From 0e9a357c6d58bd17869df82df57b3bc2851e932b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 25 Oct 2023 16:23:28 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-CRYPTOJS-6028119 --- package-lock.json | 23 +++++++++-------------- package.json | 2 +- 2 files changed, 10 insertions(+), 15 deletions(-) diff --git a/package-lock.json b/package-lock.json index 86ea19bd7..4d859bf47 100644 --- a/package-lock.json +++ b/package-lock.json @@ -31,7 +31,7 @@ "cookie-parser": "^1.4.5", "core-js": "^3.6.5", "create-react-class": "^15.6.0", - "crypto-js": "4.0.0", + "crypto-js": "^4.2.0", "css-loader": "^2.1.1", "css.escape": "^1.5.1", "csurf": "^1.11.0", @@ -1739,7 +1739,6 @@ "jest-resolve": "^25.5.1", "jest-util": "^25.5.0", "jest-worker": "^25.5.0", - "node-notifier": "^6.0.0", "slash": "^3.0.0", "source-map": "^0.6.0", "string-length": "^3.1.0", @@ -4830,9 +4829,9 @@ } }, "node_modules/crypto-js": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-4.0.0.tgz", - "integrity": "sha512-bzHZN8Pn+gS7DQA6n+iUmBfl0hO5DJq++QP3U6uTucDtk/0iGpXd/Gg7CGR0p8tJhofJyaKoWBuJI4eAO00BBg==" + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-4.2.0.tgz", + "integrity": "sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q==" }, "node_modules/csrf": { "version": "3.1.0", @@ -5768,8 +5767,7 @@ "esprima": "^4.0.1", "estraverse": "^4.2.0", "esutils": "^2.0.2", - "optionator": "^0.8.1", - "source-map": "~0.6.1" + "optionator": "^0.8.1" }, "bin": { "escodegen": "bin/escodegen.js", @@ -9762,7 +9760,6 @@ "@types/graceful-fs": "^4.1.2", "anymatch": "^3.0.3", "fb-watchman": "^2.0.0", - "fsevents": "^2.1.2", "graceful-fs": "^4.2.4", "jest-serializer": "^25.5.0", "jest-util": "^25.5.0", @@ -16815,10 +16812,8 @@ "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-1.7.5.tgz", "integrity": "sha512-9P3MWk6SrKjHsGkLT2KHXdQ/9SNkyoJbabxnKOoJepsvJjJG8uYTR3yTPxPQvNDI3w4Nz1xnE0TLHK4RIVe/MQ==", "dependencies": { - "chokidar": "^3.4.1", "graceful-fs": "^4.1.2", - "neo-async": "^2.5.0", - "watchpack-chokidar2": "^2.0.1" + "neo-async": "^2.5.0" }, "optionalDependencies": { "chokidar": "^3.4.1", @@ -21659,9 +21654,9 @@ } }, "crypto-js": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-4.0.0.tgz", - "integrity": "sha512-bzHZN8Pn+gS7DQA6n+iUmBfl0hO5DJq++QP3U6uTucDtk/0iGpXd/Gg7CGR0p8tJhofJyaKoWBuJI4eAO00BBg==" + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-4.2.0.tgz", + "integrity": "sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q==" }, "csrf": { "version": "3.1.0", diff --git a/package.json b/package.json index 2c2d17023..95c516957 100644 --- a/package.json +++ b/package.json @@ -63,7 +63,7 @@ "cookie-parser": "^1.4.5", "core-js": "^3.6.5", "create-react-class": "^15.6.0", - "crypto-js": "4.0.0", + "crypto-js": "4.2.0", "css-loader": "^2.1.1", "css.escape": "^1.5.1", "csurf": "^1.11.0",