From 083d6d2781751c57c4ad3e796c9c38b34cc3bea0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 21 Feb 2022 13:12:21 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118 --- package-lock.json | 30 +++++++++++++++++++++++++++--- package.json | 2 +- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 57d84a4..93ec1b5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5201,9 +5201,33 @@ "dev": true }, "node-fetch": { - "version": "2.4.0", - "resolved": "https://repo.forge.lmig.com/api/npm/npm/node-fetch/-/node-fetch-2.4.0.tgz", - "integrity": "sha1-ElrisMKnXLOy7RQb9z4QbP4fDKg=" + "version": "2.6.7", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz", + "integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==", + "requires": { + "whatwg-url": "^5.0.0" + }, + "dependencies": { + "tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o=" + }, + "webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE=" + }, + "whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha1-lmRU6HZUYuN2RNNib2dCzotwll0=", + "requires": { + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" + } + } + } }, "node-int64": { "version": "0.4.0", diff --git a/package.json b/package.json index 59c1fb2..4486da5 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,7 @@ "graphql-yoga": "^1.17.4", "jsonwebtoken": "^8.5.1", "lodash": "^4.17.11", - "node-fetch": "^2.4.0" + "node-fetch": "^2.6.7" }, "devDependencies": { "casual": "^1.6.0",