From 9d944e5e29b6d6d5fab128161a9b206ca849d3aa Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 19 Feb 2023 19:38:46 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-3325616 --- package-lock.json | 14 +++++++++++--- package.json | 2 +- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index e9d3b7c..dd84a16 100644 --- a/package-lock.json +++ b/package-lock.json @@ -6442,9 +6442,12 @@ "integrity": "sha512-Utm6CdzT+6xsDk2m8S6uL8VHxNwI6Jub+e9NYTcAms28T84pTa25GJQV9j0CY0N1rM8hK4x6grpF2BQf+2qwVA==" }, "fast-xml-parser": { - "version": "3.17.4", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.17.4.tgz", - "integrity": "sha512-qudnQuyYBgnvzf5Lj/yxMcf4L9NcVWihXJg7CiU1L+oUCq8MUnFEfH2/nXR/W5uq+yvUN1h7z6s7vs2v1WkL1A==" + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.1.2.tgz", + "integrity": "sha512-CDYeykkle1LiA/uqQyNwYpFbyF6Axec6YapmpUP+/RHWIoR1zKjocdvNaTsxCxZzQ6v9MLXaSYm9Qq0thv0DHg==", + "requires": { + "strnum": "^1.0.5" + } }, "fastest-levenshtein": { "version": "1.0.12", @@ -12220,6 +12223,11 @@ "escape-string-regexp": "^1.0.2" } }, + "strnum": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz", + "integrity": "sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA==" + }, "superagent": { "version": "3.8.3", "resolved": "https://registry.npmjs.org/superagent/-/superagent-3.8.3.tgz", diff --git a/package.json b/package.json index 95c7eae..34a9aec 100644 --- a/package.json +++ b/package.json @@ -46,7 +46,7 @@ "webpack-node-externals": "^2.5.2" }, "dependencies": { - "fast-xml-parser": "^3.16.0", + "fast-xml-parser": "^4.1.2", "lambda-log": "^2.3.1" } }