Open snyk-bot opened 4 years ago
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches. Find out more.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches. Find out more.
Vulnerabilities that will be fixed
With an upgrade:
npm:eslint:20180222
npm:minimatch:20160620
Commit messages
Package name: gulp
The new version differs by 134 commits.- 55eb23a Release: 4.0.0
- 173a532 Docs: Fix the installation instructions
- ec54d09 Docs: Improve note about out-of-date docs
- 03b7c98 Docs: Update recipes to install gulp@next
- 2eba29e Docs: Remove run-sequence from recipes
- 76eb4d6 Docs: Add installation instructions & update badges
- fbc162f Docs: Remove references to gulp-util
- 3011cf9 Scaffold: Normalize repository
- f27be05 Update: Remove graceful-fs from test suite
- 361ab63 Upgrade: Update glob-watcher
- 064d100 Build: Avoid broken node 9
- 057df59 Release: 4.0.0-alpha.3
- c1ba80c Breaking: Upgrade major versions of glob-watcher, gulp-cli & vinyl-fs
- 89acc5c Docs: Improve ES2015 task exporting examples (#1999)
- 0ac9e04 Docs: Add "Project structure" section to CONTRIBUTING.md (#1859)
- 723cbc4 Docs: Fix syntax in recipe example (#1715)
- d420a6a Docs: Have gulp.lastRun take a function to avoid task registration (#1828)
- 29ece6f Upgrade: Update undertaker
- e931cb0 Docs: Fix changelog typos (#1696)
- 477db84 Docs: Add a "BrowserSync with Gulp 4" recipe (#1659)
- d4ed3c7 Docs: Add options.cwd for gulp.src API (#1645)
- 5dc3b07 Docs: Update gulp.watch API to align with glob-watcher
- 0c66069 Breaking: Replace chokidar as gulp.watch with glob-watcher wrapper
- c3dbc10 Docs: Clarify incremental builds example (#1609)
See the full diffPackage name: sass-lint
The new version differs by 94 commits.- dac0f12 chore(release): 1.13.0 [skip ci]
- 6b5a615 Merge pull request #1278 from srowhani/fix/release-version
- bf4f2ae fix(ci): rollback release version to match npm
- 037b459 Merge pull request #1276 from srowhani/fix/dependencies
- 37863b7 feat(ast): migrate from ast fork to latest version of gonzales
- b508036 feat(lint): adds disable-next-line
- 19df7ba Merge branch 'develop' into develop
- e391436 Merge pull request #1275 from srowhani/chore/ci-deploy-phase
- 2ab49c5 Merge branch 'develop' into chore/ci-deploy-phase
- 49b7253 chore(ci): fix build stages
- 50831b1 Merge pull request #1274 from srowhani/chore/ci-release-automation
- c0bd68f chore(ci): update husky commit-msg hook
- 814259b chore(ci): increase mocha test timeout to reduce flakiness of cli suite
- 745c0ba chore(ci): update travis build rules, and update matrix
- 9a6c32e chore(ci): automated release and deployment using semantic-release
- 21a56de Merge pull request #1273 from srowhani/chore/ci
- 3a6b08c chore(ci): update appveyor build matrix
- 3b9f2d5 Add disable-next-line
- 594cc6c Merge pull request #1232 from sasstools/1.13.0
- de2bbce merge with master
- bd0ed2b :shipit: v1.13.0
- 501ea72 Merge pull request #1230 from ccjmne/update-smacss-ordering
- 56fb8a9 Merge branch 'develop' into update-smacss-ordering
- 268c939 Merge pull request #1231 from sasstools/feature_update-packages
See the full diffWith a Snyk patch:
SNYK-JS-LODASH-450202
npm:minimatch:20160620
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic