[identity] Update dev dependency "open"

[mikeharder]

@daviwil: Note the code change to the sample, as recommended by the docs for open@7.0.0:

Correctly handle URL and path escaping on Windows (#146) 7ef15d2
If you use open with URLs, you'll want to use the new {url: true} option.

https://github.com/sindresorhus/open/releases/tag/v7.0.0

How can I validate the change to this sample? Do any of our pipelines run the sample, or does it need to be run manually?

[daviwil]

Unfortunately it has to be run manually because this auth flow requires the user to authenticate with AAD in the browser. I can run it with this change after I get out of the meeting I'm in.

[mikeharder]

Thanks. Do you think we should add url: true in the sample or no? I have no preference, the doc recommends it for URLs, but I think it only matters if the URL happens to contain a double-quote character (").

[daviwil]

I think it's a good addition here since it seems users on Windows (of which we have many) might encounter problems with launching URLs with ampersands (which we do).

[mikeharder]

Since the URL query string in the sample is already encoded, we need to omit url: true to prevent double-encoding. An alternative fix would be to set encode: false when calling qs.stringify(), and then set url: true when calling open().