Update to Node 16, package-lock v2, npm audit
Changes
- Update CI to use Node 16.x (with bundled npm 7.18.1 as of the time of this MR).
- npm auto-conversion of
package-lock.json
to version 2 of the format. Many dependencies were updated in the lockfile simply bynpm i
, it seems mostly to mitigate vulnerabilities. -
npm audit fix
to updatepackage-lock.json
with any fixed versions of various packages to fix known vulnerabilities. npm still reports that there are some vulnerabilities it couldn't handle, including multiple in dependencies ofgulp-imagemin
which appears unmaintained.
Checks done
- CI pipelines finish successfully
-
diff
'd the artifacts from antora/antora-ui-default and those generated by the last commit in this MR. No differences detected.