Added ip-address override (#27688)

no ref

A newly-published moderate XSS advisory landed against `ip-address`'s
`Address6` HTML-emitting methods (the helpers that produce HTML
representations of IPv6 addresses). Affected versions are `<=10.1.0`;
fixed upstream in `10.2.0`.

In our tree it reaches as `sqlite3 > node-gyp > make-fetch-happen >
socks-proxy-agent > socks > ip-address`, so it's a build-time chain
(sqlite3 native compilation) rather than runtime — the practical risk
surface is limited. The override is still worth taking because the fix
is a same-major patch and the override is mechanical.

Author: 9larsons

package.json

@@ -90,6 +90,7 @@
       "form-data@<2.5.4": "^2.5.4",
       "growl@<1.10.0": "^1.10.0",
       "handlebars@>=4.0.0 <=4.7.8": "^4.7.9",
+      "ip-address@<=10.1.0": "^10.2.0",
       "js-yaml@>=4.0.0 <4.1.1": "^4.1.1",
       "json5@<1.0.2": "^1.0.2",
       "lodash@<4.18.0": "^4.18.0",