[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Prototype Pollution SNYK-JS-LODASH-567746	Yes	Proof of Concept

Commit messages

Package name: babel-eslint

The new version differs by 43 commits.

• 0f20099 5.0.0
• 278579f Update README.md
• 11c2f03 Merge pull request Data Table & Picklist display issue salesforce-ux/design-system#255 from deepsweet/npm-ignore
• 3b5f8f4 include only `index.js` in npm package
• c0f1110 delete `.npmignore`
• f399c89 Merge pull request Lookup selected and start searching reseting prev value salesforce-ux/design-system#250 from danez/patch-1
• c71392e adjust test to also cover issue Unwanted padding in the outer div | Salesforce1 Lightning app | app.css | Latest release salesforce-ux/design-system#239
• 413b80e 5.0.0-beta10
• 7a038d5 Merge pull request New Tree Grid missing from docs in 2.0.2 salesforce-ux/design-system#246 from babel/escope-patterns
• c80a386 fixup tests
• 36f6638 fix typo
• bd4eee9 check using `__esModule`
• b26bc58 Prevent escope referencer from traversing into param pattern type annotations
• 0d30882 5.0.0-beta9
• 71fadf0 Merge pull request slds-col--padded breaks grid system salesforce-ux/design-system#244 from christophehurpeau/patch-1
• d8ac8f9 fix Add support for plain text breadcrumb elements salesforce-ux/design-system#243
• 3dcb32c 5.0.0-beta8
• ac4d3f0 Add a test for use strict and directive ast change
• 937eceb 5.0.0-beta7
• 880dc03 Merge pull request Sales Path Coach Enhancement salesforce-ux/design-system#241 from jmm/rule-strict
• 80f7a48 temporarily remove test
• 04838a2 Add tests for `strict` rule.
• 4a3a35d Merge pull request [Data Tables] Class .slds-table--stripeddoes not apply the striped style to the row's <th scope="row" /> column. salesforce-ux/design-system#232 from vaibhavmule/patch-1
• 0cf92d3 update Licenses date

See the full diff

Package name: babel-loader

The new version differs by 17 commits.

• 321852e Merge branch 'release/6.0.0'
• e7565ee Add @malyw 's guide to upgrade babel
• 862b7b1 Update travis badge url
• ff3bc7a Update dependencies.
• fc2bfe4 Merge branch 'shinnn-travis-ci' into develop
• a6f3fc0 Change options to query. Increase timeout interval
• 94d6308 Merge remote-tracking branch 'werk85/master' into develop
• f4e40c5 README updated
• 0823f6a Upgraded to Babel 6
• bb110a8 set up Travis CI
• 5992650 5.3.3
• f723509 pin babel-core version in peerDependencies as it'll try and install babel 6...
• f299837 Merge pull request SLDS Menus -> PickList: close Dropdown after selecting an Item salesforce-ux/design-system#87 from jhnns/patch-1
• 17c7860 Clarify note on deprecated peerDependencies
• f84ef50 Merge branch 'develop' of github.com:babel/babel-loader into develop
• 719eb70 Merge branch 'hotfix/5.3.1' into develop
• 6b33020 Merge branch 'release/5.3.0' into develop

See the full diff

Package name: browser-sync

The new version differs by 144 commits.

• 379b7fc 2.12.9
• 50e740c ci: ignore custom lodash build for coverage report
• d5efbd8 ci: Remove lodash dependency from test files
• fbccc2f perf: custom lodash build to reduce start-up time
• 223ae23 Merge pull request #1101 from zhongdeliu/patch-1
• 54f1765 only a comment fix for proxyReq variable
• e9db4ef 2.12.8
• f580741 tests: fix tests for 7795031bebacd7ddf9a46b4c8b2ea8eeec5c99a3
• 7795031 Merge pull request #1095 from glen-84/patch-1
• 8e25c8c Optimize
• ceefa45 Fix #1094
• 3c986f0 2.12.7
• 7f9ed9c fix(server-routes): strip trailing slash from route definitions - fixes #1063
• 1689cea ci: build on node 6.0
• a255dd5 2.12.6
• 37cef69 fix(snippet): bump resp-modifier to inherit fixes re: file extensions in query strings - fixes #1092
• 803257a 2.12.5
• 4ccdc0a fix(files): Fix a regression where strings within the 'files' option were split on commas - fixes #1080
• 5a2e3d9 2.12.4
• 5333848 fix(files): Fix regression where strings from the CLI files option are no-longer exploded if they enter as an array - fixes #1076
• f1baae1 2.12.3
• f100ef1 fix(server-routes): ignore all falsey values - fixes #1064
• 6cb750b 2.12.2
• c048a1c fix(snippet): revert changes to snippet injection position - fixes #1062

See the full diff

Package name: cheerio

The new version differs by 56 commits.

• c3ec1cd Release 0.20.0
• ef848ca Add coveralls badge, remove link to old report
• dbcbe90 Merge pull request #808 from leifhanack/lodash4
• c04ead1 Merge pull request [Feature] Add Tool Box Icon salesforce-ux/design-system#668 from rwaldin/prop-method
• b5531bb Merge pull request Specify a fallback for several CSS variables salesforce-ux/design-system#671 from twolfson/dev/fallback.select.content.sqwished
• 9d98bd7 Merge pull request chore(deps-dev): bump cssnano from 5.0.3 to 5.0.10 salesforce-ux/design-system#704 from Rycochet/master
• 1b9c5c9 Merge pull request #797 from Delgan/641-appendTo_prependTo
• b12cbe8 Update lodash dependeny to 4.1.0
• 8c9b2e0 Merge pull request #796 from Delgan/fix_780
• b09db31 Fix PR fix(button): change text hover color salesforce-ux/design-system#726 adding 'appendTo()' and 'prependTo()'
• ce8829d Added appendTo and prependTo with tests chore(deps): bump lodash.merge from 4.6.1 to 4.6.2 salesforce-ux/design-system#641
• 4779762 Fix #780 by changing options context in '.find()'
• 8dc1cc9 Add an unit test checking the query of child
• b27bed6 fix Does IE 11 support lightningdesignsystem with LWC ( Salesforce Lighting Web Component ) ? salesforce-ux/design-system#667: attr({foo: null}) removes attribute foo, like attr('foo', null)
• 70c5608 Include reference to dedicated "Loading" section
• fa70a84 Added load method to $
• 4e8483a update css-select to 1.2.0
• 5f2777a Merge pull request Circleci project setup salesforce-ux/design-system#732 from jugglinmike/reinstate-toarray
• 106e42a Merge pull request #776 from dYale/master
• 97149d3 Fixing Grammatical Error
• a1367ee Merge pull request Module Not Found Issue  salesforce-ux/design-system#739 from TrySound/npm-files
• 6c73b7a Merge pull request #773 from JaKXz/patch-1
• 48bb22d Test against node v0.12 --> v4.2
• ec2414d Correct output in example

See the full diff

Package name: glob-watcher

The new version differs by 3 commits.

• 41c785c 3.0.0
• 5b832d6 switch to chokidar ([Snyk] Fix for 1 vulnerabilities #25)
• 6520c5e dep updates

See the full diff

Package name: gulp-eslint

The new version differs by 15 commits.

• 639e388 2.0.0
• 55f0c29 Update ESLint dependency;
• c11bba6 Remove rules that have been removed in ESLint@2.0.0-rc.0;
• 7f01da7 2.0.0-rc-3
• 5851668 Rename .eslintrc to .eslintrc.yml;
• e7ba0f2 2.0.0-rc-2
• 90841cb Tighten various test case configs;
• 3536eeb Update changeling;
• cbe6731 2.0.0-rc-1
• dcdfff7 Update to ESLint next/2.0.0-rc-* dependency;
• 7f190a6 Fix listing error;
• adf2180 Fix path in comment
• 9378eef Simplify the cached-lint watch.js example;
• 6def722 Merge pull request Modal Dialog: .slds-modal-backdrop--open Transitions in Lightning Experience salesforce-ux/design-system#121 from 5im0n/update-readme
• 67fcd75 Update eslint.results in README.md

See the full diff

Package name: node-sass

The new version differs by 189 commits.

• d707218 Bump v3.5.1 because npm
• a15f54c Merge pull request #1452 from saper/fix-build
• 4f420a5 Use "double quotes" around the binding file name
• 99ea434 Actually check if the binary exists.
• 1e4bba8 v3.5.0: Filter branch for appveyor
• 8e09b74 Merge pull request #1450 from xzyfer/feat/release/3.5.0
• 6519cdf v3.5.0
• ef7a272 Merge pull request #1449 from xzyfer/feat/binary-error
• 211f312 Log the error when there is a problem with the binary
• ec48be4 Bump LibSass 3.3.5
• 5df330d Bump LibSass 3.3.5
• 9c6933f Merge pull request #1435 from xzyfer/fix/binary-verification
• 0fa5e5e Fix a regression in binary verification
• 7c24716 Merge pull request #1430 from xzyfer/feat/process-sass-deprecation-warning
• adb6166 Ouptut a deprecation warning to stdout when using process.sass
• d76923b Merge pull request #1428 from xzyfer/feat/better-binary-error-messages
• cf87e0b Better error messages for missing binaries
• 41db8b9 Merge pull request #1427 from xzyfer/feat/remove-process-sass
• 90b6939 Polyfill process.sass
• 22c560c Remove use of global process.sass
• b0df78d Merge pull request #1424 from xzyfer/feat/importer-docs-return-null
• 02eee94 Update custom importer documentation to advocate returning `null`
• 09bf80c Merge pull request #1390 from eoneill/customFunctionsContext
• 5b2862e Merge pull request #1423 from xzyfer/feat/dont-ignore-vendor-folder

See the full diff

Package name: stampit

The new version differs by 174 commits.

• 8dfdc5a Merge remote-tracking branch 'origin/master'
• 2d6f6cf 3.0.0
• def192c Merge branch 'v3_0'
• 4a5acb2 Add badge leading to cdnjs.com
• 718de0a Use NPM badge instead of bash instruction
• 46ce419 Add twitter badge
• 5f4c2b8 Code shortening (Developer Org not showing Lightning CSS via Visualforce salesforce-ux/design-system#237)
• beb5f7b Merge pull request Lighting lookup component NOT working when added to Record Home salesforce-ux/design-system#236 from stampit-org/v3_0-linting-fixes
• 777988f Fix some lint issues and update airbnb
• f9f9184 Minor. 2 new comments and linting _after_ running the tests
• d4c35aa Infrastructure update. (Nested Data Tables example dissapeared salesforce-ux/design-system#235)
• 265c529 Update API.md regarding props and mutability (Feature request: text themes salesforce-ux/design-system#234)
• 48d3ccc 3.0.0-rc.11
• 9210732 Revive the prepublish npm script.
• 928bc60 Mention minor API change in initializers.
• c021910 Minor API.md issue - removing unsupported syntax info.
• 6dfcc8f Build compose, isStamp, isComposable to the module root (Search! feature on website disappeared ? salesforce-ux/design-system#233)
• 57b5758 Remove file leftover
• 8cb6a92 Minor improvements
• 2e2268b Fix `npm test` by reverting it all back
• 2e4ce7a Fix `npm test` exit code in not the latest POSIX environments.
• f93476e Make the stampit infectable.
• 6737b9c Fix `npm test` exit code in POSIX environments.
• bce5034 Mention a workaround for the removed feature (first factory arg auto assignment).

See the full diff

Package name: theo

The new version differs by 21 commits.

• 4e4d0bd 4.2.1
• 739f095 _.merge =>_.assign
• 9ac1e74 Merge pull request Rows in generic tile are misaligned if <p class="slds-truncate"> is empty salesforce-ux/design-system#51 from salesforce-ux/node42
• fdf22a2 Also test in earlier versions of node
• a9006e3 Test on Node 4.2
• 8cfe1d0 Specify the node engine
• a909b06 Merge pull request Grid manual sizing not working with slds-grid--vertical salesforce-ux/design-system#49 from salesforce-ux/feature/upgrade
• 5563d1c Fix dependency name on case sensitive systems
• de43f89 Run tests on node 6
• 195e423 Update dependencies
• 1c855f0 Fix whitespace, typos and markup
• b8106d4 Merge pull request Unable to show content just for x-small and small form factor salesforce-ux/design-system#48 from salesforce-ux/feature/spring-cleaning-and-upgrade
• 37d16f4 Fix whitespace, typos and markup
• d27430c Rename properties in tokens
• e99b778 Add editorconfig
• e214f8c Point to the latest version of the CLA
• 47f4324 Ignore log files
• 19e8714 Fixed URL to https://github.com/salesforce-ux/design-system/blob/winter-16/Salesforce_CLA.pdf
• e50ddf7 Adding contribution instruciton readme from legal.
• 31e7980 Remove "cssProperties" string parsing
• 8b60c29 Added "aura.tokens" format

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic