[Snyk] Fix for 66 vulnerabilities

[fcsouza]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:

  • package.json

• Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches.
  Find out more.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	619/1000 Why? Has a fix available, CVSS 8.1	Prototype Pollution SNYK-JS-AJV-584908	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Remote Memory Exposure SNYK-JS-BL-608877	No	Proof of Concept
	630/1000 Why? Has a fix available, CVSS 8.1	Internal Property Tampering SNYK-JS-BSON-561052	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	584/1000 Why? Has a fix available, CVSS 7.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-HAWK-2808852	Yes	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-JS-JSYAML-173999	Yes	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Arbitrary Code Execution SNYK-JS-JSYAML-174129	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	Yes	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-450202	Yes	Proof of Concept
	731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2	Prototype Pollution SNYK-JS-LODASH-567746	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-73638	Yes	Proof of Concept
	541/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASHMERGE-173732	Yes	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-LODASHMERGE-173733	Yes	Proof of Concept
	579/1000 Why? Has a fix available, CVSS 7.3	SQL Injection SNYK-JS-LOOPBACKCONNECTORMONGODB-73555	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-1019388	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Directory Traversal SNYK-JS-MOMENT-2440688	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-MONGODB-473855	Yes	No Known Exploit
	661/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.8	Arbitrary Code Injection SNYK-JS-MORGAN-72579	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-NCONF-2395478	Yes	Proof of Concept
	751/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.6	Command Injection SNYK-JS-NODEMAILER-1038834	Yes	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	HTTP Header Injection SNYK-JS-NODEMAILER-1296415	Yes	Proof of Concept
	494/1000 Why? Has a fix available, CVSS 5.6	Command Injection SNYK-JS-NODENOTIFIER-1035794	Yes	No Known Exploit
	454/1000 Why? Has a fix available, CVSS 4.8	Session Fixation SNYK-JS-PASSPORT-2840631	Yes	No Known Exploit
	490/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-RAMDA-1582370	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SANITIZEHTML-2957526	No	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-536840	Yes	No Known Exploit
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	Yes	Proof of Concept
	676/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.1	Improper Privilege Management SNYK-JS-SHELLJS-2332187	Yes	Proof of Concept
	/1000 Why?	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	Yes	No Known Exploit
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	Yes	No Known Exploit
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090599	Yes	Proof of Concept
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090600	Yes	Proof of Concept
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090601	Yes	Proof of Concept
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090602	Yes	Proof of Concept
	816/1000 Why? Mature exploit, Has a fix available, CVSS 8.6	Uninitialized Memory Exposure npm:base64-url:20180512	No	Mature
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:braces:20180219	Yes	Proof of Concept
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	No Known Exploit
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:eslint:20180222	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:fresh:20170908	No	No Known Exploit
	704/1000 Why? Has a fix available, CVSS 9.8	Arbitrary Code Injection npm:growl:20160721	Yes	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:hawk:20160119	No	No Known Exploit
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:hoek:20180212	Yes	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Timing Attack npm:http-signature:20150122	No	No Known Exploit
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:lodash:20180130	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Authentication Bypass npm:loopback:20171027	Yes	No Known Exploit
	469/1000 Why? Has a fix available, CVSS 5.1	Denial of Service (DoS) npm:mem:20180117	Yes	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:mime:20170907	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:minimatch:20160620	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) npm:moment:20160126	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Regular Expression Denial of Service (ReDoS) npm:moment:20161019	No	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:moment:20170905	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) npm:ms:20151024	No	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:ms:20170412	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:negotiator:20160616	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Override Protection Bypass npm:qs:20170213	No	No Known Exploit
	569/1000 Why? Has a fix available, CVSS 7.1	Cross-site Scripting (XSS) npm:react:20150318	No	No Known Exploit
	469/1000 Why? Has a fix available, CVSS 5.1	Remote Memory Exposure npm:request:20160119	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Root Path Disclosure npm:send:20151103	No	No Known Exploit
	576/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.1	Uninitialized Memory Exposure npm:tunnel-agent:20170305	No	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) npm:uglify-js:20151024	No	No Known Exploit
	429/1000 Why? Has a fix available, CVSS 4.3	Cross-site Scripting (XSS) npm:validator:20150313	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Buffer Overflow npm:validator:20160218	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: accepts

The new version differs by 23 commits.

• 3e925b1 1.3.3
• f774c03 build: istanbul@0.4.3
• 1528824 build: support Node.js 6.x
• 303ecbc build: Node.js@5.11
• 0d67beb deps: negotiator@0.6.1
• 1610730 deps: mime-types@~2.1.11
• c293785 build: Node.js@5.8
• ff7f9d1 build: Node.js@4.4
• abc38f7 1.3.2
• e43a803 build: Node.js@5.6
• 96d9c1a build: Node.js@4.3
• e2ac1b0 deps: mime-types@~2.1.10
• 6551051 1.3.1
• 6b70ddb deps: mime-types@~2.1.9
• 4d848aa build: istanbul@0.4.2
• 112cf25 build: support Node.js 5.x
• 8e5be6f build: Node.js@4.2
• f4a54df 1.3.0
• add6215 deps: negotiator@0.6.0
• 4bcfcb5 build: istanbul@0.3.21
• 0fc2f33 build: support Node.js 4.x
• 7bcfaba deps: mime-types@~2.1.7
• e8892b5 build: istanbul@0.3.20

See the full diff

Package name: babel-loader

The new version differs by 26 commits.

• 321852e Merge branch 'release/6.0.0'
• e7565ee Add @ malyw 's guide to upgrade babel
• 862b7b1 Update travis badge url
• ff3bc7a Update dependencies.
• fc2bfe4 Merge branch 'shinnn-travis-ci' into develop
• a6f3fc0 Change options to query. Increase timeout interval
• 94d6308 Merge remote-tracking branch 'werk85/master' into develop
• f4e40c5 README updated
• 0823f6a Upgraded to Babel 6
• bb110a8 set up Travis CI
• 5992650 5.3.3
• f723509 pin babel-core version in peerDependencies as it'll try and install babel 6...
• f299837 Merge pull request Update bonfires.json freeCodeCamp/freeCodeCamp#87 from jhnns/patch-1
• 17c7860 Clarify note on deprecated peerDependencies
• f84ef50 Merge branch 'develop' of github.com:babel/babel-loader into develop
• 9f117b5 Bump version. Update CHANGELOG.md
• dc66b2a Don't override existing items in sourcesContent if any
• 719eb70 Merge branch 'hotfix/5.3.1' into develop
• 342375d Merge branch 'hotfix/5.3.1'
• edf2bc3 Bump version. Update changelog
• 9fe6bbc Fix for 'Module build failed: TypeError: Object.keys called on non-object'
• 6b33020 Merge branch 'release/5.3.0' into develop
• e22df89 Merge branch 'release/5.3.0'
• 0156f51 Bump version and update CHANGELOG.md

See the full diff

Package name: cheerio

The new version differs by 106 commits.

• c3ec1cd Release 0.20.0
• ef848ca Add coveralls badge, remove link to old report
• dbcbe90 Merge pull request Bootstrap css link is not on the tutorial description freeCodeCamp/freeCodeCamp#808 from leifhanack/lodash4
• c04ead1 Merge pull request Challenge http://www.freecodecamp.com/challenges/waypoint-scope-your-variables has an issue  freeCodeCamp/freeCodeCamp#668 from rwaldin/prop-method
• b5531bb Merge pull request Challenge http://www.freecodecamp.com/challenges/waypoint-use-clockwise-notation-to-specify-the-margin-of-an-element has an issue  freeCodeCamp/freeCodeCamp#671 from twolfson/dev/fallback.select.content.sqwished
• 9d98bd7 Merge pull request Challenge http://www.freecodecamp.com/challenges/waypoint-add-borders-around-your-elements has an issue  freeCodeCamp/freeCodeCamp#704 from Rycochet/master
• 1b9c5c9 Merge pull request Basic Javascript waypoints translated into ES [WIP] freeCodeCamp/freeCodeCamp#797 from Delgan/641-appendTo_prependTo
• b12cbe8 Update lodash dependeny to 4.1.0
• 8c9b2e0 Merge pull request Blacklist usernames freeCodeCamp/freeCodeCamp#796 from Delgan/fix_780
• b09db31 Fix PR fixed bug where the 'next challenge' button in tablet view couldn't… freeCodeCamp/freeCodeCamp#726 adding 'appendTo()' and 'prependTo()'
• ce8829d Added appendTo and prependTo with tests Fix to issue #633 and a hand full of the other issues related to the challenge freeCodeCamp/freeCodeCamp#641
• 4779762 Fix Set font-family: "Monospace" renders as serif freeCodeCamp/freeCodeCamp#780 by changing options context in '.find()'
• 8dc1cc9 Add an unit test checking the query of child
• b27bed6 fix Minor typo: Challenge http://www.freecodecamp.com/challenges/waypoint-responsively-style-a-radio-buttons has an issue  freeCodeCamp/freeCodeCamp#667: attr({foo: null}) removes attribute foo, like attr('foo', null)
• 70c5608 Include reference to dedicated "Loading" section
• fa70a84 Added load method to $
• 4e8483a update css-select to 1.2.0
• 5f2777a Merge pull request Example app freeCodeCamp/freeCodeCamp#732 from jugglinmike/reinstate-toarray
• 106e42a Merge pull request Challenge isn't checking where code is added freeCodeCamp/freeCodeCamp#776 from dYale/master
• 97149d3 Fixing Grammatical Error
• a1367ee Merge pull request class not working freeCodeCamp/freeCodeCamp#739 from TrySound/npm-files
• 6c73b7a Merge pull request Challenge doesn't accept CSS shorthand freeCodeCamp/freeCodeCamp#773 from JaKXz/patch-1
• 48bb22d Test against node v0.12 --> v4.2
• ec2414d Correct output in example

See the full diff

Package name: compression

The new version differs by 162 commits.

• 93586e7 1.7.1
• bd3fa8a deps: bytes@3.0.0
• e1ce980 deps: vary@~1.1.2
• d0f7eab deps: debug@2.6.9
• 931c346 build: Node.js@8.4
• 8c8e36a deps: compressible@~2.0.11
• 8a5e773 deps: accepts@~1.3.4
• 7b4a7e2 build: eslint-plugin-node@5.1.1
• de30e3a build: mocha@2.5.3
• 8c3f7ea 1.7.0
• c27dc0f build: support Node.js 8.x
• d886306 build: eslint-config-standard@10.2.1
• 598d876 Use safe-buffer for improved Buffer API
• 47fca12 build: eslint-plugin-markdown@1.0.0-beta.6
• 3c78e39 build: Node.js@6.11
• 6c4c539 deps: debug@2.6.8
• 6d2de08 deps: compressible@~2.0.10
• ac13bc4 deps: bytes@2.5.0
• 527907c deps: debug@2.6.4
• 6488fc2 build: Node.js@7.10
• 55532e1 build: Node.js@6.10
• 0e4ad01 build: Node.js@4.8
• be58132 deps: compressible@~2.0.10
• 4d5238e deps: vary@~1.1.1

See the full diff

Package name: connect-mongo

The new version differs by 217 commits.

• 63ca966 docs: update readme and bump version to 3.0.0
• aceb1ee chore: bump version to 3.0.0-rc.2
• 0e4a234 test: add test cases on event listener
• e77a7f1 test: replace mocha with jest (Seed data bug in ux-improvements for start-a-node.js-server challenge freeCodeCamp/freeCodeCamp#324)
• ad39e88 test: replace deprecated collection.insert to collection.insertOne
• 545c06e docs: update README on testing
• 2d5442e chore: upgrade depns mocha
• 5d3a321 chore: upgrade nyc depns
• 54cd91d chore: upgrade depns
• afb7a12 docs: remove some badges
• 6c2484b docs: update README for supporting version
• c925c92 test: fix test case
• 6827330 chore: bump version to 3.0.0-rc.1
• f62692b ci: update .npmignore
• aa2637d ci: remove node 6 support and add linting in travis
• 801291b fix linting error
• f928547 travis add test on Node 12
• 12275f0 better linting
• eb23b1e linting fix
• 66194c7 bump major version to 3.0.0-rc
• f29084f Wait for client open, before calling db. (Username LMWBXR can only log after resetting password freeCodeCamp/freeCodeCamp#321)
• d252bfc Install Stale bot
• 15d91c1 Transparent crypto support (Merge UX-improvements and nonprofit-show into master freeCodeCamp/freeCodeCamp#314)
• 08ccada Update readme refer to latest release to avoid confusion

See the full diff

Package name: dateformat

The new version differs by 9 commits.

• 8802071 2.0.0
• ba00ce7 update `contributors`
• 9222537 remove cli.js
• 85d577e removes CLI
• 6fb6e92 Merge pull request [Snyk] Fix for 2 vulnerabilities #49 from thejameskyle/patch-1
• fbc280f Create .npmignore
• 261aec5 Merge pull request [Snyk] Fix for 1 vulnerabilities #47 from samt/master
• dd04e87 Fix code-block intent
• 5cd7114 Add mask options and named formats to Readme.md

See the full diff

Package name: debug

The new version differs by 165 commits.

• 13abeae Release 2.6.9
• f53962e remove ReDoS regexp in %o formatter (Challenge http://www.freecodecamp.com/challenges/waypoint-line-up-form-elements-responsively-with-bootstrap has an issue  freeCodeCamp/freeCodeCamp#504)
• 52e1f21 Release 2.6.8
• 2482e08 Check for undefined on browser globals (Github => GitHub freeCodeCamp/freeCodeCamp#462)
• 6bb07f7 release 2.6.7
• 15850cb Fix Regular Expression Denial of Service (ReDoS)
• 4a6c85c update "debug" to v1.0.0 (Can freeCodeCamp/freeCodeCamp#454)
• b68dbf8 Fix typo (SaveToPocket Chrome Extension breaks Bonfires freeCodeCamp/freeCodeCamp#455)
• 1351d2f Inline extend function in node implementation (Possible bug in Express waypoint freeCodeCamp/freeCodeCamp#452)
• c211947 update version for component
• 14df14c release 2.6.5
• cae07b7 cleanup browser tests and fix null reference check on window.documentElement.style.WebkitAppearance (Staging freeCodeCamp/freeCodeCamp#447)
• f311b10 release 2.6.4
• 1f01b70 Fix bug that would occure if process.env.DEBUG is a non-string value. (Add step to basejump setups for SSH key freeCodeCamp/freeCodeCamp#444)
• 2f3ebf4 Update CHANGELOG.md
• f5ae332 Update CHANGELOG.md
• 9742c5f chore(): ignore bower.json in npm installations. (Maintaining Streak freeCodeCamp/freeCodeCamp#437)
• 27d93a3 update "debug" to v0.7.3
• 9dc30f8 release 2.6.3
• 0fb8ea4 LocalStorage returns undefined for any key not present (Clarification needed for Search and Replace (21) Bonfire freeCodeCamp/freeCodeCamp#431)
• ce4d93e changelog fix
• 017a9d6 release 2.6.2
• 23bc780 fix DEBUG_MAX_ARRAY_LENGTH
• 065cbfb Add backers and sponsors from Open Collective (Edit feature on Camper News  freeCodeCamp/freeCodeCamp#422)

See the full diff

Package name: errorhandler

The new version differs by 37 commits.

• c41e9aa 1.4.3
• ffce329 build: istanbul@0.4.2
• 90a8777 build: Node.js@4.2
• 38b745b deps: accepts@~1.3.0
• 80aea51 deps: escape-html@~1.0.3
• b0be93a docs: fix typo in readme
• 2f688d0 build: support Node.js 5.x
• 1238ed4 build: istanbul@0.4.1
• fdeb13c build: mocha@2.3.4
• cc6fd1f build: support Node.js 4.x
• 3a2117a build: support io.js 3.x
• 75b9ee1 build: reduce runtime versions to one per major
• 6797752 tests: add test for util.inspect in HTML response
• b6e53d7 docs: add more documentation regarding util.inspect
• 88b9a58 deps: accepts@~1.2.13
• ac75d3f build: istanbul@0.3.19
• 5ee62b7 deps: escape-html@1.0.3
• 1e89ae7 build: istanbul@0.3.18
• ef1e8f1 build: supertest@1.1.0
• a7a6dce 1.4.2
• 692e2e7 deps: accepts@~1.2.12
• 6f2e8d2 build: io.js@2.5
• 564c117 build: fix running Node.js 0.8 tests on Travis CI
• 2dfd872 1.4.1

See the full diff

Package name: eslint

The new version differs by 250 commits.

• b7d79b1 7.3.0
• bf98627 Build: changelog update for 7.3.0
• 638a6d6 Update: add missing `additionalProperties: false` to some rules' schema (Remove code tags from challenge seed freeCodeCamp/freeCodeCamp#13198)
• 949a5cd Update: fix operator-linebreak overrides schema (Fix typo in enhanced-object-literals--functions challenge freeCodeCamp/freeCodeCamp#13199)
• 9e1414e New: Add no-promise-executor-return rule (fixes Exact Change  freeCodeCamp/freeCodeCamp#12640) (Size your Image freeCodeCamp/freeCodeCamp#12648)
• 09cc0a2 Update: max-lines reporting loc improvement (refs Allow bracket notation and search for dot notation freeCodeCamp/freeCodeCamp#12334) (Dead Link not being picked up... <a #="http://www.freecatphotoapp.com">cat photos</a>.</p> freeCodeCamp/freeCodeCamp#13318)
• ee2fc2e Update: object-property-newline end location (refs Allow bracket notation and search for dot notation freeCodeCamp/freeCodeCamp#12334) (Update loopback to version 3.3.0 🚀 freeCodeCamp/freeCodeCamp#13399)
• d98152a Update: added empty error array check for false negative (Chore(package): Remove gitter-sidecar due to vulnerability freeCodeCamp/freeCodeCamp#13200)
• 7fb45cf Fix: clone config before validating (fixes Cant able to Sign in C9.io.com for Node.js Tutourial  freeCodeCamp/freeCodeCamp#12592) (Tutorial keeps getting killed freeCodeCamp/freeCodeCamp#13034)
• aed46f6 Sponsors: Sync README with website
• 7686d7f Update: semi-spacing should check do-while statements (Bug in code editor freeCodeCamp/freeCodeCamp#13358)
• cbd0d00 Update: disallow multiple options in comma-dangle schema (fixes [beta] Fatal typo in challengeSeed for "Functional Programming: Return Part of an Array Using the Slice Method" freeCodeCamp/freeCodeCamp#13165) (replace Hyperdev references with Gomix freeCodeCamp/freeCodeCamp#13166)
• b550330 New: Add no-unreachable-loop rule (fixes i cant't get passed this, and yet my code looks legit..help please ? freeCodeCamp/freeCodeCamp#12381) (JSON APIs and AJAX "Convert JSON Data to HTML" no json data provided  freeCodeCamp/freeCodeCamp#12660)
• 13999d2 Update: curly should check consequent `if` statements (ADB PR freeCodeCamp/freeCodeCamp#12947)
• c42e548 Chore: enable exceptRange option in the yoda rule (The text won't turn blue. freeCodeCamp/freeCodeCamp#12857)
• 6cfbd03 Update: Drop @ typescript-eslint/eslint-recommended from `eslint --init` (Button classes freeCodeCamp/freeCodeCamp#13340)
• 796f269 Chore: update eslint-config-eslint's required node version (Misleading example code for challenge freeCodeCamp/freeCodeCamp#13379)
• 9d0186e Docs: Fix changelog versions (changed url freeCodeCamp/freeCodeCamp#13410)
• 1ee3c42 Docs: On maxEOF with eol-last (fixes Bug: We really dont need 9 "case" here freeCodeCamp/freeCodeCamp#12742) (Update description freeCodeCamp/freeCodeCamp#13374)
• 2a21049 Update: key-spacing loc changes for extra space (refs Allow bracket notation and search for dot notation freeCodeCamp/freeCodeCamp#12334) (Create a Bootstrap Headline freeCodeCamp/freeCodeCamp#13362)
• 7ce7988 Chore: Replace the inquirer dependency with enquirer ([beta] Use the Reduce Method to Analyze Data - test seems incorrect freeCodeCamp/freeCodeCamp#13254)
• 0f1f5ed Docs: Add security policy link to README (Project Landing page freeCodeCamp/freeCodeCamp#13403)
• 9e9ba89 Sponsors: Sync README with website
• ca59fb9 Sponsors: Sync README with website

See the full diff

Package name: express

The new version differs by 250 commits.

• f974d22 4.16.0
• 8d4ceb6 docs: add more information to installation
• c0136d8 Add express.json and express.urlencoded to parse bodies
• 86f5df0 deps: serve-static@1.13.0
• 4196458 deps: send@0.16.0
• ddeb713 tests: add maxAge option tests for res.sendFile
• 7154014 Add "escape json" setting for res.json and res.jsonp
• 628438d deps: update example dependencies
• a24fd0c Add options to res.download
• 95fb5cc perf: remove dead .charset set in res.jsonp
• 44591fe deps: vary@~1.1.2
• 2df1ad2 Improve error messages when non-function provided as middleware
• 12c3712 Use safe-buffer for improved Buffer API
• fa272ed docs: fix typo in jsdoc comment
• d9d09b8 perf: re-use options object when generating ETags
• 02a9d5f deps: proxy-addr@~2.0.2
• c2f4fb5 deps: finalhandler@1.1.0
• 673d51f deps: utils-merge@1.0.1
• 5cc761c deps: parseurl@~1.3.2
• ad7d96d deps: qs@6.5.1
• e62bb8b deps: etag@~1.8.1
• 70589c3 deps: content-type@~1.0.4
• 9a99c15 deps: accepts@~1.3.4
• 550043c deps: setprototypeof@1.1.0

See the full diff

Package name: express-session

The new version differs by 250 commits.

• 89fd715 1.15.6
• d4344fb build: express@4.15.5
• 6cf886d deps: debug@2.6.9
• d190faa deps: utils-merge@1.0.1
• f24d228 lint: run eslint against README
• 44ee046 docs: remove trailing newline in README
• 68e210d deps: parseurl@~1.3.2
• 8b4f668 lint: add editorconfig and eslint to enforce
• 917b03d docs: add memorystore to the list of session stores
• 65781dd build: Node.js@8.4