[Snyk] Fix for 1 vulnerabilities

[saurabharch]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: alasql

The new version differs by 250 commits.

• 0d8ac98 Update dependencies
• b09cf58 Fix #1096 (Pivot function cast as float not working need during SUM, AVG)
• 674d8b2 Fix typo in README (#1131)
• dd08758 Fix for issue with a chain of OUTER JOINs (#1105)
• ac380c9 Update CONTRIBUTING.md
• 136666b Fixes for "SELECT * ... OUTER JOIN ..." (#1101)
• 977878c Fix example url
• 7d86aad fixed duplicate key + engines syntax error in package.json (#1093)
• aae9320 Fix JOIN CSV(filename) (#1092)
• af51018 docs: spelling (#1085)
• 50e042d Fix #1086
• 21c619f Update package.json
• f0b99f0 Fix #1081
• 131d89e Disable tests for TAB files
• bfb418e README cleanup (#1065)
• 3162ce4 Update ISSUE_TEMPLATE.md
• a1067e6 Update ISSUE_TEMPLATE.md
• 3806fff Merge branch 'release/0.4.11' into develop
• 657d963 Updated version in files to 0.4.11
• ef02954 XLSX Specified sheet without knowing the name. Fix #1008
• 1a95b21 Update CHANGELOG.md
• 85f0c47 Merge branch 'release/0.4.10' into develop
• b9bc662 Updated version in files to 0.4.10
• 12a17d1 Add license scan report and status (#1048)

See the full diff

Package name: chalk

The new version differs by 53 commits.

• 3fca615 2.0.0
• f66271e Add tagged template literal (#163)
• 23ef1c7 fix linter errors
• c015568 add rainbow example
• 09fb2d8 Re-implement `chalk.enabled` (#160)
• 608242a spoof supports-color
• 18f2e7c add host information output
• 523b998 Revert "TEMPORARY: emergency travis CI fix (see comments)"
• 54975fb TEMPORARY: emergency travis CI fix (see comments)
• 1d73b21 Improve readme
• 6f4d6b3 Bump dependencies
• 8702496 Remove `chalk.styles`
• 0412cdf Minor code improvements
• 249b9ac ES2015ify the codebase
• cb3f230 Add RGB (256/Truecolor) support (#140)
• dbae68d Update dependent package count in the readme (#154)
• 9b60021 Drop support for Node.js 0.10 and 0.12
• 0d21449 check parent builder object for enabled status (#142)
• 5a69476 add XO badge
• 492f11f add example file
• 4ce73b6 make XO happy
• 7c02cf4 Add log statement to chalk examples (#129)
• 835ca3d You've just reached 10,000 dependent modules. (Dbname johnshumiston/byodb#122)
• 74c087d minor doc improvements (hide assoc table johnshumiston/byodb#120)

See the full diff

Package name: gulp

The new version differs by 134 commits.

• 55eb23a Release: 4.0.0
• 173a532 Docs: Fix the installation instructions
• ec54d09 Docs: Improve note about out-of-date docs
• 03b7c98 Docs: Update recipes to install gulp@next
• 2eba29e Docs: Remove run-sequence from recipes
• 76eb4d6 Docs: Add installation instructions & update badges
• fbc162f Docs: Remove references to gulp-util
• 3011cf9 Scaffold: Normalize repository
• f27be05 Update: Remove graceful-fs from test suite
• 361ab63 Upgrade: Update glob-watcher
• 064d100 Build: Avoid broken node 9
• 057df59 Release: 4.0.0-alpha.3
• c1ba80c Breaking: Upgrade major versions of glob-watcher, gulp-cli & vinyl-fs
• 89acc5c Docs: Improve ES2015 task exporting examples (#1999)
• 0ac9e04 Docs: Add "Project structure" section to CONTRIBUTING.md (#1859)
• 723cbc4 Docs: Fix syntax in recipe example (#1715)
• d420a6a Docs: Have gulp.lastRun take a function to avoid task registration (#1828)
• 29ece6f Upgrade: Update undertaker
• e931cb0 Docs: Fix changelog typos (#1696)
• 477db84 Docs: Add a "BrowserSync with Gulp 4" recipe (#1659)
• d4ed3c7 Docs: Add options.cwd for gulp.src API (#1645)
• 5dc3b07 Docs: Update gulp.watch API to align with glob-watcher
• 0c66069 Breaking: Replace chokidar as gulp.watch with glob-watcher wrapper
• c3dbc10 Docs: Clarify incremental builds example (#1609)

See the full diff

Package name: gulp-eslint

The new version differs by 86 commits.

• a398838 4.0.0
• 18a4299 emit an error when it fails to load an ESLint plugin
• b8bf261 update ESLint from v3 to v4 (#198)
• c0e82ce use `Buffer.from` instead of `new Buffer`
• e6c67a2 drop support for linting `Stream` contents
• 132d5cc Fix formatting issues in README.md (#194)
• 7f65378 remove link to config file `globals` doc
• 8ddfb84 correct the type of `globals` option in README
• 6059c22 3.0.1
• b0c2816 ensure sharable config works
• 08b9212 test the case where babel-eslint is actually useful
• eb98701 mock stream-mode vinyl files with from2-string
• bcd7736 fix invalid `envs` option
• 286b0c4 remove unused fixtures
• e2723e1 Remove unnecessary `object-assign` dependency
• 82c1949 3.0.0
• 97d8638 Remove invalid options in example code
• 505779d Remove option aliases
• 7228608 Bump ESLint to v3.x and ES2015ify
• 946e0e9 2.1.0
• a01671e Add v2.1.0 release note
• 87213fd Fix inline config example in README (#159)
• 4de3d64 Test on the latest/LTS Node
• cb7fd6a Install istanbul-coveralls only on Travis CI

See the full diff

Package name: gulp-sass

The new version differs by 42 commits.

• 5775044 Update CHANGELOG.md
• 978b8f6 Update to major version 5 (#802)
• 10eae93 Update changelog for 4.1.1
• 947b26c Upgrade lodash to fix a security issue (#776)
• 8d6ac29 Update changelog
• 43c0547 4.1.0
• ebe3ec6 Set appropriate file stat times (#763)
• 7ab018e Migrate to the lodash package
• fa670c6 4.0.2
• fefa00e Revert package.json version bump
• 98254d2 Fix README typos
• 8a14419 Continue loading Node Sass by default
• 938afbe Add a note about synchronous versus asynchronous speed
• 7cc2db1 Make this package implementation-agnostic
• 643f73b Add documentation for synchronous code options
• 0b3c7e7 4.0.1
• daca90d Merge pull request #681 from DKvistgaard/master
• 71471c2 Declaring logError as function instead of arrow function.
• 450a7b8 4.0.0
• e9b1fe8 Fix node versions in appveyor.yml
• 44be409 Merge pull request #667 from dlmanning/next
• 7656eff Adopt airbnb eslint preset
• 1293169 Bump autoprefixer@^8.1.0, gulp-postcss@^7.0.1
• 9fa817b Bump gulp-sourcemaps@^2.6.4

See the full diff

Package name: knex

The new version differs by 250 commits.

• eb136f1 Merge branch 'master' of https://github.com/tgriesser/knex
• 2072163 Update version in changelog (#3138)
• f28ae7a Merge branch 'master' of https://github.com/tgriesser/knex
• f757e36 Bump version to 0.16.4 (#3137)
• 18532b2 Bump version to 0.16.4
• 286d84b Prepare for 0.16.4-next3 release (#3136)
• 1948c3d Add boolean as a column name in join (#3121)
• fe6083e Support nullable timestamps on MySQL (#3100)
• b15ee3d make unionAll()'s call signature match union() (#3055)
• e7ed005 Fix queryContext not being passed to raw queries (#3111)
• 11fdc0c Add missing clearOrder & clearCounters types (#3109)
• 7ecbcd5 Update changelog and version number (#3108)
• 5fea86e Update dependencies (#3107)
• 19926d8 [#3033] fix: sqlite3 drop/renameColumn() breaks with postProcessResponse (#3040)
• 24fcf27 Fix transaction support for migrations (#3084)
• de1c934 Include 'string' as accepted Knex constructor type definition (#3105)
• 0aacab5 Fix for #2998 - Migrator & TypeScript (#3041)
• fcd21d9 Add command for executing tests on SQLite (#3101)
• 1da56a3 Update mssql dev dep to v5 stable (#3096)
• b9a648c Format code (#3088)
• 0db7859 add test that clearing offset (#2954)
• f3f0750 Make TS stubs modern (#3080)
• 68723e0 Update changelog (#3086)
• 1b39d67 Tests for drop-and-recreate with async/await (#3083)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.