fix(deps): update dependency helmet to v6 (#2295)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [helmet](https://helmetjs.github.io/)
([source](https://togithub.com/helmetjs/helmet)) | [`^5.0.0` ->
`^6.0.0`](https://renovatebot.com/diffs/npm/helmet/5.0.0/6.0.0) |
[![age](https://badges.renovateapi.com/packages/npm/helmet/6.0.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/helmet/6.0.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/helmet/6.0.0/compatibility-slim/5.0.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/helmet/6.0.0/confidence-slim/5.0.0)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>helmetjs/helmet</summary>

###
[`v6.0.0`](https://togithub.com/helmetjs/helmet/blob/HEAD/CHANGELOG.md#&#8203;600---2022-08-26)

[Compare
Source](https://togithub.com/helmetjs/helmet/compare/v5.1.1...v6.0.0)

##### Changed

- **Breaking:** `helmet.contentSecurityPolicy` no longer sets
`block-all-mixed-content` directive by default
- **Breaking:** `helmet.expectCt` is no longer set by default. It can,
however, be explicitly enabled. It will be removed in Helmet 7. See
[#&#8203;310](https://togithub.com/helmetjs/helmet/issues/310)
- **Breaking:** Increase TypeScript strictness around some arguments.
Only affects TypeScript users, and may not require any code changes. See
[#&#8203;369](https://togithub.com/helmetjs/helmet/issues/369)
- `helmet.frameguard` no longer offers a specific error when trying to
use `ALLOW-FROM`; it just says that it is unsupported. Only the error
message has changed

##### Removed

- **Breaking:** Dropped support for Node 12 and 13. Node 14+ is now
required

###
[`v5.1.1`](https://togithub.com/helmetjs/helmet/blob/HEAD/CHANGELOG.md#&#8203;511---2022-07-23)

[Compare
Source](https://togithub.com/helmetjs/helmet/compare/v5.1.0...v5.1.1)

##### Changed

- Fix TypeScript bug with some TypeScript configurations. See
[#&#8203;375](https://togithub.com/helmetjs/helmet/pull/375) and
[#&#8203;359](https://togithub.com/helmetjs/helmet/issues/359)

###
[`v5.1.0`](https://togithub.com/helmetjs/helmet/blob/HEAD/CHANGELOG.md#&#8203;510---2022-05-17)

[Compare
Source](https://togithub.com/helmetjs/helmet/compare/v5.0.2...v5.1.0)

##### Added

- `Cross-Origin-Embedder-Policy`: support `credentialless` policy. See
[#&#8203;365](https://togithub.com/helmetjs/helmet/pull/365)
- Documented how to set both `Content-Security-Policy` and
`Content-Security-Policy-Report-Only`

##### Changed

-   Cleaned up some documentation around `Origin-Agent-Cluster`

###
[`v5.0.2`](https://togithub.com/helmetjs/helmet/blob/HEAD/CHANGELOG.md#&#8203;502---2022-01-22)

[Compare
Source](https://togithub.com/helmetjs/helmet/compare/v5.0.1...v5.0.2)

##### Changed

- Improve imports for CommonJS and ECMAScript modules. See
[#&#8203;345](https://togithub.com/helmetjs/helmet/pull/345)
-   Fixed some documentation

###
[`v5.0.1`](https://togithub.com/helmetjs/helmet/blob/HEAD/CHANGELOG.md#&#8203;501---2022-01-03)

[Compare
Source](https://togithub.com/helmetjs/helmet/compare/v5.0.0...v5.0.1)

##### Changed

-   Fixed some documentation

##### Removed

-   Removed some unused internal code

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/Unleash/unleash).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC42LjEiLCJ1cGRhdGVkSW5WZXIiOiIzNC45LjEifQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

package.json

@@ -104,7 +104,7 @@
     "express-session": "^1.17.1",
     "fast-json-patch": "^3.1.0",
     "gravatar-url": "^3.1.0",
-    "helmet": "^5.0.0",
+    "helmet": "^6.0.0",
     "ip": "^1.1.8",
     "joi": "^17.3.0",
     "js-sha256": "^0.9.0",

yarn.lock

@@ -3913,10 +3913,10 @@ has@^1.0.3:
   dependencies:
     function-bind "^1.1.1"
 
-helmet@^5.0.0:
+helmet@^6.0.0:
-  version "5.0.0"
+  version "6.0.0"
-  resolved "https://registry.npmjs.org/helmet/-/helmet-5.0.0.tgz"
+  resolved "https://registry.yarnpkg.com/helmet/-/helmet-6.0.0.tgz#8e183820ddccd7729a206ad73c577b264f495595"
-  integrity sha512-wCuTCJZnEKXagvjcZiAnXkzS4lh8mTJ/JhhC5XjH5vPvSzzX/8Y88u6mfE3F66itB6UIA7uZEekXJsbdFTOiPw==
+  integrity sha512-FO9RpR1wNJepH/GbLPQVtkE2eESglXL641p7SdyoT4LngHFJcZheHMoyUcjCZF4qpuMMO1u5q6RK0l9Ux8JBcg==
 
 hexoid@1.0.0:
   version "1.0.0"