Clone instead of move SVG highlights when focusing such that their
original order is not lost when they are subsequently unfocused. Ensure
that cloned, focused highlights are removed when associated highlights
are removed.

Bumps [@rollup/plugin-babel](https://github.com/rollup/plugins/tree/HEAD/packages/babel) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/babel/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/babel-v6.0.3/packages/babel)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-babel"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.21.1 to 7.23.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.21.1...7.23.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [@sentry/cli](https://github.com/getsentry/sentry-cli) from 2.9.0 to 2.10.0.
- [Release notes](https://github.com/getsentry/sentry-cli/releases)
- [Changelog](https://github.com/getsentry/sentry-cli/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-cli/compare/2.9.0...2.10.0)

---
updated-dependencies:
- dependency-name: "@sentry/cli"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [sinon](https://github.com/sinonjs/sinon) from 14.0.2 to 15.0.0.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v14.0.2...v15.0.0)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.44.0 to 5.45.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.45.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [eslint](https://github.com/eslint/eslint) from 8.28.0 to 8.29.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.28.0...v8.29.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [@rollup/plugin-commonjs](https://github.com/rollup/plugins/tree/HEAD/packages/commonjs) from 23.0.2 to 23.0.3.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/commonjs/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/commonjs-v23.0.3/packages/commonjs)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-commonjs"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>

`Object.fromEntries` is showing up in Sentry as the most frequent error from
browsers [1] that are outside our supported range, so use it as a representative
feature to decide whether the client can load at all. We assume that this can
subsume the previous ES2015-era feature tests.

`Object.fromEntries` is available since Chrome 73 (Mar 2019), Safari
12.1 (Mar 2019), Firefox 63 (Oct 2018).

[1] https://sentry.io/organizations/hypothesis/issues/3747304654

The `getSegmentSelector` function assumed all annotations have at least one
target. This is true for all saved annotations and all new annotations with
selectors, but is not true for new page notes.

This is a stop-gap fix. The better solution will be to eliminate the
inconsistency and make it so that all annotations have a non-empty `target`
field.

Fixes https://github.com/hypothesis/product-backlog/issues/1332

Per discussion in [1], replace the `js-temp-config` marker class with a
more descriptively-named data attribute.

[1] https://github.com/hypothesis/client/pull/5008#discussion_r1029807692

When the client is unloaded in a guest-only iframe, remove the client
configuration that was added by the `injectClient` function. This is
necessary for subsequent reloading of the client to work, as
`injectClient` aborts if the configuration already exists in a frame.

This change allows the client to be properly de-activated and then later
re-activated in a VitalSource book.

When the client is unloaded in a frame H, ensure that it is also unloaded from
guest frames whose host frame is H. This enables toggling the browser
extension's active state to work properly in VitalSource Bookshelf and other
pages which have annotation-enabled iframes.

This works by having the `Guest` instance in the iframe listen for the existing
"close" message from its connection to the host frame, and relaying that to the
entry point via a "hostDisconnected" event, which then handles it in the same
way as if the client had been unloaded directly in the guest frame.

Per https://github.com/hypothesis/client/pull/4985#discussion_r1034758238

`<h2>` is already used for the `sr-only` heading for the list of
threads, so it makes sense to go one level down for chapter headings.

Visually group ebook annotations by chapter in the sidebar by displaying
chapter headings above groups of annotations from a particular chapter.

For each thread a "heading key" is extracted, which is currently the EPUB
Content Document's CFI, taken from the "EPUBContentSelector" selector. For other
annotation types we could use a different key in future. When rendering threads
a heading is displayed above each thread where the key is different than the
previously rendered thread.

To avoid adding complexity to the virtualization calculations, the headings are
rendered as part of the first thread in the group, and so the height of the
heading element is included in the measured height for that thread.

Bumps [@npmcli/arborist](https://github.com/npm/cli/tree/HEAD/workspaces/arborist) from 6.1.2 to 6.1.3.
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/workspaces/arborist/CHANGELOG.md)
- [Commits](https://github.com/npm/cli/commits/arborist-v6.1.3/workspaces/arborist)

---
updated-dependencies:
- dependency-name: "@npmcli/arborist"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.42.1 to 5.44.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.44.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.20.0 to 7.21.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.20.0...7.21.1)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [@rollup/plugin-json](https://github.com/rollup/plugins/tree/HEAD/packages/json) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/json/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/json-v5.0.2/packages/json)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-json"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [prettier](https://github.com/prettier/prettier) from 2.7.1 to 2.8.0.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.7.1...2.8.0)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [dompurify](https://github.com/cure53/DOMPurify) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](https://github.com/cure53/DOMPurify/compare/2.4.0...2.4.1)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.43.0 to 5.44.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.44.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1258.0 to 2.1262.0.
- [Release notes](https://github.com/aws/aws-sdk-js/releases)
- [Changelog](https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js/compare/v2.1258.0...v2.1262.0)

---
updated-dependencies:
- dependency-name: aws-sdk
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.12 to 10.4.13.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/10.4.12...10.4.13)

---
updated-dependencies:
- dependency-name: autoprefixer
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [redux-thunk](https://github.com/reduxjs/redux-thunk) from 2.4.1 to 2.4.2.
- [Release notes](https://github.com/reduxjs/redux-thunk/releases)
- [Commits](https://github.com/reduxjs/redux-thunk/compare/v2.4.1...v2.4.2)

---
updated-dependencies:
- dependency-name: redux-thunk
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>

Bumps [eslint-plugin-react](https://github.com/jsx-eslint/eslint-plugin-react) from 7.31.10 to 7.31.11.
- [Release notes](https://github.com/jsx-eslint/eslint-plugin-react/releases)
- [Changelog](https://github.com/jsx-eslint/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jsx-eslint/eslint-plugin-react/compare/v7.31.10...v7.31.11)

---
updated-dependencies:
- dependency-name: eslint-plugin-react
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>

Unloading the client (eg. by deactivating the Hypothesis extension) does
not currently work properly in VitalSource ebooks or other scenarios involving
iframes. Add an "Unload client" toggle button in the VS test page at
http://localhost:3000/document/vitalsource-epub to help with testing
this.

The code for this button has been extracted from the dev server's home page into
a shared `controls.js` module.

In the process I removed the comments about Babel from util.js/index.js as these
are much less relevant now, and instead added some notes at the top of
dev-server/static/scripts/util.js about why that file is not an ES module.

Avoid the temporary URL navigation done by VitalSource tests from affecting
other tests by pausing in `afterEach` until the async `history.back()` operation
has completed. Note this API doesn't return a promise. Waiting for `popstate` is
how MDN recommends waiting.

Fixes #5004