From fe4a85c037ca90bf15806d51af31e82826716983 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 20 Feb 2023 00:30:22 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-3325616 --- package-lock.json | 36 ++++++++++++++++++++++++++++-------- package.json | 2 +- 2 files changed, 29 insertions(+), 9 deletions(-) diff --git a/package-lock.json b/package-lock.json index baaf135..7e69417 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15,7 +15,7 @@ "download": "^8.0.0", "execa": "^4.1.0", "extract-zip": "^2.0.1", - "fast-xml-parser": "^3.17.6", + "fast-xml-parser": "^4.1.2", "git-diff-parser": "^1.0.0", "glob": "^7.1.6", "html-entities": "^2.3.3", @@ -5086,11 +5086,18 @@ "dev": true }, "node_modules/fast-xml-parser": { - "version": "3.17.6", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.17.6.tgz", - "integrity": "sha512-40WHI/5d2MOzf1sD2bSaTXlPn1lueJLAX6j1xH5dSAr6tNeut8B9ktEL6sjAK9yVON4uNj9//axOdBJUuruCzw==", + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.1.2.tgz", + "integrity": "sha512-CDYeykkle1LiA/uqQyNwYpFbyF6Axec6YapmpUP+/RHWIoR1zKjocdvNaTsxCxZzQ6v9MLXaSYm9Qq0thv0DHg==", + "dependencies": { + "strnum": "^1.0.5" + }, "bin": { - "xml2js": "cli.js" + "fxparser": "src/cli/cli.js" + }, + "funding": { + "type": "paypal", + "url": "https://paypal.me/naturalintelligence" } }, "node_modules/fastq": { @@ -10109,6 +10116,11 @@ "node": ">=0.10.0" } }, + "node_modules/strnum": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz", + "integrity": "sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA==" + }, "node_modules/supports-color": { "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", @@ -15511,9 +15523,12 @@ "dev": true }, "fast-xml-parser": { - "version": "3.17.6", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.17.6.tgz", - "integrity": "sha512-40WHI/5d2MOzf1sD2bSaTXlPn1lueJLAX6j1xH5dSAr6tNeut8B9ktEL6sjAK9yVON4uNj9//axOdBJUuruCzw==" + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.1.2.tgz", + "integrity": "sha512-CDYeykkle1LiA/uqQyNwYpFbyF6Axec6YapmpUP+/RHWIoR1zKjocdvNaTsxCxZzQ6v9MLXaSYm9Qq0thv0DHg==", + "requires": { + "strnum": "^1.0.5" + } }, "fastq": { "version": "1.9.0", @@ -19551,6 +19566,11 @@ "escape-string-regexp": "^1.0.2" } }, + "strnum": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz", + "integrity": "sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA==" + }, "supports-color": { "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", diff --git a/package.json b/package.json index 8e22880..2e133d0 100644 --- a/package.json +++ b/package.json @@ -81,7 +81,7 @@ "download": "^8.0.0", "execa": "^4.1.0", "extract-zip": "^2.0.1", - "fast-xml-parser": "^3.17.6", + "fast-xml-parser": "^4.1.2", "git-diff-parser": "^1.0.0", "glob": "^7.1.6", "html-entities": "^2.3.3",