From 3d035a76cb4be289de54977d140fc8e426a5688d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 6 Apr 2022 16:10:47 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MOMENT-2440688 --- package-lock.json | 50 +++++++++++++++++++++++++++++++---------------- package.json | 2 +- 2 files changed, 34 insertions(+), 18 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0feba7dc6..06663d826 100644 --- a/package-lock.json +++ b/package-lock.json @@ -7108,7 +7108,8 @@ "ansi-regex": { "version": "2.1.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "aproba": { "version": "1.2.0", @@ -7129,12 +7130,14 @@ "balanced-match": { "version": "1.0.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "brace-expansion": { "version": "1.1.11", "bundled": true, "dev": true, + "optional": true, "requires": { "balanced-match": "1.0.0", "concat-map": "0.0.1" @@ -7149,17 +7152,20 @@ "code-point-at": { "version": "1.1.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "concat-map": { "version": "0.0.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "console-control-strings": { "version": "1.1.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "core-util-is": { "version": "1.0.2", @@ -7276,7 +7282,8 @@ "inherits": { "version": "2.0.3", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "ini": { "version": "1.3.5", @@ -7288,6 +7295,7 @@ "version": "1.0.0", "bundled": true, "dev": true, + "optional": true, "requires": { "number-is-nan": "1.0.1" } @@ -7302,6 +7310,7 @@ "version": "3.0.4", "bundled": true, "dev": true, + "optional": true, "requires": { "brace-expansion": "1.1.11" } @@ -7309,12 +7318,14 @@ "minimist": { "version": "0.0.8", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "minipass": { "version": "2.2.4", "bundled": true, "dev": true, + "optional": true, "requires": { "safe-buffer": "5.1.1", "yallist": "3.0.2" @@ -7333,6 +7344,7 @@ "version": "0.5.1", "bundled": true, "dev": true, + "optional": true, "requires": { "minimist": "0.0.8" } @@ -7413,7 +7425,8 @@ "number-is-nan": { "version": "1.0.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "object-assign": { "version": "4.1.1", @@ -7425,6 +7438,7 @@ "version": "1.4.0", "bundled": true, "dev": true, + "optional": true, "requires": { "wrappy": "1.0.2" } @@ -7510,7 +7524,8 @@ "safe-buffer": { "version": "5.1.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "safer-buffer": { "version": "2.1.2", @@ -7546,6 +7561,7 @@ "version": "1.0.2", "bundled": true, "dev": true, + "optional": true, "requires": { "code-point-at": "1.1.0", "is-fullwidth-code-point": "1.0.0", @@ -7565,6 +7581,7 @@ "version": "3.0.1", "bundled": true, "dev": true, + "optional": true, "requires": { "ansi-regex": "2.1.1" } @@ -7608,12 +7625,14 @@ "wrappy": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "yallist": { "version": "3.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true } } }, @@ -10757,9 +10776,6 @@ "integrity": "sha512-zrycnIMsLw/3ZxTbW7HCez56rcFGecWTx5OZNplzcXUUmJLmoYArC6qdJzmAN5BWiNXGcpjhF9RQ1HSv5zebEw==", "dev": true }, - "list.fuzzysearch.js": { - "version": "github:javve/list.fuzzysearch.js#6ecb38285cd7fba08a4abe02bdb6685e382cec7a" - }, "list.js": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/list.js/-/list.js-1.3.0.tgz", @@ -12135,9 +12151,9 @@ "integrity": "sha1-G79asbqCevI1dRQ0kEJkVfSB/h4=" }, "moment": { - "version": "2.19.3", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.19.3.tgz", - "integrity": "sha1-vbmdJw1tf9p4zA+6zoVeJ/59pp8=" + "version": "2.29.2", + "resolved": "https://registry.npmjs.org/moment/-/moment-2.29.2.tgz", + "integrity": "sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg==" }, "ms": { "version": "2.1.1", diff --git a/package.json b/package.json index 9ec27aaee..c2b7ab606 100644 --- a/package.json +++ b/package.json @@ -85,7 +85,7 @@ "list.fuzzysearch.js": "github:javve/list.fuzzysearch.js#v0.1.0", "list.js": "1.3.0", "marked": "0.6.2", - "moment": "2.19.3", + "moment": "2.29.2", "q": "1.4.1", "snyk": "^1.174.0", "spin.js": "2.3.2",