[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change
	Information Disclosure SNYK-JS-KINDOF-537849	Yes

Commit messages

Package name: browser-sync

The new version differs by 250 commits.

• ec7b82d v2.26.0
• f83ba7e lerna whitespace to allow publish
• d7ca182 v2.25.3-alpha.0
• 257fba6 fix: Removing default logger prefix [BS] - fixes #1607
• cc8dfad v2.25.2-alpha.0
• d4c58b8 Merge branch 'master' into 1591-prevent-reload
• abc0124 Merge branch 'johanblumenberg-patch-1'
• dacfc8b fix: proxy: case insensitive matching of cookie domain - fixes #1606
• 11729cc fix: bump chokidar fixing fsevents build - closes #1613
• 9eafa03 v2.25.1-alpha.0
• 0d4ab81 chore: move cypress to top-level dep
• 06ee1b7 fix: Unexpected Page Reload after Pausing in Debugger - fixes #1591
• 5b5d543 v2.25.0
• 900e23e chore: package-lock files
• 92bf7d8 Merge branch '1431-fix-host-bind'
• 5ba14b2 v2.25.0-alpha.0
• 7c0ad4e lerna: initial version
• c108af8 lerna: more path updates
• 4ac3a49 lerna: updated more stuff since the move to lerna
• c2db878 Ensure 'build-all' works in all packages
• d6198f9 lerna: bring in server/client/ui
• 325c775 lerna: add browser-sync-ui
• 9cd5c2d adding lerna
• a0b2e56 adding 'listen' param

See the full diff

Package name: webpack

The new version differs by 250 commits.

• 4be093d 2.2.0
• 2278469 2.2.0-rc.8
• b946eb4 Merge pull request #3988 from malstoun/bug/2664
• 260e413 Merge pull request #3986 from webpack/bugfix/revert_use_of_buffer_dot_from
• 0ec7de9 Fix regression with watch cli opt, add tests for this case
• 72226db add missing disable line
• 4d30675 build fresh yarn.lock file to remove buffer polyfill
• 91c1f35 fix(node): rollback changes of Buffer.from to new Buffer() and bump down travis to 4.3 min node v
• 0b47602 2.2.0-rc.7
• db6ccbc Merge pull request #3978 from webpack/bugfix/conditional-reexports
• 82a5b03 Merge pull request #3977 from malstoun/bug/2664
• fc1a43b Merge pull request #3976 from timse/rely-on-defaults
• a44694a hoist exports declarations too
• 682bde8 Fix lint
• c6d7d90 Add tests
• af8d49e remove defaults values to shave a few bytes
• 9796696 2.2.0-rc.6
• e9bdb05 Merge pull request #3971 from webpack/bugfix/fix_available_vars_in_fmtp
• bd45bdc add test case for global in harmony modules
• bfccb20 fix PR
• 5a3a23f fix(nmf): Fix exports for var injection to include free glob exports or arguments
• 437dce4 2.2.0-rc.5
• 91cb1df Merge pull request #3970 from webpack/ci/appveyor
• 9fd55e5 Merge pull request #3969 from webpack/bugfix/issue-3964

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic