From 19df2bc12e0da2f51fff2728b5afb0ca33e9dbe8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 20 Jun 2023 17:50:32 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SEMVER-3247795 --- package-lock.json | 24 +++++++++++++++++++++--- package.json | 2 +- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 251329bd2f1a3..52fbbd93c2c89 100644 --- a/package-lock.json +++ b/package-lock.json @@ -6544,9 +6544,27 @@ "optional": true }, "semver": { - "version": "7.3.2", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.2.tgz", - "integrity": "sha512-OrOb32TeeambH6UrhtShmF7CRDqhL6/5XpPNp2DuRH6+9QLw/orhp72j87v8Qa1ScDkvrrBNpZcDejAirJmfXQ==" + "version": "7.5.2", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.2.tgz", + "integrity": "sha512-SoftuTROv/cRjCze/scjGyiDtcUyxw1rgYQSZY7XTmtR5hX+dm76iDbTH8TkLPHCQmlbQVSSbNZCPM2hb0knnQ==", + "requires": { + "lru-cache": "^6.0.0" + }, + "dependencies": { + "lru-cache": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", + "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", + "requires": { + "yallist": "^4.0.0" + } + }, + "yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + } + } }, "semver-diff": { "version": "3.1.1", diff --git a/package.json b/package.json index 976593f28c175..63524507d8b7a 100644 --- a/package.json +++ b/package.json @@ -61,7 +61,7 @@ "npm-run-all": "^4.1.5", "postcss": "^8.1.0", "sass": "^1.27.0", - "semver": "^7.3.2", + "semver": "^7.5.2", "strftime": "^0.10.0" }, "devDependencies": {