hackstack
hackstack copied to clipboard
Published
20 hours ago •
rangle
rangle
[Snyk] Fix for 1 vulnerabilities
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
589/1000 Why? Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-1019388 |
Yes | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: gulp
The new version differs by 134 commits.- 55eb23a Release: 4.0.0
- 173a532 Docs: Fix the installation instructions
- ec54d09 Docs: Improve note about out-of-date docs
- 03b7c98 Docs: Update recipes to install gulp@next
- 2eba29e Docs: Remove run-sequence from recipes
- 76eb4d6 Docs: Add installation instructions & update badges
- fbc162f Docs: Remove references to gulp-util
- 3011cf9 Scaffold: Normalize repository
- f27be05 Update: Remove graceful-fs from test suite
- 361ab63 Upgrade: Update glob-watcher
- 064d100 Build: Avoid broken node 9
- 057df59 Release: 4.0.0-alpha.3
- c1ba80c Breaking: Upgrade major versions of glob-watcher, gulp-cli & vinyl-fs
- 89acc5c Docs: Improve ES2015 task exporting examples (#1999)
- 0ac9e04 Docs: Add "Project structure" section to CONTRIBUTING.md (#1859)
- 723cbc4 Docs: Fix syntax in recipe example (#1715)
- d420a6a Docs: Have gulp.lastRun take a function to avoid task registration (#1828)
- 29ece6f Upgrade: Update undertaker
- e931cb0 Docs: Fix changelog typos (#1696)
- 477db84 Docs: Add a "BrowserSync with Gulp 4" recipe (#1659)
- d4ed3c7 Docs: Add options.cwd for gulp.src API (#1645)
- 5dc3b07 Docs: Update gulp.watch API to align with glob-watcher
- 0c66069 Breaking: Replace chokidar as gulp.watch with glob-watcher wrapper
- c3dbc10 Docs: Clarify incremental builds example (#1609)
Package name: gulp-jshint
The new version differs by 16 commits.- 2cb429b 2.0.2
- f1f3fc2 Merge pull request #150 from VictorVation/master
- 4f1f1cb update minimatch
- 6c9cadd Merge pull request #140 from rtack/patch-1
- 6532823 fix typo
- 4a7f304 2.0.1
- 5c1d63f move to explicitly imported lodash functions
- 81c7498 Merge pull request #139 from rkurbatov/upgrade-lodash
- 631e7ed Update .gitignore
- 368f267 Upgrade lodash version, fix 'repository' field to correct form
- 0d91672 Create CHANGELOG.md
- d7cc9ea version 2.0.0
- 02c4053 added note about jshint peerDependency
- 226ea3b Merge pull request #120 from spalger/jshintAsPeer
- a1c0be4 [npm] install jshint on travis, for old npm and future npm
- 3e7ad84 [npm] move jshint to peerDependencies
Package name: gulp-sass
The new version differs by 65 commits.- ee03918 Merge pull request #254 from dlmanning/2.x
- 598d16f Merge pull request #248 from Snugug/feature/contributing
- dec985f Merge pull request #253 from Snugug/feature/3.0-bump
- c033adf :arrow_up: Update Node Sass to 3.0
- 083e6bc :fire: Remove reference to branch
- e072993 :fire: Remove Branching Model section
- ee07858 :art: Update formatting of CHANGELOG entry
- 299c18f :memo: Add Contributing guidelines
- 33aa1f7 Merge pull request #238 from sarenji/2.x
- 2b21a49 Update to node-sass beta 7
- c1d629c Allow you to change the compiler and expose it
- cc2f815 bump node-sass to 3.0.0-beta.4
- 9b69aaa Merge pull request #228 from Snugug/2.x-datastream
- b7ade97 Indented Syntax support
- ad6e6e4 Tests for file rename and file contents change
- 0fefd16 Updated vars and includePaths based on comments
- 700ca8d Merge pull request #222 from Keats/filename
- 5b8d4eb Nope, shouldn't be , should be file name
- 4c4c3c1 A little bit of source map massaging
- bea198e Updated Tests
- 3cdf1a3 Passing file as data
- 5c7777f Rebase on top of 2.x
- de6af93 Add a sass file to the inheritance test
- 25ee16f Replace indent.sass to match an existing issue
Package name: gulp-sequence
The new version differs by 1 commits.- 2f5ca14 update dependencies, use standard style
Package name: node-sass
The new version differs by 171 commits.- 16be724 Merge pull request #927 from xzyfer/feat/3.0.0
- c88a7c7 Bump 3.0.0
- b3ce14d Merge pull request #926 from am11/master
- 579baf3 build: Adds win_delay_hook so iojs runs with alias.
- d266478 Merge pull request #909 from saper/fix/httperr
- 988d4e2 Improve HTTP error handling
- 1bf73b5 Merge pull request #922 from xzyfer/fix/watcher/cwd-prioritization
- 41a0749 Watcher should prioritize cwd when resolving imports
- f2df3d9 Merge pull request #921 from xzyfer/feat/docs/troubleshooting
- 813b99f Add troubleshooting link to contribution doc
- 5633975 Add troubleshooting link to readme
- ab1beec Inital TROUBLESHOOTING.md
- 02b8de0 Merge pull request #920 from xzyfer/feat/libsass/3.2.2
- f134343 Bump Libsass to 3.2.2
- f449895 Merge pull request #880 from xzyfer/feat/build/respect-libsass-ext-flag
- 8c4e0ed Merge pull request #915 from saper/libsassver
- 043c567 Use runtime libsass version
- 2fce303 Merge pull request #908 from xzyfer/feat/libsass/3.2.0
- cb8f1e4 Merge pull request #907 from xzyfer/feat/install/user-agent
- e50899e Update sourcemap test to match updates in Libsass
- ff3fe62 Respect the LIBSASS_EXT build flag when falling back to git
- 60706aa Bump Libsass and sass-spec to 3.2.0
- 1fd8d14 Set User-Agent: HTTP header
- b50533a Merge pull request #901 from xzyfer/feat/install/sass-binary-site
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
