[Snyk] Fix for 2 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: gulp-autoprefixer

The new version differs by 27 commits.

• ede5a11 8.0.0
• a953087 Require Node.js 12 and upgrade dependencies
• 87ff53d Move to GitHub Actions (#117)
• c5e7214 7.0.1
• da50fd2 Make Gulp an optional peer dependency
• 40fba84 7.0.0
• ab49120 Require Node.js 8 and Gulp 4
• 83cc576 Enable the repo sponsor button
• adec1a7 6.1.0
• 7b080bf Upgrade dependencies
• dfe3919 6.0.0
• c225cbd Upgrade `autoprefixer` and `postcss`
• ea0b7f8 Require Node.js 6
• 18a27be 5.0.0
• e526a78 Meta tweaks
• e954e6e Update sourcemap paths to be relative to `file.base` (#92)
• 7828646 Upgrade to Autoprefixer 8 (#96)
• d008588 4.1.0
• 27816c3 Meta tweaks
• 94f3447 Drop dependency on deprecated gulp-util (#94)
• 60aead3 Test against Node.js v8 (#90)
• 5188604 4.0.0
• 04814b7 Rewrite tests to use AVA
• 7df69ba ES2015ify, bump postcss, require Node.js 4

See the full diff

Package name: psi

The new version differs by 51 commits.

• 57a0ea6 Update to v4.1.0
• a276477 Add Field Data Wording for CLS and LCP (#121)
• 54cd244 Fix cannot read property `metrics` of undefined (#120)
• 898d7c7 Fix issue 115 "Cannot read property 'type' of undefined" (#116)
• f59a309 Add link to opportunities (#113)
• 129568b Feature/common use cases (#114)
• 1561b67 Update project dependencies (#112)
• b39846e Update package googleapis to ^47.0.0 (#110)
• 403b9b8 Round percentum in output message (#109)
• 8d40a91 Remove not needed dependencies (plus lodash) (#107)
• a3115ce Added nyc for Test coverage (#103)
• 9949c6c Expand test coverage (#105)
• 8bc7abb v4.0.1
• 26645c4 readme: update to v5+ API (#104)
• d2c4c06 4.0.0 (#102)
• ff48634 readme: update build badge (#101)
• b6b16ac Update to v5 screenshot (#100)
• 0c6c01f (rewrite) Update `psi` to V5
• 11f871a Fixed xo error
• 77cfdec Reverted originLoadingExperience.metrics to loadingExperience.metrics
• cc145fc Changed loadingExperience by originLoadingExperience
• 5cb1bd2 Update lib/output.js
• 5b44a1b No opportunities provided. Added message, created generic function to show proper data
• 7fb2604 Removed unnecessary item.label check and added TODOs to README

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic