updated dependencies

[travi]

closes #93

I went ahead and ran updtr to get a few more up to date. It runs npm test between each update, so as long as thats enough to verify the functionality, these should all be good.

I did not take a shot at the ones that didn't update smoothly, so joi and lodash are still out of date.

[bleupen]

thanks for the PR!

do you have an opinion on how to semver a release with these changes? everything seems to be backward compatible in terms of API, but do you think big changes in dependencies constitute a "breaking change"?

[travi]

Looks like my previous response ended up not going through :/ Sorry about that.

My interpretation has always been:

• Major: breaking api or behavior change
• Minor: new feature exposed through the api of the package
• Patch: bug fixes, doc updates, other minor stuff that doesn't fall into major or minor

Unless there are other changes in the release or the dependencies change some behavior exposed through the api, I normally lean toward patch with this type of release.

Sorry again for the delay. Would love to see a release published and be able to clean up these security issues.

Thanks!