Bumps [karma](https://github.com/karma-runner/karma) from 6.3.2 to 6.3.16.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/karma-runner/karma/releases">karma's releases</a>.</em></p>
<blockquote>
<h2>v6.3.16</h2>
<h2><a href="https://github.com/karma-runner/karma/compare/v6.3.15...v6.3.16">6.3.16</a> (2022-02-10)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> mitigate the "Open Redirect Vulnerability" (<a href="ff7edbb2ff">ff7edbb</a>)</li>
</ul>
<h2>v6.3.15</h2>
<h2><a href="https://github.com/karma-runner/karma/compare/v6.3.14...v6.3.15">6.3.15</a> (2022-02-05)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>helper:</strong> make mkdirIfNotExists helper resilient to concurrent calls (<a href="d9dade2f00">d9dade2</a>), closes <a href="https://github-redirect.dependabot.com//github-redirect.dependabot.com/karma-runner/karma-coverage/issues/434/issues/issuecomment-1017939333">karma-runner/karma-coverage#434</a></li>
</ul>
<h2>v6.3.14</h2>
<h2><a href="https://github.com/karma-runner/karma/compare/v6.3.13...v6.3.14">6.3.14</a> (2022-02-05)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>remove string template from client code (<a href="91d5acda63">91d5acd</a>)</li>
<li>warn when <code>singleRun</code> and <code>autoWatch</code> are <code>false</code> (<a href="69cfc763c8">69cfc76</a>)</li>
<li><strong>security:</strong> remove XSS vulnerability in <code>returnUrl</code> query param (<a href="839578c45a">839578c</a>)</li>
</ul>
<h2>v6.3.13</h2>
<h2><a href="https://github.com/karma-runner/karma/compare/v6.3.12...v6.3.13">6.3.13</a> (2022-01-31)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump log4js to resolve security issue (<a href="5bf2df3044">5bf2df3</a>), closes <a href="https://github-redirect.dependabot.com/karma-runner/karma/issues/3751">#3751</a></li>
</ul>
<h2>v6.3.12</h2>
<h2><a href="https://github.com/karma-runner/karma/compare/v6.3.11...v6.3.12">6.3.12</a> (2022-01-24)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>remove depreciation warning from log4js (<a href="41bed33bf4">41bed33</a>)</li>
</ul>
<h2>v6.3.11</h2>
<h2><a href="https://github.com/karma-runner/karma/compare/v6.3.10...v6.3.11">6.3.11</a> (2022-01-13)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> pin colors package to 1.4.0 due to security vulnerability (<a href="a5219c52e2">a5219c5</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/karma-runner/karma/blob/master/CHANGELOG.md">karma's changelog</a>.</em></p>
<blockquote>
<h2><a href="https://github.com/karma-runner/karma/compare/v6.3.15...v6.3.16">6.3.16</a> (2022-02-10)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> mitigate the "Open Redirect Vulnerability" (<a href="ff7edbb2ff">ff7edbb</a>)</li>
</ul>
<h2><a href="https://github.com/karma-runner/karma/compare/v6.3.14...v6.3.15">6.3.15</a> (2022-02-05)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>helper:</strong> make mkdirIfNotExists helper resilient to concurrent calls (<a href="d9dade2f00">d9dade2</a>), closes <a href="https://github-redirect.dependabot.com//github-redirect.dependabot.com/karma-runner/karma-coverage/issues/434/issues/issuecomment-1017939333">karma-runner/karma-coverage#434</a></li>
</ul>
<h2><a href="https://github.com/karma-runner/karma/compare/v6.3.13...v6.3.14">6.3.14</a> (2022-02-05)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>remove string template from client code (<a href="91d5acda63">91d5acd</a>)</li>
<li>warn when <code>singleRun</code> and <code>autoWatch</code> are <code>false</code> (<a href="69cfc763c8">69cfc76</a>)</li>
<li><strong>security:</strong> remove XSS vulnerability in <code>returnUrl</code> query param (<a href="839578c45a">839578c</a>)</li>
</ul>
<h2><a href="https://github.com/karma-runner/karma/compare/v6.3.12...v6.3.13">6.3.13</a> (2022-01-31)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump log4js to resolve security issue (<a href="5bf2df3044">5bf2df3</a>), closes <a href="https://github-redirect.dependabot.com/karma-runner/karma/issues/3751">#3751</a></li>
</ul>
<h2><a href="https://github.com/karma-runner/karma/compare/v6.3.11...v6.3.12">6.3.12</a> (2022-01-24)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>remove depreciation warning from log4js (<a href="41bed33bf4">41bed33</a>)</li>
</ul>
<h2><a href="https://github.com/karma-runner/karma/compare/v6.3.10...v6.3.11">6.3.11</a> (2022-01-13)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> pin colors package to 1.4.0 due to security vulnerability (<a href="a5219c52e2">a5219c5</a>)</li>
</ul>
<h2><a href="https://github.com/karma-runner/karma/compare/v6.3.9...v6.3.10">6.3.10</a> (2022-01-08)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>logger:</strong> create parent folders if they are missing (<a href="0d24bd937f">0d24bd9</a>), closes <a href="https://github-redirect.dependabot.com/karma-runner/karma/issues/3734">#3734</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="ab4b32898b"><code>ab4b328</code></a> chore(release): 6.3.16 [skip ci]</li>
<li><a href="ff7edbb2ff"><code>ff7edbb</code></a> fix(security): mitigate the "Open Redirect Vulnerability"</li>
<li><a href="c1befa04b3"><code>c1befa0</code></a> chore(release): 6.3.15 [skip ci]</li>
<li><a href="d9dade2f00"><code>d9dade2</code></a> fix(helper): make mkdirIfNotExists helper resilient to concurrent calls</li>
<li><a href="653c762be4"><code>653c762</code></a> ci: prevent duplicate CI tasks on creating a PR</li>
<li><a href="c97e562319"><code>c97e562</code></a> chore(release): 6.3.14 [skip ci]</li>
<li><a href="91d5acda63"><code>91d5acd</code></a> fix: remove string template from client code</li>
<li><a href="69cfc763c8"><code>69cfc76</code></a> fix: warn when <code>singleRun</code> and <code>autoWatch</code> are <code>false</code></li>
<li><a href="839578c45a"><code>839578c</code></a> fix(security): remove XSS vulnerability in <code>returnUrl</code> query param</li>
<li><a href="db53785b3e"><code>db53785</code></a> chore(release): 6.3.13 [skip ci]</li>
<li>Additional commits viewable in <a href="https://github.com/karma-runner/karma/compare/v6.3.2...v6.3.16">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/google/skia/network/alerts).
</details>
This is an imported pull request from
https://github.com/google/skia/pull/95
GitOrigin-RevId: ae940f93cbf5ebba6d02f722e0c9bc44f49c35c5
Change-Id: Ic9abd882cba29cdd130d5811f7c56fdfae9290de
Reviewed-on: https://skia-review.googlesource.com/c/skia/+/514659
Reviewed-by: Ravi Mistry <rmistry@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
98b1cc92c7