Skip to content

Upgrade lodash and gulp #12

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jrohland wants to merge 8 commits into
base: master
Choose a base branch
from
Open

Upgrade lodash and gulp #12

jrohland wants to merge 8 commits into from

Conversation

@jrohland
Copy link

@jrohland jrohland commented Dec 5, 2019

The current version of lodash has a few security vulnerabilities which directly impact projects implementing this library. Additionally when attempting to upgrade lodash and rebuild I found that the version of gulp being used had numerous security vulnerabilities as well.

  • Lodash has been upgraded to 4.17.15
  • Gulp has been upgraded to 4.0.2 and the build file updated accordingly
  • The two deprecated babel-preset deps were removed for the babel-preset-env replacement package
  • Travis config updated to test with modern LTS node builds 8, 10 and 12
  • package.json prepublish script replaced with prepare

@jrohland jrohland mentioned this pull request Dec 5, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jrohland