Bump dotenv from 16.5.0 to 16.6.1 (#372)

Bumps [dotenv](https://github.com/motdotla/dotenv) from 16.5.0 to
16.6.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md">dotenv's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/motdotla/dotenv/compare/v16.6.0...v16.6.1">16.6.1</a>
(2025-06-27)</h2>
<h3>Changed</h3>
<ul>
<li>Default <code>quiet</code> to true – hiding the runtime log message
(<a
href="https://redirect.github.com/motdotla/dotenv/pull/874">#874</a>)</li>
<li>NOTICE: 17.0.0 will be released with quiet defaulting to false. Use
<code>config({ quiet: true })</code> to suppress.</li>
<li>And check out the new <a
href="https://github.com/dotenvx/dotenvx">dotenvx</a>. As coding
workflows evolve and agents increasingly handle secrets, encrypted .env
files offer a much safer way to deploy both agents and code together
with secure secrets. Simply switch
<code>require('dotenv').config()</code> for
<code>require('@dotenvx/dotenvx').config()</code>.</li>
</ul>
<h2><a
href="https://github.com/motdotla/dotenv/compare/v16.5.0...v16.6.0">16.6.0</a>
(2025-06-26)</h2>
<h3>Added</h3>
<ul>
<li>Default log helpful message <code>[[email protected]] injecting env (1)
from .env</code> (<a
href="https://redirect.github.com/motdotla/dotenv/pull/870">#870</a>)</li>
<li>Use <code>{ quiet: true }</code> to suppress</li>
<li>Aligns dotenv more closely with <a
href="https://github.com/dotenvx/dotenvx">dotenvx</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/motdotla/dotenv/commit/076ba3b6a225b8cb878c1cd0a222674b6e5ef87d"><code>076ba3b</code></a>
16.6.1</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/8867fe07944f172f91b36d3e71ff43ad7bddb005"><code>8867fe0</code></a>
changelog 🪵</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/424c32deac4078ce034cdf4b328b782bf089d32d"><code>424c32d</code></a>
Merge pull request <a
href="https://redirect.github.com/motdotla/dotenv/issues/874">#874</a>
from motdotla/default-quiet-to-true</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/5270faf63ebe3c46aecbef34dab4d58780f5b7ee"><code>5270faf</code></a>
changelog 🪵</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/86ce00120f40905c8505c1299b51e2869c6f31aa"><code>86ce001</code></a>
force failure of path.relative in test</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/e6799e62f6fd40681a310d19fedeb31886e39287"><code>e6799e6</code></a>
add tests</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/ec72534ffabe39b3ac252564b2d753c72ca74977"><code>ec72534</code></a>
add to test coverage</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/c88608441628757304823e39aaf7cb7e0ad28e5c"><code>c886084</code></a>
send coverage to text as well</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/a791032e9b7cdab91ccf52a8509984dbda702c93"><code>a791032</code></a>
add test</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/fa67c0295ec8ade62a9f431c704cb4cb206efe03"><code>fa67c02</code></a>
test quiet: false</li>
<li>Additional commits viewable in <a
href="https://github.com/motdotla/dotenv/compare/v16.5.0...v16.6.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dotenv&package-manager=npm_and_yarn&previous-version=16.5.0&new-version=16.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

package-lock.json

@@ -21,7 +21,7 @@
     "browser-sync": "^3.0.4",
     "client-sessions": "^0.8.0",
     "cookie-parser": "^1.4.7",
-    "dotenv": "^16.5.0",
+    "dotenv": "^16.6.1",
     "express": "^4.21.2",
     "express-session": "^1.18.1",
     "gulp": "^5.0.1",