Update dependency morgan to ~1.9.1

[dev-mend-for-github.aaakk.us.kg]

This PR contains the following updates:

Package	Type	Update	Change
morgan	dependencies	minor	~1.6.1 -> ~1.9.1

By merging this PR, the issue #2 will be automatically resolved and closed:

Severity	CVSS Score	CVE
High	9.8	CVE-2019-5413
Medium	5.3	CVE-2017-16137
Low	3.4	WS-2017-0247

---

Release Notes

expressjs/morgan

v1.9.1

Compare Source

==================

• Fix using special characters in format
• deps: depd@~1.1.2
  • perf: remove argument reassignment

v1.9.0

Compare Source

==================

• Use res.headersSent when available
• deps: basic-auth@~2.0.0
  • Use safe-buffer for improved Buffer API
• deps: [email protected]
• deps: depd@~1.1.1
  • Remove unnecessary Buffer loading

v1.8.2

Compare Source

==================

• deps: [email protected]
  • Fix DEBUG_MAX_ARRAY_LENGTH
  • deps: [email protected]

v1.8.1

Compare Source

==================

• deps: [email protected]
  • Fix deprecation messages in WebStorm and other editors
  • Undeprecate DEBUG_FD set to 1 or 2

v1.8.0

Compare Source

==================

• Fix sending unnecessary undefined argument to token functions
• deps: basic-auth@~1.1.0
• deps: [email protected]
  • Allow colors in workers
  • Deprecated DEBUG_FD environment variable
  • Fix error when running under React Native
  • Use same color for same namespace
  • deps: [email protected]
• perf: enable strict mode in compiled functions

v1.7.0

Compare Source

==================

• Add digits argument to response-time token
• deps: depd@~1.1.0
  • Enable strict mode in more places
  • Support web browser loading
• deps: on-headers@~1.0.1
  • perf: enable strict mode

---

• If you want to rebase/retry this PR, click this checkbox.

[dev-mend-for-github.aaakk.us.kg]

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.