From 2d28416d3bf3515be61ffee033e67bfd2ac4a68d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 28 Jul 2020 07:37:46 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MARKED-584281 --- package-lock.json | 11 ++++++++--- package.json | 2 +- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index a08feeec..a428d71c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2485,9 +2485,9 @@ } }, "marked": { - "version": "0.6.2", - "resolved": "https://registry.npmjs.org/marked/-/marked-0.6.2.tgz", - "integrity": "sha512-LqxwVH3P/rqKX4EKGz7+c2G9r98WeM/SW34ybhgNGhUQNKtf1GmmSkJ6cDGJ/t6tiyae49qRkpyTw2B9HOrgUA==" + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/marked/-/marked-1.1.1.tgz", + "integrity": "sha512-mJzT8D2yPxoPh7h0UXkB+dBj4FykPJ2OIfxAWeIHrvoHDkFxukV/29QxoFQoPM6RLEwhIFdJpmKBlqVM3s2ZIw==" }, "matchdep": { "version": "2.0.0", @@ -2598,6 +2598,11 @@ "ms": "^2.1.1" } }, + "marked": { + "version": "0.6.3", + "resolved": "https://registry.npmjs.org/marked/-/marked-0.6.3.tgz", + "integrity": "sha512-Fqa7eq+UaxfMriqzYLayfqAE40WN03jf+zHjT18/uXNuzjq3TY0XTbrAoPeqSJrAmPz11VuUA+kBPYOhHt9oOQ==" + }, "ms": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz", diff --git a/package.json b/package.json index 31679650..4d649a5e 100644 --- a/package.json +++ b/package.json @@ -10,7 +10,7 @@ "gulp-connect": "^5.7.0", "harmonize": "^2.0.0", "lodash": "^4.17.11", - "marked": "^0.6.2", + "marked": "^1.1.1", "metalsmith": "^2.3.0", "metalsmith-beautify": "^0.2.0", "metalsmith-headings": "^0.2.0",