Update Mend: high confidence minor and patch dependency updates

[mend-for-github-com]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
browser-sync (source)	2.26.3 -> 2.29.3
gulp (source)	4.0.0 -> 4.0.2
gulp-sass	4.0.2 -> 4.1.1
jquery (source)	3.3.1 -> 3.7.1
maven	3.2.1 -> 3.9.6
org.apache.maven.plugins:maven-checkstyle-plugin	3.1.0 -> 3.3.1
org.apache.commons:commons-exec (source)	1.3 -> 1.4.0
org.apache.maven.plugins:maven-surefire-plugin	3.0.0-M4 -> 3.2.5
org.apache.maven.plugins:maven-compiler-plugin	3.8.0 -> 3.13.0
junit:junit (source)	4.12 -> 4.13.2
com.github.tomakehurst:wiremock (source)	2.8.0 -> 2.27.2
org.asciidoctor:asciidoctor-maven-plugin	1.5.3 -> 1.6.0
cglib:cglib-nodep	2.2 -> 2.2.2
org.glassfish.jaxb:jaxb-runtime (source)	2.3.0 -> 2.3.9
com.nulab-inc:zxcvbn	1.2.5 -> 1.9.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

BrowserSync/browser-sync (browser-sync)

v2.29.3: The one that fixes snippetOptions

Compare Source

What's Changed

• fix: append to head if body not present yet - fixes #​2031 by @​shakyShane in https://github.com/BrowserSync/browser-sync/pull/2041

Full Changelog: BrowserSync/browser-sync@v2.29.2...v2.29.3

v2.29.2

Compare Source

v2.29.1

Compare Source

What's Changed

• trim-deps by @​shakyShane in https://github.com/BrowserSync/browser-sync/pull/2028

Full Changelog: BrowserSync/browser-sync@v2.29.0...v2.29.1

v2.29.0: The one that restores IE11 support 💪

Compare Source

What's Changed

• fix ie11 by @​shakyShane in https://github.com/BrowserSync/browser-sync/pull/2024

esbuild does not support down-level transpiling as far as IE11 - so when I switched to it, it accidentally broke IE11 support 😢

This is an important issue for me - many devs that support old browsers like IE11 are doing so because their projects are used in public services, or internal applications. Not every developer out there has the luxury of supporting evergreen-only browsers.

So, IE11 will work once again 🎉. Please use the issues thread to make me aware of any problem that's preventing you from using Browsersync in your day job 💪 (and be sure to thumbs-up the issues you want to see resolved)

### IE11 works, again
npm install browser-sync@latest

Full Changelog: BrowserSync/browser-sync@v2.28.3...v2.29.0

v2.28.3

Compare Source

v2.28.2

Compare Source

v2.28.1

Compare Source

v2.28.0: the one that finally removes document.write

Compare Source

What's Changed

• browser-sync-2017 use chalk everywhere by @​shakyShane in https://github.com/BrowserSync/browser-sync/pull/2018
• fix: remove document.write by @​shakyShane in https://github.com/BrowserSync/browser-sync/pull/2019

Full Changelog: BrowserSync/browser-sync@v2.27.12...v2.28.0

v2.27.12

Compare Source

v2.27.11

Compare Source

v2.27.10

Compare Source

v2.27.9: 2.27.9

Compare Source

What's Changed

• fix(cli): Where's the command help? fixes #​1929 by @​shakyShane in https://github.com/BrowserSync/browser-sync/pull/1945

A bug prevented the help output from displaying - it was introduced when the CLI parser yargs was updated, and is now fixed :)

Full Changelog: BrowserSync/browser-sync@v2.27.8...v2.27.9

v2.27.8: 2.27.8

Compare Source

This release upgrades Socket.io (client+server) to the latest versions - solving the following issues, and silencing security warning :)

PR:

• BrowserSync/browser-sync@58ab4ab

Resolved Issues:

• https://github.com/BrowserSync/browser-sync/issues/1850
• https://github.com/BrowserSync/browser-sync/issues/1892
• https://github.com/BrowserSync/browser-sync/issues/1925
• https://github.com/BrowserSync/browser-sync/issues/1926
• https://github.com/BrowserSync/browser-sync/issues/1933

Thanks to @​lachieh for the original PR, which helped me land this fix

v2.27.7

Compare Source

v2.27.6

Compare Source

v2.27.5

Compare Source

v2.27.4

Compare Source

v2.27.3

Compare Source

v2.27.1: added snippet: boolean option

Compare Source

This release adds a feature to address https://github.com/BrowserSync/browser-sync/issues/1882

Sometimes you don't want Browsersync to auto-inject it's connection snippet into your HTML - now you can disable it globally via either a CLI param or the new snippet option :)

browser-sync . --no-snippet

or in any Browsersync configuration

const config = {
  snippet: false,
};

the original request was related to Eleventy usage, so here's how that would look

eleventyConfig.setBrowserSyncConfig({
  snippet: false,
});

v2.26.14: upgraded dependencies

Compare Source

This is a maintenance release to address 2 security related issues (socket.io & axios)

Happy Browsersync'in :)

v2.26.13

Compare Source

v2.26.12

Compare Source

v2.26.10

Compare Source

v2.26.9

Compare Source

v2.26.7

Compare Source

v2.26.6

Compare Source

v2.26.5

Compare Source

v2.26.4

Compare Source

gulpjs/gulp (gulp)

v4.0.2

Compare Source

Fix

• Bind src/dest/symlink to the gulp instance to support esm exports (5667666) - Ref standard-things/esm#797

Docs

• Add notes about esm support (4091bd3) - Closes #​2278
• Fix the Negative Globs section & examples (3c66d95) - Closes #​2297
• Remove next tag from recipes (1693a11) - Closes #​2277
• Add default task wrappers to Watching Files examples to make runnable (d916276) - Closes #​2322
• Fix syntax error in lastRun API docs (ea52a92) - Closes #​2315
• Fix typo in Explaining Globs (5d81f42) - Closes #​2326

Build

• Add node 12 to Travis & Azure (b4b5a68)

v4.0.1

Compare Source

Fix

• Temporary workaround for facebook/Docusaurus#257 (9f4a2e9) - Closes facebook/Docusaurus#257

Docs

• Fix error in ES2015 usage example (a4e8d48) - Closes #​2099 #​2100
• Add temporary notice for 4.0.0 vs 3.9.1 documentation (126423a) - Closes #​2121
• Improve recipe for empty glob array (45830cf) - Closes #​2122
• Reword standard to default (b065a13)
• Fix recipe typo (86acdea) - Closes #​2156
• Add front-matter to each file (d693e49) - Closes #​2109
• Rename "Getting Started" to "Quick Start" & update it (6a0fa00)
• Add "Creating Tasks" documentation (21b6962)
• Add "JavaScript and Gulpfiles" documentation (31adf07)
• Add "Working with Files" documentation (50fafc6)
• Add "Async Completion" documentation (ad8b568)
• Add "Explaining Globs" documentation (f8cafa0)
• Add "Using Plugins" documentation (233c3f9)
• Add "Watching Files" documentation (f3f2d9f)
• Add Table of Contents to "Getting Started" directory (a43caf2)
• Improve & fix parts of Getting Started (84b0234)
• Create and link-to a "docs missing" page for LINK_NEEDED references (2bd75d0)
• Redirect users to new Getting Started guides (53e9727)
• Temporarily reference gulp@next in Quick Start (2cecf1e)
• Fixed a capitalization typo in a heading (3d051d8) - Closes #​2242
• Use h2 headers within Quick Start documentation (921312c) - Closes #​2241
• Fix for nested directories references (4c2b9a7)
• Add some more cleanup for Docusaurus (6a8fd8f)
• Temporarily point LINK_NEEDED references to documentation-missing.md (df7cdcb)
• API documentation improvements based on feedback (0a68710)
• Update API Table of Contents (d6dd438)
• Add API Concepts documentation (8dd3361)
• Add Vinyl.isCustomProp() documentation (40ee801)
• Add Vinyl.isVinyl() documentation (25a22bf)
• Add Vinyl documentation (fc09067)
• Update watch() documentation (69c22f0)
• Update tree() documentation (ebb9818)
• Update task() documentation (b636a9c)
• Update symlink() documentation (d580efa)
• Update src() documentation (d95b457)
• Update series() documentation (4169cb6)
• Update registry() documentation (d680487)
• Update parallel() documentation (dc3cba7)
• Update lastRun() documentation (363df21)
• Update dest() documentation (e447d81)
• Split API docs into separate markdown files (a3b8ce1)
• Fix hash link (af4bd51)
• Replace some links in Getting Started (c433c70)
• Remove temporary workaround for facebook/Docusaurus#257 (5c07954) - Closes facebook/Docusaurus#257
• Added code ticks to "null" where missing (cb67319) - Closes #​2243
• Fix broken link in lastRun (d35653e)
• Add front-matter to documentation-missing page (a553cfd)
• Improve grammar on Concepts (01cfcc5) - Closes #​2247
• Remove spaces around
  (c960c1d)
• Improve grammar in src (eb493a2) - Closes #​2248
• Fix formatting error (ca6ba35) - Closes #​2250
• Fix formatting of lastRun (8569f85) - Closes #​2251
• Add missing link in watch (e35bdac) - Closes #​2252
• Fix broken link in tasks (6d43750) - Closes #​2253
• Improve punctuation in tree (8e9fd70) - Closes #​2254
• Fix mistake in "Splitting a gulpfile" (96c353d) - Closes #​2255
• Remove front-matter from outdated pages (c5af6f1)
• Fix broken link in Table of Contents (c641369) - Closes #​2260
• Update the babel dependencies to install & configuration needed (7239cf1) - Closes #​2136
• Add "What's new in 4.0" section (75ea634) - Closes #​2089 #​2267
• Cleanup README for "latest" bump (24e202b) - Closes #​2268
• Revert "next" reference now that 4.0 is latest (ed27cbe)
• Add Azure Pipelines badge (f3f0548) - Closes #​2310
• Add note about transpilation to "Splitting a Gulpfile" section (53b9037) - Closes #​2311 #​2312
• Improve wording of file rename (88437f2) - Closes #​2314

Upgrade

• Update glob-watcher, gulp-cli, and undertaker dependencies & rimraf devDep (d3734d3)

Build

• Add node 10 to CI matrices (a5eac1c)
• Remove jscs & update eslint for code formatting rules (ad8a2f7)
• Fix Azure comment (34a6d53) - Closes #​2307
• Add Azure Pipelines CI (b2c6c7e) - Closes #​2299

Scaffold

• Mark *.png and *.jpg as binary files to git (a010db6)
• Update some links and license year (1027236)
• Add tidelift configuration (49b5aca)
• Add new expense policy (9819957)
• Add support-bot template (9078c49)

dlmanning/gulp-sass (gulp-sass)

v4.1.1

Compare Source

June 24, 2021

https://github.com/dlmanning/gulp-sass/releases/tag/v4.1.1

v4.1.0

Compare Source

April 23, 2020

https://github.com/dlmanning/gulp-sass/releases/tag/v4.1.0

jquery/jquery (jquery)

v3.7.1: jQuery 3.7.1 Released: Reliable Table Row Dimensions

Compare Source

https://blog.jquery.com/2023/08/28/jquery-3-7-1-released-reliable-table-row-dimensions/

v3.7.0: jQuery 3.7.0: Staying in Order

Compare Source

https://blog.jquery.com/2023/05/11/jquery-3-7-0-released-staying-in-order/

v3.6.4: jQuery 3.6.4 Released: Selector Forgiveness

Compare Source

https://blog.jquery.com/2023/03/08/jquery-3-6-4-released-selector-forgiveness/

v3.6.3: jQuery supports CSS.supports in jQuery 3.6.3

Compare Source

https://blog.jquery.com/2022/12/20/jquery-3-6-3-released-a-quick-selector-fix/

v3.6.2: jQuery 3.6.2 :has arrived!

Compare Source

https://blog.jquery.com/2022/12/13/jquery-3-6-2-released/

v3.6.1: jQuery 3.6.1 Maintenance Release

Compare Source

https://blog.jquery.com/2022/08/26/jquery-3-6-1-maintenance-release/

v3.6.0: jQuery 3.6.0 Released!

Compare Source

https://blog.jquery.com/2021/03/02/jquery-3-6-0-released/

v3.5.1

Compare Source

v3.5.0: jQuery 3.5.0 Released!

Compare Source

See the blog post:
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
and the upgrade guide:
https://jquery.com/upgrade-guide/3.5/

NOTE: Despite being a minor release, this update includes a breaking change that we had to make to fix a security issue ( CVE-2020-11022). Please follow the blog post & the upgrade guide for more details.

v3.4.1

Compare Source

v3.4.0

Compare Source

wiremock/wiremock (com.github.tomakehurst:wiremock)

v2.27.2

Compare Source

v2.27.1

Compare Source

v2.27.0

Compare Source

v2.26.3

Compare Source

v2.26.2

Compare Source

v2.26.1

Compare Source

v2.26.0

Compare Source

v2.25.1

Compare Source

v2.25.0

Compare Source

v2.24.1

Compare Source

v2.24.0

Compare Source

v2.23.2

Compare Source

v2.23.1

Compare Source

v2.23.0

Compare Source

v2.22.0

Compare Source

v2.21.0

Compare Source

v2.20.0

Compare Source

v2.19.0

Compare Source

v2.18.0

Compare Source

v2.17.0

Compare Source

v2.16.0

Compare Source

v2.15.0

Compare Source

v2.14.0

Compare Source

v2.13.0

Compare Source

v2.12.0

Compare Source

v2.11.0

Compare Source

v2.10.1

Compare Source

v2.10.0

Compare Source

v2.9.0

Compare Source

nulab/zxcvbn4j (com.nulab-inc:zxcvbn)

v1.9.0

Compare Source

• addition of Portuguese in the languages available for feedback #​173 (javcasrod)
• Add exports com.nulabinc.zxcvbn.io to module-info.java #​175 (HaasJona)
• Updated URL to "Five Algorithms..." article #​169 (weberhofer)
• refactor: modifier 'private' is redundant for enum constructors #​168 (vvatanabe)
• refactor: Deprecate setters in AttackTimes class #​167 (vvatanabe)
• refactor: Deprecate com.nulabinc.zxcvbn.Guess and introduce new interface in com.nulabinc.zxcvbn.guesses #​166 (vvatanabe)
• refactor: Deprecate com.nulabinc.zxcvbn.Matcher and introduce new interface in com.nulabinc.zxcvbn.matchers #​165 (vvatanabe)
• refactor: Initialize all Strength properties via constructor #​164 (vvatanabe)
• fix: fix sonarcloud maintainability phase 4 #​163 (vvatanabe)
• fix: fix sonarcloud maintainability phase 3 #​162 (vvatanabe)
• fix: fix sonar cloud maintainability phase 2 #​161 (vvatanabe)
• fix: fix sonarcloud maintainability #​160 (vvatanabe)
• fix: Fix sonarcloud reliability #​159 (vvatanabe)
• chore: Update GitHub Actions Configuration #​158 (vvatanabe)
• refactor: refactor and improve code readability in Scoring #​157 (vvatanabe)
• fix: fix warning messages of checkstyle #​156 (vvatanabe)
• refactor: Refactoring Feedback #​155 (vvatanabe)
• refactor: refactoring TimeEstimates class #​154 (vvatanabe)
• refactor: refactoring guesses package #​153 (vvatanabe)
• chore: update gradle version to 8.3 and update gradle plugins to latest #​152 (vvatanabe)

v1.8.2

Compare Source

• fix: fix the discrepancy in password guesses between zxcvbn and zxcvbn4j #​151 (vvatanabe)
• style: format all with google-java-format #​150 (vvatanabe)
• refactor: refactoring matchers.Match #​149 (vvatanabe)
• refactor: refactoring matchers.OmnibusMatcher #​148 (vvatanabe)

v1.8.1

Compare Source

• fix: improved SpatialMatcher decision logic (#​84) (#​129) #​147 (vvatanabe)
• refactor: refactoring matchers.ReverseDictionaryMatcher #​146 (vvatanabe)
• style: format code in matchers.RepeatMatcher #​145 (vvatanabe)
• refactor: refactoring matchers.DateMatcher #​144 (vvatanabe)
• refactor: refactoring matchers.RegexMatcher #​143 (vvatanabe)
• refactor: refactoring matchers.DictionaryMatcher #​142 (vvatanabe)
• refactor: refactoring matchers.L33tMatcher #​141 (vvatanabe)
• refactor: refactoring matchers.SequenceMatcher #​140 (vvatanabe)
• fix: fix the warnings from SpotBugs #​139 (vvatanabe)
• refactor: refactoring matchers.SpatialMatcher #​138 (vvatanabe)
• refactor: refactoring matchers.RepeatMatcher #​137 (vvatanabe)

v1.8.0

Compare Source

• Added feedback messages translated into Spanish #​135 (manchilop)
• Switch the JavaScript engine used for testing from Nashorn to GraalJS #​128 (yasuyuki-baba)
• JMH-based set of benchmarks #​127 (yasuyuki-baba)

v1.7.0

Compare Source

• fix typo in the package name of the resource file (#​125) #​126 (vvatanabe)
• Allow users to use their own keyboard layouts and dictionaries #​124 (yasuyuki-baba)

v1.6.0

Compare Source

• Change the position of the defining signing (#​121) #​123 (vvatanabe)
• use configurations.archives in signing (#​121) #​122 (vvatanabe)
• Make Scoring.factorial(int) return long #​116 (InkerBot)
• Added Italian translation #​113 (gdonisi)
• Correct strength.score definition #​117 (AChep)
• Fixes #​110 - correct encoding for French and German. #​111 (40rn05lyv)
• Add module-info.java #​104 (overheadhunter)
• temporarily remove test with JDK 17 (#​119) #​120 (vvatanabe)
• Migrated to GitHub Actions #​112 (overheadhunter)
• Update README.md #​108 (eltociear)

v1.5.2

Compare Source

• fix recent years #​100 #​102 (kxn4t)

v1.5.1

Compare Source

• Bump junit 4.11 to 4.13.2 #​101 (yasuyuki-baba)
• Add Automatic-Module-Name to manifest #​99 (overheadhunter)

v1.5.0

Compare Source

• Improved to be able to replace the message arbitrarily #​92 (kxn4t)
• Fix typo in German translation #​96 (bleeding182)

v1.4.1

Compare Source

• Fix message from full-width to half-width #​91 (kxn4t)

v1.4.0

Compare Source

• Additional french translations #​89 (er1c and vvatanabe)
• added german translation #​88 (echox)

v1.3.6

Compare Source

• fix NumberFormatException in DateMatcher (#​78) #​87 (vvatanabe)

v1.3.5

Compare Source

• Improve L33tMatcher performance a bit #​86 (yasuyuki-baba)

v1.3.4

Compare Source

• Fix Error in method Feedback.getFeedback (#​82) #​83 (mrFloony)

v1.3.3

Compare Source

• fallback in the process of getting the resource as a stream (#​79) #​81 (vvatanabe)

v1.3.2

Compare Source

• Fix a ExceptionInInitializerError in Keycloak: error found in ResourceLoader #​79 #​80 (vvatanabe)
• Fixed Maven Central badge link #​76 (GlenKPeterson)
• fix inconsistent score between zxcvbn4j and zxcvbn (#​50) #​72 (vvatanabe)

v1.3.1

Compare Source

• Added Cryptomator to the list of applications using this library #​68 (overheadhunter)

v1.3.0

Compare Source

• Use CharSequence not String as input type for Zxcvbn.measure #​64 (SteveLeach-Keytree)

v1.2.7

Compare Source

• remove java.nio.charset.StandardCharsets (#​62) #​63 (vvatanabe)
• Fix resource loading when using from the web app. #​59 (yasuyuki-baba)
• fix Error installing oraclejdk8 (#​60) #​61 (vvatanabe)

v1.2.6

Compare Source

• Use system class loader to access resources #​56 (simonschiller)
• remove openjdk7 from .travis.yml #​57 (tsuyoshizawa)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box