[Snyk] Fix for 75 vulnerabilities

[saurabharch]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	619/1000 Why? Has a fix available, CVSS 8.1	Prototype Pollution SNYK-JS-AJV-584908	No	No Known Exploit
	651/1000 Why? Mature exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANGULAR-2772735	Yes	Mature
	531/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.2	Cross-site Scripting (XSS) SNYK-JS-ANGULAR-2949781	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANGULAR-3373044	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANGULAR-3373045	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANGULAR-3373046	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Remote Memory Exposure SNYK-JS-BL-608877	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	584/1000 Why? Has a fix available, CVSS 7.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-HAWK-2808852	Yes	No Known Exploit
	641/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.4	Prototype Pollution SNYK-JS-JSON5-3182856	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	Yes	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-450202	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-73638	Yes	Proof of Concept
	541/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	Yes	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASHTEMPLATE-1088054	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-1019388	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	Yes	No Known Exploit
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	Yes	Proof of Concept
	/1000 Why?	Arbitrary Code Injection SNYK-JS-MORGAN-72579	No	Proof of Concept
	/1000 Why?	Out-of-Bounds SNYK-JS-NODESASS-535498	Yes	Proof of Concept
	/1000 Why?	NULL Pointer Dereference SNYK-JS-NODESASS-535500	Yes	Proof of Concept
	/1000 Why?	Out-of-bounds Read SNYK-JS-NODESASS-540958	Yes	Proof of Concept
	/1000 Why?	Uncontrolled Recursion SNYK-JS-NODESASS-540964	Yes	Proof of Concept
	/1000 Why?	Denial of Service (DoS) SNYK-JS-NODESASS-540978	Yes	Proof of Concept
	/1000 Why?	NULL Pointer Dereference SNYK-JS-NODESASS-540992	Yes	Proof of Concept
	/1000 Why?	Out-of-Bounds SNYK-JS-NODESASS-540998	Yes	Proof of Concept
	/1000 Why?	Use After Free SNYK-JS-NODESASS-541000	Yes	No Known Exploit
	/1000 Why?	Out-of-bounds Read SNYK-JS-NODESASS-541002	Yes	Proof of Concept
	/1000 Why?	Prototype Poisoning SNYK-JS-QS-3153490	Yes	Proof of Concept
	/1000 Why?	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	Yes	Proof of Concept
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept
	/1000 Why?	Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-1056752	Yes	Proof of Concept
	/1000 Why?	Improper Input Validation SNYK-JS-SOCKETIOPARSER-3091012	Yes	No Known Exploit
	/1000 Why?	Arbitrary File Overwrite SNYK-JS-TAR-1536528	Yes	No Known Exploit
	/1000 Why?	Arbitrary File Overwrite SNYK-JS-TAR-1536531	Yes	No Known Exploit
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	Yes	No Known Exploit
	/1000 Why?	Arbitrary File Write SNYK-JS-TAR-1579147	Yes	No Known Exploit
	/1000 Why?	Arbitrary File Write SNYK-JS-TAR-1579152	Yes	No Known Exploit
	/1000 Why?	Arbitrary File Write SNYK-JS-TAR-1579155	Yes	No Known Exploit
	/1000 Why?	Arbitrary File Overwrite SNYK-JS-TAR-174125	Yes	Proof of Concept
	/1000 Why?	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	Yes	Proof of Concept
	/1000 Why?	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	Yes	No Known Exploit
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	No	No Known Exploit
	/1000 Why?	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-USERAGENT-174737	Yes	No Known Exploit
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	No	Proof of Concept
	/1000 Why?	Arbitrary Code Injection SNYK-JS-XMLHTTPREQUEST-1082935	No	Proof of Concept
	816/1000 Why? Mature exploit, Has a fix available, CVSS 8.6	Uninitialized Memory Exposure npm:base64-url:20180512	No	Mature
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:fresh:20170908	No	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:hawk:20160119	Yes	No Known Exploit
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:hoek:20180212	Yes	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Timing Attack npm:http-signature:20150122	Yes	No Known Exploit
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:lodash:20180130	Yes	Proof of Concept
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:mime:20170907	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:minimatch:20160620	Yes	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:ms:20170412	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:negotiator:20160616	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:parsejson:20170908	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Override Protection Bypass npm:qs:20170213	Yes	No Known Exploit
	469/1000 Why? Has a fix available, CVSS 5.1	Remote Memory Exposure npm:request:20160119	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Symlink File Overwrite npm:tar:20151103	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:tough-cookie:20160722	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Regular Expression Denial of Service (ReDoS) npm:tough-cookie:20170905	No	No Known Exploit
	576/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.1	Uninitialized Memory Exposure npm:tunnel-agent:20170305	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) npm:uglify-js:20151024	No	No Known Exploit
	324/1000 Why? Has a fix available, CVSS 2.2	Uninitialized Memory Exposure npm:utile:20180614	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Remote Memory Exposure npm:ws:20160104	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) npm:ws:20160624	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Insecure Randomness npm:ws:20160920	No	No Known Exploit
	761/1000 Why? Mature exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) npm:ws:20171108	No	Mature

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: angular-ui-router

The new version differs by 250 commits.

• 1b34e08 chore(docs): Add publishdocs script
• 4cdc307 chore(release): Fix artifacts uploda script
• ea443d8 Release 1.0.0
• 7018915 chore(build): bump core to 5.0.1
• 4539e4a chore(travis): Fix travis
• 74338aa chore(package): Rename angular-ui-router vestiges to @ uirouter/angularjs
• 4919a3a Prep for @ uirouter/angularjs release 1.0.0
• 07c9136 sq
• 043be3e sq
• dd26d49 feat(core): Add UMD bundle adapter for @ uirouter/core
• a26ed81 chore(migrate): Add migration warning on install
• 8d62b0d chore(core): Switch from ui-router-core to @ uirouter/core
• af0b8d4 chore(*): artifact tagging script
• 7a086ee fix(uiCanExit): Only process uiCanExit hook once during redirects
• 8fe5b1f fix(view): Allow targeting nested named ui-view by simple ui-view name
• ec6e5e4 fix(noImplicitAny): move noimplicitany compliance test file to correct location
• df6ee24 fix(onEnter): Fix typescript typing for onEnter/onRetain/onExit
• 4559c32 fix(routeToComponent): Bind resolves that start with data- or x-
• 8e7386b chore(typescript): Add noImplicitAny compliance check in `test` script
• 60e7407 chore(travis): bump travis node requirement
• b4863cf chore(ISSUE_TEMPLATE): create issue template
• a04674c chore(ISSUE_TEMPLATE): create issue template
• 7573156 fix(views): Better validation of view declarations (throw when there are state-level and view-level conflicts)
• 66103fc fix(views): Allow same views object to be reused in multiple states

See the full diff

Package name: express-handlebars

The new version differs by 12 commits.

• a707698 Bump package version to 3.0
• 424e870 Version bump to object.assign and handlebars
• 07f9bbd Revert "use sindresorhus's object-assign polyfill"
• 5514a07 Fixed links
• d005c83 v2.0.2
• 14fa097 use handlebars 4.0.5 in shared template example
• 41e99a1 updated glob and graceful-fs dependencies
• 28335bc use sindresorhus's object-assign polyfill
• 4c16ce4 Merge branch 'PaulBGD-patch-1'
• c19c888 Update to the latest version of promise
• 5769107 Merge branch 'blendlabs-master'
• 71bac24 bump handlebars version to ^4.0.0

See the full diff

Package name: gulp

The new version differs by 134 commits.

• 55eb23a Release: 4.0.0
• 173a532 Docs: Fix the installation instructions
• ec54d09 Docs: Improve note about out-of-date docs
• 03b7c98 Docs: Update recipes to install gulp@next
• 2eba29e Docs: Remove run-sequence from recipes
• 76eb4d6 Docs: Add installation instructions & update badges
• fbc162f Docs: Remove references to gulp-util
• 3011cf9 Scaffold: Normalize repository
• f27be05 Update: Remove graceful-fs from test suite
• 361ab63 Upgrade: Update glob-watcher
• 064d100 Build: Avoid broken node 9
• 057df59 Release: 4.0.0-alpha.3
• c1ba80c Breaking: Upgrade major versions of glob-watcher, gulp-cli & vinyl-fs
• 89acc5c Docs: Improve ES2015 task exporting examples (#1999)
• 0ac9e04 Docs: Add "Project structure" section to CONTRIBUTING.md (#1859)
• 723cbc4 Docs: Fix syntax in recipe example (#1715)
• d420a6a Docs: Have gulp.lastRun take a function to avoid task registration (#1828)
• 29ece6f Upgrade: Update undertaker
• e931cb0 Docs: Fix changelog typos (#1696)
• 477db84 Docs: Add a "BrowserSync with Gulp 4" recipe (#1659)
• d4ed3c7 Docs: Add options.cwd for gulp.src API (#1645)
• 5dc3b07 Docs: Update gulp.watch API to align with glob-watcher
• 0c66069 Breaking: Replace chokidar as gulp.watch with glob-watcher wrapper
• c3dbc10 Docs: Clarify incremental builds example (#1609)

See the full diff

Package name: gulp-babel

The new version differs by 24 commits.

• 8e6fa78 7.0.0
• 8afcd30 make babel-core a peerDep, similar to babel-loader (turn padding and margin into tab layout?? christianevans214/Breezeblocks#122)
• 744f633 7.0.0-alpha.18
• 21bf286 Babel 7 alpha ([Snyk] Fix for 1 vulnerabilities #112)
• 2d63fb4 Update babel-core and babel-preset ([Snyk] Fix for 1 vulnerabilities #110) [skip ci]
• 42bcfe3 ES6 → ES2015
• 638f386 Merge pull request [Snyk] Security upgrade react-native from 0.9.0 to 0.63.0 #83 from RebootJeff/patch-1
• be1b457 Fix link to Babel's issue tracker
• 1b4b0e1 Merge pull request [Snyk] Fix for 2 vulnerabilities #76 from manisenkov/update-readme
• 9164659 Make samples in README.md a bit simpler
• f7d6e35 6.1.2
• 15dff34 simplify [Snyk] Security upgrade react-native from 0.9.0 to 0.12.0 #74
• 6c7a310 Close [Snyk] Security upgrade react-native from 0.9.0 to 0.12.0 #74 PR: Don't add '.js' extension if the source file doesn't have an extension.
• fe5908e Merge pull request [Snyk] Security upgrade react-native from 0.9.0 to 0.12.0 #70 from d10/readme-fix
• 3a23dec Fix minor error in readme.
• fbe4889 6.1.1
• 336d6ac Merge pull request [Snyk] Fix for 1 vulnerabilities #61 from Pofigizm/sourcemap-bug
• e20842d Fix sourcemap's bug for files in nested folders. Closes [Snyk] Security upgrade nodegit from 0.4.1 to 0.23.0 #54
• 40815c1 6.1.0
• 1e79d98 Close [Snyk] Security upgrade react-native from 0.9.0 to 0.64.1 #51 PR: Don't rename ignored files.
• f468b34 Update readme.md
• 8392545 6.0.0
• 39e81e0 tweaks
• 94addac Close [Snyk] Fix for 1 vulnerabilities #46 PR: chore: update babel-core to 6.0.2.

See the full diff

Package name: gulp-eslint

The new version differs by 92 commits.

• 1d79ed0 4.0.1
• 8f7e966 replace all HTTP protocols with HTTPS
• b48a04a remove deprecated gulp-util dependency (#213)
• 35eae57 update devDependencies (#207)
• 47bd269 use npx to simplify after_script
• 29dbab5 inherit autofix-related props even if `quiet` option is enabled
• a398838 4.0.0
• 18a4299 emit an error when it fails to load an ESLint plugin
• b8bf261 update ESLint from v3 to v4 (#198)
• c0e82ce use `Buffer.from` instead of `new Buffer`
• e6c67a2 drop support for linting `Stream` contents
• 132d5cc Fix formatting issues in README.md (#194)
• 7f65378 remove link to config file `globals` doc
• 8ddfb84 correct the type of `globals` option in README
• 6059c22 3.0.1
• b0c2816 ensure sharable config works
• 08b9212 test the case where babel-eslint is actually useful
• eb98701 mock stream-mode vinyl files with from2-string
• bcd7736 fix invalid `envs` option
• 286b0c4 remove unused fixtures
• e2723e1 Remove unnecessary `object-assign` dependency
• 82c1949 3.0.0
• 97d8638 Remove invalid options in example code
• 505779d Remove option aliases

See the full diff

Package name: gulp-istanbul

The new version differs by 43 commits.

• 6ea01ce 1.1.3
• 7b74390 replaced deprecated gulp-util and fixed broken test (Style to merge christianevans214/Breezeblocks#129)
• 1e3adcb chore(package): update mocha to version 4.0.0 (ideas: use phantomJS for page screenshots in project page christianevans214/Breezeblocks#126)
• 502855e 1.1.2
• ac8f966 Add documentation for reportOpts and watermarks (Update project schema for multi pages christianevans214/Breezeblocks#121)
• be326d1 Update README.md to warn about gulp-mocha ([Snyk] Security upgrade react-native from 0.9.0 to 0.69.12 #120)
• b0149ac fix(package): update istanbul-threshold-checker to version 0.2.1 ([Snyk] Fix for 1 vulnerabilities #112)
• 7ec737a chore(package): update dependencies ([Snyk] Fix for 1 vulnerabilities #110)
• b047c82 Update .travis.yml
• a8dd45e 1.1.1
• 18ed282 Fix override default reporters ([Snyk] Fix for 1 vulnerabilities #101)
• 5aefe19 1.1.0
• 081c841 Bump dependencies
• eef2bb3 Update travis covered versions
• e94f537 Allow passing deep options to the instrumenter. Fix [Snyk] Security upgrade react-native from 0.9.0 to 0.16.0 #79
• d93e057 → Fix common cross-platform issue with file path normalization. ([Snyk] Fix for 1 vulnerabilities #86)
• d34854f Commented "supports es6" on isparta instrumenter ([Snyk] Fix for 1 vulnerabilities #97)
• 200153d 1.0.0
• 8a07dbe gulp-sourcemap support ([Snyk] Security upgrade react-native from 0.9.0 to 0.60.0 #94)
• 99432aa Merge pull request [Snyk] Security upgrade nodemon from 1.19.4 to 3.0.0 #91 from nimrod-becker/master
• 5e79eb4 Remove opts.resolveAbsolutePaths option, simply don't path.resolve
• 27be6aa Provide an option to skip path resolution
• 293cf78 Update documentation Fix [Snyk] Security upgrade react-native from 0.9.0 to 0.60.0 #89
• 5e01abf 0.10.4

See the full diff

Package name: gulp-livereload

The new version differs by 11 commits.

• 85e7ca0 Update README.md
• 0a3f940 Update dependencies
• 909c139 Replace `mini-lr` dependency by `tiny-lr`
• e3be670 Generate new certificate for HTTPS tests
• 5af4318 Update minimum supported Node version to Node 6
• f7eeeba Eemove deprecated gulp-util (As a user, when I zoom in on my app, I don't want the page to spill out at bottom christianevans214/Breezeblocks#127)
• bbf71b1 Merge branch 'lukehorvat-travis-nodejs'
• 6e58e67 Add Node.js v0.12 and v4 to Travis config
• 7fc51e9 update README.md
• fc39c77 Merge branch 'patch-1' of https://github.com/bigtiger/gulp-livereload into bigtiger
• 314344a Update README.md

See the full diff

Package name: gulp-mocha

The new version differs by 41 commits.

• 983b0ac 5.0.0
• 7bc8d9c Add example of using the `exit` option (#185)
• 3f53145 Add example of using reporterOptions in readme.md (#179)
• 5045939 Improve usage example
• 64fef33 Bump Mocha to v4
• 06b96ba Meta tweaks
• ac3d7fc Drop dependency on deprecated `gulp-util` (#187)
• 67b1e3e 4.3.1
• 315275f Rewrite tests to use AVA
• 4ac3c98 Cleanup
• 9ddcbd0 Convert objects to key value lists. Closes #167 (#171)
• 55004ca Fix `require` option for multiple entries (#173)
• e878086 4.3.0
• 9cedf6e Increase the max buffer
• 43f4b4d 4.2.0
• edfa4dd Forward stderr too (#168)
• 9e5d38a Minor readme tweaks
• 92ec619 4.1.0
• 915351f Use the local Mocha dependency of this package
• bf30380 Print mocha output immediately, not when process finished (#160)
• 12d44db Convert all arrays to comma separated lists for Mocha
• fbcaf85 Add compiler option description to the readme (#157)
• 32afe0d 4.0.1
• 4e05dce Add manual test gulpfile

See the full diff

Package name: gulp-ng-annotate

The new version differs by 16 commits.

• 18ba641 2.1.0
• 998fbc9 Disable package lock
• 002e043 Migrate away from deprecated gulp-util
• edeac0f Fix travis build
• 9ce0ed8 Merge pull request [Snyk] Fix for 2 vulnerabilities #43 from suvjunmd/options
• 5ded9c5 Fixed options link
• 3e8d504 2.0.0
• c92de58 Update deps
• 3a42189 Remove [Snyk] Fix for 1 vulnerabilities #26 workaround
• 785b073 1.1.0
• 66996d8 Merge pull request [Snyk] Security upgrade gulp-sass from 1.3.3 to 2.0.0 #31 from josephpage/patch-1
• d98743e update gulp-util to 3.x.x
• 5f4fd70 travis: new targets, container-based build
• 935a1b6 Fix license SPDX id
• 91bbe63 1.0.0
• dd07c92 Update to ng-annotate 1.0.0

See the full diff

Package name: gulp-sass

The new version differs by 200 commits.

• 5775044 Update CHANGELOG.md
• 978b8f6 Update to major version 5 (#802)
• 10eae93 Update changelog for 4.1.1
• 947b26c Upgrade lodash to fix a security issue (#776)
• 8d6ac29 Update changelog
• 43c0547 4.1.0
• ebe3ec6 Set appropriate file stat times (#763)
• 7ab018e Migrate to the lodash package
• fa670c6 4.0.2
• fefa00e Revert package.json version bump
• 98254d2 Fix README typos
• 8a14419 Continue loading Node Sass by default
• 938afbe Add a note about synchronous versus asynchronous speed
• 7cc2db1 Make this package implementation-agnostic
• 643f73b Add documentation for synchronous code options
• 0b3c7e7 4.0.1
• daca90d Merge pull request #681 from DKvistgaard/master
• 71471c2 Declaring logError as function instead of arrow function.
• 450a7b8 4.0.0
• e9b1fe8 Fix node versions in appveyor.yml
• 44be409 Merge pull request #667 from dlmanning/next
• 7656eff Adopt airbnb eslint preset
• 1293169 Bump autoprefixer@^8.1.0, gulp-postcss@^7.0.1
• 9fa817b Bump gulp-sourcemaps@^2.6.4

See the full diff

Package name: gulp-uglify

The new version differs by 9 commits.

• e4f9045 2.0.0
• 566ec6a refactor(tests): write tests with mocha
• 5651111 refactor(tests): replace `cmem` with `testdouble`
• b82387b refactor(tests): compose streams with `mississippi` utilities
• 1232c3c fix(errors): emit errors of type `GulpUglifyError`
• 5632cee fix(minifer): use `gulplog` for the warning
• 8160697 feat(minifier): use UglifyJS 2.7.0's input map support
• 3ec8fc3 chore(package): update uglify-js to version 2.7.0
• a9c55b9 doc(README): spelling mistake in example

<a href="https://snyk.io/redirect/github/terinjokes/gulp-uglify/compare/80da765a266cb7ff9d034a73bde0abe18d72d6de...