Bump marked from 1.2.5 to 1.2.6

Add tel, note, org and title search 

Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>

Prevent * and other things in the same query for Oracle

Bumps [marked](https://github.com/markedjs/marked) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/markedjs/marked/releases)
- [Changelog](https://github.com/markedjs/marked/blob/master/release.config.js)
- [Commits](https://github.com/markedjs/marked/compare/v1.2.5...v1.2.6

)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot-nextcloud[bot] <npmbuildbot-nextcloud[bot]@users.noreply.github.com>

Bump dompurify from 2.2.2 to 2.2.3

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Signed-off-by: Joas Schilling <coding@schilljs.com>

Bumps [dompurify](https://github.com/cure53/DOMPurify) from 2.2.2 to 2.2.3.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](https://github.com/cure53/DOMPurify/compare/2.2.2...2.2.3

)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot-nextcloud[bot] <npmbuildbot-nextcloud[bot]@users.noreply.github.com>

Update comment to reflect current CSP policy

Add sanitizers for JSON output

JS unsafe-eval was removed a long time ago in https://github.com/nextcloud/server/pull/11028

Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.12.7 to 7.12.10.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.12.10/packages/babel-preset-env

)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [sinon](https://github.com/sinonjs/sinon) from 9.2.1 to 9.2.2.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sinonjs/sinon/commits/v9.2.2

)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Those functions set proper content-types that prevent rendering of
data. Therefore it's safe to mark them as sanitizers.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

21 beta1

Show email address for shares that were created by other users

Indicate preview availability in recent file api responses

Check php compatibility of app store app releases

Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.7. **This update includes a security fix.**
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.7

)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>

Signed-off-by: Julius Härtl <jus@bitgrid.net>
Signed-off-by: npmbuildbot-nextcloud[bot] <npmbuildbot-nextcloud[bot]@users.noreply.github.com>

Error: Unknown named parameter $remote_id

Handle owncloud migration to latest release

Add deck share provider support

Fix loading order for OCS endpoints

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>

The loading order can have side effects in the way how apps register
plugins, listeners, etc.

Recently the order had been changed as part of cleaning up old code, but
caused apps to break.

This brings back the old app loading order to guarantee that apps won't
break, even though it might not semantically make sense.

Signed-off-by: Vincent Petry <vincent@nextcloud.com>