From 5e8d69c6211f0d6026893c1ab2b02e95c37dad0f Mon Sep 17 00:00:00 2001
From: Tommy Markley <markleyt@amazon.com>
Date: Fri, 25 Jun 2021 20:45:18 +0000
Subject: [PATCH] Upgrade merge from 1.2.1 to 2.1.1

Addresses https://github.com/advisories/GHSA-7wpw-2hjm-89gp

Bumps [merge](https://github.com/yeikos/js.merge) from 1.2.1 to 2.1.1
- [Release notes](https://github.com/yeikos/js.merge/releases)
- [Commits](https://github.com/yeikos/js.merge/compare/v1.2.1...v2.1.1)

Merge 1.2.1 is a downstream dependency of `sass-lint` which is an
unmaintained repo without any newer versions. I've opened [#551](https://github.com/opensearch-project/OpenSearch-Dashboards/issues/551)
to address this as a longer-term solution.

Signed-off-by: Tommy Markley <markleyt@amazon.com>
---
 package.json | 1 +
 yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/package.json b/package.json
index 13fb73c9a9e8..606b37f6339b 100644
--- a/package.json
+++ b/package.json
@@ -85,6 +85,7 @@
     "**/istanbul-instrumenter-loader/schema-utils": "^1.0.0",
     "**/load-grunt-config/lodash": "^4.17.20",
     "**/locutus": "^2.0.14",
+    "**/merge": "^2.1.1",
     "**/minimist": "^1.2.5",
     "**/node-jose/node-forge": "^0.10.0",
     "**/prismjs": "^1.23.0",
diff --git a/yarn.lock b/yarn.lock
index 240739e37c10..9bde22eba8d3 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -16887,10 +16887,10 @@ merge2@^1.2.3, merge2@^1.3.0:
   resolved "https://registry.yarnpkg.com/merge2/-/merge2-1.4.1.tgz#4368892f885e907455a6fd7dc55c0c9d404990ae"
   integrity sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==
 
-merge@^1.2.0:
-  version "1.2.1"
-  resolved "https://registry.yarnpkg.com/merge/-/merge-1.2.1.tgz#38bebf80c3220a8a487b6fcfb3941bb11720c145"
-  integrity sha512-VjFo4P5Whtj4vsLzsYBu5ayHhoHJ0UqNm7ibvShmbmoz7tGi0vXaoJbGdB+GmDMLUdg8DpQXEIeVDAe8MaABvQ==
+merge@^1.2.0, merge@^2.1.1:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/merge/-/merge-2.1.1.tgz#59ef4bf7e0b3e879186436e8481c06a6c162ca98"
+  integrity sha512-jz+Cfrg9GWOZbQAnDQ4hlVnQky+341Yk5ru8bZSe6sIDTCIg8n9i/u7hSQGSVOF3C7lH6mGtqjkiT9G4wFLL0w==
 
 methods@^1.1.1, methods@~1.1.2:
   version "1.1.2"