From 399d91351f4d6361451243db3b36c0bc056dbd49 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 19 Oct 2022 15:15:10 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818 --- package-lock.json | 39 +++++++++------------------------------ package.json | 2 +- 2 files changed, 10 insertions(+), 31 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0800ba0..399356d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,7 +16,7 @@ "metalsmith": "^2.1.0", "metalsmith-assets": "^0.1.0", "metalsmith-collections": "^0.9.0", - "metalsmith-copy": "^0.2.1", + "metalsmith-copy": "^0.4.0", "metalsmith-discover-partials": "^0.1.0", "metalsmith-in-place": "^1.4.4", "metalsmith-layouts": "1.5.4", @@ -786,13 +786,13 @@ } }, "node_modules/metalsmith-copy": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/metalsmith-copy/-/metalsmith-copy-0.2.1.tgz", - "integrity": "sha1-FzOtxlYICZNNKJvKXNTZ+qs1bgI=", + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/metalsmith-copy/-/metalsmith-copy-0.4.0.tgz", + "integrity": "sha512-UwhXEiUGNw0gv77GTWTSwh5AbMSqR5CNETuxVJR0RyBkvh+jA53BodDEFEGSK/nCuISF8XzUMMXTpuEBHenL1g==", "dependencies": { "debug": "^0.8.1", "lodash": "^2.4.1", - "minimatch": "^0.2.14" + "minimatch": "^3.0.2" } }, "node_modules/metalsmith-copy/node_modules/lodash": { @@ -804,18 +804,6 @@ "rhino" ] }, - "node_modules/metalsmith-copy/node_modules/minimatch": { - "version": "0.2.14", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-0.2.14.tgz", - "integrity": "sha1-x054BXT2PG+aCQ6Q775u9TpqdWo=", - "dependencies": { - "lru-cache": "2", - "sigmund": "~1.0.0" - }, - "engines": { - "node": "*" - } - }, "node_modules/metalsmith-discover-partials": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/metalsmith-discover-partials/-/metalsmith-discover-partials-0.1.0.tgz", @@ -1896,28 +1884,19 @@ } }, "metalsmith-copy": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/metalsmith-copy/-/metalsmith-copy-0.2.1.tgz", - "integrity": "sha1-FzOtxlYICZNNKJvKXNTZ+qs1bgI=", + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/metalsmith-copy/-/metalsmith-copy-0.4.0.tgz", + "integrity": "sha512-UwhXEiUGNw0gv77GTWTSwh5AbMSqR5CNETuxVJR0RyBkvh+jA53BodDEFEGSK/nCuISF8XzUMMXTpuEBHenL1g==", "requires": { "debug": "^0.8.1", "lodash": "^2.4.1", - "minimatch": "^0.2.14" + "minimatch": "^3.0.2" }, "dependencies": { "lodash": { "version": "2.4.2", "resolved": "https://registry.npmjs.org/lodash/-/lodash-2.4.2.tgz", "integrity": "sha1-+t2DS5aDBz2hebPq5tnA0VBT9z4=" - }, - "minimatch": { - "version": "0.2.14", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-0.2.14.tgz", - "integrity": "sha1-x054BXT2PG+aCQ6Q775u9TpqdWo=", - "requires": { - "lru-cache": "2", - "sigmund": "~1.0.0" - } } } }, diff --git a/package.json b/package.json index e77ac10..4640776 100644 --- a/package.json +++ b/package.json @@ -23,7 +23,7 @@ "metalsmith": "^2.1.0", "metalsmith-assets": "^0.1.0", "metalsmith-collections": "^0.9.0", - "metalsmith-copy": "^0.2.1", + "metalsmith-copy": "^0.4.0", "metalsmith-discover-partials": "^0.1.0", "metalsmith-in-place": "^1.4.4", "metalsmith-layouts": "1.5.4",