From 6b5cb401734c9cde8a55ad2debc8ff044b6ab76d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 5 Apr 2022 17:22:00 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MOMENT-2440688 --- package.json | 2 +- yarn.lock | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/package.json b/package.json index 86c8f64..8e28fae 100644 --- a/package.json +++ b/package.json @@ -26,7 +26,7 @@ "dependencies": { "buffer": "5.0.7", "crypto-js": "3.1.9-1", - "moment": "^2.18.1", + "moment": "^2.29.2", "query-string": "5.0.0", "url-parse": "1.1.9" }, diff --git a/yarn.lock b/yarn.lock index bbd9358..b41996d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1548,9 +1548,10 @@ mocha@^5.2.0: mkdirp "0.5.1" supports-color "5.4.0" -moment@^2.18.1: - version "2.24.0" - resolved "https://registry.yarnpkg.com/moment/-/moment-2.24.0.tgz#0d055d53f5052aa653c9f6eb68bb5d12bf5c2b5b" +moment@^2.29.2: + version "2.29.2" + resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.2.tgz#00910c60b20843bcba52d37d58c628b47b1f20e4" + integrity sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg== ms@2.0.0: version "2.0.0"