From 99cca975738f3e6c53abb2b2783dc4985daaeaf3 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 8 Apr 2019 10:02:54 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-JSYAML-174129
- https://snyk.io/vuln/SNYK-JS-TAR-174125
---
 package.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package.json b/package.json
index cd28a75de7824..9b59ad1801438 100644
--- a/package.json
+++ b/package.json
@@ -110,7 +110,7 @@
     "check-hash": "1.0.1",
     "color": "1.0.3",
     "commander": "2.8.1",
-    "css-loader": "0.28.7",
+    "css-loader": "1.0.0",
     "d3": "3.5.6",
     "d3-cloud": "1.2.1",
     "dragula": "3.7.0",
@@ -138,7 +138,7 @@
     "jade-loader": "0.8.0",
     "joi": "10.4.1",
     "jquery": "2.2.4",
-    "js-yaml": "3.4.1",
+    "js-yaml": "3.13.1",
     "json-stringify-safe": "5.0.1",
     "jstimezonedetect": "1.0.5",
     "leaflet": "1.0.3",
@@ -199,7 +199,7 @@
     "semver": "5.1.0",
     "style-loader": "0.19.0",
     "tabbable": "1.1.0",
-    "tar": "2.2.0",
+    "tar": "4.4.2",
     "tinygradient": "0.3.0",
     "trunc-html": "1.0.2",
     "trunc-text": "1.0.2",