From e7eb83ddac1056a3f0501f2602a5a1be3480d542 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 1 Mar 2023 17:52:14 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-3325616 --- package-lock.json | 37 ++++++++++++++++++------------------- package.json | 4 ++-- 2 files changed, 20 insertions(+), 21 deletions(-) diff --git a/package-lock.json b/package-lock.json index 6d9e7bd5..3fd7871b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,7 +13,6 @@ "express-http-to-https": "^1.1.4", "express-static-gzip": "^1.1.3", "gzipper": "^2.10.4", - "is-svg": ">=4.3.0", "nth-check": ">=2.0.1" }, "devDependencies": { @@ -37,7 +36,7 @@ "glob-parent": "^5.1.2", "golden-layout": "^1.5.9", "html5sortable": "^0.9.18", - "is-svg": ">=4.3.0", + "is-svg": "^4.4.0", "jquery": "^3.5.1", "jszip": "^3.7.0", "leaflet": "^1.7.1", @@ -3424,15 +3423,15 @@ "dev": true }, "node_modules/fast-xml-parser": { - "version": "3.21.1", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.21.1.tgz", - "integrity": "sha512-FTFVjYoBOZTJekiUsawGsSYV9QL0A+zDYCRj7y34IO6Jg+2IMYEtQa+bbictpdpV8dHxXywqU7C0gRDEOFtBFg==", + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.1.3.tgz", + "integrity": "sha512-LsNDahCiCcJPe8NO7HijcnukHB24tKbfDDA5IILx9dmW3Frb52lhbeX6MPNUSvyGNfav2VTYpJ/OqkRoVLrh2Q==", "dev": true, "dependencies": { - "strnum": "^1.0.4" + "strnum": "^1.0.5" }, "bin": { - "xml2js": "cli.js" + "fxparser": "src/cli/cli.js" }, "funding": { "type": "paypal", @@ -5050,12 +5049,12 @@ "dev": true }, "node_modules/is-svg": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/is-svg/-/is-svg-4.3.2.tgz", - "integrity": "sha512-mM90duy00JGMyjqIVHu9gNTjywdZV+8qNasX8cm/EEYZ53PHDgajvbBwNVvty5dwSAxLUD3p3bdo+7sR/UMrpw==", + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/is-svg/-/is-svg-4.4.0.tgz", + "integrity": "sha512-v+AgVwiK5DsGtT9ng+m4mClp6zDAmwrW8nZi6Gg15qzvBnRWWdfWA1TGaXyCDnWq5g5asofIgMVl3PjKxvk1ug==", "dev": true, "dependencies": { - "fast-xml-parser": "^3.19.0" + "fast-xml-parser": "^4.1.3" }, "engines": { "node": ">=6" @@ -12626,12 +12625,12 @@ "dev": true }, "fast-xml-parser": { - "version": "3.21.1", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.21.1.tgz", - "integrity": "sha512-FTFVjYoBOZTJekiUsawGsSYV9QL0A+zDYCRj7y34IO6Jg+2IMYEtQa+bbictpdpV8dHxXywqU7C0gRDEOFtBFg==", + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.1.3.tgz", + "integrity": "sha512-LsNDahCiCcJPe8NO7HijcnukHB24tKbfDDA5IILx9dmW3Frb52lhbeX6MPNUSvyGNfav2VTYpJ/OqkRoVLrh2Q==", "dev": true, "requires": { - "strnum": "^1.0.4" + "strnum": "^1.0.5" } }, "fastq": { @@ -14116,12 +14115,12 @@ "dev": true }, "is-svg": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/is-svg/-/is-svg-4.3.2.tgz", - "integrity": "sha512-mM90duy00JGMyjqIVHu9gNTjywdZV+8qNasX8cm/EEYZ53PHDgajvbBwNVvty5dwSAxLUD3p3bdo+7sR/UMrpw==", + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/is-svg/-/is-svg-4.4.0.tgz", + "integrity": "sha512-v+AgVwiK5DsGtT9ng+m4mClp6zDAmwrW8nZi6Gg15qzvBnRWWdfWA1TGaXyCDnWq5g5asofIgMVl3PjKxvk1ug==", "dev": true, "requires": { - "fast-xml-parser": "^3.19.0" + "fast-xml-parser": "^4.1.3" } }, "is-svg-path": { diff --git a/package.json b/package.json index 18205407..03af49bc 100644 --- a/package.json +++ b/package.json @@ -50,7 +50,7 @@ "express-http-to-https": "^1.1.4", "express-static-gzip": "^1.1.3", "gzipper": "^2.10.4", - "is-svg": ">=4.3.0", + "is-svg": ">=4.4.0", "nth-check": ">=2.0.1" }, "devDependencies": { @@ -74,7 +74,7 @@ "glob-parent": "^5.1.2", "golden-layout": "^1.5.9", "html5sortable": "^0.9.18", - "is-svg": ">=4.3.0", + "is-svg": ">=4.4.0", "jquery": "^3.5.1", "jszip": "^3.7.0", "leaflet": "^1.7.1",