Bump minimatch, gulp, gulp-jscs, gulp-jshint, gulp-spawn-mocha, istanbul, karma and mocha

[dependabot[bot]]

Bumps minimatch to 3.1.2 and updates ancestor dependencies minimatch, gulp, gulp-jscs, gulp-jshint, gulp-spawn-mocha, istanbul, karma and mocha. These dependencies need to be updated together.

Updates minimatch from 0.2.14 to 3.1.2

Commits

• 699c459 3.1.2
• 2f2b5ff fix: trim pattern
• 25d7c0d 3.1.1
• 55dda29 fix: treat nocase:true as always having magic
• 5e1fb8d 3.1.0
• f8145c5 Add 'allowWindowsEscape' option
• 570e8b1 add publishConfig for v3 publishes
• 5b7cd33 3.0.6
• 20b4b56 [fix] revert all breaking syntax changes
• 2ff0388 document, expose, and test 'partial:true' option
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for minimatch since your current version.

Updates gulp from 3.9.1 to 4.0.2

Release notes

Sourced from gulp's releases.

v4.0.2

Fix

• Bind src/dest/symlink to the gulp instance to support esm exports (5667666) - Ref standard-things/esm#797

Docs

• Add notes about esm support (4091bd3) - Closes #2278
• Fix the Negative Globs section & examples (3c66d95) - Closes #2297
• Remove next tag from recipes (1693a11) - Closes #2277
• Add default task wrappers to Watching Files examples to make runnable (d916276) - Closes #2322
• Fix syntax error in lastRun API docs (ea52a92) - Closes #2315
• Fix typo in Explaining Globs (5d81f42) - Closes #2326

Build

• Add node 12 to Travis & Azure (b4b5a68)

v4.0.1

Fix

• Temporary workaround for facebook/Docusaurus#257 (9f4a2e9) - Closes facebook/Docusaurus#257

Docs

• Fix error in ES2015 usage example (a4e8d48) - Closes #2099 #2100
• Add temporary notice for 4.0.0 vs 3.9.1 documentation (126423a) - Closes #2121
• Improve recipe for empty glob array (45830cf) - Closes #2122
• Reword standard to default (b065a13)
• Fix recipe typo (86acdea) - Closes #2156
• Add front-matter to each file (d693e49) - Closes #2109
• Rename "Getting Started" to "Quick Start" & update it (6a0fa00)
• Add "Creating Tasks" documentation (21b6962)
• Add "JavaScript and Gulpfiles" documentation (31adf07)
• Add "Working with Files" documentation (50fafc6)
• Add "Async Completion" documentation (ad8b568)
• Add "Explaining Globs" documentation (f8cafa0)
• Add "Using Plugins" documentation (233c3f9)
• Add "Watching Files" documentation (f3f2d9f)
• Add Table of Contents to "Getting Started" directory (a43caf2)
• Improve & fix parts of Getting Started (84b0234)
• Create and link-to a "docs missing" page for LINK_NEEDED references (2bd75d0)
• Redirect users to new Getting Started guides (53e9727)
• Temporarily reference gulp@next in Quick Start (2cecf1e)
• Fixed a capitalization typo in a heading (3d051d8) - Closes #2242
• Use h2 headers within Quick Start documentation (921312c) - Closes #2241
• Fix for nested directories references (4c2b9a7)
• Add some more cleanup for Docusaurus (6a8fd8f)
• Temporarily point LINK_NEEDED references to documentation-missing.md (df7cdcb)
• API documentation improvements based on feedback (0a68710)

... (truncated)

Changelog

Sourced from gulp's changelog.

gulp changelog

4.0.0

Task system changes

• replaced 3.x task system (orchestrator) with new task system (bach)
  • removed gulp.reset
  • removed 3 argument syntax for gulp.task
  • gulp.task should only be used when you will call the task with the CLI
  • added gulp.series and gulp.parallel methods for composing tasks. Everything must use these now.
  • added single argument syntax for gulp.task which allows a named function to be used as the name of the task and task function.
  • added gulp.tree method for retrieving the task tree. Pass { deep: true } for an archy compatible node list.
  • added gulp.registry for setting custom registries.

CLI changes

• split CLI out into a module if you want to save bandwidth/disk space. you can install the gulp CLI using either npm install gulp -g or npm install gulp-cli -g, where gulp-cli is the smaller one (no module code included)
• add --tasks-json flag to CLI to dump the whole tree out for other tools to consume
• added --verify flag to check the dependencies in package.json against the plugin blacklist.

vinyl/vinyl-fs changes

• added gulp.symlink which functions exactly like gulp.dest, but symlinks instead.
• added dirMode param to gulp.dest and gulp.symlink which allows better control over the mode of the destination folder that is created.
• globs passed to gulp.src will be evaluated in order, which means this is possible gulp.src(['*.js', '!b*.js', 'bad.js']) (exclude every JS file that starts with a b except bad.js)
• performance for gulp.src has improved massively
  • gulp.src(['**/*', '!b.js']) will no longer eat CPU since negations happen during walking now
• added since option to gulp.src which lets you only match files that have been modified since a certain date (for incremental builds)
• fixed gulp.src not following symlinks
• added overwrite option to gulp.dest which allows you to enable or disable overwriting of existing files

Commits

• 069350a Release: 4.0.2
• b4b5a68 Build: Add node 12 to Travis & Azure
• 5667666 Fix: Bind src/dest/symlink to the gulp instance to support esm exports (ref s...
• 4091bd3 Docs: Add notes about esm support (closes #2278)
• 3c66d95 Docs: Fix the Negative Globs section & examples (closes #2297)
• 1693a11 Docs: Remove next tag from recipes (closes #2277)
• d916276 Docs: Add default task wrappers to Watching Files examples to make runnable (...
• ea52a92 Docs: Fix syntax error in lastRun API docs (closes #2315)
• 5d81f42 Docs: Fix typo in Explaining Globs (#2326)
• ea3bba4 Release: 4.0.1
• Additional commits viewable in compare view

Updates gulp-jscs from 1.6.0 to 4.1.0

Release notes

Sourced from gulp-jscs's releases.

4.0.0

Upgrade to JSCS 3.

3.0.0

Reporters are now supported. The main jscs() function will no longer report anything.

You can also no longer pass JSCS config into jscs(). JSCS config should be in an external file so other tools can also make use of it.

It will now automatically load the closest .jscsrc file. So no longer a need to explicitly specify a configPath.

Change your code accordingly:

 const gulp = require('gulp');
 const jscs = require('gulp-jscs');
gulp.task('default', () => {
return gulp.src('src/app.js')

.pipe(jscs({configPath: '.jscsrc'}));


.pipe(jscs())
.pipe(jscs.reporter());
});

Changes: https://github.com/jscs-dev/gulp-jscs/compare/v2.0.0...v3.0.0

Commits

• 16f8afe 4.1.0
• f0c4b42 Drop dependency on deprecated gulp-util (#121)
• f7471e8 4.0.0
• 7face69 deps: jscs@3.0.4 (#112)
• 376e2dc bump dev deps
• 237d2c5 3.0.2
• cd4f150 Merge pull request #97 from jayeb/jayeb-patch-1
• 0fde1cc Pass full path into Checker instead of relative
• 81a6f88 3.0.1
• aa9db33 Close #93 PR: Fixed issue when "autofix" doesn't fix all files..
• Additional commits viewable in compare view

Updates gulp-jshint from 1.12.0 to 2.1.0

Changelog

Sourced from gulp-jshint's changelog.

2.0

• jshint is now a peerDependency, meaning you must install it seperately

  npm install jshint gulp-jshint --save-dev

Commits

• 32a25b0 2.1.0
• 2c57c9f Merge pull request #157 from spalger/remove-gulp-util
• 5f621f8 vinyl is only used in testing
• 5eaabdd add yarn.lock file for dev
• 154180d [gulp-util/PluginError] use plugin-error directly
• 357ab98 [gulp-util/File] use Vinyl directly
• 807bead 2.0.4
• aca8740 Add test to verify that default files are not broken
• c277434 2.0.3
• 711f3f0 test fix
• Additional commits viewable in compare view

Updates gulp-spawn-mocha from 2.2.2 to 6.0.0

Commits

• 8ead3ca 6.0.0
• 2ee66b2 Update mocha to latest version
• 154431f Merge pull request #62 from rsxdalv/master
• b6eef70 Fix security vulnerabilities in dependencies
• 114649a Merge pull request #70 from berkowitzi/error-on-null-exit-codes
• 16ac426 Throw an error upon unexpected termination of child process
• 026944d Upgrade dev dependencies, Gulp
• 8b5e7fd 5.0.1
• 4a5fdd4 Merge pull request #66 from leipert/master
• 1af74a9 migrate away from gulp-util
• Additional commits viewable in compare view

Updates istanbul from 0.3.22 to 0.4.5

Changelog

Sourced from istanbul's changelog.

Changelog

... (truncated)

Commits

• See full diff in compare view

Updates karma from 0.12.37 to 6.4.1

Release notes

Sourced from karma's releases.

v6.4.1

6.4.1 (2022-09-19)

Bug Fixes

• pass integrity value (63d86be)

v6.4.0

6.4.0 (2022-06-14)

Features

• support SRI verification of link tags (dc51a2e)
• support SRI verification of script tags (6a54b1c)

v6.3.20

6.3.20 (2022-05-13)

Bug Fixes

• prefer IPv4 addresses when resolving domains (e17698f), closes #3730

v6.3.19

6.3.19 (2022-04-19)

Bug Fixes

• client: error out when opening a new tab fails (099b85e)

v6.3.18

6.3.18 (2022-04-13)

Bug Fixes

• deps: upgrade socket.io to v4.4.1 (52a30bb)

v6.3.17

6.3.17 (2022-02-28)

Bug Fixes

• deps: update colors to maintained version (#3763) (fca1884)

v6.3.16

... (truncated)

Changelog

Sourced from karma's changelog.

6.4.1 (2022-09-19)

Bug Fixes

• pass integrity value (63d86be)

6.4.0 (2022-06-14)

Features

• support SRI verification of link tags (dc51a2e)
• support SRI verification of script tags (6a54b1c)

6.3.20 (2022-05-13)

Bug Fixes

• prefer IPv4 addresses when resolving domains (e17698f), closes #3730

6.3.19 (2022-04-19)

Bug Fixes

• client: error out when opening a new tab fails (099b85e)

6.3.18 (2022-04-13)

Bug Fixes

• deps: upgrade socket.io to v4.4.1 (52a30bb)

6.3.17 (2022-02-28)

Bug Fixes

• deps: update colors to maintained version (#3763) (fca1884)

6.3.16 (2022-02-10)

Bug Fixes

• security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

... (truncated)

Commits

• 0013121 chore(release): 6.4.1 [skip ci]
• 63d86be fix: pass integrity value
• 84f7cc3 chore(release): 6.4.0 [skip ci]
• f2d0663 docs: add integrity parameter
• dc51a2e feat: support SRI verification of link tags
• 6a54b1c feat: support SRI verification of script tags
• 5e71cf5 chore(release): 6.3.20 [skip ci]
• e17698f fix: prefer IPv4 addresses when resolving domains
• 60f4f79 build: add Node 16 and 18 to the CI matrix
• 6ff5aaf chore(release): 6.3.19 [skip ci]
• Additional commits viewable in compare view

Updates mocha from 2.5.3 to 10.1.0

Release notes

Sourced from mocha's releases.

v10.1.0

10.1.0 / 2022-10-16

:tada: Enhancements

• #4896: Browser: add support for prefers-color-scheme: dark (@​greggman)

:nut_and_bolt: Other

• #4912: Browser: increase contrast for replay buttons (@​JoshuaKGoldberg)
• #4905: Use standard Promise.allSettled instead of polyfill (@​outsideris)
• #4899: Upgrade official GitHub actions to latest (@​ddzz)
• #4770: Fix regex in function clean(@​yetingli)

v10.0.0

10.0.0 / 2022-05-01

:boom: Breaking Changes

• #4845: Drop Node.js v12.x support (@​juergba)

• #4848: Drop Internet-Explorer-11 support (@​juergba)

• #4857: Drop AMD/RequireJS support (@​juergba)

• #4866: Drop Growl notification support (@​juergba)

• #4863: Rename executable bin/mocha to bin/mocha.js (@​juergba)

• #4865: --ignore option in Windows: upgrade Minimatch (@​juergba)

• #4861: Remove deprecated Runner signature (@​juergba)

:nut_and_bolt: Other

• #4878: Update production dependencies (@​juergba)

• #4876: Add Node.js v18 to CI test matrix (@​outsideris)

• #4852: Replace deprecated String.prototype.substr() (@​CommanderRoot)

Also thanks to @​ea2305 and @​SukkaW for improvements to our documentation.

v9.2.2

9.2.2 / 2022-03-11

Please also note our announcements.

:bug: Fixes

... (truncated)

Changelog

Sourced from mocha's changelog.

10.1.0 / 2022-10-16

:tada: Enhancements

• #4896: Browser: add support for prefers-color-scheme: dark (@​greggman)

:nut_and_bolt: Other

• #4912: Browser: increase contrast for replay buttons (@​JoshuaKGoldberg)
• #4905: Use standard Promise.allSettled instead of polyfill (@​outsideris)
• #4899: Upgrade official GitHub actions to latest (@​ddzz)
• #4770: Fix regex in function clean(@​yetingli)

10.0.0 / 2022-05-01

:boom: Breaking Changes

• #4845: Drop Node.js v12.x support (@​juergba)

• #4848: Drop Internet-Explorer-11 support (@​juergba)

• #4857: Drop AMD/RequireJS support (@​juergba)

• #4866: Drop Growl notification support (@​juergba)

• #4863: Rename executable bin/mocha to bin/mocha.js (@​juergba)

• #4865: --ignore option in Windows: upgrade Minimatch (@​juergba)

• #4861: Remove deprecated Runner signature (@​juergba)

:nut_and_bolt: Other

• #4878: Update production dependencies (@​juergba)

• #4876: Add Node.js v18 to CI test matrix (@​outsideris)

• #4852: Replace deprecated String.prototype.substr() (@​CommanderRoot)

Also thanks to @​ea2305 and @​SukkaW for improvements to our documentation.

9.2.2 / 2022-03-11

:bug: Fixes

• #4842: Loading of reporter throws wrong error (@​juergba)

• #4839: dry-run: prevent potential call-stack crash (@​juergba)

:nut_and_bolt: Other

... (truncated)

Commits

• 5f96d51 build(v10.1.0): release
• ed74f16 build(v10.1.0): update CHANGELOG
• 51d4746 chore(devDeps): update 'ESLint' to v8 (#4926)
• 4e06a6f fix(browser): increase contrast for replay buttons (#4912)
• 41567df Support prefers-color-scheme: dark (#4896)
• 61b4b92 fix the regular expression for function clean in utils.js (#4770)
• 77c18d2 chore: use standard 'Promise.allSettled' instead of polyfill (#4905)
• 84b2f84 chore(ci): upgrade GH actions to latest versions (#4899)
• 023f548 build(v10.0.0): release
• 62b1566 build(v10.0.0): update CHANGELOG
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by juergba, a new releaser for mocha since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/postaljs/postal.js/network/alerts).