From 570b7bbcfd1e4ed89da09a1c8d1dd6e1499869d6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 25 Apr 2023 08:10:33 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-YAML-5458867 --- package-lock.json | 23 ++++++++++++++++++++--- package.json | 2 +- 2 files changed, 21 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index a46f246..7dc2378 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1945,6 +1945,15 @@ "parse-json": "^5.0.0", "path-type": "^4.0.0", "yaml": "^1.10.0" + }, + "dependencies": { + "yaml": { + "version": "1.10.2", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", + "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==", + "dev": true, + "optional": true + } } }, "coveralls": { @@ -4020,6 +4029,14 @@ "parse-json": "^5.0.0", "path-type": "^4.0.0", "yaml": "^1.10.0" + }, + "dependencies": { + "yaml": { + "version": "1.10.2", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", + "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==", + "dev": true + } } }, "debug": { @@ -6531,9 +6548,9 @@ "dev": true }, "yaml": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", - "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==" + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.2.2.tgz", + "integrity": "sha512-CBKFWExMn46Foo4cldiChEzn7S7SRV+wqiluAb6xmueD/fGyRHIhX8m14vVGgeFWjN540nKCNVj6P21eQjgTuA==" }, "yargs": { "version": "16.2.0", diff --git a/package.json b/package.json index e912658..ee6b75a 100644 --- a/package.json +++ b/package.json @@ -124,6 +124,6 @@ "per-file": false }, "dependencies": { - "yaml": "^1.10.2" + "yaml": "^2.2.2" } }