From ae7438f97f28b7e43566b660a6f23f946fd32c3e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 27 Apr 2021 02:03:56 +0000 Subject: [PATCH] fix: packages/gatsby/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640 - https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1255647 --- packages/gatsby/package.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/gatsby/package.json b/packages/gatsby/package.json index 5a739fcef98e5..c4100ae719d83 100644 --- a/packages/gatsby/package.json +++ b/packages/gatsby/package.json @@ -33,7 +33,7 @@ "convert-hrtime": "^2.0.0", "copyfiles": "^1.2.0", "core-js": "^2.5.0", - "css-loader": "^0.26.1", + "css-loader": "^5.0.0", "debug": "^2.6.0", "del": "^3.0.0", "detect-port": "^1.2.1", @@ -83,9 +83,9 @@ "path-exists": "^3.0.0", "postcss-browser-reporter": "^0.5.0", "postcss-cssnext": "^2.8.0", - "postcss-import": "^8.2.0", - "postcss-loader": "^0.13.0", - "postcss-reporter": "^1.4.1", + "postcss-import": "^13.0.0", + "postcss-loader": "^4.0.0", + "postcss-reporter": "^4.0.0", "raw-loader": "^0.5.1", "react": "^15.6.0", "react-dev-utils": "^4.2.1", @@ -102,7 +102,7 @@ "sift": "^3.2.6", "signal-exit": "^3.0.2", "slash": "^1.0.0", - "socket.io": "^2.0.3", + "socket.io": "^3.0.0", "static-site-generator-webpack-plugin": "^3.4.1", "string-similarity": "^1.2.0", "style-loader": "^0.13.0",