V8: Update NPM packages used to remove reported vulnerabilities

[PeteDuncanson]

Just tried to get V8 up and running and a "npm install" reported 60+ vulnerabilities that could be fixed.

[PeteDuncanson]

[PeteDuncanson]

I've got most of these fixed. The remaining ones are in gulp-ngdocs which is no longer maintained (see nikhilmodak/gulp-ngdocs#120) and only used for dev I think (something to look into) but they shouldn't be bundled in the back office at all.

Now down to 17 issues.

[PeteDuncanson]

If we wanted to fix it any more I'd suggest a PR to gulp-ngdocs but can't say I'm sure there would be anyone around to merge it in and do another release...could probably live with it.

[nul800sebastiaan]

Thanks so far @PeteDuncanson - are you making any progress on the gulp update yet?

As for docs, they don't work at the moment anyway and we'll need to find an alternative, so don't worry about that one.

[PeteDuncanson]

Had a play with it and will be working on it more so you know.

[readingdancer]

I've just submitted a pull request that updates Gulp to V4 and removes most of the vulnerabilities, let me know what you think?

As the Docs are not working, for now I think we might as well remove that section, what do you think @nul800sebastiaan & @PeteDuncanson ?

[PeteDuncanson]

Great work @readingdancer! It was discussed at one of the open spaces that docs are meant to now be "fixed". Not tried them myself since, are they broken again/still?

Either way the plan is to keep docs going and fix/improve them so I'd recommend leaving those in.

[umbrabot]

Hiya @PeteDuncanson,

Just wanted to let you know that we noticed that this issue got a bit stale and might not be relevant any more.

We will close this issue for now but we're happy to open it up again if you think it's still relevant (for example: it's a feature request that's not yet implemented, or it's a bug that's not yet been fixed).

To open it this issue up again, you can write @umbrabot still relevant in a new comment as the first line. It would be super helpful for us if on the next line you could let us know why you think it's still relevant.

For example:

@umbrabot still relevant
This bug can still be reproduced in version x.y.z

This will reopen the issue in the next few hours.

Thanks, from your friendly Umbraco GitHub bot 🤖 🙂

[readingdancer]

@PeteDuncanson - I just saw this, good to know that it was integrated with some more changes from HQ :)

#6809

I don't think I saw that back in 2019 :)