Update packages causing vulnerability messages (#11415)

A customer was worried about security vulnerabilities that `pnpm audit` listed for `@babel/traverse`, `http-cache-semantics`, and `json5`. This updates those deps, removing those vulnerability messages.
vercel · Apr 17, 2024 · 10883f2 · 10883f2
1 parent af515c9
commit 10883f2
Show file tree

Hide file tree

Showing 5 changed files with 837 additions and 1,124 deletions.
diff --git a/.changeset/shiny-pugs-tickle.md b/.changeset/shiny-pugs-tickle.md
@@ -0,0 +1,4 @@
+---
+---
+
+bump deps causing vulnerability messages
diff --git a/api/package.json b/api/package.json
@@ -7,7 +7,7 @@
   "scripts": {},
   "dependencies": {
     "@sentry/node": "5.11.1",
-    "got": "10.2.1",
+    "got": "11.8.5",
     "node-fetch": "2.6.7",
     "parse-github-url": "1.0.2",
     "tar-fs": "2.0.0",

diff --git a/package.json b/package.json
@@ -25,7 +25,7 @@
     "glob": "10.2.3",
     "husky": "7.0.4",
     "jest": "29.5.0",
-    "json5": "2.1.1",
+    "json5": "2.2.3",
     "lint-staged": "9.2.5",
     "node-fetch": "2.6.7",
     "npm-package-arg": "6.1.0",

diff --git a/packages/node/package.json b/packages/node/package.json
@@ -42,8 +42,8 @@
     "undici": "5.26.5"
   },
   "devDependencies": {
-    "@babel/core": "7.5.0",
-    "@babel/plugin-transform-modules-commonjs": "7.5.0",
+    "@babel/core": "7.24.4",
+    "@babel/plugin-transform-modules-commonjs": "7.24.1",
     "@tootallnate/once": "1.1.2",
     "@types/aws-lambda": "8.10.19",
     "@types/content-type": "1.1.5",