From 1f5b339a85acc907000b46ce2b5a37571d6e06df Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 11 Apr 2023 23:48:55 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-XML2JS-5414874 --- package-lock.json | 38 +++++++++++++++++++++++++------------- package.json | 2 +- 2 files changed, 26 insertions(+), 14 deletions(-) diff --git a/package-lock.json b/package-lock.json index ed05bc9df95c..e636a7eabee9 100644 --- a/package-lock.json +++ b/package-lock.json @@ -74,7 +74,7 @@ "remark-parse-no-trim": "^8.0.4", "remark-rehype": "^10.1.0", "revalidator": "^0.3.1", - "rss-parser": "^3.12.0", + "rss-parser": "^3.13.0", "scroll-anchoring": "^0.1.0", "semver": "^7.3.7", "slash": "^5.0.0", @@ -17766,11 +17766,12 @@ } }, "node_modules/rss-parser": { - "version": "3.12.0", - "license": "MIT", + "version": "3.13.0", + "resolved": "https://registry.npmjs.org/rss-parser/-/rss-parser-3.13.0.tgz", + "integrity": "sha512-7jWUBV5yGN3rqMMj7CZufl/291QAhvrrGpDNE4k/02ZchL0npisiYYqULF71jCEKoIiHvK/Q2e6IkDwPziT7+w==", "dependencies": { "entities": "^2.0.3", - "xml2js": "^0.4.19" + "xml2js": "^0.5.0" } }, "node_modules/run-parallel": { @@ -17850,7 +17851,8 @@ }, "node_modules/sax": { "version": "1.2.4", - "license": "ISC" + "resolved": "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz", + "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "node_modules/scheduler": { "version": "0.20.2", @@ -20221,8 +20223,9 @@ } }, "node_modules/xml2js": { - "version": "0.4.23", - "license": "MIT", + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.5.0.tgz", + "integrity": "sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA==", "dependencies": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" @@ -20233,7 +20236,8 @@ }, "node_modules/xmlbuilder": { "version": "11.0.1", - "license": "MIT", + "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", + "integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA==", "engines": { "node": ">=4.0" } @@ -32681,10 +32685,12 @@ "dev": true }, "rss-parser": { - "version": "3.12.0", + "version": "3.13.0", + "resolved": "https://registry.npmjs.org/rss-parser/-/rss-parser-3.13.0.tgz", + "integrity": "sha512-7jWUBV5yGN3rqMMj7CZufl/291QAhvrrGpDNE4k/02ZchL0npisiYYqULF71jCEKoIiHvK/Q2e6IkDwPziT7+w==", "requires": { "entities": "^2.0.3", - "xml2js": "^0.4.19" + "xml2js": "^0.5.0" } }, "run-parallel": { @@ -32736,7 +32742,9 @@ } }, "sax": { - "version": "1.2.4" + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz", + "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "scheduler": { "version": "0.20.2", @@ -34353,14 +34361,18 @@ "dev": true }, "xml2js": { - "version": "0.4.23", + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.5.0.tgz", + "integrity": "sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA==", "requires": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" } }, "xmlbuilder": { - "version": "11.0.1" + "version": "11.0.1", + "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", + "integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA==" }, "xtend": { "version": "4.0.2" diff --git a/package.json b/package.json index d2453d83f71f..b018e1ef914e 100644 --- a/package.json +++ b/package.json @@ -76,7 +76,7 @@ "remark-parse-no-trim": "^8.0.4", "remark-rehype": "^10.1.0", "revalidator": "^0.3.1", - "rss-parser": "^3.12.0", + "rss-parser": "^3.13.0", "scroll-anchoring": "^0.1.0", "semver": "^7.3.7", "slash": "^5.0.0",