Bump the npm_and_yarn group across 1 directory with 27 updates

[dependabot]

Bumps the npm_and_yarn group with 22 updates in the / directory:

Package	From	To
bootstrap	4.0.0	4.3.1
hoek	5.0.3	6.1.3
chownr	1.0.1	1.1.4
clean-css	4.1.3	4.1.11
concat-with-sourcemaps	1.0.4	1.1.0
debug	2.6.8	2.6.9
browser-sync	2.24.5	2.29.3
es5-ext	0.10.23	0.10.64
extend	2.0.1	2.0.2
fstream	1.0.11	1.0.12
is-my-json-valid	2.16.0	2.20.6
is-url	1.2.2	1.2.4
json-schema	0.2.3	0.4.0
jsprim	1.4.1	1.4.2
lodash	4.17.10	4.17.21
gulp	3.9.1	5.0.0
macaddress	0.2.8	0.2.9
no-case	2.3.1	2.3.2
request	2.79.0	removed
gulp-sass	4.0.1	5.1.0
semver	4.3.6	5.7.2
gulp-imagemin	4.1.0	9.1.0

Updates bootstrap from 4.0.0 to 4.3.1

Release notes

Sourced from bootstrap's releases.

v4.3.1

• Security: Fixed an XSS vulnerability (CVE-2019-8331) in our tooltip and popover plugins by implementing a new HTML sanitizer
• Fixed a small issue with our RFS (responsive font sizes) mixins

v4.3.0

Highlights

• New: Added .stretched-link utility to make any anchor the size of it's nearest position: relative parent, perfect for entirely clickable cards!
• New: Added .text-break utility for applying word-break: break-word
• New: Added .rounded-sm and .rounded-lg for small and large border-radius.
• New: Added .modal-dialog-scrollable modifier class for scrolling content within a modal.
• New: Added responsive .list-group-horizontal modifier classes for displaying list groups as a horizontal row.
• Improved: Reduced our compiled CSS by using null for variables that by default inherit their values from other elements (e.g., $headings-color was inherit and is now null until you modifier it in your custom CSS).
• Improved: Badge focus styles now match their background-color like our buttons.
• Fixed: Silenced bad selectors in our JS plugins for the href HTML attribute to avoid JavaScript errors. Please try to use valid selectors or the data-target HTML attribute/target option where available.
• Fixed: Reverted v4.2.1's change to the breakpoint and grid container Sass maps that blocked folks from upgrading when modifying those default variables.
• Fixed: Restored white-space: nowrap to .dropdown-toggle (before v4.2.1 it was on all .btns) so carets don't wrap to new lines.
• Deprecated: img-retina, invisible, float, and size mixins are now deprecated and will be removed in v5.

Links

• Read the full ship list
• Review the project board

v4.2.1

Bump to v4.2.1 to republish package on npm. See v4.2.0 release notes for changes introduced in v4.2.

v4.2.0

Here are the highlights of what's new and updated in v4.2.

• New: Added a new spinner loading component.
• New: Added new toast component for displaying notifications.
• New: Added a new iOS style switch (a modifier class to our custom checkboxes).
• New: Added touch support in our carousel component.
• New: Added .font-weight-lighter and .font-weight-bolder utilities.
• New: Added .text-decoration-none utility class.
• New: Added .modal-xl modifier class for our modals.
• New: Added new negative margin utility classes (e.g., .mb-n3). These rad new classes not only allow you more control over your general spacing needs, but also allow you to create responsive grid gutters at each breakpoint.
• New: Validated form fields now have feedback icons on :invalid and :valid fields. Disable them with the $enable-validation-icons boolean Sass variable (defaults to true).
• New: Added a new versions page to our docs
• New: Tooltips/Popovers work with Shadow DOM
• Updated: Redesigned the custom checkboxes and radios for more obvious states.
• Updated: bootstrap-grid.css now includes our margin and padding utilities for full control of our grid system.
• Updated: Changed auto columns (e.g., .col-auto) from max-width: none to max-width: 100% to prevent content from causing a column to overflow the parent.
• Updated: Improved rendering of custom selects, ranges, file input, and more.

Checkout the full v4.2.0 ship list and GitHub project for the full details. Up next is v4.3 with some bugfixes, a few new modifier classes and variables, and some new utilities.

Head to to the v4.2.x docs to see the latest in action. The full release has been published to npm and will soon appear on the Bootstrap CDN and Rubygems.

v4.1.3

... (truncated)

Commits

• 8fa0d30 Release v4.3.1. (#28252)
• dae20da Remove unneeded glob. (#28249)
• 10b97f6 Fix npm package contents
• 7bc4d2e Add sanitize template option for tooltip/popover plugins.
• bf2515a Update RFS to v8.0.1 (#28245)
• 45ced60 Update font size (#28232)
• 1ded0d6 Release v4.3.0 (#28228)
• 3aa0770 docs snippets: a few more minor tweaks (#28225)
• adf16da toasts.md: Remove useless divs.
• 2bfe581 Remove stray parameter from capture.
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by xhmikosr, a new releaser for bootstrap since your current version.

Updates hoek from 5.0.3 to 6.1.3

Commits

• 47d6306 6.1.3
• eef9740 cleanup
• fc934af Cleanup
• f2eb7fd Clone without prototype. Closes #290
• 5bfe5b6 6.1.2
• 17fe9a1 Revert all symbol handlings to false by default. Closes #283
• 542939b 6.1.1
• 947a326 Ignore symbols in deepEqual() by default. Closes #281
• 27ac630 6.1.0
• b3b5134 Merge pull request #281 from kanongil/symbol-support
• Additional commits viewable in compare view

Updates chownr from 1.0.1 to 1.1.4

Commits

• 814f642 1.1.4
• a0d7ae0 push to github before npm
• 1a3667a ignore stuff
• 147eac4 Full tests, handle errors properly in many cases
• 578fb9f update tap, fix rimraf version
• 5bbda8c feat: ignore ENOENT errors during chown
• deaa058 1.1.3
• 190e311 Don't early-capture the fs.lchownSync method
• df2826a push to git with 1 command, not 2
• cf3b27b 1.1.2
• Additional commits viewable in compare view

Updates clean-css from 4.1.3 to 4.1.11

Changelog

Sourced from clean-css's changelog.

4.1.11 / 2018-03-06

• Backports fixes to ReDOS vulnerabilities in validator code.

4.1.10 / 2018-03-05

• Fixed issue #988 - edge case in dropping default animation-duration.
• Fixed issue #989 - edge case in removing unused at rules.
• Fixed issue #1001 - corrupted tokenizer state.
• Fixed issue #1006 - edge case in handling invalid source maps.
• Fixed issue #1008 - edge case in breaking up font shorthand.

4.1.9 / 2017-09-19

• Fixed issue #971 - edge case in removing unused at rules.

4.1.8 / 2017-09-02

• Fixed issue #959 - regression in shortening long hex values.
• Fixed issue #960 - better explanation of efficiency stat.
• Fixed issue #965 - edge case in parsing comment endings.
• Fixed issue #966 - remote @imports referenced from local ones.

4.1.7 / 2017-07-14

• Fixed issue #957 - 0% minification of width property.

4.1.6 / 2017-07-08

• Fixed issue #887 - edge case in serializing comments.
• Fixed issue #953 - beautify breaks attribute selectors.

4.1.5 / 2017-06-29

• Fixed issue #945 - hex RGBA colors in IE filters.
• Fixed issue #952 - parsing @page according to CSS3 spec.

4.1.4 / 2017-06-14

• Fixed issue #950 - bug in removing unused @font-face rules.

Commits

• 7812d59 Version 4.1.11.
• 0440b4a Fixes ReDOS vulnerabilities.
• c601ebd Version 4.1.10.
• 9e0a38e Fixes #1006 - handling invalid input source maps.
• 913d72c Fixes #1008 - edge case in breaking up font.
• bedd8a9 Adds @​abarre fix to #1001 to release notes.
• e944a2b #1001 Fix corrupted state of tokenizer (#1010)
• 8be4084 Fixes #989 - edge case in removing unused at-rules.
• 21a5df0 Fixes #988 - edge case in dropping animation-duration.
• 5f6cbc6 Version 4.1.9.
• Additional commits viewable in compare view

Updates concat-with-sourcemaps from 1.0.4 to 1.1.0

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by floridoo, a new releaser for concat-with-sourcemaps since your current version.

Updates debug from 2.6.8 to 2.6.9

Release notes

Sourced from debug's releases.

2.6.9

Patches

• Remove ReDoS regexp in %o formatter: #504

Credits

Huge thanks to @​zhuangya for their help!

Changelog

Sourced from debug's changelog.

2.6.9 / 2017-09-22

• remove ReDoS regexp in %o formatter (#504)

Commits

• 13abeae Release 2.6.9
• f53962e remove ReDoS regexp in %o formatter (#504)
• See full diff in compare view

Updates browser-sync from 2.24.5 to 2.29.3

Release notes

Sourced from browser-sync's releases.

The one that fixes snippetOptions

What's Changed

• fix: append to head if body not present yet - fixes #2031 by @​shakyShane in BrowserSync/browser-sync#2041

Full Changelog: BrowserSync/browser-sync@v2.29.2...v2.29.3

v2.29.1

What's Changed

• trim-deps by @​shakyShane in BrowserSync/browser-sync#2028

Full Changelog: BrowserSync/browser-sync@v2.29.0...v2.29.1

The one that restores IE11 support 💪

What's Changed

• fix ie11 by @​shakyShane in BrowserSync/browser-sync#2024

esbuild does not support down-level transpiling as far as IE11 - so when I switched to it, it accidentally broke IE11 support 😢

This is an important issue for me - many devs that support old browsers like IE11 are doing so because their projects are used in public services, or internal applications. Not every developer out there has the luxury of supporting evergreen-only browsers.

So, IE11 will work once again 🎉. Please use the issues thread to make me aware of any problem that's preventing you from using Browsersync in your day job 💪 (and be sure to thumbs-up the issues you want to see resolved)

# IE11 works, again
npm install browser-sync@latest

Full Changelog: BrowserSync/browser-sync@v2.28.3...v2.29.0

the one that finally removes document.write

What's Changed

• browser-sync-2017 use chalk everywhere by @​shakyShane in BrowserSync/browser-sync#2018
• fix: remove document.write by @​shakyShane in BrowserSync/browser-sync#2019

Full Changelog: BrowserSync/browser-sync@v2.27.12...v2.28.0

2.27.9

What's Changed

• fix(cli): Where's the command help? fixes #1929 by @​shakyShane in BrowserSync/browser-sync#1945

A bug prevented the help output from displaying - it was introduced when the CLI parser yargs was updated, and is now fixed :)

Full Changelog: BrowserSync/browser-sync@v2.27.8...v2.27.9

... (truncated)

Commits

• 02efdff v2.29.3
• 62d906e fix: append to head if body not present yet - fixes #2031 (#2041)
• f91440e v2.29.2
• d0c50e0 deps: drop qs (#2040)
• 6ffc212 v2.29.1
• 7b07798 v2.29.1-alpha.0
• 497f216 remove client deps
• bed04d4 v2.29.0
• 87421b5 fix: ie11 support (#2024)
• 59eb01a v2.28.3
• Additional commits viewable in compare view

Updates es5-ext from 0.10.23 to 0.10.64

Release notes

Sourced from es5-ext's releases.

0.10.64 (2024-02-27)

Bug Fixes

• Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

---

Comparison since last release

0.10.63 (2024-02-23)

Bug Fixes

• Do not rely on problematic regex (3551cdd), addresses #201
• Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021
• Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

• Simplify the manifest message (7855319)

---

Comparison since last release

0.10.62 (2022-08-02)

Maintenance Improvements

• Manifest improvements:
  • (#190) (b8dc53f)
  • (c51d552)

---

Comparison since last release

0.10.61 (2022-04-20)

Bug Fixes

• Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements

• Bump dependencies (d7e0a61)

---

Comparison since last release

0.10.60 (2022-04-07)

Maintenance Improvements

• Improve postinstall script configuration (ab6b121)

---

... (truncated)

Changelog

Sourced from es5-ext's changelog.

0.10.64 (2024-02-27)

Bug Fixes

• Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

0.10.63 (2024-02-23)

Bug Fixes

• Do not rely on problematic regex (3551cdd), addresses #201
• Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021
• Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

• Simplify the manifest message (7855319)

0.10.62 (2022-08-02)

Maintenance Improvements

• Manifest improvements:
  • (#190) (b8dc53f)
  • (c51d552)

0.10.61 (2022-04-20)

Bug Fixes

• Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements

• Bump dependencies (d7e0a61)

0.10.60 (2022-04-07)

Maintenance Improvements

• Improve postinstall script configuration (ab6b121)

0.10.59 (2022-03-17)

Maintenance Improvements

• Improve manifest wording (#122) (eb7ae59)
• Update data in manifest (3d2935a)

0.10.58 (2022-03-11)

... (truncated)

Commits

• f76b03d chore: Release v0.10.64
• 2881acd chore: Bump dependencies
• c2e2bb9 fix: Revert update meant to fix Powershell issue, as it's a regression
• 16f2b72 docs: Fix date in the changelog
• de4e03c chore: Release v0.10.63
• 3fd53b7 chore: Upgrade lint-staged to v13
• bf8ed79 chore: Ensure postinstall script does not crash on Windows
• 2cbbb07 chore: Bump dependencies
• 22d0416 chore: Bump LICENSE year
• a52e957 fix: Support ES2015+ function definitions in function#toStringTokens()
• Additional commits viewable in compare view

Updates extend from 2.0.1 to 2.0.2

Changelog

Sourced from extend's changelog.

2.0.2 / 2018-07-19

• [Fix] Prevent merging __proto__ property (#48)
• [Fix] deep extending should work with a non-object (#46)
• [Docs] Switch from vb.teelaun.ch to versionbadg.es for the npm version badge SVG.
• [Docs] Add example to readme (#34)
• [Dev Deps] update tape, eslint, @ljharb/eslint-config, covert, jscs
• [Tests] up to node v10.7, v9.11, v8.11, v7.10, v6.14, v4.9; io.js v2.3; use nvm install-latest-npm
• [Tests] Add npm run eslint
• [Tests] int is an ES3 reserved word

Commits

• a439429 v2.0.2
• 5f23117 [Dev Deps] add safe-publish-latest
• 92f406d Revert "Merge pull request #32 from greelgorke/master"
• 8d106d2 v3.0.2
• e97091f [Dev Deps] update tape
• e841aac [Tests] up to node v10.7
• 0e68e71 [Fix] Prevent merging proto property
• a689700 Only apps should have lockfiles
• f13c1c4 [Dev Deps] update eslint, @ljharb/eslint-config, tape
• f3570fe [Tests] up to node v10.0, v9.11, v8.11, v7.10, v6.14, v4.9; use...
• Additional commits viewable in compare view

Updates follow-redirects from 1.5.0 to 1.15.6

Commits

• 35a517c Release version 1.15.6 of the npm package.
• c4f847f Drop Proxy-Authorization across hosts.
• 8526b4a Use GitHub for disclosure.
• b1677ce Release version 1.15.5 of the npm package.
• d8914f7 Preserve fragment in responseUrl.
• 6585820 Release version 1.15.4 of the npm package.
• 7a6567e Disallow bracketed hostnames.
• 05629af Prefer native URL instead of deprecated url.parse.
• 1cba8e8 Prefer native URL instead of legacy url.resolve.
• 72bc2a4 Simplify _processResponse error handling.
• Additional commits viewable in compare view

Updates fsevents from 1.1.1 to 2.3.3

Release notes

Sourced from fsevents's releases.

Release v2.3.3

Released to npm as v2.3.3

Release v2.3.2

Released to npm as v2.3.2

Release v2.3.1

Released to npm as v2.3.1

Release contains universal binary for x86 & amd64 (m1) chips

Release v2.2.2

Released to npm as v2.2.2

Universal Binary Support x86-64 & amd64(m1)

Release v2.2.0

Electron Enabled (no static functions/variables)

Release v1.2.3

No release notes provided.

Release v2.1.2

No release notes provided.

2.1.0

Latest stable release

Release NAPI v2.0.6

Include essential files only.

Release NAPI v2.0.5

No release notes provided.

Release NAPI v2.0.4

No release notes provided.

Release NAPI v2.0.3

Moved NAPI version out of experimental.

NAPI release

No release notes provided.

deprecated

Fixing the API for chokidar since it was calling FSEvents as a constructor

deprecated

We have upgraded to N-API. For that reason we have also dropped support for node < 6.

For that reason, we have made this a major version bump so dependents have to opt in. The actual API remains entirely the same, so if you are depending on fsevents, it should be as simple as changing the version number in your package.json.

... (truncated)

Commits

• 2db891e Release v2.3.3
• 8ec87bf Update nodejs.yml (#392)
• c20c3af readme
• 63709df Merge pull request #384 from aleksanb/subdirs
• a77340f Handle MustScanSubDirs for large projects
• 66be519 Update README.md (#371)
• 2f2a858 Update README.md (#364)
• a7f5d00 Release v2.3.2
• fab136a fix: issue #355 (#356)
• 328ae39 Release v2.3.1
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by pipobscure, a new releaser for fsevents since your current version.

Updates fstream from 1.0.11 to 1.0.12

Commits

• 4235459 1.0.12
• 6a77d2f Clobber a Link if it's in the way of a File
• See full diff in compare view

Updates is-my-json-valid from 2.16.0 to 2.20.6

Commits

• 58d30cb 2.20.6
• f76edf0 Merge pull request #188 from axelniklasson/master
• 4eef089 Upgrade jsonpointer to address security vulnerability
• 441f812 2.20.5
• d36a1b1 Merge pull request #182 from ChALkeR/chalker/fix-comma
• b6ea484 Fix uri prefix detection
• 5389c5b Merge pull request #181 from ChALkeR/chalker/fix-undef
• df5b313 add funding file
• c224619 Fix 'required' implementation
• 2534af4 2.20.4
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by linusu, a new releaser for is-my-json-valid since your current version.

Updates is-url from 1.2.2 to 1.2.4

Commits

• d204828 1.2.4
• a524d7f Merge pull request #20 from davisjam/FixUndef
• b33cac4 handle undefined string
• 8585fac Merge pull request #23 from segmentio/fix-tests
• e572e5d add travis config
• e1c30e1 remove cruft and fix the test script
• f1c83cf 1.2.3
• 55ee8ee Merge pull request #18 from davisjam/FixREDOS
• 1495509 security: Fix REDOS vulnerability
• See full diff in compare view

Updates json-schema from 0.2.3 to 0.4.0

Commits

• f6f6a3b Use a little more robust method of checking instances
• ef60987 Update version
• b62f1da Protect against constructor modification, #84
• fb427cd Link to json-schema-org repository in addition to site, fixes #54
• 22f1461 Don't allow proto property to be used for schema default/coerce, fixes #84
• c52a27c Get basic test to pass
• b3f42b3 Add security policy
• 3b0cec3 Update version
• c28470f Update readme to acknowledge the state of the package
• 7dff9cd Merge pull request #81 from hodovani/patch-1
• Additional commits viewable in compare view

Updates jsprim from 1.4.1 to 1.4.2

Changelog

Sourced from jsprim's changelog.

v1.4.2 (2021-11-29)

• #35 Backport json-schema 0.4.0 to version 1.4.x

Commits

• 5c8475f joyent/node-jsprim#35 Backport json-schema 0.4.0 to version 1.4.x
• See full diff in compare view

Maintainer changes

This version was pushed to npm by bahamat, a new releaser for jsprim since your current version.

Updates lodash from 4.17.10 to 4.17.21

Commits

• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• ded9bc6 Bump to v4.17.20.
• 63150ef Documentation fixes.
• 00f0f62 test.js: Remove trailing comma.
• 846e434 Temporarily use a custom fork of lodash-cli.
• 5d046f3 Re-enable Travis tests on 4.17 branch.
• aa816b3 Remove /npm-package.
• d7fbc52 Bump to v4.17.19
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Updates gulp from 3.9.1 to 5.0.0

Release notes

Sourced from gulp's releases.

gulp v5.0.0

We've tried to provide a high-level changelog for gulp v5 below, but it doesn't contain all changes from the 60+ dependencies that we maintain.

Please see individual changelogs to drill down into all changes that were made.

⚠ BREAKING CHANGES

• Drop support for Node.js <10.13
• Default stream encoding to UTF-8
• Standardized on anymatch library for globbing paths. All globs should work the same between src and watch now!
• Removed support for ordered globs. This aligns with the chokidar globbing implementation. If you need your globs to be ordered, you can use ordered-read-stream
• All globs and paths are normalized to unix-like filepaths
• Only allow JS variants for .gulp.* config files
• Removed support for alpha releases of v4 from gulp-cli
• Removed the --verify flag
• Renamed the --require flag to --preload to avoid conflicting with Node.js flags
• Removed many legacy and deprecated loaders
• Upgrade to chokidar v3
• Clone Vinyl objects with stream contents using teex, but no longer wait for all streams to flow before cloned streams will receive data
• Stop using process.umask() to make directories, instead falling back to Node's default mode
• Throw on non-function, non-string option coercers
• Drop support of Node.js snake_case flags
• Use a Symbol for attaching the gulplog namespace to the store
• Use a Symbol for attaching the gulplog store to the global
• Use sha256 to hash the v8flags cache into a filename

Features

• Streamlined the dependency tree
• Switch all streams implementation to Streamx
• Rewrote glob-stream to use a custom directory walk that relies on newer Node.js features and is more performant than old implementation
• Implement translation support for all CLI messages and all messages passing through gulplog
• Allow users to customize or remove the timestamp from their logs
• Upgraded gulplog to v2. Messages logged via v1 will also display a deprecated warning. Plugins should update to v2 as the community upgrades to gulp 5
• Added support for gulpile.cjs and gulpfile.mjs
• Add support for swc, esbuild, sucrase, and mdx loaders
• Provide an ESM export (#2760) (b00de68)
• Support sourcemap handling on streaming Vinyl contents
• Support extends syntax for .gulp.* config file
• Allow overriding gulpfile and preloads via .gulp.* config file

Bug Fixes

• Resolve bugs related to symlinks on various platforms
• Resolved some reported ReDoS CVEs and improved performance in glob-parent
• Rework errors surfaced when encountering files or symlinks when trying to create directories
• Ensure watch allows japanese characters in globs (72668c6)

... (truncated)

Changelog

Sourced from gulp's changelog.

5.0.0 (2024-03-29)

We've tried to provide a high-level changelog for gulp v5 below, but it doesn't contain all changes from the 60+ dependencies that we maintain.

Please see individual changelogs to drill down into all changes that were made.

⚠ BREAKING CHANGES

• Drop support for Node.js <10.13
• Default stream encoding to UTF-8
• Standardized on anymatch library for globbing paths. All globs should work the same between src and watch now!
• Removed support for ordered globs. This aligns with the chokidar globbing implementation. If you need your globs to be ordered, you can use ordered-read-stream
• All globs and paths are normalized to unix-like filepaths
• Only allow JS variants for .gulp.* config files
• Removed support for alpha releases of v4 from gulp-cli
• Removed the --verify flag
• Renamed the --require flag to --preload to avoid conflicting with Node.js flags
• Removed many legacy and deprecated loaders
• Upgrade to chokidar v3
• Clone Vinyl objects with stream contents using teex, but no longer wait for all streams to flow before cloned streams will receive data
• Stop using process.umask() to make directories, instead falling back to Node's default mode
• Throw on non-function, non-string option coercers
• Drop support of Node.js snake_case flags
• Use a Symbol for attaching the gulplog namespace to the store
• Use a Symbol for attaching the gulplog store to the global
• Use sha256 to hash the v8flags cache into a filename

Features

• Streamlined the dependency tree
• Switch all streams implementation to Streamx
• Rewrote glob-stream to use a custom directory walk that relies on newer Node.js features and is more performant than old implementation
• Implement translation support for all CLI messages and all messages passing through gulplog
• Allow users to customize or remove the timestamp from their logs
• Upgraded gulplog to v2. Messages logged via v1 will also display a deprecated warning. Plugins should update to v2 as the community upgrades to gulp 5
• Added support for gulpile.cjs and gulpfile.mjs
• Add support for swc, esbuild, sucrase, and mdx loaders
• Provide an ESM export (#2760) (b00de68)
• Support sourcemap handling on streaming Vinyl contents
• Support extends syntax for .gulp.* config file
• Allow overriding gulpfile and preloads via .gulp.* config file

Bug Fixes

• Resolve bugs related to symlinks on various platforms
• Resolved some reported ReDoS CVEs and improved performance in glob-parent
• Rework errors surfaced when encountering files or symlinks when trying to create directories
• Ensure watch allows japanese characters in globs (72668c6)

... (truncated)

Commits

• 5c4c547 chore: Release 5.0.0 (#2762)
• bf72116 chore: Add index.mjs to files list
• b00de68 feat: Provide an ESM export (#2760)
• 72668c6 chore!: Normalize repository, dropping node <10.13 support (#2758)
• 85896d4 chore(docs): Update stream handbook link (#2711)
• 818bd73 Docs: Remove gulp-sourcemaps because it is built-in (#2592)
• 598f971 Docs: ...

  Description has been truncated