From 463bb0856795d06282e2e60f8d0b44be21563005 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 29 Mar 2021 13:06:02 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355
---
 package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index dcd9edfceb..c114763bed 100644
--- a/package.json
+++ b/package.json
@@ -146,7 +146,7 @@
     "pull-stream": "^3.6.1",
     "pull-stream-to-stream": "^1.3.4",
     "pull-zip": "^2.0.1",
-    "read-pkg-up": "^2.0.0",
+    "read-pkg-up": "^8.0.0",
     "readable-stream": "2.3.3",
     "safe-buffer": "^5.1.1",
     "stream-to-pull-stream": "^1.7.2",
@@ -154,7 +154,7 @@
     "temp": "~0.8.3",
     "through2": "^2.0.3",
     "update-notifier": "^2.2.0",
-    "yargs": "8.0.2"
+    "yargs": "10.0.0"
   },
   "optionalDependencies": {
     "prom-client": "^10.1.0",