[Snyk] Fix for 4 vulnerabilities

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches. Find out more.

Issue	Breaking Change	Exploit Maturity
Prototype Pollution SNYK-JS-MINIMIST-559764	Yes	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-MOCHA-561476	Yes	No Known Exploit
Regular Expression Denial of Service (ReDoS) npm:diff:20180305	Yes	Proof of Concept
Regular Expression Denial of Service (ReDoS) npm:minimatch:20160620	Yes	No Known Exploit

Commit messages

Package name: gulp

The new version differs by 134 commits.

55eb23a Release: 4.0.0
173a532 Docs: Fix the installation instructions
ec54d09 Docs: Improve note about out-of-date docs
03b7c98 Docs: Update recipes to install gulp@next
2eba29e Docs: Remove run-sequence from recipes
76eb4d6 Docs: Add installation instructions & update badges
fbc162f Docs: Remove references to gulp-util
3011cf9 Scaffold: Normalize repository
f27be05 Update: Remove graceful-fs from test suite
361ab63 Upgrade: Update glob-watcher
064d100 Build: Avoid broken node 9
057df59 Release: 4.0.0-alpha.3
c1ba80c Breaking: Upgrade major versions of glob-watcher, gulp-cli & vinyl-fs
89acc5c Docs: Improve ES2015 task exporting examples (#1999)
0ac9e04 Docs: Add "Project structure" section to CONTRIBUTING.md (#1859)
723cbc4 Docs: Fix syntax in recipe example (#1715)
d420a6a Docs: Have gulp.lastRun take a function to avoid task registration (#1828)
29ece6f Upgrade: Update undertaker
e931cb0 Docs: Fix changelog typos (#1696)
477db84 Docs: Add a "BrowserSync with Gulp 4" recipe (#1659)
d4ed3c7 Docs: Add options.cwd for gulp.src API (#1645)
5dc3b07 Docs: Update gulp.watch API to align with glob-watcher
0c66069 Breaking: Replace chokidar as gulp.watch with glob-watcher wrapper
c3dbc10 Docs: Clarify incremental builds example (#1609)

Package name: gulp-nuget-pack

The new version differs by 6 commits.

89d5f1c v0.1.0
b0ad29e Upgrade gulp to v4 (#4 from apneer/fixvulnerab)
dc88e22 move to deps
ab3e7a9 Merge branch 'fixvulnerab' of github.com:apneer/gulp-nuget-pack into fixvulnerab
7bed36d Update gulp to remove vulnerabilities; remove deprecated gulp-util
8b3ac7e Upgrade gulp to v4 to fix vulnerabilites in minimatch; remove gulp-util that is deprecated

Package name: mocha

The new version differs by 250 commits.

eb781e2 Release v6.2.3
10dbe94 update CHANGELOG for v6.2.3 [ci skip]
848d6fb security: update mkdirp, yargs, yargs-parser
843a322 6.2.2
aec8b02 update CHANGELOG for v6.2.2 [ci skip]
7a8b95a npm audit fixes
cebddf2 Improve reporter documentation for mocha in browser. (#4026)
3f7b987 uncaughtException: report more than one exception per test (#4033)
ee82d38 modify alt text of image from Backers to Sponsors inside Sponsors section in Readme (#4046)
e9c036c special-case parsing of "require" in unparseNodeArgs(); closes #4035 (#4063)
954cf0b Fix HTMLCollection iteration to make unhide function work as expected (#4051)
816dc27 uncaughtException: fix double EVENT_RUN_END events (#4025)
9650d3f add OpenJS Foundation logo to website (#4008)
f04b81d Adopt the OpenJSF Code of Conduct (#3971)
aca8895 Add link checking to docs build step (#3972)
ef6c820 Release v6.2.1
9524978 updated CHANGELOG for v6.2.1 [ci skip]
dfdb8b3 Update yargs to v13.3.0 (#3986)
18ad1c1 treat '--require esm' as Node option (#3983)
fcffd5a Update yargs-unparser to v1.6.0 (#3984)
ad4860e Remove extraGlobals() (#3970)
b269ad0 Clarify effect of .skip() (#3947)
1e6cf3b Add Matomo to website (#3765)
91b3a54 fix style on mochajs.org (#3886)

Severity	Issue	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) npm:minimatch:20160620	No Known Exploit

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

This change is

cinecove / defunctr