[Snyk] Fix for 37 vulnerabilities

[enterstudio]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-DECOMPRESS-557358	Yes	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-DECOMPRESSTAR-559095	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	Open Redirect SNYK-JS-GOT-2932019	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	Yes	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-450202	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-73638	Yes	Proof of Concept
	541/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	Yes	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASHTEMPLATE-1088054	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342073	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342082	Yes	Proof of Concept
	520/1000 Why? Has a fix available, CVSS 5.9	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-584281	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-1019388	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	Yes	No Known Exploit
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Improper Input Validation SNYK-JS-POSTCSS-5926692	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Poisoning SNYK-JS-QS-3153490	Yes	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	Yes	Proof of Concept
	536/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1047770	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1584358	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1585624	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-2824151	Yes	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-URLREGEX-569472	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:braces:20180219	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) npm:content-type-parser:20170905	Yes	No Known Exploit
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:lodash:20180130	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:minimatch:20160620	Yes	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:ms:20170412	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Override Protection Bypass npm:qs:20170213	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: gulp

The new version differs by 134 commits.

• 55eb23a Release: 4.0.0
• 173a532 Docs: Fix the installation instructions
• ec54d09 Docs: Improve note about out-of-date docs
• 03b7c98 Docs: Update recipes to install gulp@next
• 2eba29e Docs: Remove run-sequence from recipes
• 76eb4d6 Docs: Add installation instructions & update badges
• fbc162f Docs: Remove references to gulp-util
• 3011cf9 Scaffold: Normalize repository
• f27be05 Update: Remove graceful-fs from test suite
• 361ab63 Upgrade: Update glob-watcher
• 064d100 Build: Avoid broken node 9
• 057df59 Release: 4.0.0-alpha.3
• c1ba80c Breaking: Upgrade major versions of glob-watcher, gulp-cli & vinyl-fs
• 89acc5c Docs: Improve ES2015 task exporting examples (Eslint fix WikiEducationFoundation/WikiEduDashboard#1999)
• 0ac9e04 Docs: Add "Project structure" section to CONTRIBUTING.md (Fix #1856 Campaign Alert Table Not Showing under Mobile Layout WikiEducationFoundation/WikiEduDashboard#1859)
• 723cbc4 Docs: Fix syntax in recipe example (CampaignEditable generates a warning WikiEducationFoundation/WikiEduDashboard#1715)
• d420a6a Docs: Have gulp.lastRun take a function to avoid task registration (User stats query does not work when username includes & WikiEducationFoundation/WikiEduDashboard#1828)
• 29ece6f Upgrade: Update undertaker
• e931cb0 Docs: Fix changelog typos (Converts Campaign Editable into a Popover WikiEducationFoundation/WikiEduDashboard#1696)
• 477db84 Docs: Add a "BrowserSync with Gulp 4" recipe (complete upload.spec.jsx WikiEducationFoundation/WikiEduDashboard#1659)
• d4ed3c7 Docs: Add options.cwd for gulp.src API (Plagiarism store to redux WikiEducationFoundation/WikiEduDashboard#1645)
• 5dc3b07 Docs: Update gulp.watch API to align with glob-watcher
• 0c66069 Breaking: Replace chokidar as gulp.watch with glob-watcher wrapper
• c3dbc10 Docs: Clarify incremental builds example (Bcb37 training translations#1514 WikiEducationFoundation/WikiEduDashboard#1609)

See the full diff

Package name: gulp-autoprefixer

The new version differs by 27 commits.

• ede5a11 8.0.0
• a953087 Require Node.js 12 and upgrade dependencies
• 87ff53d Move to GitHub Actions (Course description textarea should have an id. WikiEducationFoundation/WikiEduDashboard#117)
• c5e7214 7.0.1
• da50fd2 Make Gulp an optional peer dependency
• 40fba84 7.0.0
• ab49120 Require Node.js 8 and Gulp 4
• 83cc576 Enable the repo sponsor button
• adec1a7 6.1.0
• 7b080bf Upgrade dependencies
• dfe3919 6.0.0
• c225cbd Upgrade `autoprefixer` and `postcss`
• ea0b7f8 Require Node.js 6
• 18a27be 5.0.0
• e526a78 Meta tweaks
• e954e6e Update sourcemap paths to be relative to `file.base` ([Snyk] Security upgrade gulp-notify from 2.2.0 to 5.0.0 #92)
• 7828646 Upgrade to Autoprefixer 8 ([Snyk] Security upgrade stylus from 0.54.5 to 0.64.0 #96)
• d008588 4.1.0
• 27816c3 Meta tweaks
• 94f3447 Drop dependency on deprecated gulp-util ([Snyk] Security upgrade gulp-imagemin from 3.4.0 to 8.0.0 #94)
• 60aead3 Test against Node.js v8 ([Snyk] Security upgrade gulp-iconfont from 8.0.1 to 12.0.0 #90)
• 5188604 4.0.0
• 04814b7 Rewrite tests to use AVA
• 7df69ba ES2015ify, bump postcss, require Node.js 4

See the full diff

Package name: gulp-clean

The new version differs by 2 commits.

• 1b2503e Merge pull request [Snyk] Fix for 1 vulnerabilities #30 from kuangyeheng/pl
• d83c56a remove gulp-util

See the full diff

Package name: gulp-coffee

The new version differs by 6 commits.

• bbb041d 3.0.1
• 4e4fe84 respond to https://github.com/Ecosystem migration gulpjs/gulp-util#143
• 2b1623c 3.0.0
• eaf44ad more dep updating
• 480d8ee Merge pull request [Snyk] Fix for 1 vulnerabilities #80 from ndrewtl/master
• e3939ff Bump Coffeescript to version 2.1.0

See the full diff

Package name: gulp-eslint

The new version differs by 25 commits.

• 1d79ed0 4.0.1
• 8f7e966 replace all HTTP protocols with HTTPS
• b48a04a remove deprecated gulp-util dependency (Assignment dates should be in the summary WikiEducationFoundation/WikiEduDashboard#213)
• 35eae57 update devDependencies (Course updates and other edits are being made on Wikipedia before course submission WikiEducationFoundation/WikiEduDashboard#207)
• 47bd269 use npx to simplify after_script
• 29dbab5 inherit autofix-related props even if `quiet` option is enabled
• a398838 4.0.0
• 18a4299 emit an error when it fails to load an ESLint plugin
• b8bf261 update ESLint from v3 to v4 (Number of trained students no longer accessible to screen readers WikiEducationFoundation/WikiEduDashboard#198)
• c0e82ce use `Buffer.from` instead of `new Buffer`
• e6c67a2 drop support for linting `Stream` contents
• 132d5cc Fix formatting issues in README.md (Placeholder text for course start/end dates should indicate required date format: YYYY-MM-DD WikiEducationFoundation/WikiEduDashboard#194)
• 7f65378 remove link to config file `globals` doc
• 8ddfb84 correct the type of `globals` option in README
• 6059c22 3.0.1
• b0c2816 ensure sharable config works
• 08b9212 test the case where babel-eslint is actually useful
• eb98701 mock stream-mode vinyl files with from2-string
• bcd7736 fix invalid `envs` option
• 286b0c4 remove unused fixtures
• e2723e1 Remove unnecessary `object-assign` dependency
• 82c1949 3.0.0
• 97d8638 Remove invalid options in example code
• 505779d Remove option aliases

See the full diff

Package name: gulp-htmlhint

The new version differs by 71 commits.

• 5c1fa82 4.0.2
• b110f1d Update test.yml
• aae25ee Switch to github actions
• 6b45842 Create test.yml
• 5315942 Bump htmlhint & add htmlhint as peerDependency
• a95c3d2 Bump path-parse from 1.0.6 to 1.0.7 ([Snyk] Security upgrade mocha from 3.5.3 to 10.1.0 #66)
• 9e08834 Bump normalize-url from 4.5.0 to 4.5.1 ([Snyk] Security upgrade gulp-imagemin from 3.4.0 to 8.0.0 #65)
• 68ad4a3 Bump trim-newlines from 3.0.0 to 3.0.1 ([Snyk] Security upgrade gulp-autoprefixer from 3.1.1 to 6.0.0 #64)
• 8e32c25 Bump hosted-git-info from 2.8.5 to 2.8.9 ([Snyk] Fix for 1 vulnerabilities #63)
• 51c8c3f 4.0.1
• 2d1a389 Bump dependencies
• 946d4b3 Bump lodash from 4.17.20 to 4.17.21 ([Snyk] Security upgrade moment from 2.10.3 to 2.29.2 #62)
• a5b1de7 fix .htmlhintrc file path ([Snyk] Security upgrade gulp-eslint from 2.1.0 to 4.0.0 #61)
• 13d0dbe Bump y18n from 4.0.0 to 4.0.1 ([Snyk] Security upgrade markdown-it from 8.1.0 to 12.3.2 #60)
• cd57759 Bump elliptic from 6.5.3 to 6.5.4 ([Snyk] Security upgrade gulp-eslint from 2.1.0 to 6.0.0 #59)
• b9964b3 4.0.0
• d3abbde Drops node 8 support
• 6a8609f Adds node 14 to test matrix
• e2739de Bump dependencies
• da2c5a9 Bump dot-prop from 4.2.0 to 4.2.1 ([Snyk] Fix for 1 vulnerabilities #57)
• aa245ec Bump lodash from 4.17.15 to 4.17.20 ([Snyk] Security upgrade gulp-iconfont from 8.0.1 to 10.0.3 #58)
• 4fec526 Bump ini from 1.3.5 to 1.3.8 ([Snyk] Security upgrade gulp-iconfont from 8.0.1 to 11.0.0 #56)
• 4e54cc6 3.0.1
• cce0401 Bump dependencies

See the full diff

Package name: gulp-iconfont

The new version differs by 49 commits.

• 3d935c1 Release v11.0.0
• 1a5b6f4 Merge pull request + icon for Wiki Ed staff does nothing if no staff are present WikiEducationFoundation/WikiEduDashboard#187 from nfroidure/gulp-ttf2woff2
• ae4bd62 Do not publish .github
• 3643cc6 Require Node 12+
• 5f22074 Update gulp-ttf2woff2@4.0.0
• 7507aee Merge pull request If a week has no blocks, you cannot drag another block to that week WikiEducationFoundation/WikiEduDashboard#186 from nfroidure/actions
• 4c81f3b Update CI badge in README.md
• eb6a935 Remove .travis.yml
• 10deed6 Increase timeout on async test
• 7545acc Run on ubuntu-latest
• e2fd250 Do not reinstall packages already installed
• 6bef293 Copy install script from Dockerfile
• b60a2f6 Use GitHub Actions for CI
• 0a5245d Merge pull request enrollment url should not display for users who are not logged in. WikiEducationFoundation/WikiEduDashboard#177 from nfroidure/travis
• b85eb5b Run CI on Ubuntu 14.04
• 6067b8f Merge pull request Activity timestamps do not match Wikipedia WikiEducationFoundation/WikiEduDashboard#176 from nfroidure/readme
• 195dd04 Fix formatting in README.md
• d751ba6 10.0.3
• b0e8399 Merge pull request Your Courses should only show current and not-yet-started courses. WikiEducationFoundation/WikiEduDashboard#175 from pioug/master
• ed9dae2 Add support for Node.js 11/12
• 47cde1a 10.0.2
• a4a2b5e updated dependencies
• 0819325 10.0.1
• cb86fe2 Use multipipe instead of plexer: no need for explicit error handling, simpler code.

See the full diff

Package name: gulp-imagemin

The new version differs by 35 commits.

• 2f7ecc9 8.0.0
• 1b4baf6 Require Node.js 12.20 and move to ESM
• ed39463 Move to GitHub Actions (Make article title a link on DYK page WikiEducationFoundation/WikiEduDashboard#351)
• 8b40da0 Update readme lossless note (Course details shows null for real name when there are multiple users in an role and one does not have a real name set. WikiEducationFoundation/WikiEduDashboard#346)
• 1cbb7c5 7.1.0
• 67cceb3 Update `imagemin-gifsicle` optional dependency
• 97432ea 7.0.0
• aacca91 Require Node.js 10
• 279a91b Replace jpegtran with mozjpeg (Hover state broken on tooltips for homepage stats WikiEducationFoundation/WikiEduDashboard#336)
• f4a2255 6.2.0
• 0460c78 Add `silent` option (We need to do regular backups of the production database, and document the process WikiEducationFoundation/WikiEduDashboard#331)
• dfdba76 6.1.1
• 165bf8b Make Gulp an optional peer dependency
• 6c35e59 6.1.0
• 92e224a Update dependencies
• 97cd1c3 6.0.0
• 6e091ed Require Node.js 8
• c1c3346 Create funding.yml
• 8e731f0 5.0.3
• 3e68bd4 Fix another regression of b57f1d6 (Timeline block mouseover animation can be disorienting WikiEducationFoundation/WikiEduDashboard#318)
• 3ad32ab 5.0.2
• c7170ba Fix another regression in b57f1d6
• 51bb2ad 5.0.1
• 821dc8a Fix regression in b57f1d6 (Markdown url formatting gets escaped by closing parens in url WikiEducationFoundation/WikiEduDashboard#316)

See the full diff

Package name: gulp-jsx-coverage

The new version differs by 28 commits.

• 79b94d8 release
• 993ac49 update history
• 21954ba update license
• bcac6ac update history
• 4dec074 update history
• 94b0c0f update history
• 87709bc typo
• bc9591f refine doc
• 1061c7f add react/jsx into example
• 58a09ee refine doc
• 6d5250a refine doc
• a2e3c62 refine doc
• f2fdabe refine document
• 139ad7e refine document and error handling. remove unused devDep
• 0fbc1fc refine doc
• 05c3b5c update demo image
• 0e16b6d refine document
• ff2a18e refine tests
• 5c9085f refine dependency
• 9d9427c test in node 4+ now
• 0e743d8 have correct source-map-support now
• 09eb166 big changes now
• c5c6f12 port to new istanbul.js now
• 27fd853 remove isparta and babel option support

See the full diff

Package name: gulp-livereload

The new version differs by 11 commits.

• 85e7ca0 Update README.md
• 0a3f940 Update dependencies
• 909c139 Replace `mini-lr` dependency by `tiny-lr`
• e3be670 Generate new certificate for HTTPS tests
• 5af4318 Update minimum supported Node version to Node 6
• f7eeeba Eemove deprecated gulp-util ("Approve" interface should not show up for legacy courses. WikiEducationFoundation/WikiEduDashboard#127)
• bbf71b1 Merge branch 'lukehorvat-travis-nodejs'
• 6e58e67 Add Node.js v0.12 and v4 to Travis config
• 7fc51e9 update README.md
• fc39c77 Merge branch 'patch-1' of https://github.com/bigtiger/gulp-livereload into bigtiger
• 314344a Update README.md

See the full diff

Package name: gulp-notify

The new version differs by 25 commits.

• 398d0a4 v3.1.0
• fc51ff2 Merge pull request Instructors do not appear on the overview page WikiEducationFoundation/WikiEduDashboard#124 from ohbarye/replace-gulp-util
• 46efdc6 Move vinyl to devDependencies
• 173fcb0 Use ansi-colors instead of chalk due to node version compatibility
• 1e8c372 Remove unused through import
• 3284a51 Drop dependency on deprecated gulp-util
• 455250c npm install chalk fancy-log plugin-error lodash.template vinyl
• 658efc5 v3.0.0
• b1ba7a2 Adds changelog for bump with node-notifier
• 7d6944e Updates all dependencies
• 08244ea Adds log files to ignore
• 8df5320 Bumps node-notifier dependency to latest
• 507e21f Merge pull request Layout is broken on Windows WikiEducationFoundation/WikiEduDashboard#105 from queicherius/patch-1
• f32b692 Update node-notifier dependency
• f5d3f46 Merge pull request Slow page loads WikiEducationFoundation/WikiEduDashboard#103 from Toby-S/patch-1
• bbcc4d1 Correct indent_style in .editorconfig
• c0d7501 Update README.md
• 21eed88 Update README.md
• 084f6a1 Adds support for overriding host/port/appname onError. Fixes [Snyk] Security upgrade webpack from 1.15.0 to 5.94.0 #91
• e45ef63 Merge pull request [Snyk] Security upgrade gulp-imagemin from 3.4.0 to 9.1.0 #85 from stevelacy/patch-1
• ef56795 Update license attribute
• 80a4c0d Merge pull request [Snyk] Fix for 1 vulnerabilities #72 from dhruska/master
• 0783a5c Typo fix in README
• b4e95ec Merge pull request [Snyk] Fix for 1 vulnerabilities #71 from Andorbal/master

See the full diff

Package name: gulp-plumber

The new version differs by 4 commits.

• b91f934 1.2.0
• c80d68e Merge pull request [Snyk] Fix for 16 vulnerabilities #54 from demurgos/issue-53
• 310cd31 Drop dependency on deprecated gulp-util
• ba3d6e4 improve errorHandler docs

See the full diff

Package name: gulp-rev

The new version differs by 21 commits.

• bb3a3fd 8.1.1
• e46406b Replace gulp-util with smaller modules (Edits by new users that introduce external links will fail because of CAPTCHA WikiEducationFoundation/WikiEduDashboard#237)
• 6c9bcac Remove Code Sponsor
• fe0c551 8.1.0
• 47ffbe0 Bump `rev-path`
• fc74b5b Try out Code Sponsor
• cdf63fa Pass resolved, absolute paths to relPath() (Some alerts are not helpful WikiEducationFoundation/WikiEduDashboard#220) (Course creator should collect instructor's real name WikiEducationFoundation/WikiEduDashboard#222)
• 567c340 Update readme.md (If you revisit the Start/End dates step of the timeline from the Summary, button says 'Next' WikiEducationFoundation/WikiEduDashboard#224)
• 898dffc 8.0.0
• d290ff8 Meta tweaks
• a89f0df Make tests independent of platform specific path separator (Term field should have a default WikiEducationFoundation/WikiEduDashboard#219) (Pressing 'Enter' should submit input when adding Tags, Articles, etc. WikiEducationFoundation/WikiEduDashboard#221)
• 71a0377 Add a note about non-deterministic streams order (Assignment dates should be in the summary WikiEducationFoundation/WikiEduDashboard#213)
• f5ee9ee Meta tweaks
• 731be70 Move list of maintainers into the readme for visibility
• 192a075 Meta tweaks
• 7acdb13 Move tests from Mocha to AVA ("Step 1 of ?" at the beginning of the wizard is confusing WikiEducationFoundation/WikiEduDashboard#212)
• 82c185c More realistic example (Instructors should input assignment start and end dates at the beginning of the wizard WikiEducationFoundation/WikiEduDashboard#203)
• 02fbeba add XO badge
• 8686e62 [breaking] ES2015ify and require Node.js 4
• ed53cef meta tweaks
• 17d6bb4 docs: change number of approaches (Apostrophe should be a valid course slug character WikiEducationFoundation/WikiEduDashboard#196)

See the full diff

Package name: gulp-watch

The new version differs by 7 commits.

• 80cd83e 5.0.1
• 6fe8912 Replace deprecated gulp-util (Course slug preview in Course Creator shows underscores vs. spaces inconsistently WikiEducationFoundation/WikiEduDashboard#303)
• 959128a 5.0.0
• 9208d48 Bump chokidar to ^2.0.0
• 02bd06d Update to newest vinyl for gulp 4 support (Sorting by Recent Revisions does not sort correctly WikiEducationFoundation/WikiEduDashboard#296)
• 4ced696 Add Node.js 9 and increase timeout to 5 secs
• aa8146f Remove unsupported versions of Node.js

See the full diff

Package name: jsdom

The new version differs by 250 commits.

• 74a8d1e Version 16.6.0
• f51f2ec Remove the dependency on request
• 2b6d5ae Update dependencies
• b72b33b Disable now-crashing canvas test
• 39b7972 Handle null and undefined thrown as exceptions
• 04f6c13 Add ParentNode.replaceChildren() (Using references_added function for user's ref count WikiEducationFoundation/WikiEduDashboard#3176)
• e4c4004 Version 16.5.3
• 2f41466 Fix MutationObserver infinite loop bugs (Bump react-day-picker from 7.3.0 to 7.3.1 WikiEducationFoundation/WikiEduDashboard#3173)
• b232f2a Run partially-failing WPTs in the custom-elements directory
• 35e103e Run partially-failing WPTs in the cors directory
• 77b660a Run partially-failing WPTs in the FileAPI directory
• d8a245f Use `InnerHTML` mixin for `innerHTML` definition (Use Available Articles when using the assign button WikiEducationFoundation/WikiEduDashboard#2981)
• bd50bbe Version 16.5.2
• d5cfd69 Fix event handler ObjectEnvironment instantiation
• 93e3d4a Remove vestigial concurrentNodeIterators option-passing
• c92f9c1 Check all associated elements for form validity
• 2202703 Fix failing WPTs calculation
• 21c7671 Upgrade dependencies
• c1b9ea1 Port skipped "test_body_event_handler_inline" to WPT
• a13d854 Use WeakRefs for NodeIterator tracking when supported
• fdf97d8 Fix radio/checkbox to not fire events when disconnected
• 761d8cc Refactor <output>
• b36d418 Make customElements.whenDefined() resolve with the constructor
• c5d13bb Remove a variety of redundant to-port tests

See the full diff

Package name: run-sequence

The new version differs by 15 commits.

• 31103da 2.2.1
• 209e46c Drop dependency on deprecated `gulp-util` (Cohort dashboard should show number of articles edited, and number of articles created WikiEducationFoundation/WikiEduDashboard#100)
• 37e17be 2.2.0
• c450122 Changelog, cleanup for orchestration events change
• 2155560 handle orchestration aborted events ([Snyk] Security upgrade gulp-imagemin from 3.4.0 to 9.1.0 #97)
• 066b8c6 2.1.0
• dada3f4 Added date to v1 in changelog
• f2b1635 Added options, code cleanup