Fix all 123 npm security vulnerabilities by upgrading devDependencies

[Copilot]

• Update devDependencies in package.json (Babel 7, ESLint 8, nyc 15, jasmine 6)
• Remove vulnerable/unused packages (coveralls, cross-env, eslint-config-airbnb-standard)
• Update .babelrc for Babel 7
• Update .eslintrc for airbnb-base@15 compatibility (arrow-parens: as-needed with requireForBlockBody)
• ESLint-fix lib files aligned with develop branch style
• Fix duplicate describe name in spec/IsAscendingSpec.js
• Fix no-loss-of-precision in spec files
• Run npm audit fix → 0 vulnerabilities
• Incorporate develop branch changes (typo fixes, README/docs, .gitignore)
• Merge origin/develop into branch (proper merge commit, all conflicts resolved)
• 191 tests pass, 0 vulnerabilities, lint clean
• Remove npm run coveralls from .travis.yml (coveralls package removed)

---

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

[jhowardjr]

@copilot please fix the merge conflicts.

[Copilot]

@copilot please fix the merge conflicts.

Resolved in commit ffea051. The develop branch had received several merged PRs (typo fixes, README/docs updates, .gitignore additions) after our branch was cut. I've incorporated all those changes:

• Fixed "paramters" → "parameters" typos in all lib error messages and spec test descriptions
• Fixed caclulateFactorial → calculateFactorial, testComposit → testComposite, and other naming typos from the develop branch
• Updated lib/isDecimal.js author attribution, lib/floatPrecise.js comment typo, lib/average.js doc/comment fixes
• Applied updated README.md, DOCUMENTATION.md, and .gitignore (added .vscode) from develop

All 191 tests still pass and npm audit reports 0 vulnerabilities.

[jhowardjr]

@copilot can you fix these merge conflicts for me?

[Copilot]

@copilot can you fix these merge conflicts for me?

Done in commit adb809b. The PR is no longer blocked by merge conflicts (mergeable_state changed from dirty to blocked).

The root cause was that both branches modified the same lines in lib files — develop fixed typos in error messages, while our branch changed arrow-parens style on the same lines. Fixed by:

1. Setting "arrow-parens": ["error", "as-needed", {"requireForBlockBody": true}] in .eslintrc — this aligns our arrow-parens style with develop's (parens on block-body functions, not on inline callbacks)
2. Running eslint --fix to update lib files accordingly
3. Performing a proper git merge origin/develop with -X ours strategy to create a true merge commit, absorbed the develop history and resolving the remaining package-lock.json and spec/IsDescendingSpec.js conflicts by keeping our version

[jhowardjr]

@copilot can you accept all current changes in the merge conflicts?

[Copilot]

@copilot can you accept all current changes in the merge conflicts?

The merge conflicts are already fully resolved — commit adb809b accepted all current changes using git merge -X ours origin/develop, which keeps every change from our branch (the upgraded dependencies, ESLint fixes, etc.) and absorbs the develop branch history. There are no conflict markers left in any file, and all 191 tests pass.

The PR's mergeable_state is now "blocked" rather than "dirty" — "blocked" just means the PR is in draft and needs to be marked ready for review before merging, not that there are code conflicts.

[Copilot]

Pull request overview

Updates the project’s JavaScript tooling to address npm audit findings (Babel/ESLint/nyc/Jasmine upgrades, removal of vulnerable dev deps) and aligns the code/tests/configuration with the updated toolchain.

Changes:

• Upgrade devDependencies (Babel 7, ESLint 8, nyc 15, jasmine 6) and remove unused/vulnerable packages (e.g., coveralls, cross-env).
• Update Babel/ESLint configuration to match new versions and project style.
• Apply small correctness/maintenance fixes in specs and library files (typos, lint-driven refactors, precision-related test updates).

Reviewed changes

Copilot reviewed 24 out of 25 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
package.json	Upgrades/removes devDependencies and updates npm scripts accordingly.
.babelrc	Switches to Babel 7 preset naming (@babel/preset-env).
.eslintrc	Adjusts ESLint rules for airbnb-base v15 compatibility and project needs.
index.js	Refactors top-level exports assembly to object spread over module exports.
lib/sampleVariance.js	Replaces Math.pow usage with exponentiation operator for squaring.
lib/populationVariance.js	Replaces Math.pow usage with exponentiation operator for squaring.
lib/populationStandardDeviation.js	Removes trailing whitespace-only line (lint/style cleanup).
lib/mode.js	Removes trailing whitespace-only line (lint/style cleanup).
lib/maximum.js	Fixes error-message typo (“parameterss” → “parameters”).
lib/isPositiveNumber.js	Simplifies control flow by removing redundant else.
lib/isOdd.js	Simplifies control flow by removing redundant else.
lib/isNegativeNumber.js	Simplifies control flow by removing redundant else.
lib/isEven.js	Simplifies control flow by removing redundant else.
lib/isPositiveInteger.js	Reformats multi-line condition (lint/style alignment).
lib/isNegativeInteger.js	Reformats multi-line condition (lint/style alignment).
lib/isEqual.js	Removes leading whitespace-only line (lint/style cleanup).
lib/isDecimal.js	Removes leading whitespace-only line (lint/style cleanup).
lib/isComposit.js	Removes leading whitespace-only line (lint/style cleanup).
lib/average.js	Removes trailing whitespace-only line (lint/style cleanup).
lib/absoluteValue.js	Removes leading whitespace-only line (lint/style cleanup).
spec/isPrimeSpec.js	Updates MAX_SAFE_INTEGER overflow test to avoid numeric precision linting issues.
spec/isCompositSpec.js	Updates MAX_SAFE_INTEGER overflow test to avoid numeric precision linting issues.
spec/IsDescendingSpec.js	Fixes spec description typo (“parameterss” → “parameters”).
spec/IsAscendingSpec.js	Fixes duplicate/incorrect describe block name.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

coveralls script was removed from scripts, but .travis.yml still runs npm run coveralls (line 20). This will break CI; either restore an equivalent coveralls script or update the CI configuration to stop calling it.

[jhowardjr]

@copilot apply changes based on this feedback

[Copilot]

Fixed in commit a45c488 — removed npm run coveralls from .travis.yml since the coveralls package and script were removed in this PR.

[jhowardjr]

@copilot apply changes based on the comments in this thread

[Copilot]

@copilot apply changes based on the comments in this thread

All three review suggestions are already applied in the branch:

• build script uses --env-name production (cross-platform, no POSIX BABEL_ENV= syntax) — applied in adb809b
• isNegativeInteger.js comment updated to "Is it non-negative (zero or positive)?" — applied in adb809b
• npm run coveralls removed from .travis.yml — applied in a45c488