build(deps): bump ora from 8.2.0 to 9.3.0

[dependabot]

Bumps ora from 8.2.0 to 9.3.0.

Release notes

Sourced from ora's releases.

v9.3.0

• Reduce flicker in rendering 2ab4f76

---

sindresorhus/ora@v9.2.0...v9.3.0

v9.2.0

• Update stdin-discarder dependency (#251) 020eaba

---

sindresorhus/ora@v9.1.0...v9.2.0

v9.1.0

• Support external writes to stream (console.log) while spinning d2b543a
• Replace strip-ansi dependency with native stripVTControlCharacters (#249) 68d50e5

---

sindresorhus/ora@v9.0.0...v9.1.0

v9.0.0

Breaking

• Require Node.js 20 7aca06d

Fixes

• Fix clearing in some cases aa51538
• Fix frame() not displaying dynamic prefixText/suffixText from functions 0f19f57
• Fix multiline text exceeding console height leaving garbage when scrolling 45d30ad

---

sindresorhus/ora@v8.2.0...v9.0.0

Commits

• 4496362 9.3.0
• 2ab4f76 Reduce flicker in rendering
• 8d17b13 Add FAQ item
• 4cf47fc Add more tests for discardStdin
• 9763e60 Document Ctrl+C behavior for discardStdin
• 5408a1e 9.2.0
• 020eaba Update stdin-discarder dependency (#251)
• d7e3a94 9.1.0
• d2b543a Support external writes to stream while spinning
• 68d50e5 Replace strip-ansi with native stripVTControlCharacters (#249)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/cli-spinners	3.4.0	🟢 4.3	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Code-Review 🟢 4 Found 12/30 approved changesets -- score normalized to 4 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Maintained 🟢 4 5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/log-symbols	7.0.1	🟢 3.8	Details Check Score Reason Code-Review 🟢 3 Found 11/30 approved changesets -- score normalized to 3 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/ora	9.3.0	🟢 4.6	Details Check Score Reason Maintained 🟢 10 11 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Code-Review ⚠️ 1 Found 4/30 approved changesets -- score normalized to 1 Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/stdin-discarder	0.3.1	🟢 3.6	Details Check Score Reason Maintained ⚠️ 1 2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1 Packaging ⚠️ -1 packaging workflow not detected Code-Review ⚠️ 0 Found 0/16 approved changesets -- score normalized to 0 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 no SAST tool detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches
npm/string-width	8.2.0	🟢 4.4	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Maintained 🟢 6 6 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 6 Code-Review 🟢 3 Found 9/30 approved changesets -- score normalized to 3 Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/yoctocolors	2.1.2	Unknown	Unknown

Scanned Files

• package-lock.json

[dependabot]

Looks like ora is up-to-date now, so this is no longer needed.