build(deps): bump nodemailer and loopback

[dependabot]

Bumps nodemailer to 6.9.1 and updates ancestor dependency loopback. These dependencies need to be updated together.

Updates nodemailer from 2.7.2 to 6.9.1

Changelog

Sourced from nodemailer's changelog.

6.9.1 2023-01-27

• Fix base64 encoding for emoji bytes in encoded words

6.9.0 2023-01-12

• Do not throw if failed to resolve IPv4 addresses
• Include EHLO extensions in the send response
• fix sendMail function: callback should be optional

6.8.0 2022-09-28

• Add DNS timeout (huksley)
• add dns.REFUSED (lucagianfelici)

6.7.8 2022-08-11

• Allow to use multiple Reply-To addresses

6.7.7 2022-07-06

• Resolver fixes

6.7.5 2022-05-04

• No changes, pushing a new README to npmjs.org

6.7.4 2022-04-29

• Ensure compatibility with Node 18
• Replaced Travis with Github Actions

6.7.3 2022-03-21

• Typo fixes
• Added stale issue automation fir Github
• Add Infomaniak config to well known service (popod)
• Update Outlook/Hotmail host in well known services (popod)
• fix: DSN recipient gets ignored (KornKalle)

6.7.2 2021-11-26

• Fix proxies for account verification

6.7.1 2021-11-15

• fix verify on ses-transport (stanofsky)

6.7.0 2021-10-11

... (truncated)

Commits

• e3cc93a v6.9.1
• 01840df Updated examples
• 072e1aa fixed tests
• 2463203 v6.9.0
• 8a2acdd fix sendMail function: callback should be optional (#1490)
• b5ab28e Updated README
• 0a22b61 v6.8.0
• e091992 Add DNS timeout (#1468)
• 0a52eeb #1459 Add a failing test for attachments with null content (#1466)
• 6f40536 add dns.REFUSED (#1458)
• Additional commits viewable in compare view

Updates loopback from 2.42.0 to 3.28.0

Release notes

Sourced from loopback's releases.

3.0 GA

No release notes provided.

3.0.0 Release Candidate

This is the first Release Candidate release of the upcoming major version 3.0.

See Release Notes and Migration Guide for more details.

List of notable changes made between 2.x and 3.0 in this repository follows below.

loopback-datasource-juggler was moved from peerDependencies to dependencies

Originally, we (ab)used peer dependencies to ensure there is only one instance of loopback-datasource-juggler in the dependency tree, so that there is only one singleton instance of model registry. This was very fragile and might not have worked in certain edge cases.

We have reworked loopback-datasource-juggler and connectors to not rely on a single juggler instance anymore. As the last step, juggler became a regular dependency.

strongloop/loopback#275

When upgrading application from previous loopback versions, simply remove loopback-datasource-juggler from your dependencies.

always use bluebird as promise library

In version 3.0, we always use bluebird as our promise library instead of global.Promise. We consider Bluebird API as part of LoopBack API from now on, you are welcome to use any Bluebird-specific methods in your applications.

If you are using LoopBack with a custom promise implementation provided via global.Promise, you will have to check all places where you are using non-standard promise API and update them to use Bluebird API instead.

Please see related code changes.

new method of defining remoting metadata

In 2.0, remote methods were defined as:

methods: {
  staticMethod: {
    isStatic: true,
    http: { path: '/static' }
  },
</tr></table> 

... (truncated)

Changelog

Sourced from loopback's changelog.

2020-11-25, Version 3.28.0

• upgrade nodemailer to greater than 6.4.16 (jannyHou)

• chore: sync LoopBack 4 with Node.js v14 EOL (Rifa Achrinza)

• chore: add Node.js 14 to travis (Diana Lau)

• Remove "major" and "p1" from stalebot (Miroslav Bajtoš)

2020-03-06, Version 3.27.0

• Update LTS status in README (Miroslav Bajtoš)

• chore: update copyright year (Diana Lau)

• feat: change hasone relation error message (Sujesh T)

• chore: disable security issue reporting (Nora)

• chore: fix eslint violations (Nora)

• fixup! manual fixes (Miroslav Bajtoš)

• fixup! eslint --fix . (Miroslav Bajtoš)

• chore: update eslint & eslint-config to latest (Miroslav Bajtoš)

• chore: update dev-dependencies (Miroslav Bajtoš)

• chore: update chai to v4, dirty-chai to v2 (Miroslav Bajtoš)

• Updated "ismail" package to v3.2 (Stanislav Sarbinski)

• Introduce issue templates for bugs, features, etc. (Miroslav Bajtoš)

• Improve PULL_REQUEST_TEMPLATE (Miroslav Bajtoš)

• test: use Chromium (not Chrome) when available (Miroslav Bajtoš)

• test: disable Chrome sandboxing when inside Docker (Miroslav Bajtoš)

• test: switch from PhantomJS to HeadlessChrome (Miroslav Bajtoš)

2019-05-31, Version 3.26.0

... (truncated)

Commits

• a22d4f9 3.28.0
• 223dd5d Merge pull request #4338 from achrinzafork/chore/update-module-lts-node14
• fbd9783 Merge pull request #4340 from strongloop/upgrade-nodemailer
• 6f04b61 upgrade nodemailer to greater than 6.4.16
• ab3e159 chore: sync LoopBack 4 with Node.js v14 EOL
• 5b61efb Merge pull request #4334 from strongloop/travis
• e457e26 chore: add Node.js 14 to travis
• ab2e462 Merge pull request #4318 from strongloop/bajtos-patch-1
• f2f7332 Remove "major" and "p1" from stalebot
• 06fcaa1 3.27.0
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jannyhou2016, a new releaser for loopback since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[codecov]

Codecov Report

Merging #63 (f889870) into master (358ae36) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master      #63   +/-   ##
=======================================
  Coverage   79.80%   79.80%           
=======================================
  Files          10       10           
  Lines         104      104           
=======================================
  Hits           83       83           
  Misses         21       21