From c54bf6d2f3040b1a9fec6e873ff904143abc74d6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 30 Sep 2022 19:54:39 +0000 Subject: [PATCH] fix: upgrade randomstring from 1.1.5 to 1.2.2 Snyk has created this PR to upgrade randomstring from 1.1.5 to 1.2.2. See this package in npm: https://www.npmjs.com/package/randomstring See this project in Snyk: https://app.snyk.io/org/gwdp/project/59b7fb7f-b065-405e-a237-015b79749e47?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 16 ++++++++++++---- package.json | 2 +- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index a44a151..9606dc6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9669,11 +9669,19 @@ } }, "randomstring": { - "version": "1.1.5", - "resolved": "https://registry.npmjs.org/randomstring/-/randomstring-1.1.5.tgz", - "integrity": "sha1-bfBij3XL1ZMpMNn+OrTpVqGFGMM=", + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/randomstring/-/randomstring-1.2.2.tgz", + "integrity": "sha512-9FByiB8guWZLbE+akdQiWE3I1I6w7Vn5El4o4y7o5bWQ6DWPcEOp+aLG7Jezc8BVRKKpgJd2ppRX0jnKu1YCfg==", "requires": { - "array-uniq": "1.0.2" + "array-uniq": "1.0.2", + "randombytes": "2.0.3" + }, + "dependencies": { + "randombytes": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/randombytes/-/randombytes-2.0.3.tgz", + "integrity": "sha512-lDVjxQQFoCG1jcrP06LNo2lbWp4QTShEXnhActFBwYuHprllQV6VUpwreApsYqCgD+N1mHoqJ/BI/4eV4R2GYg==" + } } }, "rc": { diff --git a/package.json b/package.json index 987b7c2..7714c89 100644 --- a/package.json +++ b/package.json @@ -11,7 +11,7 @@ "node-fetch": "^2.6.0", "node-jose": "^1.1.4", "query-string-manipulator": "^1.2.2", - "randomstring": "^1.1.5", + "randomstring": "^1.2.2", "serverless": "^1.78.1", "sha1": "^1.1.1", "source-map-support": "^0.5.19",