppoffice #4517
  • fix crash in hexo generate --bail
• fix(disableNunjucks): query both async and sync versions of renderer @curbengh #4498
  • disableNunjucks option should now works reliably with synchronous renderer
• feat(load_plugin): ignore pkg name endswith theme name @SukkaW #4497
  • An initial effort to support scoped package

Housekeeping

• chore/ci: move benchmark & profiling to Actions @SukkaW #4525 #4514 #4335
  • Travis is now completely replaced by Actions (in this repo)
• chore: use example.com for example domain @YoshinoriN #4512

Commits

• 2f6a822 release: 5.3.0 (#4575)
• a780691 fix(load_plugins): prevent hexo-theme being loaded as plugin (#4592)
• 35ca7bb refactor: replace process.mainModule with require.main (#4583)
• 8993328 feat(helper): add escape_html (#4581)
• bd0a4ec feat(list_tags): span element & custom class for label (#4578)
• 6b2a082 fix(codeblock): closing code fence may be followed only by spaces (#4574)
• 557487a Merge pull request #4538 from curbengh/dep-badge
• 2ae9e73 docs(badge): replace david-dm with more reliable shields.io
• 223a046 Merge pull request #4537 from curbengh/v5.2.0
• 638df7a release: 5.2.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[dependabot-preview]

Superseded by #44.