From 464d86609ecddf266ea79d9e1b83de2195f89d41 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Fri, 27 Jan 2023 02:42:43 +0000 Subject: [PATCH] [Manual Backport 1.x][CVE-2022-46175] Update json5 to 1.0.2 and 2.2.3 (#3335) Bumps json5 version from 1.0.1 and 2.2.1 to 1.0.2 and 2.2.3 Backport PR: https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3201 Issue Resolved: https://github.com/opensearch-project/OpenSearch-Dashboards/issues/3148 Signed-off-by: Anan Zhuang Signed-off-by: Anan Zhuang (cherry picked from commit 0cc894af777b632c5534e59748bed6c7153c8b3b) Signed-off-by: github-actions[bot] --- yarn.lock | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/yarn.lock b/yarn.lock index b2de36de5d3d..769cf79fc589 100644 --- a/yarn.lock +++ b/yarn.lock @@ -13485,18 +13485,16 @@ json3@^3.3.3: integrity sha512-c7/8mbUsKigAbLkD5B010BK4D9LZm7A1pNItkEwiUZRpIN66exu/e7YQWysGun+TRKaJp8MhemM+VkfWv42aCA== json5@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/json5/-/json5-1.0.1.tgz#779fb0018604fa854eacbf6252180d83543e3dbe" - integrity sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow== + version "1.0.2" + resolved "https://registry.yarnpkg.com/json5/-/json5-1.0.2.tgz#63d98d60f21b313b77c4d6da18bfa69d80e1d593" + integrity sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA== dependencies: minimist "^1.2.0" json5@^2.1.2: - version "2.1.3" - resolved "https://registry.yarnpkg.com/json5/-/json5-2.1.3.tgz#c9b0f7fa9233bfe5807fe66fcf3a5617ed597d43" - integrity sha512-KXPvOm8K9IJKFM0bmdn8QXh7udDh1g/giieX0NLCaMnb4hEiVFqnop2ImTXCc5e0/oHz3LTqmHGtExn5hfMkOA== - dependencies: - minimist "^1.2.5" + version "2.2.3" + resolved "https://registry.yarnpkg.com/json5/-/json5-2.2.3.tgz#78cd6f1a19bdc12b73db5ad0c61efd66c1e29283" + integrity sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg== jsonfile@^3.0.0: version "3.0.1"