chore(deps-dev): bump johnbillion/query-monitor from 3.16.3 to 3.20.4

[dependabot]

Bumps johnbillion/query-monitor from 3.16.3 to 3.20.4.

Release notes

Sourced from johnbillion/query-monitor's releases.

3.20.4

• This is a security release which fixes a reflected XSS vulnerability in the Request panel. Full details in the security advisory.

3.20.3

• Clicking QM in the the admin toolbar a second time will now close the panel
• Improvements to accessibility of the toggle buttons
• Failed HTTP API GET requests now show a clickable link

3.20.2

• Prevents a PHP error being triggered under certain conditions and when no database queries are performed.

3.20.1

• Confirms support for WordPress 6.9.
• Removes calls to deprecated jQuery.focus() method.
• Add line breaks to HTML output to keep your browser happy when viewing the page source.

3.20.0

• Defers loading of translation files as late as possible to minimise the chance of triggering the Translation loading for the query-monitor domain was triggered too early error
• Implements some initial compatibility tweaks for the upcoming PHP 8.5

3.19.0

• Adds Guzzle middleware support for logging HTTP client requests.
• Fixes plugin conflicts caused by the global qm JavaScript variable by renaming it to QueryMonitorData.
• Corrects invalid HTML markup where <th> elements were closed with </td> tags.

3.18.0

• Adds more comprehensive handling of HTTP API requests which were overridden by the pre_http_request filter.
• Corrects the handling of suppressed PHP errors on both PHP 7 and PHP 8.
• Confirms support for WordPress 6.8.

3.17.2

• Reinstates the "Blocks" panel

3.17.1

• Prevents use of the deprecated E_STRICT constant in PHP 8.4.
• Avoids use of the deprecated setted_transient and setted_site_transient actions in WordPress 6.8.
• Skips showing the _load_textdomain_just_in_time notices when they're caused by Query Monitor itself.
• Uses more appropriate formatting for a fatal error in REST API and Ajax contexts.

3.17.0

• Support for WordPress 6.7.
• Support for PHP 8.4.
• Inline scripts are now output using wp_print_inline_script_tag() so a Content Security Policy can be fully implemented.
• Various improvements and fixes.

3.16.4

• Confirms support for WordPress 6.6.

Commits

• 19a2304 Release 3.20.4
• 66021ef Version 3.20.4.
• c10108e Add escaping to the output of request URLs that don't contain an ampersand.
• aaf140c Version 3.20.3.
• 5cddddb Happy new year.
• caf1718 Update the security policy.
• ceea6d3 This is no longer used.
• d42dcb7 Fix the tests.
• 3b2ebd2 Merge branch 'pr-777' into develop
• 25950a1 Merge branch 'pr-781' into develop
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.