deps: bump normalize-package-data from 3.0.3 to 4.0.0

[dependabot]

Bumps normalize-package-data from 3.0.3 to 4.0.0.

Release notes

Sourced from normalize-package-data's releases.

normalize-package-data v4.0.0

⚠ BREAKING CHANGES

• this drops support for node 10 and non-LTS versions of node 12 and node 14

Bug Fixes

• do not overwrite bundled dependency ranges with * (#128) (b8e4604)
• safer regex (abcdb36)

Documentation

• Missprint in readme (#127) (ac078ea)

• @​npmcli/template-oss@​2.9.2 (80daf4a)

Dependencies

• bump hosted-git-info from 4.1.0 to 5.0.0 (#135) (289674d)
• update is-core-module requirement from ^2.5.0 to ^2.8.1 (#132) (b3ec77e)
• update semver requirement from ^7.3.4 to ^7.3.5 (#133) (e0a56dc)
• update validate-npm-package-license requirement (#131) (fe7dc60)

Changelog

Sourced from normalize-package-data's changelog.

4.0.0 (2022-03-14)

⚠ BREAKING CHANGES

• this drops support for node 10 and non-LTS versions of node 12 and node 14

Bug Fixes

• do not overwrite bundled dependency ranges with * (#128) (b8e4604)
• safer regex (abcdb36)

Documentation

• Missprint in readme (#127) (ac078ea)

• @​npmcli/template-oss@​2.9.2 (80daf4a)

Dependencies

• bump hosted-git-info from 4.1.0 to 5.0.0 (#135) (289674d)
• update is-core-module requirement from ^2.5.0 to ^2.8.1 (#132) (b3ec77e)
• update semver requirement from ^7.3.4 to ^7.3.5 (#133) (e0a56dc)
• update validate-npm-package-license requirement (#131) (fe7dc60)

Commits

• f5080ca chore: release 4.0.0 (#130)
• 289674d deps: bump hosted-git-info from 4.1.0 to 5.0.0 (#135)
• e0a56dc deps: update semver requirement from ^7.3.4 to ^7.3.5 (#133)
• b3ec77e deps: update is-core-module requirement from ^2.5.0 to ^2.8.1 (#132)
• fe7dc60 deps: update validate-npm-package-license requirement (#131)
• b8e4604 fix: do not overwrite bundled dependency ranges with * (#128)
• abcdb36 fix: safer regex
• cda537d chore: coverage settings
• 02aba91 chore: linting
• 80daf4a chore: @​npmcli/template-oss@​2.9.2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

The following labels could not be found: Dependencies.

[nlf]

for context, this fixes the tests that were asserting incorrect behavior from an older version of normalize-package-data. the bug there was fixed causing these tests to fail, but the assertions after this change match expectations.