[Snyk] Fix for 37 vulnerabilities

[nithincvpoyyil]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	679/1000 Why? Has a fix available, CVSS 9.3	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962463	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTMLMINIFIER-3091181	Yes	Proof of Concept
	626/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.1	Man-in-the-Middle (MitM) SNYK-JS-HTTPSPROXYAGENT-469131	Yes	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASHTEMPLATE-1088054	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342073	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342082	Yes	Proof of Concept
	520/1000 Why? Has a fix available, CVSS 5.9	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-584281	Yes	No Known Exploit
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Improper Input Validation SNYK-JS-POSTCSS-5926692	Yes	No Known Exploit
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-1056752	Yes	Proof of Concept
	704/1000 Why? Has a fix available, CVSS 9.8	Improper Input Validation SNYK-JS-SOCKETIOPARSER-3091012	Yes	No Known Exploit
	624/1000 Why? Has a fix available, CVSS 8.2	Arbitrary File Overwrite SNYK-JS-TAR-1536528	No	No Known Exploit
	624/1000 Why? Has a fix available, CVSS 8.2	Arbitrary File Overwrite SNYK-JS-TAR-1536531	No	No Known Exploit
	410/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	No	No Known Exploit
	639/1000 Why? Has a fix available, CVSS 8.5	Arbitrary File Write SNYK-JS-TAR-1579147	No	No Known Exploit
	639/1000 Why? Has a fix available, CVSS 8.5	Arbitrary File Write SNYK-JS-TAR-1579152	No	No Known Exploit
	639/1000 Why? Has a fix available, CVSS 8.5	Arbitrary File Write SNYK-JS-TAR-1579155	No	No Known Exploit
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	Yes	No Known Exploit
	596/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.5	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-USERAGENT-174737	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Prototype Pollution SNYK-JS-XML2JS-5414874	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:braces:20180219	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	Proof of Concept
	796/1000 Why? Mature exploit, Has a fix available, CVSS 8.2	Uninitialized Memory Exposure npm:https-proxy-agent:20180402	Yes	Mature
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:ms:20170412	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:parsejson:20170908	Yes	No Known Exploit
	584/1000 Why? Has a fix available, CVSS 7.4	Prototype Override npm:querystringify:20180419	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: anymatch

The new version differs by 10 commits.

• c906c02 2.0.0
• 2f49ea0 Remove OSX on CI
• 77cda55 Downgrade to coveralls@^2.7 for ES5 compatibility
• e0a9dc6 Downgrade to mocha@^3 for ES5 compatibility
• f62a1d7 Update travis config
• 2455ec2 Move to micromatch org
• 96f3ec6 Merge pull request [Snyk] Fix for 2 vulnerable dependencies #23 from micromatch/bump-major
• a110c8f Merge pull request [Snyk] Fix for 1 vulnerable dependencies #24 from phated/patch-1
• 7fe3d94 Note about minimatch changes
• 59a9101 Update dependencies to latest versions

See the full diff

Package name: chokidar

The new version differs by 216 commits.

• 7b8e02a Release 3.0.0.
• e7bfe2f Move stuff.
• df7f22e Remove changelog from npm, move to hidden dir.
• 3df7692 Improve naming.
• 6e94ca2 Clean-up.
• 2de2f9c test: Add testing of Node.js v12 in Travis pipeline. (#833)
• 9e0965a Fix Windows tests in Travis CI (#832)
• c95a98f Update stuff.
• 187ff2b test: Trying to fix blinked tests for Travis CI. (#825)
• db99076 fix(Windows): Add converting from windows to unix path for all ignored paths. (#824)
• 41f8782 fix(FsEvents): Remove situation with NaN depth. (#823)
• 7cf3f7e Update readdirp to stable.
• 0927a62 Bump packages.
• 11cd857 Update nyc.
• 99c14d7 Uncomment fsevents.
• cf330a5 Update fsevents.
• 0e4fca5 Fix deps.
• 9c575d4 Fix Windows version (#821)
• 3323d59 fix(Linux): Make event loop hack for keep testing valid. (#820)
• 06214c5 Update to latest readdirp.
• 793639f Rename osxfswatch.
• 078bc2d Refactor and fix freaking tests.
• 2b9bb41 Try node 11.
• 3fe3d4e Test travis.

See the full diff

Package name: css-loader

The new version differs by 80 commits.

• 634ab49 chore(release): 2.0.0
• 6ade2d0 refactor: remove unused file (#860)
• e7525c9 test: nested url (#859)
• 7259faa test: css hacks (#858)
• 5e6034c feat: allow to filter import at-rules (#857)
• 5e702e7 feat: allow filtering urls (#856)
• 9642aa5 test: css stuff (#855)
• 3338656 fix: reduce number of require for url (#854)
• 533abbe test: issue 636 (#853)
• 08c551c refactor: better warning on invalid url resolution (#852)
• b0aa159 test: issue #589 (#851)
• f599c70 fix: broken unucode characters (#850)
• 1e551f3 test: issue 286 (#849)
• 419d27b docs: improve readme (#848)
• d94a698 refactor: webpack-default (#847)
• b97d997 feat: schema options
• 453248f fix: support module resolution in composes (#845)
• 8a6ea10 refactor: postcss plugins (#844)
• fdcf687 fix: url resolving logic (#843)
• 889dc7f feat: allow to disable css modules and disable their by default (#842)
• ee2d253 test: importLoaders option (#841)
• 1dad1fb feat: reuse postcss ast from other loaders (i.e `postcss-loader`) (#840)
• fe94ebc test: icss reserved keywords (#839)
• 9eaba66 refactor: migrate on message api for postcss-icss-plugin (#838)

See the full diff

Package name: dateformat

The new version differs by 9 commits.

• 8802071 2.0.0
• ba00ce7 update `contributors`
• 9222537 remove cli.js
• 85d577e removes CLI
• 6fb6e92 Merge pull request [Snyk] Security upgrade copy-webpack-plugin from 4.6.0 to 6.0.0 #49 from thejameskyle/patch-1
• fbc280f Create .npmignore
• 261aec5 Merge pull request [Snyk] Fix for 2 vulnerabilities #47 from samt/master
• dd04e87 Fix code-block intent
• 5cd7114 Add mask options and named formats to Readme.md

See the full diff

Package name: engine.io-client

The new version differs by 33 commits.

• 1cbab34 [chore] Release 3.1.2
• 0b26bc3 [fix] Remove parsejson dependency (#580)
• b949abc [chore] Release 3.1.1
• 11f3fdd [test] Launch browser tests on localhost by default (#571)
• 753c180 [chore] Unpin debug version (#568)
• fce140a [chore] Release 3.1.0
• 32fe4e5 [chore] Bump engine.io-parser to version 2.1.1 (#566)
• be73a9c [chore] Pin debug to version 2.6.4 (#567)
• 7aad0d6 [chore] Bump engine.io-parser to version 2.1.0 (#565)
• cfb2775 [chore] Bump ws to version 2.3.1 (#564)
• f7be578 [chore] Bump debug to version 2.6.4 (#563)
• 3e03346 [refactor] Set responseType based on 'Content-Type' header (#562)
• 51d7529 [chore] Release 3.0.0
• 7a72404 [chore] Bump dependencies (#560)
• beb7090 [fix] Default `rejectUnauthorized` to `true` (#558)
• 82f3f61 [chore] Drop support for old nodejs versions (0.10 & 0.12) (#557)
• 4c021d3 [chore] Release 2.1.1 (#556)
• 56bf176 [chore] Bump engine.io-parser to version 2.0.2 (#555)
• 0d2cc68 [chore] Release 2.1.0 (#550)
• 3ba6fa1 [chore] Bump engine.io-parser to version 2.0.1 (#549)
• 8f04149 [chore] Bump concat-stream to version 1.5.2 (#548)
• 1519765 [feat] Allow to set the protocols for the websocket transport (#546)
• be4c906 [chore] Release 2.0.2 (#541)
• 144a7fd [chore] Bump ws to version 1.1.2 (vulnerability fix) (#539)

See the full diff

Package name: extglob

The new version differs by 27 commits.

• 0daa3ed 3.0.0
• dedd109 Merge pull request [Snyk Update] New fixes for 1 vulnerable dependency path #12 from micromatch/snap-11
• e90b000 Use let/const
• ff338f9 Fix linting
• 8fdd4e2 Drop support for node <4
• 841c540 Update dependencies
• ed10fb2 Update snapdragon to 0.11
• b00d865 closes https://github.com/test is failing in travis micromatch/extglob#11
• 4313f30 skip failing bash test
• 58edb4d 2.0.3
• 394fe64 fix docs, run verb to generate readme
• fec7bfb run update
• 8a341cb 2.0.2
• a2acdb1 run verb to generate readme documentation
• 28cfabd update benchmarks
• 7d677f2 use minimist to fix build error
• b1d6afc 2.0.0
• 4e23db3 update appveyor
• 61c34fe update changelog
• d533225 run verb to generate readme documentation
• bfd16c8 upgrade deps
• 1e41476 adds a few random tests, comments
• fdf54cc run update
• 489cfb0 move `.cache` to last

See the full diff

Package name: html-webpack-plugin

The new version differs by 196 commits.

• eb73905 chore(release): 4.0.0
• 42a6d4a Add typing for getHooks
• a1a37cf Release html-webpack-plugin 4.0.0-beta.14
• 97f9fb9 fix: load script files before style files files in defer script loading mode
• e97ce17 Release html-webpack-plugin 4.0.0-beta.13
• e448b5d Release html-webpack-plugin 4.0.0-beta.12
• de315eb feat: Add defer script loading
• 7df269f feat: Provide a verbose error message if html minification failed
• 1d66e53 feat: merge templateParameters with default template parameters
• dfb98e7 Fix typo in template option docts
• 096a760 Fix broken links in examples
• a195c34 docs: Update template-option documentation
• 40b410e docs: Update example for template parameters
• bf017f3 chore: Release 4.0.0-beta.11
• 2549557 test: Don't use minification for speed measurement
• de22fc2 test: Adjust measurment for node 6 on travis
• 24bf1b5 fix: Update references to html-minifier
• f4eafdc chore: Release 4.0.0-beta.10
• a2ad30a refactor: Use getAssetPath instead of calling the hook directly
• 2595a79 chore: Release 4.0.0-beta.9
• c66766c feat: Add support for minifying inline ES6 inside html templates
• 655cbcd Fix README typo
• 6de319b update lodash dependency for prototype polution vulnerability
• 35a1541 Properly encode file names emitted as part of URLs.

See the full diff

Package name: https-proxy-agent

The new version differs by 52 commits.

• 0d8e8bf 2.2.3
• 850b835 Revert "Use Mocha 5 for Node 4 support"
• f5f56fa Remove Node 4 from Travis
• bb837b9 Revert "Remove Node 4 from Travis"
• 1e34e0d Use Mocha 5 for Node 4 support
• 36d8cf5 Use an `EventEmitter` to replay failed proxy connect HTTP requests ([Snyk] Security upgrade sass-graph from 2.2.6 to 3.0.5 #77)
• 5252bb9 Revert "Meh…" ([Snyk] Fix for 1 vulnerabilities #79)
• 6c804a2 Remove Node 4 from Travis
• 2170151 [TypeScript] Allow `port` to be a string ([Snyk] Fix for 2 vulnerabilities #72)
• 590bc8b Remove Node 5 and 7 from Travis
• c7d8161 Fix compatibility with Node.js >= 10.0.0 ([Snyk] Fix for 1 vulnerabilities #73)
• 2590f76 Meh…
• 3535951 Test on Node.js 10 and 12
• 2629ba6 Fix compatibility with Node.js >= 10.0.0
• 46aad09 Remove unreachable code
• d0e3c18 Update `proxy` to v1.0.0
• c17ccdc Update README with actual secureProxy behavior ([Snyk] Fix for 2 vulnerabilities #65)
• e145714 2.2.2
• 4a7ea92 Update `agent-base` to v4.3 ([Snyk] Fix for 2 vulnerabilities #69)
• 13917f6 feat(typescript): Allow input to be options or string ([Snyk] Security upgrade adm-zip from 0.4.16 to 0.5.2 #68)
• c5c4ffc Add TypeScript type definitions ([Snyk] Security upgrade karma from 1.7.1 to 5.0.8 #66)
• 11bc347 Update `agent-base` to v4.2 ([Snyk] Security upgrade webpack-dev-server from 2.11.5 to 3.11.0 #50)
• 056c843 Ignore test directory, History.md and .travis.yml when creating npm package. Fixes Bump kind-of from 3.2.2 to 6.0.3 #42 (Bump qs from 5.2.1 to 6.9.3 #45)
• c881009 Remove `package-lock.json`

See the full diff

Package name: internal-ip

The new version differs by 4 commits.

• df16f28 2.0.0
• 0e62348 Remove default export and extract CLI into a separate
• 4a10abe Rewrite to async with better detection and ES2015 ([Snyk Update] New fixes for 1 vulnerable dependency path #9)
• 36cfa81 Tweaks ([Snyk Update] New fixes for 1 vulnerable dependency path #8)

See the full diff

Package name: karma

The new version differs by 250 commits.

• 1b48637 chore(release): 5.0.0 [skip ci]
• a5dbe89 Update issue templates (#3460)
• 1074f38 chore(ci): rely on karma-runnre/integration-tests for saucelabs config (#3462)
• 4d45cf0 chore(ci): remove more old connection security stuffs (#3459)
• be76fcc chore(ci): use travis UI for sauce config (#3458)
• a04a542 chore(ci): remove secure encryption var (#3457)
• 1eaf35e fix: install semantic-release as a regular dev dependency (#3455)
• 0647109 docs: Fix simple typo, overriden -> overridden (#3453)
• ec1e69a fix(server): replace optimist on yargs lib (#3451)
• ffad7fa refactor(launcher): use class syntax (#3437)
• 7166ce2 fix(server): detection new MS Edge Chromium (#3440)
• b8b2ed8 fix(ci): echo travis env that gates release after_success (#3446)
• 33a069f refactor: use native Promise instead of Bluebird (#3436)
• 131d154 refactor: drop safe-buffer dependency in favor of native Buffer (#3438)
• cb1bcbf fix(server): cleanup import of the removed method (#3439)
• 5c334f5 fix(server): createPreprocessor was removed (#3435)
• d7128d4 refactor(server): remove PromiseContainer class (#3416)
• 057d527 feat(docs): document `DEFAULT_LISTEN_ADDR` constant (#3443)
• a673aa8 ci: drop node 8, adopt node 12 (#3430)
• 9eb6436 chore(server): Convert PromiseContainer to object and remove (#3401)
• 0856234 chore(travis): release on node 10 success (#3428)
• 708ae13 feat(preprocessor): obey Pattern.isBinary when set (#3422)
• 00d536f chore(test): logLevel debug in proxy test (#3427)
• da9d8bd chore(docs): delete PULL_REQUEST_TEMPLATE.md

See the full diff

Package name: karma-coverage

The new version differs by 36 commits.

• 32acafa chore(release): 2.0.2 [skip ci]
• bb8f9ee chore: add semantic-release for project - fix #408 (#413)
• 9c37de6 chore: add check commit message (#411)
• 27822c9 ci(test): use eslint as ci command and add all js files to check by eslint (#410)
• 1adb27a ci: drop node 8, adopt node 12 (#409)
• 4962a70 fix(reporter): update calls to match new API in istanbul-lib-report fix #398 (#403)
• fc6e289 refactor: remove isAbsolute and replace with path.isAbsolute (#405)
• 83bafc3 refactor: replace migrate coffee unit tests to modern JS (#407)
• 49f174d refactor: onRunComplete method to upgrade on new major version of Istanbul (#406)
• 4cfa697 chore: Update dev Dependencies eslint and load-grunt-tasks (#387)
• 5cf931a fix: remove information about old istanbul lib (#404)
• 352254a chore(deps): bump handlebars from 4.1.2 to 4.5.3 (#399)
• 0ee780c chore(deps): bump lodash.template from 4.4.0 to 4.5.0 (#392)
• d18cde4 chore(deps-dev): bump eslint from 2.13.1 to 4.18.2 (#397)
• 55aeead Update Source Map Handling (#394)
• b23664e Added debug msg whether coverage is in reporters (#396)
• d3f53e3 chore(all): Migrate to ES6 (#385)
• 9c8a222 Make travis file simpler (#386)
• b76db9e Remove unused dateformat dependency (#384)
• 075ece0 Remove unused istanbul dependency (#382)
• 9184fc0 chore: release v2.0.1
• 57d4bd3 chore(deps): npm audit fix --force; update travis.yml (#380)
• 0e2800b chore: release v2.0.0
• 99c0c35 chore: update contributors

See the full diff

Package name: marked-terminal

The new version differs by 38 commits.

• 0bdab74 v3.1.0
• 2508b92 v3.0.1
• 4b6edd4 Supports both 0.4.0 and 0.5.0
• f32584f Updates all dependencies
• c2ccd5a Merge pull request Bump kind-of from 3.2.2 to 6.0.3 #42 from millette/patch-1
• 14fe01b Upgrade to marked 0.5.0
• fd96408 v3.0.0
• a70c307 Bumps dev dependencies to marked 0.4
• 36a8035 Merge pull request [Snyk] Fix for 1 vulnerabilities #41 from gr2m/patch-1
• fca5514 Changes travis checks for modern versions of node
• e9d5ff4 build(package): marked@^0.4.0
• aa5e552 Revert "Revert "No longer bullet every line of multi-line list items""
• d57047e Merge pull request [Snyk] Security upgrade acorn from 5.7.3 to 7.1.1 #38 from mikaelbr/revert-37-multi-line-list-items
• 5ab64f8 Revert "No longer bullet every line of multi-line list items"
• 4e756c9 Revert "v2.0.1"
• dd005fa Merge pull request [Snyk] Fix for 1 vulnerabilities #37 from devinivy/multi-line-list-items
• a981246 v2.0.1
• 6c6297b Updates package-lock
• e9ecc8d Do not bullet every line of multi-line list items
• 105245b Merge pull request [Snyk] Fix for 1 vulnerabilities #36 from dzabrzenski/master
• 9d48a88 update `marked` to the latest version
• f8b778a Merge pull request [Snyk] Fix for 1 vulnerabilities #35 from mikaelbr/add-license-1
• 727a660 Create LICENSE
• 9c2654f Merge pull request [Snyk] Fix for 2 vulnerabilities #34 from mikaelbr/add-code-of-conduct-1

See the full diff

Package name: meow

The new version differs by 54 commits.

• 5975fe6 6.0.0
• 3e05a2e Add type information for flags ([Snyk] Security upgrade replace from 0.3.0 to 1.2.2 #122)
• 499d186 Update dependencies
• 5ef9478 Add support for `number` flag type ([Snyk] Security upgrade selfsigned from 1.10.14 to 2.0.0 #103)
• 8e5248e Fix typo ([Snyk] Security upgrade node-sass from 4.14.1 to 7.0.2 #121)
• cd29865 Only consider enabling autoHelp/autoVersion in case there is only one argument in `process.argv` ([Snyk] Fix for 1 vulnerabilities #114)
• 54e1f22 Tidelift tasks
• 47fe20f Create funding.yml
• 927e6e8 Add Node.js 12 to testing ([Snyk] Fix for 1 vulnerabilities #118)
• 167d1ec Update dependencies, refactor TypeScript definition to CommonJS compatible export ([Snyk] Security upgrade webpack-dev-server from 2.11.5 to 3.1.10 #117)
• fd537b8 Update dependencies
• f1036df Add TypeScript definition ([Snyk] Fix for 1 vulnerabilities #116)
• f36715c Remove flag's aliases from the `flags` property ([Snyk] Security upgrade unset-value from 0.1.2 to 2.0.1 #108)
• 646f30b Fix Travis
• 439ac9b Fix docs regarding meow arguments
• cd635d4 Require Node.js 8
• 2bcfee7 Add `hardRejection` option
• f60c26e Switch from `loud-rejection` to `hard-rejection`
• 89f8983 Minor code tweaks
• d2e0e1e Add test that proves that grouped short-flags work fine
• 59773ee Fix readme example ([Snyk] Security upgrade node-sass from 4.14.1 to 7.0.0 #99)
• 258659a Document the `--no-` prefix ([Snyk] Fix for 1 vulnerabilities #87)
• e047605 5.0.0
• 4ab22b1 Require Node.js 6

See the full diff

Package name: micromatch

The new version differs by 29 commits.

• 89efcff 4.0.0
• f3238cb Merge pull request [Snyk] Fix for 1 vulnerabilities #151 from micromatch/dev
• 7c78f9a ensure args are strings
• 2e42796 bump picomatch