From f437a13ed6c87884e2f78fa6dff17c86709a760c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 6 Sep 2024 09:10:01 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-7573289 --- package-lock.json | 36 +++++++++++++++++++----------------- package.json | 4 ++-- 2 files changed, 21 insertions(+), 19 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3b6ea79f..a7d4c790 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,7 +13,6 @@ "express-http-to-https": "^1.1.4", "express-static-gzip": "^1.1.3", "gzipper": "^2.10.4", - "is-svg": ">=5.0.0", "nth-check": ">=2.0.1" }, "devDependencies": { @@ -37,7 +36,7 @@ "glob-parent": "^5.1.2", "golden-layout": "^1.5.9", "html5sortable": "^0.9.18", - "is-svg": ">=5.0.0", + "is-svg": "^5.1.0", "jquery": "^3.5.1", "jszip": "^3.7.0", "leaflet": "^1.7.1", @@ -3230,9 +3229,9 @@ "dev": true }, "node_modules/fast-xml-parser": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.3.2.tgz", - "integrity": "sha512-rmrXUXwbJedoXkStenj1kkljNF7ugn5ZjR9FJcwmCfcCbtOMDghPajbc+Tck6vE6F5XsDmx+Pr2le9fw8+pXBg==", + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.5.0.tgz", + "integrity": "sha512-/PlTQCI96+fZMAOLMZK4CWG1ItCbfZ/0jx7UIJFChPNrx7tcEgerUgWbeieCM9MfHInUDyK8DWYZ+YrywDJuTg==", "dev": true, "funding": [ { @@ -3244,6 +3243,7 @@ "url": "https://paypal.me/naturalintelligence" } ], + "license": "MIT", "dependencies": { "strnum": "^1.0.5" }, @@ -4366,12 +4366,13 @@ "dev": true }, "node_modules/is-svg": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/is-svg/-/is-svg-5.0.0.tgz", - "integrity": "sha512-sRl7J0oX9yUNamSdc8cwgzh9KBLnQXNzGmW0RVHwg/jEYjGNYHC6UvnYD8+hAeut9WwxRvhG9biK7g/wDGxcMw==", + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/is-svg/-/is-svg-5.1.0.tgz", + "integrity": "sha512-uVg5yifaTxHoefNf5Jcx+i9RZe2OBYd/UStp1umx+EERa4xGRa3LLGXjoEph43qUORC0qkafUgrXZ6zzK89yGA==", "dev": true, + "license": "MIT", "dependencies": { - "fast-xml-parser": "^4.1.3" + "fast-xml-parser": "^4.4.1" }, "engines": { "node": ">=14.16" @@ -7305,7 +7306,8 @@ "version": "1.0.5", "resolved": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz", "integrity": "sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA==", - "dev": true + "dev": true, + "license": "MIT" }, "node_modules/strongly-connected-components": { "version": "1.0.1", @@ -10920,9 +10922,9 @@ "dev": true }, "fast-xml-parser": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.3.2.tgz", - "integrity": "sha512-rmrXUXwbJedoXkStenj1kkljNF7ugn5ZjR9FJcwmCfcCbtOMDghPajbc+Tck6vE6F5XsDmx+Pr2le9fw8+pXBg==", + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.5.0.tgz", + "integrity": "sha512-/PlTQCI96+fZMAOLMZK4CWG1ItCbfZ/0jx7UIJFChPNrx7tcEgerUgWbeieCM9MfHInUDyK8DWYZ+YrywDJuTg==", "dev": true, "requires": { "strnum": "^1.0.5" @@ -11891,12 +11893,12 @@ "dev": true }, "is-svg": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/is-svg/-/is-svg-5.0.0.tgz", - "integrity": "sha512-sRl7J0oX9yUNamSdc8cwgzh9KBLnQXNzGmW0RVHwg/jEYjGNYHC6UvnYD8+hAeut9WwxRvhG9biK7g/wDGxcMw==", + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/is-svg/-/is-svg-5.1.0.tgz", + "integrity": "sha512-uVg5yifaTxHoefNf5Jcx+i9RZe2OBYd/UStp1umx+EERa4xGRa3LLGXjoEph43qUORC0qkafUgrXZ6zzK89yGA==", "dev": true, "requires": { - "fast-xml-parser": "^4.1.3" + "fast-xml-parser": "^4.4.1" } }, "is-svg-path": { diff --git a/package.json b/package.json index 3636e616..dbf62271 100644 --- a/package.json +++ b/package.json @@ -50,7 +50,7 @@ "express-http-to-https": "^1.1.4", "express-static-gzip": "^1.1.3", "gzipper": "^2.10.4", - "is-svg": ">=5.0.0", + "is-svg": ">=5.1.0", "nth-check": ">=2.0.1" }, "devDependencies": { @@ -74,7 +74,7 @@ "glob-parent": "^5.1.2", "golden-layout": "^1.5.9", "html5sortable": "^0.9.18", - "is-svg": ">=5.0.0", + "is-svg": ">=5.1.0", "jquery": "^3.5.1", "jszip": "^3.7.0", "leaflet": "^1.7.1",