From f4329b7c629e1f5eb0ddc2fa6f8004b28cb26194 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 7 Jun 2023 14:37:43 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-5668858 --- package-lock.json | 42 ++++++++++++++++++++++++++++++++++-------- package.json | 2 +- 2 files changed, 35 insertions(+), 9 deletions(-) diff --git a/package-lock.json b/package-lock.json index baaf135..7c6baec 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15,7 +15,7 @@ "download": "^8.0.0", "execa": "^4.1.0", "extract-zip": "^2.0.1", - "fast-xml-parser": "^3.17.6", + "fast-xml-parser": "^4.2.4", "git-diff-parser": "^1.0.0", "glob": "^7.1.6", "html-entities": "^2.3.3", @@ -5086,11 +5086,24 @@ "dev": true }, "node_modules/fast-xml-parser": { - "version": "3.17.6", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.17.6.tgz", - "integrity": "sha512-40WHI/5d2MOzf1sD2bSaTXlPn1lueJLAX6j1xH5dSAr6tNeut8B9ktEL6sjAK9yVON4uNj9//axOdBJUuruCzw==", + "version": "4.2.4", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.4.tgz", + "integrity": "sha512-fbfMDvgBNIdDJLdLOwacjFAPYt67tr31H9ZhWSm45CDAxvd0I6WTlSOUo7K2P/K5sA5JgMKG64PI3DMcaFdWpQ==", + "funding": [ + { + "type": "paypal", + "url": "https://paypal.me/naturalintelligence" + }, + { + "type": "github", + "url": "https://github.com/sponsors/NaturalIntelligence" + } + ], + "dependencies": { + "strnum": "^1.0.5" + }, "bin": { - "xml2js": "cli.js" + "fxparser": "src/cli/cli.js" } }, "node_modules/fastq": { @@ -10109,6 +10122,11 @@ "node": ">=0.10.0" } }, + "node_modules/strnum": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz", + "integrity": "sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA==" + }, "node_modules/supports-color": { "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", @@ -15511,9 +15529,12 @@ "dev": true }, "fast-xml-parser": { - "version": "3.17.6", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.17.6.tgz", - "integrity": "sha512-40WHI/5d2MOzf1sD2bSaTXlPn1lueJLAX6j1xH5dSAr6tNeut8B9ktEL6sjAK9yVON4uNj9//axOdBJUuruCzw==" + "version": "4.2.4", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.4.tgz", + "integrity": "sha512-fbfMDvgBNIdDJLdLOwacjFAPYt67tr31H9ZhWSm45CDAxvd0I6WTlSOUo7K2P/K5sA5JgMKG64PI3DMcaFdWpQ==", + "requires": { + "strnum": "^1.0.5" + } }, "fastq": { "version": "1.9.0", @@ -19551,6 +19572,11 @@ "escape-string-regexp": "^1.0.2" } }, + "strnum": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz", + "integrity": "sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA==" + }, "supports-color": { "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", diff --git a/package.json b/package.json index 8e22880..dd4561b 100644 --- a/package.json +++ b/package.json @@ -81,7 +81,7 @@ "download": "^8.0.0", "execa": "^4.1.0", "extract-zip": "^2.0.1", - "fast-xml-parser": "^3.17.6", + "fast-xml-parser": "^4.2.4", "git-diff-parser": "^1.0.0", "glob": "^7.1.6", "html-entities": "^2.3.3",