From 21591183d8083ce54caea6fcb17c251c5dd4467e Mon Sep 17 00:00:00 2001
From: Pooya Jaferian <pooya.j@gmail.com>
Date: Tue, 24 Nov 2020 16:42:17 -0800
Subject: [PATCH 1/2] pin trim version

---
 package.json | 3 ++-
 yarn.lock    | 7 ++++---
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/package.json b/package.json
index 39c1759b..1087f28f 100644
--- a/package.json
+++ b/package.json
@@ -136,6 +136,7 @@
     "browserify": "16.5.2",
     "lodash": "4.17.20",
     "node-fetch": "2.6.1",
-    "elliptic": "^6.5.3"
+    "elliptic": "^6.5.3",
+    "trim": "^1.0.0"
   }
 }
diff --git a/yarn.lock b/yarn.lock
index 4af0c63f..b67f83e9 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -9475,9 +9475,10 @@ trim-newlines@^3.0.0:
   resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-3.0.0.tgz#79726304a6a898aa8373427298d54c2ee8b1cb30"
   integrity sha512-C4+gOpvmxaSMKuEf9Qc134F1ZuOHVXKRbtEflf4NTtuuJDEIJ9p5PXsalL8SkeRw+qit1Mo+yuvMPAKwWg/1hA==
 
-trim@0.0.1:
-  version "0.0.1"
-  resolved "https://registry.yarnpkg.com/trim/-/trim-0.0.1.tgz#5858547f6b290757ee95cccc666fb50084c460dd"
+trim@0.0.1, trim@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/trim/-/trim-1.0.0.tgz#fd1f30b878bdd2d8435fa0f2cc9cbb55f518be7d"
+  integrity sha512-UgtES1lYpE+f4WiGY5lyJlHchuGhTa/xMPH96g/B7gc+pEQPiL41s6ECm7Ky3hkhARG/u1SHGFcleJodAvQOKQ==
 
 ts-node@^8.10.2:
   version "8.10.2"

From 1710d97f5be3410c1beffa7a8d74867faf57a66a Mon Sep 17 00:00:00 2001
From: Pooya Jaferian <pooya.j@gmail.com>
Date: Tue, 24 Nov 2020 17:35:16 -0800
Subject: [PATCH 2/2] update History.md

---
 HISTORY.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/HISTORY.md b/HISTORY.md
index 8b853a07..5b4983d4 100644
--- a/HISTORY.md
+++ b/HISTORY.md
@@ -1,3 +1,7 @@
+# 4.1.6 / 2020-11-24
+
+- Update `trim` package to address ReDoS vulnerability
+
 # 4.1.5 / 2020-09-20
 
 - Remove `@segment/canonical` in favor of `document.querySelector`