[Snyk] Fix for 1 vulnerabilities

[bparrish206]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-LODASH-6139239	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: gulp

The new version differs by 250 commits.

• 55eb23a Release: 4.0.0
• 173a532 Docs: Fix the installation instructions
• ec54d09 Docs: Improve note about out-of-date docs
• 03b7c98 Docs: Update recipes to install gulp@next
• 2eba29e Docs: Remove run-sequence from recipes
• 76eb4d6 Docs: Add installation instructions & update badges
• fbc162f Docs: Remove references to gulp-util
• 3011cf9 Scaffold: Normalize repository
• f27be05 Update: Remove graceful-fs from test suite
• 361ab63 Upgrade: Update glob-watcher
• 064d100 Build: Avoid broken node 9
• 057df59 Release: 4.0.0-alpha.3
• c1ba80c Breaking: Upgrade major versions of glob-watcher, gulp-cli & vinyl-fs
• 89acc5c Docs: Improve ES2015 task exporting examples (#1999)
• 0ac9e04 Docs: Add "Project structure" section to CONTRIBUTING.md (#1859)
• 723cbc4 Docs: Fix syntax in recipe example (#1715)
• d420a6a Docs: Have gulp.lastRun take a function to avoid task registration (#1828)
• 29ece6f Upgrade: Update undertaker
• e931cb0 Docs: Fix changelog typos (#1696)
• 477db84 Docs: Add a "BrowserSync with Gulp 4" recipe (#1659)
• d4ed3c7 Docs: Add options.cwd for gulp.src API (#1645)
• 5dc3b07 Docs: Update gulp.watch API to align with glob-watcher
• 0c66069 Breaking: Replace chokidar as gulp.watch with glob-watcher wrapper
• c3dbc10 Docs: Clarify incremental builds example (#1609)

See the full diff

Package name: gulp-util

The new version differs by 61 commits.

• 28c2aa2 3.0.8
• 1034a68 Upgrade: bump dateformat, per https://github.com/removes CLI felixge/node-dateformat#53#issuecomment-245782776 (#130)
• 5a417cf Merge pull request #125 from jmeas/patch-1
• 8cdbc07 Remove gutil.beep() from README example
• b74a5ff 3.0.7
• 5c0c5cf bump logger versions
• 3879b24 Merge pull request #106 from stevelacy/patch-1
• 7bba70f Update package repo link
• 194248a Merge pull request #105 from gulpjs/gulplog
• 65c210a add branching logic to support new gulplog stuff
• 4656163 Merge pull request #100 from makky3939/clean_up_template_js
• 878c95b fix
• 385b059 more readable
• 7e1336e 3.0.6
• 64325ae Merge pull request #99 from TrySound/master
• 5755bb3 Updated dependencies
• 1c96495 Merge pull request #97 from arthurvr/patch-1
• de9c310 Update node version in readme
• d9ac713 3.0.5
• 5155266 Merge pull request #94 from pgilad/patch-1
• d666893 update license attribute
• 81a61ce Merge pull request #92 from stringparser/fix-log-formatting
• c107206 missing quotes on previous test and space for object in current
• 0c4f90f fix tests logging

See the full diff

Package name: node-sass

The new version differs by 250 commits.

• d707218 Bump v3.5.1 because npm
• a15f54c Merge pull request #1452 from saper/fix-build
• 4f420a5 Use "double quotes" around the binding file name
• 99ea434 Actually check if the binary exists.
• 1e4bba8 v3.5.0: Filter branch for appveyor
• 8e09b74 Merge pull request #1450 from xzyfer/feat/release/3.5.0
• 6519cdf v3.5.0
• ef7a272 Merge pull request #1449 from xzyfer/feat/binary-error
• 211f312 Log the error when there is a problem with the binary
• ec48be4 Bump LibSass 3.3.5
• 5df330d Bump LibSass 3.3.5
• 9c6933f Merge pull request #1435 from xzyfer/fix/binary-verification
• 0fa5e5e Fix a regression in binary verification
• 7c24716 Merge pull request #1430 from xzyfer/feat/process-sass-deprecation-warning
• adb6166 Ouptut a deprecation warning to stdout when using process.sass
• d76923b Merge pull request #1428 from xzyfer/feat/better-binary-error-messages
• cf87e0b Better error messages for missing binaries
• 41db8b9 Merge pull request #1427 from xzyfer/feat/remove-process-sass
• 90b6939 Polyfill process.sass
• 22c560c Remove use of global process.sass
• b0df78d Merge pull request #1424 from xzyfer/feat/importer-docs-return-null
• 02eee94 Update custom importer documentation to advocate returning `null`
• 09bf80c Merge pull request #1390 from eoneill/customFunctionsContext
• 5b2862e Merge pull request #1423 from xzyfer/feat/dont-ignore-vendor-folder

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution