Update @11ty/eleventy js-yaml nyc to fix npm audit vulnerabilities

[narayananramu]

Description of the Change

Update the below dependencies to address npm security advisories

• https://npmjs.com/advisories/813
• https://nodesecurity.io/advisories/786
• https://nodesecurity.io/advisories/755

@11ty/eleventy -> 0.8.2
js-yaml -> @3.13.1
nyc -> 14.0.0

Alternate Designs

N/A

Why should this be in core?

N/A

Benefits

Improved security

Possible Drawbacks

None

Applicable issues

Fixes #3880

[jsf-clabot]

All committers have signed the CLA.

[coveralls]

Coverage increased (+0.03%) to 91.739% when pulling 1bfc553 on narayananramu:issue/3876 into 0d9d4a3 on mochajs:master.

[markowsiak]

Thanks for contributing 👍

[plroebuck]

Fix for this already merged

[loayg]

Would it be possible to publish a new release since the vulnerability is high? Thanks

[plroebuck]

@Munter care to weigh in on eleventy update?

[plroebuck]

nyc-14.0.0 has breaking changes; someone with more experience with this package will need to review.

[dewwwald]

Thank you for fixing.

People are getting rowdy on the thread that is referenced. Commenting here to bump up to the maintainers inbox, consider merging and opening a separate thread for the breaking changes in eleventy.

[Bamieh]

According to the nyc changelog we should not be affected by the breaking changes. We can upgrade safely (https://github.com/istanbuljs/nyc/blob/master/CHANGELOG.md#1400-2019-04-15)

[welljsjs]

This has been merged in #3877. This seems to be a duplicate. v6.1.4 (just released) comes with updated dependencies.

[Bamieh]

@welljsjs this PR updates nyc and @11ty/eleventy which are not updated on master branch.

[welljsjs]

@Bamieh True. Sorry about the disturbance, I got it wrong.

[Bamieh]

LGTM. Need to resolve conflict in lock file 1st.

[plroebuck]

@Munter, ping! Waiting on your approval before updating eleventy...

[juergba]

@narayananramu sorry, I apologize.
closed, see #3939.