From ab26228066b090b17c579f64be391f49fa906d9b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 19 Jan 2022 11:39:06 +0000 Subject: [PATCH] fix: server/package.json & server/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118 --- server/package-lock.json | 28 +++------------------------- server/package.json | 2 +- 2 files changed, 4 insertions(+), 26 deletions(-) diff --git a/server/package-lock.json b/server/package-lock.json index 0d88c87..45a694d 100644 --- a/server/package-lock.json +++ b/server/package-lock.json @@ -4,33 +4,16 @@ "lockfileVersion": 1, "requires": true, "dependencies": { - "cross-fetch": { - "version": "2.2.2", - "resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-2.2.2.tgz", - "integrity": "sha1-pH/09/xxLauo9qaVoRyUhEDUVyM=", - "requires": { - "node-fetch": "2.1.2", - "whatwg-fetch": "2.0.4" - } - }, "graphql-request": { - "version": "1.8.2", - "resolved": "https://registry.npmjs.org/graphql-request/-/graphql-request-1.8.2.tgz", - "integrity": "sha512-dDX2M+VMsxXFCmUX0Vo0TopIZIX4ggzOtiCsThgtrKR4niiaagsGTDIHj3fsOMFETpa064vzovI+4YV4QnMbcg==", - "requires": { - "cross-fetch": "2.2.2" - } + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/graphql-request/-/graphql-request-2.0.0.tgz", + "integrity": "sha512-Ww3Ax+G3l2d+mPT8w7HC9LfrKjutnCKtnDq7ZZp2ghVk5IQDjwAk3/arRF1ix17Ky15rm0hrSKVKxRhIVlSuoQ==" }, "inherits": { "version": "2.0.3", "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz", "integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=" }, - "node-fetch": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.1.2.tgz", - "integrity": "sha1-q4hOjn5X44qUR1POxwb3iNF2i7U=" - }, "path": { "version": "0.12.7", "resolved": "https://registry.npmjs.org/path/-/path-0.12.7.tgz", @@ -52,11 +35,6 @@ "requires": { "inherits": "2.0.3" } - }, - "whatwg-fetch": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/whatwg-fetch/-/whatwg-fetch-2.0.4.tgz", - "integrity": "sha512-dcQ1GWpOD/eEQ97k66aiEVpNnapVj90/+R+SXTPYGHpYBBypfKJEQjLrvMZ7YXbKm21gXd4NcuxUTjiv1YtLng==" } } } diff --git a/server/package.json b/server/package.json index 8672009..e7bba87 100644 --- a/server/package.json +++ b/server/package.json @@ -3,7 +3,7 @@ "version": "1.0.0", "description": "8base Custom Logic", "dependencies": { - "graphql-request": "^1.6.0", + "graphql-request": "^2.0.0", "path": "^0.12.7" } }