[Snyk] Upgrade browser-sync from 2.26.3 to 2.26.7

[snyk-bot]

Snyk has created this PR to upgrade browser-sync from 2.26.3 to 2.26.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 4 versions ahead of your current version.
• The recommended version was released 9 months ago, on 2019-06-07.

The recommended version fixes:

Severity	Issue	Exploit Maturity
	Prototype Pollution SNYK-JS-SETVALUE-450213	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-450213	Proof of Concept
	Denial of Service (DoS) SNYK-JS-AXIOS-174505	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:braces:20180219	Proof of Concept
	Information Disclosure SNYK-JS-KINDOF-537849	Proof of Concept

Release notes

Package name: browser-sync

• 2.26.7 - 2019-06-07
  

  v2.26.7

• 2.26.6 - 2019-06-07
  

  v2.26.6

• 2.26.5 - 2019-04-24
  

  v2.26.5

• 2.26.4 - 2019-04-22
  

  v2.26.4

• 2.26.3 - 2018-10-13
  

  fixes

  • application/wasm support - fixes #1598 d60cd91
  • deps - ensure previous users of browser-sync-client are not affected by new structure - fixes #1615 0a2ff5a
  • npm audit fixes across all packages - fixes #1618 9f3fea4

from browser-sync GitHub release notes

Commit messages

Package name: browser-sync

• 2191369 v2.26.7
• 53f9b36 docs: readme
• 0b3d98b v2.26.6
• fdfc681 tests: add e2e tests to package.json
• c56cfd9 Merge pull request #1698 from emeitch/fix_deprecated_header
• 2fd598f Merge pull request #1690 from XhmikosR/xmr-ci
• 841ccd5 Merge pull request #1694 from coliff/patch-1
• 209c9c1 Merge pull request #1697 from gaards/update-localtunnel
• 87bee4b Use getHeaders or _headers
• 77abfd3 Update localtunnel
• 1f073f9 Remove gittip from README (service closed down)
• 51792b1 AppVeyor tweaks.
• 9c9d71a CI: Add Node.js 12 and 10.
• 6dd2d56 v2.26.5
• 62007c8 SyntaxError in micromatch when starting browser-sync - fixes #1682
• 47a4d1b v2.26.4
• 05a58db deps: fixes #1677 #1671 #1659 #1648
• 35035df deps: removed nodemon since it includes flat-stream (security)
• 1b2eab5 Merge pull request #1634 from mxschmitt/patch-1
• e35e5dc fix(ui): updated dead links and moved to https
• 85c4ba7 examples: server + proxy

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[//]: # (snyk:metadata:{"dependencies":[{"name":"browser-sync","from":"2.26.3","to":"2.26.7"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/jeremyrajan/project/987a4ae9-a242-4f10-be47-27a39a3b00f5?utm_source=github&utm_medium=upgrade-pr","projectPublicId":"987a4ae9-a242-4f10-be47-27a39a3b00f5","env":"prod","prType":"upgrade","vulns":["SNYK-JS-SETVALUE-450213","SNYK-JS-SETVALUE-450213","SNYK-JS-AXIOS-174505","npm:braces:20180219","SNYK-JS-KINDOF-537849"],"issuesToFix":[{"issueId":"SNYK-JS-SETVALUE-450213","severity":"high","title":"Prototype Pollution","exploitMaturity":"proof-of-concept"},{"issueId":"SNYK-JS-SETVALUE-450213","severity":"high","title":"Prototype Pollution","exploitMaturity":"proof-of-concept"},{"issueId":"SNYK-JS-AXIOS-174505","severity":"medium","title":"Denial of Service (DoS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:braces:20180219","severity":"low","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"proof-of-concept"},{"issueId":"SNYK-JS-KINDOF-537849","severity":"low","title":"Information Disclosure","exploitMaturity":"proof-of-concept"}],"upgrade":["SNYK-JS-SETVALUE-450213","SNYK-JS-SETVALUE-450213","SNYK-JS-AXIOS-174505","npm:braces:20180219","SNYK-JS-KINDOF-537849"],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2019-06-07T08:34:49.600Z"},"templateVariants":[],"hasFixes":true,"isMajorUpgrade":false,"isBreakingChange":false})