npm(deps): bump @jupyterlab/application from 3.0.12 to 3.0.13

[dependabot]

Bumps @jupyterlab/application from 3.0.12 to 3.0.13.

Release notes

Sourced from @​jupyterlab/application's releases.

v3.0.13

• Add cell id per notebook format 4.5 (#10018)
• Fix label for "Create Console for Editor" (#9794)
• Use blobs to set the svg source of an image in the image viewer (#10029)
• [Fix] Copy shareable link command (#10021)
• Clarify where the overrides.json file should be in the docs (#9996)
• Do not make unnecessary npm registry requests (#9974)
• Fix escaping of urls and paths (#9978)

Changelog

Sourced from @​jupyterlab/application's changelog.

v3.0.13

• Add cell id per notebook format 4.5 (#10018)
• Fix label for "Create Console for Editor" (#9794)
• Use blobs to set the svg source of an image in the image viewer (#10029)
• [Fix] Copy shareable link command (#10021)
• Clarify where the overrides.json file should be in the docs (#9996)
• Do not make unnecessary npm registry requests (#9974)
• Fix escaping of urls and paths (#9978)

Commits

• 4166382 New version
• 83d81bd Merge pull request #11163 from jasongrout/3018changelog
• 877f602 Update changelog for 3.0.17 and 3.0.18
• 7ce0e0f Merge pull request #11157 from jupyterlab/blink1073-patch-1
• 20bdd86 Add more changelog entries for 3.0.17
• 3814fbf Merge pull request #11161 from meeseeksmachine/auto-backport-of-pr-10843-on-3...
• 34b473d Merge pull request #11160 from meeseeksmachine/auto-backport-of-pr-10773-on-3...
• 7193b25 Backport PR #10843: Shutdown sessions/terminals on shutdown
• a58f5ba Backport PR #10773: Markdown url resolver no longer throws for malformed URLs...
• b8234d7 Update changelog for 3.0.17
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

👈 Launch a binder notebook on branch jupyterlab-contrib/jupyterlab-kernelspy/dependabot/npm_and_yarn/jupyterlab/application-3.0.13

[vidartf]

@fcollonval I think we probably talked past each other previously. I think the dependabot PRs should only come when an update is BOTH a security update AND a prod dependency. These PRs don't really seem necessary for anything ?

[fcollonval]

Hey @vidartf I agree unfortunately there is no easy way to pick only security updates for production 😞
I can give a try with the suggestion dependabot/dependabot-core#2521 (comment)

[fcollonval]

I pushed 78088a8 to hopefully get what we want (aka security update for production package only).