chore(deps-dev): bump oidc-provider from 6.31.0 to 7.5.4

[dependabot-preview]

Bumps oidc-provider from 6.31.0 to 7.5.4.

Release notes

Sourced from oidc-provider's releases.

v7.5.4

Bug Fixes

• add missing x-ua-compatible to form_post and dag input (f773669), closes #1052

v7.5.3

Bug Fixes

• memory adapter grant references for intended models (2fe4dc8)

v7.5.2

Bug Fixes

• use correct keystore select method for paseto access tokens (ce394bc)

v7.5.1

Bug Fixes

• issue id tokens with claims when resource is used (#1038) (4b16c71)

v7.5.0

Features

• use 303 See Other HTTP response status code for built in redirects (c243bf6)

v7.4.1

Bug Fixes

• handle backchannel requests in grant revocation (8fe9aec)

v7.4.0

⚠ BREAKING CHANGES

• fapi: Draft feature fapiRW was replaced by a stable fapi feature.
• fapi: The default profile for the new fapi feature is Financial-grade API Security Profile 1.0 - Part 2: Advanced (Final) rather than Financial-grade API - Part 2: Read and Write API Security Profile (ID2). ID2 albeit being an Implementer's Draft remains a possible features.fapi.profile option

Features

• fapi: FAPI (Final and ID2) is now a stable feature (4f52a4c)
• resourceIndicators: allow omitting resource parameter at the token endpoint (0309ec0), closes #989
• Client Initiated Backchannel Authentication (CIBA) and FAPI-CIBA-ID1 (a217484)

Bug Fixes

• deviceFlow: ensure pairwise device flow clients prove ownership of their jwks_uri (ec99201)
• remove default got user-agent (d65187c)
• skip validating client redirect_uris presence when not required (90965bb)

Note: Updates to draft specification versions are released as MINOR library versions, if you utilize these specification implementations consider using the tilde ~ operator in your package.json since breaking changes may be introduced as part of these version updates. Alternatively, acknowledge the version and be notified of breaking changes as part of your CI.

... (truncated)

Changelog

Sourced from oidc-provider's changelog.

7.5.4 (2021-07-21)

Bug Fixes

• add missing x-ua-compatible to form_post and dag input (f773669), closes #1052

7.5.3 (2021-07-19)

Bug Fixes

• memory adapter grant references for intended models (2fe4dc8)

7.5.2 (2021-07-19)

Bug Fixes

• use correct keystore select method for paseto access tokens (ce394bc)

7.5.1 (2021-06-24)

Bug Fixes

• issue id tokens with claims when resource is used (#1038) (4b16c71)

7.5.0 (2021-06-23)

Features

• use 303 See Other HTTP response status code for built in redirects (c243bf6)

7.4.1 (2021-05-29)

Bug Fixes

• handle backchannel requests in grant revocation (8fe9aec)

7.4.0 (2021-05-28)

⚠ BREAKING CHANGES

• fapi: Draft feature fapiRW was replaced by a stable fapi feature.
• fapi: The default profile for the new fapi feature is

... (truncated)

Commits

• d1a7644 chore(release): 7.5.4
• f773669 fix: add missing x-ua-compatible to form_post and dag input
• caea00a chore(release): 7.5.3
• 7d6b195 example: add a note to contributed example adapters
• 2fe4dc8 fix: memory adapter grant references for intended models
• 9f759e0 chore(release): 7.5.2
• 6fbcd71 example: revise some adapters
• 5a3b019 ci: update conformance suite
• ce394bc fix: use correct keystore select method for paseto access tokens
• 7371a84 chore: update issue template
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)