security: CVE-2018-20834 (via #5368)

* bump minimum `bundlesize` version * bump `node-sass` * bump webpack + webpack-dev-server; update lockfile
2019-05-21 17:17:14 -07:00
parent 5d25a0b690
commit 5628ff02f4
2 changed files with 2370 additions and 1209 deletions
--- a/package.json
+++ b/package.json
@@ -96,7 +96,7 @@
    "babel-preset-stage-0": "^6.22.0",
    "babel-runtime": "^6.23.0",
    "body-parser": "^1.18.3",
-    "bundlesize": "^0.17.0",
+    "bundlesize": "^0.17.2",
    "chromedriver": "^2.38.3",
    "copy-webpack-plugin": "^4.0.1",
    "cors": "^2.8.4",
@@ -124,7 +124,7 @@
    "license-checker": "^19.0.0",
    "mocha": "^5.1.1",
    "nightwatch": "^0.9.16",
-    "node-sass": "^4.5.0",
+    "node-sass": "^4.12.0",
    "npm-run-all": "^4.1.2",
    "null-loader": "0.1.1",
    "nyc": "^11.3.0",
@@ -143,10 +143,10 @@
    "tachyons-sass": "^4.9.2",
    "uglifyjs-webpack-plugin": "^1.2.5",
    "url-loader": "^1.0.1",
-    "webpack": "^3.1.0",
+    "webpack": "^3.12.0",
    "webpack-bundle-size-analyzer": "^2.5.0",
    "webpack-cli": "^2.0.4",
-    "webpack-dev-server": "^2.11.1",
+    "webpack-dev-server": "^2.11.5",
    "worker-loader": "^1.1.1"
  },
  "config": {