Bump bootstrap from 3.3.6 to 3.4.1

[dependabot]

Bumps bootstrap from 3.3.6 to 3.4.1.

Release notes

Sourced from bootstrap's releases.

v3.4.1

• Security: Fixed an XSS vulnerability (CVE-2019-8331) in our tooltip and popover plugins by implementing a new HTML sanitizer
• Handle bad selectors (#) in data-target for Dropdowns
• Clarified tooltip selector documentation
• Added support for NuGet contentFiles

v3.4.0

• New: Added a .row-no-gutters class.
• New: Added docs searching via Algolia.
• Fixed: Resolved an XSS issue in Alert, Carousel, Collapse, Dropdown, Modal, and Tab components. See https://snyk.io/vuln/npm:bootstrap:20160627 for details.
• Fixed: Added padding to .navbar-fixed-* on modal open
• Fixed: Removed the double border on <abbr> elements.
• Removed Gist creation in web-based Customizer since anonymous gists were disabled long ago by GitHub.
• Removed drag and drop support from Customizer since it didn't work anymore.
• Added a dropdown to the docs nav for newer and previous versions.
• Update the docs to use a new baseurl, /docs/3.4/, to version the v3.x documentation like we do with v4.
• Reorganized the v3 docs CSS to use Less.
• Switched to BrowserStack for tests.
• Updated links to always use https and fix broken URLs.
• Replaced ZeroClipboard with clipboard.js

v3.3.7

Release announcement blog post: https://blog.getbootstrap.com/2016/07/25/bootstrap-3-3-7-released/

JavaScript

• #19192 Fix keyboard navigation for toggle buttons (checkbox, radio, single toggle) following a mouse click
• #19659: Clear tooltip's $element to prevent leaking memory
• #20019: Avoid calling jQuery('#') since it's a syntax error in jQuery 3
• #20259: Backport jQuery-related JS unit test fixes from v4
• #20278: button.js: Set disabled property in addition to disabled attribute, for jQuery 3 compatibility
• #20313: Avoid using $.offset() on SVGs since it gives incorrect results in jQuery 3
• #20338: Update jQuery version check and jQuery dependency version range to allow jQuery 3

CSS

No significant changes.

Accessibility

• #19704: Add aria-label and callout about labeling pagination components

Docs

• #19263 Bump html5shiv to v3.7.3
• #19273 Port v4 browser support table format to v3
• #19893: Update jQuery to v1.12.4
• Numerous Wall of Browser Bugs updates

Commits

• 68b0d23 Dist
• 2ccfa57 handle # selector for dropdown
• a43077d Bump version to 3.4.1.
• d821de2 Backport sanitize docs from v4.
• 5cd9ef4 Add wdm gem for Windows.
• d6b8501 ES5 fixes.
• 2c8abb9 Add sanitize for tooltips and popovers html content.
• d4129df Bump year.
• 0d64d6a less/modals.less: Add missing semicolon.
• 48c5d7b Use https.
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by xhmikosr, a new releaser for bootstrap since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Updated
diceware	✅ Ready (Inspect)	Visit Preview	Oct 28, 2022 at 7:44PM (UTC)

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.