refactor: updated even further dependencies

[mfranzke]

Summary of changes:

Please find the list of all of the changed dependencies with their related breaking changes for all major release updates listed below them. I've as well compared the handlebars and twig build output to ensure that this update is fine.

Simply updated

• ejs
  • Removed require.extensions (@mde) / mde/ejs@7c15b78
    Not used by us
  • Removed legacy preprocessor include (@mde) / mde/ejs@c6bca15 & mde/ejs@e6fd45d
    Not used by us
  • Removed support for EOL Nodes 4 and 6 (@mde)
    Not relevant for us, as this is out of (below) our Node version scope.
• scroll-js
  • No documented breaking changes, only "ESM and CommonJS updates (#43) (markcellus/scroll-js@fe00cc3)"
    But we need to fix the version at 3.4.x as with version 3.5.0 a breaking change of jumping from node version 12 to 16 got introduced.
• classnames
  • minor version update
• gulp
  • Replace Orchestrator with Undertaker (9fda7b4)
    changes documented within the API with commit gulpjs/gulp@0f3151e; no noticeable changes for our implementation
  • Replace vinyl-fs watch/gaze with chokidar (gulpjs/gulp@2cd0e1e)
    Not used by our codebase.
  • Only support tasks that are functions in gulp.watch (gulpjs/gulp@1d70cfb)
    Not used by our codebase.
  • Remove array & string task support from gulp.watch (gulpjs/gulp@b085e95)
    Not used by our codebase.
• @auto-it/released
  • no breaking changes for this package
• auto
  • no breaking changes for this package
• fs-extra
  • dropped Node v0.10 support.
    fine with our node.js support
  • Renamed clobber to overwrite. This affects copy(), copySync(), and move(). #330, #333
    we don't use this one
  • BREAKING: Removed support for Node v0.12. The Node foundation stopped officially supporting it on Jan 1st, 2017.
    fine with our node.js support
  • Remove walk() and walkSync(). walkSync() was only part of fs-extra for a little over two months. Use klaw instead of walk(), in fact, walk() was just an alias to klaw. For walkSync() use klaw-sync. See: #338, #339
    we don't use these ones
  • Added Promise support. All asynchronous native fs methods and fs-extra methods now return a promise if the callback is not passed. #403
    This one was added with fs-extra major version 3.0.0 – we're only using the async functions in packages that were on higher versions of that dependency even already, and sync elsewhere.
  • Removed support for setting the default spaces for writeJson(), writeJsonSync(), outputJson(), & outputJsonSync(). This was undocumented. BREAKING: Remove support for setting spaces for JSON writing jprichardson/node-fs-extra#402
    We don't use that undocumented way of defining spaces.
  • Changed behavior of throws option for readJsonSync(); now does not throw filesystem errors when throws is false.
    we don't use this one
  • writeJson(), writeJsonSync(), outputJson(), & outputJsonSync() now output minified JSON by default for consistency with JSON.stringify(); set the spaces option to 2 to override this new behavior. BREAKING: Remove support for setting spaces for JSON writing jprichardson/node-fs-extra#402
    We don't use fs.spaces, that has been removed there.
  • The promisified versions of fs.read() & fs.write() now return objects. See the docs for details. #436, #449
    we don't use these ones
  • Significant refactor of copy() & copySync(), including breaking changes
    We don't use these filter options
    • The filter option can no longer be a RegExp (must be a function). This was deprecated since fs-extra v1.0.0. #512
    • copy()'s filter option can now be a function that returns a Promise. #518
  • Drop support for Node.js versions 4, 5, & 7 (#564)
    fine with our node.js support
  • Refine copy*() handling of symlinks to properly detect symlinks that point to the same file. (#582)
    To my knowledge we don't use symlinks
  • Requires Node.js version 10 or greater (#725, #751)
    fine with our node.js support
  • Switched ensureDir* to use a fork of https://github.com/sindresorhus/make-dir to make use of native recursive fs.mkdir where possible (#619, #756)
    Shouldn't be a problem for us. In detail:
    • We no longer return a file path on success (to match fs.mkdir)
    • We do not allow creating root on Windows (matches fs.mkdir)
    • Error codes are a bit different
  • Properly preserve atime for copy* with preserveTimestamps option (#633)
    We don't use this option.
  • outputJson now outputs objects as they were when the function was called, even if they are mutated later (#702, #768)
    I can't see how this would affect us negatively.
  • Cannot pass null as an options parameter to *Json* methods (#745, #768)
    We don't do this.
  • Require Node.js v12+ (#886, #893, #890, #894, #895)
    fine with our node.js support
  • Allow copying broken symlinks (#779, #765, #638, #761)
    To my knowledge we don't use symlinks
  • Ensure correct type when destination exists for ensureLink*()/ensureSymlink*() (#826, #786, #870)
    We don't use these methods.
  • Error when attempting to copy*() unknown file type (#880)
    I can't see how this would affect us.
  • Remove undocumented options for remove*() (#882)
    We don't use any remove*() function
• better-opn
  • Drop support for Node.js version lower than 12
    fine with our node.js support
  • The app option now accepts an object instead of a string/array:
    We don't use this option.
• deepmerge
  • drop ES module build #123
    Fine for us as we're using the Common JS version.
  • The main entry point in package.json is now a CommonJS module instead of a UMD module #155
    Fine for us as we're using the Common JS version.
• execa
  • Remove faulty emulated ENOENT error on Windows (#447) sindresorhus/execa@bdbd975 This is only a breaking change if you depend on the exact error message.
    We're aren't depending on the exact error message.
• jsdoc-to-markdown
  • Node versions less than v10 are no longer supported
    fine with our node.js support
• archiver
  • follow node LTS, remove support for versions under 6. (#339)
    fine with our node.js support
  • slowly catch up with node LTS, remove support for versions under 8.
    fine with our node.js support
  • absolute path glob patterns are no longer supported: use cwd option instead.
    we do.
• has-yarn
  • Require Node.js 8 sindresorhus/has-yarn@8f6bc36
    fine with our node.js support
• inquirer
  • Update to Rx.js v6
    I can't see how this would affect us.
  • Drop support for Node 6.
    fine with our node.js support
  • Drop support for Node 10 (through dependencies)
    fine with our node.js support
• ora
  • Require Node.js 6 sindresorhus/ora@17c1a29
    fine with our node.js support
  • Rename the enabled option to isEnabled sindresorhus/ora@fc5c660
    We don't use this option.
  • Ora should still output text when not iEnabled sindresorhus/ora@d1f8d85
    I can't see how this would affect us.
• yargs
  • node: drop Node 10 (#1919)
    fine with our node.js support
  • implicitly private methods are now actually private
    I can't see how this would affect us.
  • deprecated reset() method is now private (call yargs() instead).
    We don't use this method.
  • yargs-factory: refactor yargs-factory to use class (#1895)
    We don't use yargs-factory.
  • .positional() now allowed at root level of yargs.
    We don't use that method.
  • coerce: coerce is now applied before validation.
    I can't see how this would affect us.
  • async: yargs now returns a promise if async or check are asynchronous.
    I can't see how this would affect us.
  • middleware: global middleware now applied when no command is configured.
    I can't see how this would affect us.
  • #1823 contains the following breaking API changes:
    I can't see how these would affect us.
    • now returns a promise if handler is async.
      I can't see how this would affect us.
    • onFinishCommand removed, in favor of being able to await promise.
      We don't use this one.
    • getCompletion now invokes callback with err and `completions, returns promise of completions.
      We don't use this one.
• markdown-it
  • Major version bumped, because internals or linkify-it was changed. You will not be affected anyhow, if not used direct access to require('linkify-it/re') for customizations.
    We don't access require('linkify-it/re') directly.
  • Minor internal structs change, to make pairs parse more effective (cost is linear now). If you use external "pairs" extensions, you need sync those with "official ones". Without update, old code will work, but can cause invalid result in rare case. This is the only reason of major version bump. With high probability you don't need to change your code, only update version dependency.
    I can't see how this would affect us.
• send
  • no breaking changes
• commander
  • 6.0.0 (2020-07-21), Added
    • allow options to be added with just a short flag (#1256)
      • Breaking: the option property has same case as flag. e.g. flag -n accessed as opts().n (previously uppercase)
        Not in use by us.
    • Breaking: throw an error if there might be a clash between option name and a Command property, with advice on how to resolve (#1275)
      We don't get an error like this.
  • 5.0.0 (2020-03-14)
    • Breaking: .args contains command arguments with just recognised options removed (#1032 #1138)
      Not in use by us
    • Breaking: display error if required argument for command is missing (#995 #1149)
    • Breaking: .allowUnknownOption() (#802 #1138)
      Not in use by us
      • unknown options included in arguments passed to command action handler
      • unknown options included in .args
    • Breaking: .parseOptions() (#1138)
      Not in use by us
      • args in returned result renamed operands and does not include anything after first unknown option
      • unknown in returned result has arguments after first unknown option including operands, not just options and values
    • Breaking .on('command:*', callback) and other command events passed (changed) results from .parseOptions, i.e. operands and unknown (#1138)
  • 4.0.0 (2019-11-02)
    • Changed
      • Breaking: Commander is only officially supported on Node 8 and above, and requires Node 6 (#1053)
        We're on Node 12
    • Fixed
      • Breaking keep command object out of program.args when action handler called (#1048)
        • also, action handler now passed array of unknown arguments
  • 3.0.0 / 2019-08-08
    • Breaking Change TypeScript to use overloaded function for .command. (#938 #990)
    • Fix behavior of --no-* options (#795)
      • Breaking custom event listeners: --no-foo on cli now emits option:no-foo (previously option:foo)
      • Breaking default value: defining --no-foo after defining --foo leaves the default value unchanged (previously set it to false)

Updated and migrated some code

• cosmiconfig:

Breaking change: Separate async and sync APIs, accessible from different named exports. If you used explorer.searchSync() or explorer.loadSync(), you'll now create a sync explorer with cosmiconfigSync(), then use explorerSync.search() and explorerSync.load().

• fuse.js:

Removed tokenization Discussion
Removed maxPatternLength option

• js-yaml: Migration guide
  safeLoad(), safeLoadAll(), safeDump() => load(), loadAll(), dump()
• husky
  • Improve .husky/ directory structure. .husky/.gitignore is now unnecessary and can be removed.
    Did that.
  • Drop Node 10 support
    Not relevant for us, as we're on Node 12

Replaced

• opn: opn got renamed to open (still maintained by @sindresorhus).

#updatingdependenciesbitbybitbybitbybitbybitbybitbybitbybit

[JosefBredereck]

PR was released with v5.16.0