[Snyk] Fix for 1 vulnerabilities

[rsmarques]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: gulp-if

The new version differs by 8 commits.

• 16b1aae update dependencies, bump version: major version because of minimatch@3 and duplexer moving to streams3
• c7f895e Tests that validate gulp-if works for 10, 100, 200, and 400 files. Does this solve #43?
• 3279207 update dependencies, bump version: major version because of minimatch@3 and duplexer moving to streams3
• 54550ad Support passing minimatch options through gulp-match
• 258e68d Merge pull request #54 from dkoleary88/patch-1
• 9b11a70 Fixed spelling error in README.md
• 543354f Merge pull request #50 from pgilad/patch-1
• 10493e9 update license attribute

See the full diff

Package name: gulp-jshint

The new version differs by 16 commits.

• 2cb429b 2.0.2
• f1f3fc2 Merge pull request #150 from VictorVation/master
• 4f1f1cb update minimatch
• 6c9cadd Merge pull request #140 from rtack/patch-1
• 6532823 fix typo
• 4a7f304 2.0.1
• 5c1d63f move to explicitly imported lodash functions
• 81c7498 Merge pull request #139 from rkurbatov/upgrade-lodash
• 631e7ed Update .gitignore
• 368f267 Upgrade lodash version, fix 'repository' field to correct form
• 0d91672 Create CHANGELOG.md
• d7cc9ea version 2.0.0
• 02c4053 added note about jshint peerDependency
• 226ea3b Merge pull request #120 from spalger/jshintAsPeer
• a1c0be4 [npm] install jshint on travis, for old npm and future npm
• 3e7ad84 [npm] move jshint to peerDependencies

See the full diff

Package name: laravel-elixir

The new version differs by 68 commits.

• 2def8c9 v5.0.0
• b0bfaf6 Merge pull request #434 from SethTompkins/master
• 4442316 add cache and package cache browserify options keys by default
• cc5cab9 Remove some duplication
• f0491ba Remove gulp-phpspec plugin
• 5fa4b86 Remove gulp-phpunit - closes #418
• e2b2a0f Bump gulp-uglify
• 1a26399 Ignore bang when asserting files exist - closes #429
• 7881b51 Wrote a test for the scripts to test if my changes broke anything.
• 589f56c Moved Uglify Config to the Config.js
• a95c787 Add 4.2.1 notes
• 419232a v4.2.1
• 67a046c Merge branch 'parsnick-cssnano-safe'
• f60df88 Merge branch 'cssnano-safe' of https://github.com/parsnick/elixir into parsnick-cssnano-safe
• 857c338 Merge pull request #425 from hosmelq/master
• 6266453 Do not apply unsafe optimisations in cssnano
• ca8cff5 Only apply 'safe' optimisations in cssnano
• 5477baf Merge pull request #417 from gaomd/patch-1
• 9368b75 Fix section heading level in readme.md
• 05ec9d3 Reference config properly - closes #404
• 7e8b4c8 Fix comment
• 5962e2a Merge pull request #373 from peterfox/feature/dynamic-view-path
• 20c8527 Merge branch 'master' of github.com:laravel/elixir
• 122c92a Merge pull request #375 from odbayar/patch-1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)