Update to use [email protected] for CVE-2020-8116

[andyedwardsibm]

This is a speculative PR to update the dependencies to use [email protected]

[th0r]

Did you check it? Does it work? What breaking changes were introduced in npm-check-updates v4?

[andyedwardsibm]

From https://github.com/tjunnone/npm-check-updates/releases/tag/v4.0.0:

Migration

No effect for most users.

If a prerelease version is published on the latest tag, and you specify a prerelease version in your package.json, ncu will now suggest upgrades for it.

If a prerelease version is published on a different tag, there is no change from ncu v3; you will still need --pre, --greatest, or --newest to get prerelease upgrades.

So the only change in behaviour is that it now considers prerelease versions and tries to get the latest of those too.

I've run some manual test locally as I couldn't see any unit tests:

• check seems to still work; I ran it against an old version of chalk and it suggested updates.
• changelog seems to still work; I ran it against a couple of modules (both as a direct call and durign interactive check) and it loaded the changelog pages.
• ignore add seems to still work; I added nyc and ran check against chalk, and it successfully ignored nyc.

[andyedwardsibm]

@th0r was there any other testing you wanted done on this?

[th0r]

was there any other testing you wanted done on this?

No, that's fine. Thanks!

[th0r]

Published v2.0.3