[Snyk] Upgrade gulp from 4.0.0 to 4.0.2 #850
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade gulp from 4.0.0 to 4.0.2. See this package in npm: https://www.npmjs.com/package/gulp See this project in Snyk: https://app.snyk.io/org/nexuscompute/project/61b026bd-7498-48dc-a9b7-72a021d779c3?utm_source=github&utm_medium=referral&page=upgrade-pr
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade gulp from 4.0.0 to 4.0.2.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-SETVALUE-450213
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-MIXINDEEP-450212
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-COPYPROPS-1082870
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-DECODEURICOMPONENT-3149970
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-ES5EXT-6095076
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-SETVALUE-1540541
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-SETVALUE-1540541
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-SETVALUE-450213
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-INI-1048974
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-PATHPARSE-1077067
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
npm:chownr:20180731
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-KINDOF-537849
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: gulp
-
4.0.2 - 2019-05-06
- Bind src/dest/symlink to the gulp instance to support esm exports (5667666) - Ref standard-things/esm#797
- Add notes about esm support (4091bd3) - Closes #2278
- Fix the Negative Globs section & examples (3c66d95) - Closes #2297
- Remove next tag from recipes (1693a11) - Closes #2277
- Add default task wrappers to Watching Files examples to make runnable (d916276) - Closes #2322
- Fix syntax error in lastRun API docs (ea52a92) - Closes #2315
- Fix typo in Explaining Globs (5d81f42) - Closes #2326
- Add node 12 to Travis & Azure (b4b5a68)
-
4.0.1 - 2019-04-21
- Temporary workaround for facebook/docusaurus#257 (9f4a2e9) - Closes facebook/Docusaurus#257
- Fix error in ES2015 usage example (a4e8d48) - Closes #2099 #2100
- Add temporary notice for 4.0.0 vs 3.9.1 documentation (126423a) - Closes #2121
- Improve recipe for empty glob array (45830cf) - Closes #2122
- Reword standard to default (b065a13)
- Fix recipe typo (86acdea) - Closes #2156
- Add front-matter to each file (d693e49) - Closes #2109
- Rename "Getting Started" to "Quick Start" & update it (6a0fa00)
- Add "Creating Tasks" documentation (21b6962)
- Add "JavaScript and Gulpfiles" documentation (31adf07)
- Add "Working with Files" documentation (50fafc6)
- Add "Async Completion" documentation (ad8b568)
- Add "Explaining Globs" documentation (f8cafa0)
- Add "Using Plugins" documentation (233c3f9)
- Add "Watching Files" documentation (f3f2d9f)
- Add Table of Contents to "Getting Started" directory (a43caf2)
- Improve & fix parts of Getting Started (84b0234)
- Create and link-to a "docs missing" page for LINK_NEEDED references (2bd75d0)
- Redirect users to new Getting Started guides (53e9727)
- Temporarily reference gulp@next in Quick Start (2cecf1e)
- Fixed a capitalization typo in a heading (3d051d8) - Closes #2242
- Use h2 headers within Quick Start documentation (921312c) - Closes #2241
- Fix for nested directories references (4c2b9a7)
- Add some more cleanup for Docusaurus (6a8fd8f)
- Temporarily point LINK_NEEDED references to documentation-missing.md (df7cdcb)
- API documentation improvements based on feedback (0a68710)
- Update API Table of Contents (d6dd438)
- Add API Concepts documentation (8dd3361)
- Add Vinyl.isCustomProp() documentation (40ee801)
- Add Vinyl.isVinyl() documentation (25a22bf)
- Add Vinyl documentation (fc09067)
- Update watch() documentation (69c22f0)
- Update tree() documentation (ebb9818)
- Update task() documentation (b636a9c)
- Update symlink() documentation (d580efa)
- Update src() documentation (d95b457)
- Update series() documentation (4169cb6)
- Update registry() documentation (d680487)
- Update parallel() documentation (dc3cba7)
- Update lastRun() documentation (363df21)
- Update dest() documentation (e447d81)
- Split API docs into separate markdown files (a3b8ce1)
- Fix hash link (af4bd51)
- Replace some links in Getting Started (c433c70)
- Remove temporary workaround for facebook/docusaurus#257 (5c07954) - Closes facebook/Docusaurus#257
- Added code ticks to "null" where missing (cb67319) - Closes #2243
- Fix broken link in lastRun (d35653e)
- Add front-matter to documentation-missing page (a553cfd)
- Improve grammar on Concepts (01cfcc5) - Closes #2247
- Remove spaces around
- Improve grammar in src (eb493a2) - Closes #2248
- Fix formatting error (ca6ba35) - Closes #2250
- Fix formatting of lastRun (8569f85) - Closes #2251
- Add missing link in watch (e35bdac) - Closes #2252
- Fix broken link in tasks (6d43750) - Closes #2253
- Improve punctuation in tree (8e9fd70) - Closes #2254
- Fix mistake in "Splitting a gulpfile" (96c353d) - Closes #2255
- Remove front-matter from outdated pages (c5af6f1)
- Fix broken link in Table of Contents (c641369) - Closes #2260
- Update the babel dependencies to install & configuration needed (7239cf1) - Closes #2136
- Add "What's new in 4.0" section (75ea634) - Closes #2089 #2267
- Cleanup README for "latest" bump (24e202b) - Closes #2268
- Revert "next" reference now that 4.0 is latest (ed27cbe)
- Add Azure Pipelines badge (f3f0548) - Closes #2310
- Add note about transpilation to "Splitting a Gulpfile" section (53b9037) - Closes #2311 #2312
- Improve wording of file rename (88437f2) - Closes #2314
- Update glob-watcher, gulp-cli, and undertaker dependencies & rimraf devDep (d3734d3)
- Add node 10 to CI matrices (a5eac1c)
- Remove jscs & update eslint for code formatting rules (ad8a2f7)
- Fix Azure comment (34a6d53) - Closes #2307
- Add Azure Pipelines CI (b2c6c7e) - Closes #2299
- Mark *.png and *.jpg as binary files to git (a010db6)
- Update some links and license year (1027236)
- Add tidelift configuration (49b5aca)
- Add new expense policy (9819957)
- Add support-bot template (9078c49)
-
4.0.0 - 2018-01-01
- Remove graceful-fs from test suite (f27be05)
- Remove references to gulp-util (fbc162f)
- Fix the installation instructions (173a532)
- Improve note about out-of-date docs (ec54d09)
- Update recipes to install gulp@next (03b7c98)
- Remove run-sequence from recipes (2eba29e)
- Add installation instructions & update badges (76eb4d6)
- Update glob-watcher (361ab63)
- Avoid broken node 9 (064d100)
- Normalize repository (3011cf9)
from gulp GitHub release notesFix
Docs
Build
Fix
Docs
(c960c1d)
Upgrade
Build
Scaffold
Update
Docs
Upgrade
Build
Scaffold
Commit messages
Package name: gulp
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs