From 6ae74fdbe6b70074dc6ffaddc0310a1ee3463675 Mon Sep 17 00:00:00 2001
From: James Ward <james@notjam.es>
Date: Mon, 28 Mar 2022 13:33:51 -0400
Subject: [PATCH] chore: require at least cli-progress@3.10.0

the older versions of cli-progress pulled in potentially insecure versions
of the colors package ; the 3.10.0 and later versions no longer utilize
the colors package
---
 package.json |  2 +-
 yarn.lock    | 14 ++++----------
 2 files changed, 5 insertions(+), 11 deletions(-)

diff --git a/package.json b/package.json
index f90201e..c0f639d 100644
--- a/package.json
+++ b/package.json
@@ -79,7 +79,7 @@
     "chai": "^4.2.0",
     "chalk": "^4.1.0",
     "class-transformer": "^0.3.1",
-    "cli-progress": "^3.0.0",
+    "cli-progress": "^3.10.0",
     "commander": "^6.2.1",
     "ejs": "^3.1.5",
     "@faker-js/faker": "^6.0.0",
diff --git a/yarn.lock b/yarn.lock
index 0164136..6cf1564 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1152,12 +1152,11 @@ cli-highlight@^2.1.4:
     parse5-htmlparser2-tree-adapter "^6.0.0"
     yargs "^15.0.0"
 
-cli-progress@^3.0.0:
-  version "3.8.2"
-  resolved "https://registry.yarnpkg.com/cli-progress/-/cli-progress-3.8.2.tgz#abaf1fc6d6401351f16f068117a410554a0eb8c7"
-  integrity sha512-qRwBxLldMSfxB+YGFgNRaj5vyyHe1yMpVeDL79c+7puGujdKJHQHydgqXDcrkvQgJ5U/d3lpf6vffSoVVUftVQ==
+cli-progress@^3.10.0:
+  version "3.10.0"
+  resolved "https://registry.yarnpkg.com/cli-progress/-/cli-progress-3.10.0.tgz#63fd9d6343c598c93542fdfa3563a8b59887d78a"
+  integrity sha512-kLORQrhYCAtUPLZxqsAt2YJGOvRdt34+O6jl5cQGb7iF3dM55FQZlTR+rQyIK9JUcO9bBMwZsTlND+3dmFU2Cw==
   dependencies:
-    colors "^1.1.2"
     string-width "^4.2.0"
 
 cli-truncate@^2.1.0:
@@ -1246,11 +1245,6 @@ color-name@~1.1.4:
   resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.4.tgz#c2a09a87acbde69543de6f63fa3995c826c536a2"
   integrity sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==
 
-colors@^1.1.2:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/colors/-/colors-1.4.0.tgz#c50491479d4c1bdaed2c9ced32cf7c7dc2360f78"
-  integrity sha512-a+UqTh4kgZg/SlGvfbzDHpgRu7AAQOmmqRHJnxhRZICKFUT91brVhNNt58CMWU9PsBbv3PDCZUHbVxuDiH2mtA==
-
 combined-stream@^1.0.6, combined-stream@~1.0.6:
   version "1.0.8"
   resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.8.tgz#c3d45a8b34fd730631a110a8a2520682b31d5a7f"