Dependencies security upgrade

[mmattel]

Describe the bug
Seen via GH security alert:

tmp allows arbitrary temporary file / directory write via symbolic link dir parameter

Dependabot cannot update tmp to a non-vulnerable version

The latest possible version that can be installed is 0.0.33 because of the following conflicting dependencies:

broken-link-checker@0.7.8 requires tmp@0.0.x via a transitive dependency on useragent@2.3.0
No patched version available for tmp

The earliest fixed version is 0.2.4.

To Reproduce
Run a GH security check

Expected behavior
No security report

Environment:

• OS and version: Debian 13
• Node.js version: 18.x
• broken-link-checker version: 0.7.8

Note
Seems that the dependency that causes the issue is useragent which has not been updated since 6 years and is likely to be considered as unmaintained... A replacement such as ua-parser-js may fix the issue which is maintained.