From 4f1e399c3296f5b8821110c22c0400752f807467 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 26 Oct 2023 06:30:38 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-CRYPTOJS-6028119 --- package-lock.json | 14 +++++++------- package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 8b5641c9e1..d31a59d4e6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -29,7 +29,7 @@ "codepage": "^1.15.0", "crypto-api": "^0.8.5", "crypto-browserify": "^3.12.0", - "crypto-js": "^4.1.1", + "crypto-js": "^4.2.0", "ctph.js": "0.0.5", "d3": "7.4.4", "d3-hexbin": "^0.2.2", @@ -4933,9 +4933,9 @@ } }, "node_modules/crypto-js": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-4.1.1.tgz", - "integrity": "sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==" + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-4.2.0.tgz", + "integrity": "sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q==" }, "node_modules/css-loader": { "version": "6.7.1", @@ -18030,9 +18030,9 @@ } }, "crypto-js": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-4.1.1.tgz", - "integrity": "sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==" + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-4.2.0.tgz", + "integrity": "sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q==" }, "css-loader": { "version": "6.7.1", diff --git a/package.json b/package.json index fe93fe52b1..898c53621c 100644 --- a/package.json +++ b/package.json @@ -105,7 +105,7 @@ "codepage": "^1.15.0", "crypto-api": "^0.8.5", "crypto-browserify": "^3.12.0", - "crypto-js": "^4.1.1", + "crypto-js": "^4.2.0", "ctph.js": "0.0.5", "d3": "7.4.4", "d3-hexbin": "^0.2.2",