[Snyk] Fix for 1 vulnerabilities

[macchie]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-LODASH-6139239	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: gulp

The new version differs by 134 commits.

• 55eb23a Release: 4.0.0
• 173a532 Docs: Fix the installation instructions
• ec54d09 Docs: Improve note about out-of-date docs
• 03b7c98 Docs: Update recipes to install gulp@next
• 2eba29e Docs: Remove run-sequence from recipes
• 76eb4d6 Docs: Add installation instructions & update badges
• fbc162f Docs: Remove references to gulp-util
• 3011cf9 Scaffold: Normalize repository
• f27be05 Update: Remove graceful-fs from test suite
• 361ab63 Upgrade: Update glob-watcher
• 064d100 Build: Avoid broken node 9
• 057df59 Release: 4.0.0-alpha.3
• c1ba80c Breaking: Upgrade major versions of glob-watcher, gulp-cli & vinyl-fs
• 89acc5c Docs: Improve ES2015 task exporting examples (#1999)
• 0ac9e04 Docs: Add "Project structure" section to CONTRIBUTING.md (#1859)
• 723cbc4 Docs: Fix syntax in recipe example (#1715)
• d420a6a Docs: Have gulp.lastRun take a function to avoid task registration (#1828)
• 29ece6f Upgrade: Update undertaker
• e931cb0 Docs: Fix changelog typos (#1696)
• 477db84 Docs: Add a "BrowserSync with Gulp 4" recipe (#1659)
• d4ed3c7 Docs: Add options.cwd for gulp.src API (#1645)
• 5dc3b07 Docs: Update gulp.watch API to align with glob-watcher
• 0c66069 Breaking: Replace chokidar as gulp.watch with glob-watcher wrapper
• c3dbc10 Docs: Clarify incremental builds example (#1609)

See the full diff

Package name: gulp-sass

The new version differs by 65 commits.

• ee03918 Merge pull request #254 from dlmanning/2.x
• 598d16f Merge pull request #248 from Snugug/feature/contributing
• dec985f Merge pull request #253 from Snugug/feature/3.0-bump
• c033adf ⬆️ Update Node Sass to 3.0
• 083e6bc 🔥 Remove reference to branch
• e072993 🔥 Remove Branching Model section
• ee07858 🎨 Update formatting of CHANGELOG entry
• 299c18f 📝 Add Contributing guidelines
• 33aa1f7 Merge pull request #238 from sarenji/2.x
• 2b21a49 Update to node-sass beta 7
• c1d629c Allow you to change the compiler and expose it
• cc2f815 bump node-sass to 3.0.0-beta.4
• 9b69aaa Merge pull request #228 from Snugug/2.x-datastream
• b7ade97 Indented Syntax support
• ad6e6e4 Tests for file rename and file contents change
• 0fefd16 Updated vars and includePaths based on comments
• 700ca8d Merge pull request #222 from Keats/filename
• 5b8d4eb Nope, shouldn't be , should be file name
• 4c4c3c1 A little bit of source map massaging
• bea198e Updated Tests
• 3cdf1a3 Passing file as data
• 5c7777f Rebase on top of 2.x
• de6af93 Add a sass file to the inheritance test
• 25ee16f Replace indent.sass to match an existing issue

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution