Bump browser-sync from 2.23.6 to 2.26.5 in /gulp

[dependabot-preview]

Bumps browser-sync from 2.23.6 to 2.26.5.

Release notes

Sourced from browser-sync's releases.

v2.26.0

these notes describe the change from 2.24.6 -> 2.26.0

fixes

• Removing default logger prefix [BS] - fixes #1607 257fba6d3fa3b4e77f526912a395625efcdebcb3
• case-insensitive matching on domain key in proxy responses dacfc8bcedbd1f8e27a3ad4944aee44ff7f73533
• bump chokidar fixing fsevents build - closes #1613 11729cc0a398d276a66d1883d1273f2fd3c1d36e
• Unexpected Page Reload after Pausing in Debugger - fixes #1591 06ee1b7db8d3090f693dc8ba0650f3e7022463ae
• scroll - add missing init method for window.name method of scroll restoring - fixes #1586 #1457 #1457 9e96603e2f8e859a5ae6fe921c7380787c706896
• proxy Port gets unnecesarily rewritten in Proxy - fixes #1577 48286e0d09e35b06b5736be674ffe52105ba0a86

chore

• move cypress to top-level dep 0d4ab8156b30bbdafbb202ee0f597d4ea5dc4d0b
• package-lock files 900e23e321ffe2110068e3194b9d00d988ffb721
• change API of option transforms ef12e9aa576d4395db9353d80761487ff4f82206

lerna

• initial version 7c0ad4eaffbd1e1b9760277cce193692f0577bcd
• more path updates c108af8ed973c74cdfecbf3cfb104e6b6c5e9bde
• updated more stuff since the move to lerna 4ac3a49ce92b8eef8e6898962ae6aca1f48537c4
• bring in server/client/ui d6198f92cccbb1945b5a0cff1a1a3328d3f505ce
• add browser-sync-ui 325c7751cb583272fb69c56846dede9cf22c2d53

feature

• adding 'listen' option to restrict binding of interfaces d6419160382fc45c739cac20679b9d7bbbcfee5b

docs

• emphasize a couple of points - fixes #1461 cf0febd978b20e9c8b9bc0a8aa262e3b54972b98
• added additional note about httpModule option - fixes #1485 16487adbc282f13b774d597ee729c57eec377cd1

deps

• npm audit for localtunnel - fixes #1587 27f21731874fa4ec56aa4b3039086317aa5584dd
• easy-extender@2.3.4 cypress@3.1.0 supertest@3.1.0 a6578a3adcc310386c10957e5dd3fdcd8d3b9a21

the listen option release

Browsersync can now be used in more restrictive areas, ones where you cannot simply bind to all addresses on the host (such as schools or universities) - this is enabled via the listen option.

For backwards compatibility reasons, we actually cannot use the host option to acheive this (even though that would make the most sense), as it would break some people's existing setups.

This is mainly because in the past, host was not used to determine an address to bind to, but rather just as a way of changing the urls Browsersync displays to the user. :( :( :(

It was a big mistake, but now with the sheer size of the user base we have, every tiny change to any existing option causes some kind of breakage. I'm not prepared to do that again with host.

So, instead we're back to the old method of instead adding a new option, that I've called listen. It's the only way we can acheive the goal without breaking existing users who are using host for other reasons.

The idea is that you'd only ever use the listen option if you want to restrict the address being bound to. For example, the following will serve files from the current directory, but behind the scenes Browsersync will only bind to localhost (this does mean that other features such as external urls will not work any more, but if you need this listen option in the first place, that will not be a concern for you)

npm i -g browser-sync@2.25.0
browser-sync . --listen localhost
</tr></table> ... (truncated)

Commits

• 6dd2d56 v2.26.5
• 62007c8 SyntaxError in micromatch when starting browser-sync - fixes #1682
• 47a4d1b v2.26.4
• 05a58db deps: fixes #1677 #1671 #1659 #1648
• 35035df deps: removed nodemon since it includes flat-stream (security)
• 1b2eab5 Merge pull request #1634 from mxschmitt/patch-1
• e35e5dc fix(ui): updated dead links and moved to https
• 85c4ba7 examples: server + proxy
• 924d5e7 v2.26.3
• d60cd91 fix: application/wasm support in Chrome - fixes #1598
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking Bump now in your Dependabot dashboard.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.