From 01b1c3a7891bfb227e38d07abf06a653b4e6df8e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 6 Apr 2022 04:01:41 +0000 Subject: [PATCH] fix: gistbrowser/package.json & gistbrowser/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MOMENT-2440688 --- gistbrowser/package.json | 2 +- gistbrowser/yarn.lock | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/gistbrowser/package.json b/gistbrowser/package.json index d5c309e..f19fc43 100644 --- a/gistbrowser/package.json +++ b/gistbrowser/package.json @@ -4,7 +4,7 @@ "private": true, "dependencies": { "bootstrap": "4.0.0-beta.2", - "moment": "^2.20.1", + "moment": "^2.29.2", "react": "^16.2.0", "react-dom": "^16.2.0", "react-highlight": "^0.10.0", diff --git a/gistbrowser/yarn.lock b/gistbrowser/yarn.lock index 8dbd5e6..9662cdf 100644 --- a/gistbrowser/yarn.lock +++ b/gistbrowser/yarn.lock @@ -4227,9 +4227,10 @@ mkdirp@0.5.1, mkdirp@0.5.x, "mkdirp@>=0.5 0", mkdirp@^0.5.0, mkdirp@^0.5.1, mkdi dependencies: minimist "0.0.8" -moment@^2.20.1: - version "2.20.1" - resolved "https://registry.yarnpkg.com/moment/-/moment-2.20.1.tgz#d6eb1a46cbcc14a2b2f9434112c1ff8907f313fd" +moment@^2.29.2: + version "2.29.2" + resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.2.tgz#00910c60b20843bcba52d37d58c628b47b1f20e4" + integrity sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg== ms@2.0.0: version "2.0.0"