fix(deps): update dependency hibp to v9

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
hibp (source)	dependencies	major	7.5.2 -> 9.0.0

---

Release Notes

wKovacs64/hibp

v9.0.0

Compare Source

Build System

• consolidate all build output under the dist directory (#​138) (a7d0439)

chore

• node: drop Node 8 support (#​137) (450ee23)

Reverts

• enable skipLibCheck hack to avoid issues with Cypress types (db4e5cb)

BREAKING CHANGES

• Output files for all build targets have been consolidated under the dist
  directory. This should be transparent if you followed the documentation, but
  the changes are as follows:
  • CommonJS
    • lib/hibp.js → dist/cjs/hibp.js
  • ECMAScript Modules
    • es/hibp.js → dist/esm/hibp.js
  • ECMAScript Modules for Browsers (development)
    • dist/hibp.mjs → dist/browser/hibp.esm.js
  • ECMAScript Modules for Browsers (production)
    • dist/hibp.min.mjs → dist/browser/hibp.esm.min.js
  • UMD (development)
    • dist/hibp.js → dist/browser/hibp.umd.js
  • UMD (production)
    • dist/hibp.min.js → dist/browser/hibp.umd.min.js
  • TypeScript Declarations
    • types/hibp.d.ts → dist/hibp.d.ts
• node: Support for Node.js version 8.x has been dropped.

v8.0.1

Compare Source

Performance Improvements

• replace axios with isomorphic-unfetch (#​136) (754a5e9)

Build Output

• improve dead code elimination with #__PURE__ annotations (#​121) (a6b7b57)
• cjs: output multiple files for consistency with ESM build (#​122) (edd6ed0)

v8.0.0

Compare Source

chore

• node: drop Node 6 support (c276c66)

Features

• api-v3: add apiKey option to protected endpoint modules (cf026bd), closes #​100
• api-v3: invert the includeUnverified option default (9f004fc), closes #​98
• api-v3: invert the truncate option default (395c487), closes #​99
• api-v3: replace custom Accept header with versioned base URL (84a839c)
• api-v3: update handling of rate limited responses (092a55c), closes #​97

BREAKING CHANGES

• node: Support for Node.js version 6.x has been dropped.
• api-v3: v3 of the haveibeenpwned.com API requires an API key from
  https://haveibeenpwned.com/API/Key to access the breachedaccount and pasteaccount endpoints.
  Requests made using the breachedAccount, pasteAccount, and search modules will be rejected
  with a 401 Unauthorized response unless the apiKey option is provided with a valid API key, or
  you are proxying your requests (via the baseUrl option) through a server that inserts an API key
  on your behalf. See Troy's blog post for rationale and a full explanation.
• api-v3: The includeUnverified option previously defaulted to false
  and now defaults to true, per Troy's preference.
• api-v3: The truncate option previously defaulted to false and now defaults to true,
  per Troy's preference.

---

Renovate configuration

📅 Schedule: "after 10pm every weekday,before 5am every weekday" in timezone Europe/London.

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by WhiteSource Renovate. View repository job log here.

[coveralls]

Coverage remained the same at 80.638% when pulling e2f7549 on renovate/hibp-9.x into 10ca63f on master.