Skip to content

Commit

Permalink
fix: package.json & yarn.lock to reduce vulnerabilities (#1910)
Browse files Browse the repository at this point in the history 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-590103
  • Loading branch information
@snyk-bot
snyk-bot committed Aug 20, 2020
1 parent f82a32a commit cb5a8a7
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 2 deletions.
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@
"js-yaml": "3.14.0",
"jsonwebtoken": "8.5.1",
"kleur": "4.0.2",
"lodash": "4.17.19",
"lodash": "4.17.20",
"lunr-mutable-indexes": "2.3.2",
"marked": "1.1.1",
"mime": "2.4.6",
Expand Down
7 changes: 6 additions & 1 deletion yarn.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2247,7 +2247,7 @@
babel-plugin-dynamic-import-node "2.3.3"
babel-plugin-emotion "10.0.33"

"@verdaccio/commons-api@9.7.1", "@verdaccio/commons-api@^9.3.2", "@verdaccio/commons-api@^9.4.0", "@verdaccio/commons-api@^9.7.1":
"@verdaccio/commons-api@9.7.1", "@verdaccio/commons-api@^9.3.2", "@verdaccio/commons-api@^9.7.1":
version "9.7.1"
resolved "https://registry.npmjs.org/@verdaccio/commons-api/-/commons-api-9.7.1.tgz#816f08eb6cb0dbe345f2546428c837be6804796d"
integrity sha512-s2uD3s325C0UsQ9uQTmf15dXFsGVo23IM6pSUTukCRuurCok89e/k1Adz2CaoXpEu1qpxQ6Sv0dcNpGl7Q7hwQ==
Expand Down Expand Up @@ -6816,6 +6816,11 @@ lodash@4.17.19, lodash@^4.11.2, lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.1
resolved "https://registry.verdaccio.org/lodash/-/lodash-4.17.19.tgz#e48ddedbe30b3321783c5b4301fbd353bc1e4a4b"
integrity sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==

lodash@4.17.20:
version "4.17.20"
resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.20.tgz#b44a9b6297bcb698f1c51a3545a2b3b368d59c52"
integrity sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==

log-symbols@^1.0.2:
version "1.0.2"
resolved "https://registry.verdaccio.org/log-symbols/-/log-symbols-1.0.2.tgz#376ff7b58ea3086a0f09facc74617eca501e1a18"
Expand Down

0 comments on commit cb5a8a7

Please sign in to comment.