[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change
	Information Disclosure SNYK-JS-KINDOF-537849	Yes

Commit messages

Package name: onchange

The new version differs by 61 commits.

• 1b01b79 4.0.0
• b75bbf5 Remove greenkeeper badge
• 8586a0c Add `package-lock.json`
• 4548603 fix(package): update chokidar to version 2.0.0 (#58)
• 23575cb fix(package): update cross-spawn to version 6.0.0 (#59)
• 73c96a8 Mention `cli-error-notifier` in README (#60)
• 92d2d33 3.3.0
• d4d090f Enable support for '--filter' (#55)
• fc1c092 Update dependencies to enable Greenkeeper 🌴 (Check if $loop_orderby is set potch/hax#53)
• 6645eff fix: add .travis.yml
• b42975d v3.2.1
• 8bf7705 Fix shadowed mis-use of `opts`
• fac54c3 v3.2.0
• 069a7ce Enable support for `--outpipe` (Improve social metadata, use featured images, support Yoast SEO potch/hax#44)
• 9c67f10 v3.1.0
• 8762f15 Implement `--poll` option to use polling (Author name on main page potch/hax#43)
• c0480bd Update README options with headings
• 71d3d24 Update `--exclude` to use default minimist option
• dc11ab3 Support `--no-exclude` flag (HiDPI Favicons for a plethora of platforms potch/hax#42)
• 7a9cf66 v3.0.2
• cf04014 Avoid trying to kill process when already exiting
• 4f74788 v3.0.1
• 892b6e3 Update chokidar
• 48b2591 Add documentation for `-d`, `--delay` options

See the full diff

Package name: postcss-cli

The new version differs by 250 commits.

• 1bf8822 5.0.0
• dc5df26 Rename authors to contributors in package.json to comply with spec
• 916c9b8 Don't mutate global config object
• 205a83b Changes to prettier config
• b570fee Upgrade chokidar to v2.0.0
• 908817a Update CI configs
• aa0088d BREAKING: Remove -v alias for --version
• 06aa6ee BREAKING: Be silent, add --verbose, change logging format
• f16d0d4 BREAKING: Don't exit watch mode when a plugin errors
• 72557a9 Update fs-extra to version 5.0.0 (#183)
• 1fa3574 Update prettier to version 1.9.2 (#184)
• fecf832 BREAKING: Update globby to version 7.1.1; expand directories
• 4b2421b User-friendly error message when --watch and writing to STDOUT
• cc3f696 BREAKING: Revamp args parsing
• f0af2e4 postcss should exit with code 1 when there's an error; even with --watch (#178)
• 596b1f4 Update prettier to version 1.9.1 (#180)
• f94496f Pin ora to 1.3.0 to fix tests
• 49bb585 Update ava to version 0.25.0 (#193)
• c8544ad Update yargs to version 11.0.0 (#192)
• 077364f Update dependency-graph to version 0.7.0 (#189)
• 6134947 Update prettier to version 1.9.0 (#179)
• b4d5d3d Update ava to version 0.24.0 (#174)
• 85daee9 Update prettier to version 1.8.2 (#172)
• c3131b6 Update prettier to version 1.8.1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic