[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: chalk

The new version differs by 53 commits.

• 3fca615 2.0.0
• f66271e Add tagged template literal (Deploy fix jes708/CodeGenius#163)
• 23ef1c7 fix linter errors
• c015568 add rainbow example
• 09fb2d8 Re-implement `chalk.enabled` (move fully graded and total score into assessment card jes708/CodeGenius#160)
• 608242a spoof supports-color
• 18f2e7c add host information output
• 523b998 Revert "TEMPORARY: emergency travis CI fix (see comments)"
• 54975fb TEMPORARY: emergency travis CI fix (see comments)
• 1d73b21 Improve readme
• 6f4d6b3 Bump dependencies
• 8702496 Remove `chalk.styles`
• 0412cdf Minor code improvements
• 249b9ac ES2015ify the codebase
• cb3f230 Add RGB (256/Truecolor) support (Uniformly style student cards jes708/CodeGenius#140)
• dbae68d Update dependent package count in the readme (student view jes708/CodeGenius#154)
• 9b60021 Drop support for Node.js 0.10 and 0.12
• 0d21449 check parent builder object for enabled status (hide files should be more easily accessible jes708/CodeGenius#142)
• 5a69476 add XO badge
• 492f11f add example file
• 4ce73b6 make XO happy
• 7c02cf4 Add log statement to chalk examples (Typeahead for solution file input jes708/CodeGenius#129)
• 835ca3d You've just reached 10,000 dependent modules. (check off if student is fully graded jes708/CodeGenius#122)
• 74c087d minor doc improvements (StudentTests should clear out and be replaced when a new assessment is selected jes708/CodeGenius#120)

See the full diff

Package name: css-loader

The new version differs by 136 commits.

• 43179a8 chore(release): 1.0.0
• 3d53968 Merge remote-tracking branch 'origin/master'
• 240db53 version 1.0 (#742)
• 1b7acf7 Merge remote-tracking branch 'origin/master'
• 1703721 docs(README): add more context to `localIdentName` (#711)
• 1c51265 docs(README): fix malformed emoji (#701)
• 50f8ec0 Merge remote-tracking branch 'origin/master'
• 07444ad tests: css custom variables (#709)
• 3de8aa7 tests: css custom variables (#709)
• df497db chore(release): 0.28.11
• c788450 fix(lib/processCss): don't check `mode` for `url` handling (`options.modules`) (#698)
• c35d8bd chore(release): 0.28.10
• 9f876d2 fix(getLocalIdent): add `rootContext` support (`webpack >= v4.0.0`) (#681)
• 0452f26 test: hashes inside `@ font-face` url (#678)
• 630579d chore(release): 0.28.9
• 604bd4b chore(package): update dependencies
• d1d8221 fix: ignore invalid URLs (`url()`) (#663)
• 0fc46c7 chore(release): 0.28.8
• 333a2ce chore(package): update `dependencies`
• 39773aa ci(travis): use `npm`
• 8897d44 fix: proper URL escaping and wrapping (`url()`) (#627)
• 0dccfa9 fix(loader): correctly check if source map is `undefined` (#641)
• d999f4a docs: Update importLoaders documentation (#646)
• 05c36db test: removed redundant `modules` argument (#599)

See the full diff

Package name: gulp

The new version differs by 134 commits.

• 55eb23a Release: 4.0.0
• 173a532 Docs: Fix the installation instructions
• ec54d09 Docs: Improve note about out-of-date docs
• 03b7c98 Docs: Update recipes to install gulp@next
• 2eba29e Docs: Remove run-sequence from recipes
• 76eb4d6 Docs: Add installation instructions & update badges
• fbc162f Docs: Remove references to gulp-util
• 3011cf9 Scaffold: Normalize repository
• f27be05 Update: Remove graceful-fs from test suite
• 361ab63 Upgrade: Update glob-watcher
• 064d100 Build: Avoid broken node 9
• 057df59 Release: 4.0.0-alpha.3
• c1ba80c Breaking: Upgrade major versions of glob-watcher, gulp-cli & vinyl-fs
• 89acc5c Docs: Improve ES2015 task exporting examples (#1999)
• 0ac9e04 Docs: Add "Project structure" section to CONTRIBUTING.md (#1859)
• 723cbc4 Docs: Fix syntax in recipe example (#1715)
• d420a6a Docs: Have gulp.lastRun take a function to avoid task registration (#1828)
• 29ece6f Upgrade: Update undertaker
• e931cb0 Docs: Fix changelog typos (#1696)
• 477db84 Docs: Add a "BrowserSync with Gulp 4" recipe (#1659)
• d4ed3c7 Docs: Add options.cwd for gulp.src API (#1645)
• 5dc3b07 Docs: Update gulp.watch API to align with glob-watcher
• 0c66069 Breaking: Replace chokidar as gulp.watch with glob-watcher wrapper
• c3dbc10 Docs: Clarify incremental builds example (#1609)

See the full diff

Package name: gulp-eslint

The new version differs by 86 commits.

• a398838 4.0.0
• 18a4299 emit an error when it fails to load an ESLint plugin
• b8bf261 update ESLint from v3 to v4 (#198)
• c0e82ce use `Buffer.from` instead of `new Buffer`
• e6c67a2 drop support for linting `Stream` contents
• 132d5cc Fix formatting issues in README.md (For Jansen's Reference - Test reducers jes708/CodeGenius#194)
• 7f65378 remove link to config file `globals` doc
• 8ddfb84 correct the type of `globals` option in README
• 6059c22 3.0.1
• b0c2816 ensure sharable config works
• 08b9212 test the case where babel-eslint is actually useful
• eb98701 mock stream-mode vinyl files with from2-string
• bcd7736 fix invalid `envs` option
• 286b0c4 remove unused fixtures
• e2723e1 Remove unnecessary `object-assign` dependency
• 82c1949 3.0.0
• 97d8638 Remove invalid options in example code
• 505779d Remove option aliases
• 7228608 Bump ESLint to v3.x and ES2015ify
• 946e0e9 2.1.0
• a01671e Add v2.1.0 release note
• 87213fd Fix inline config example in README (Re-search for student fork jes708/CodeGenius#159)
• 4de3d64 Test on the latest/LTS Node
• cb7fd6a Install istanbul-coveralls only on Travis CI

See the full diff

Package name: gulp-ng-annotate

The new version differs by 7 commits.

• 785b073 1.1.0
• 66996d8 Merge pull request [Snyk] Security upgrade css-loader from 0.23.1 to 1.0.0 #31 from josephpage/patch-1
• d98743e update gulp-util to 3.x.x
• 5f4fd70 travis: new targets, container-based build
• 935a1b6 Fix license SPDX id
• 91bbe63 1.0.0
• dd07c92 Update to ng-annotate 1.0.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic