From e66093f44d9f43d3fddc7719041766f8967d86c2 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 5 Jan 2023 01:57:35 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSZIP-3188562 --- package.json | 2 +- yarn.lock | 15 +++++---------- 2 files changed, 6 insertions(+), 11 deletions(-) diff --git a/package.json b/package.json index 1212703dc9d..e995f94bb12 100644 --- a/package.json +++ b/package.json @@ -84,7 +84,7 @@ "jest-diff": "^25.0.0", "jest-extended": "^0.11.2", "jest-localstorage-mock": "^2.3.0", - "jszip": "^3.7.1", + "jszip": "^3.8.0", "klaw-sync": "^3.0.0", "legal-eagle": "0.16.0", "mini-css-extract-plugin": "^2.5.3", diff --git a/yarn.lock b/yarn.lock index 8ee974004b1..b827fd83f9c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6533,15 +6533,15 @@ jsx-ast-utils@^3.3.2: array-includes "^3.1.5" object.assign "^4.1.3" -jszip@^3.7.1: - version "3.7.1" - resolved "https://registry.yarnpkg.com/jszip/-/jszip-3.7.1.tgz#bd63401221c15625a1228c556ca8a68da6fda3d9" - integrity sha512-ghL0tz1XG9ZEmRMcEN2vt7xabrDdqHHeykgARpmZ0BiIctWxM47Vt63ZO2dnp4QYt/xJVLLy5Zv1l/xRdh2byg== +jszip@^3.8.0: + version "3.10.1" + resolved "https://registry.yarnpkg.com/jszip/-/jszip-3.10.1.tgz#34aee70eb18ea1faec2f589208a157d1feb091c2" + integrity sha512-xXDvecyTpGLrqFrvkrUSoxxfJI5AH7U8zxxtVclpsUtMCq4JQ290LY8AW5c7Ggnr/Y/oK+bQMbqK2qmtk3pN4g== dependencies: lie "~3.3.0" pako "~1.0.2" readable-stream "~2.3.6" - set-immediate-shim "~1.0.1" + setimmediate "^1.0.5" junk@^3.1.0: version "3.1.0" @@ -8741,11 +8741,6 @@ set-getter@^0.1.0: dependencies: to-object-path "^0.3.0" -set-immediate-shim@~1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/set-immediate-shim/-/set-immediate-shim-1.0.1.tgz#4b2b1b27eb808a9f8dcc481a58e5e56f599f3f61" - integrity sha1-SysbJ+uAip+NzEgaWOXlb1mfP2E= - set-value@^0.4.3: version "0.4.3" resolved "https://registry.yarnpkg.com/set-value/-/set-value-0.4.3.tgz#7db08f9d3d22dc7f78e53af3c3bf4666ecdfccf1"