[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	758/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: gulp

The new version differs by 216 commits.

• 84df40b 3.8.11
• c46bf1a update liftoff and v8flags to deal with new node versions and iojs
• 0b7967f Fixed minor JS syntax error in docs
• 98b1cb6 Update .travis.yml
• e8c6bf6 Add node.js 0.12 and io.js to travis.yml
• 54684fe Adding gulp-util to the npm install line
• e9f8991 Update gulp core team GitHub link
• af17d96 Update gulp-ruby-sass syntax (1.0.0)
• 0cc972c add gitter badge and rearrange badge line
• 3cb110b Removed syntax highlighting from file structure
• 17d77cb update MIT License to year range
• 51e5a24 Merge pull request #834 from danielbayerlein/gulp-watch-v3
• f66bbb4 Merge pull request #836 from yousefcisco/patch-1
• 7f25230 Update dealing-with-streams.md
• c9563c7 gulp-watch v3.0.0 API
• 994f872 Merge pull request #820 from pertrai1/patch-1
• d530c08 article on optimizing web code
• e463249 sourcemaps with watchify
• 6a3b85f clean up watchify recipe
• 20774cc Merge pull request #596 from stevelacy/patch-1
• 03df8c9 Merge pull request #818 from CaryLandholt/master
• 742dce6 pluralized Book(s) section
• 305500f Add "Developing a gulp Edge" book reference
• ae98edf Merge pull request #809 from svetlyak40wt/patch-1

See the full diff

Package name: gulp-jshint

The new version differs by 20 commits.

• c277434 2.0.3
• 711f3f0 test fix
• 0045278 dep updates
• bee3a83 [readme] spruce things up a bit
• 2cb429b 2.0.2
• f1f3fc2 Merge pull request [Snyk] Fix for 1 vulnerabilities #150 from VictorVation/master
• 4f1f1cb update minimatch
• 6c9cadd Merge pull request [Snyk] Fix for 2 vulnerabilities #140 from rtack/patch-1
• 6532823 fix typo
• 4a7f304 2.0.1
• 5c1d63f move to explicitly imported lodash functions
• 81c7498 Merge pull request [Snyk] Security upgrade karma from 0.12.37 to 5.0.8 #139 from rkurbatov/upgrade-lodash
• 631e7ed Update .gitignore
• 368f267 Upgrade lodash version, fix 'repository' field to correct form
• 0d91672 Create CHANGELOG.md
• d7cc9ea version 2.0.0
• 02c4053 added note about jshint peerDependency
• 226ea3b Merge pull request resize event support #120 from spalger/jshintAsPeer
• a1c0be4 [npm] install jshint on travis, for old npm and future npm
• 3e7ad84 [npm] move jshint to peerDependencies

See the full diff

Package name: karma

The new version differs by 250 commits.

• db41e8e chore: release v2.0.0
• 0a1a8ef chore: update contributors
• 1afcb09 chore: add yarn.lock
• f64e1e0 Merge pull request #2899 from outsideris/fix-bad-url-in-stacktrace
• 78ad12f refactor(server): move compile step to first run
• 34dc7d3 fix(reporter): show file path correctly when urlRoot specified
• b53929a Merge pull request #2712 from macjohnny/patch-1
• c9e1ca9 feat: better string representation of errors
• 10fac07 Merge pull request #2885 from karma-runner/prep-2
• 00e3f88 chore: remove yarn.lock for now
• 60dfc5c feat: drop core-js and babel where possible
• 0e1907d test: improve linting and fix test on node 4
• af0efda test(e2e): update cucumber step definitions
• c3ccc5d chore(ci): focus on even node versions
• bf25094 chore(deps): update to latest
• d93cc5f docs(config): Document port collision scenario.
• 871d46f feat(launcher): trim whitespace in browser name
• 99fd3f0 fix(config): Call debug log methods after setting the loglevel based upon config/cli-options.
• 7bd54ed Merge pull request #2890 from reda-alaoui/patch-1
• 91e916a docs(config): Document port collision scenario.
• 334f9fb feat(launcher): trim whitespace in browser name
• e23c0d4 Merge pull request #2837 from JakeChampion/logs
• a340dae fix(config): Call debug log methods after setting the loglevel based upon config/cli-options.
• 6d353dc docs: improve comments in config.tpl.*

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic