The current dependencies have some vulnerabilities. It's also general good practice to keep the dependencies up to date.
npm also added support for lock files, a feature enabling reproducible builds.
What
Update dependencies to latest version
Add package-lock.json
Comments
The new versions of the dependencies add a transitive dependency on Node 4+ (both cross-spawn and tap).
Why
The current dependencies have some vulnerabilities. It's also general good practice to keep the dependencies up to date.
npm
also added support for lock files, a feature enabling reproducible builds.What
package-lock.json
Comments
The new versions of the dependencies add a transitive dependency on Node 4+ (both
cross-spawn
andtap
).Other