From e65a4ab398a9694840affe51c4efc1c8727a64bd Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 13 Feb 2020 04:54:10 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-CRYPTOJS-548472 --- package-lock.json | 18 ++++++++++++++---- package.json | 2 +- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 8aaba29..8039f19 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,6 +13,14 @@ "crypto-js": "3.1.9-1", "nan": "2.8.0", "node-gyp": "3.6.2" + }, + "dependencies": { + "crypto-js": { + "version": "3.1.9-1", + "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-3.1.9-1.tgz", + "integrity": "sha1-/aGedh/Ad+Af+/3G6f38WeiAbNg=", + "dev": true + } } }, "@types/chai": { @@ -492,9 +500,9 @@ } }, "crypto-js": { - "version": "3.1.9-1", - "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-3.1.9-1.tgz", - "integrity": "sha1-/aGedh/Ad+Af+/3G6f38WeiAbNg=" + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-3.2.1.tgz", + "integrity": "sha512-fIEXOyiXnmPbPk2+q8t97VYDSo8naqvI+2v0AJeLraQzhuL/GZ2qgcRpEadVQ7r8pXwBOHVjwOdyAXYYb3DWiQ==" }, "dashdash": { "version": "1.14.1", @@ -1226,6 +1234,7 @@ "version": "0.1.4", "bundled": true, "dev": true, + "optional": true, "requires": { "kind-of": "3.2.2", "longest": "1.0.1", @@ -2018,7 +2027,8 @@ "longest": { "version": "1.0.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "loose-envify": { "version": "1.3.1", diff --git a/package.json b/package.json index 5220aac..95e4668 100644 --- a/package.json +++ b/package.json @@ -56,6 +56,6 @@ "typescript": "2.4.2" }, "dependencies": { - "crypto-js": "3.1.9-1" + "crypto-js": "3.2.1" } }