From 12e88127f2b2557d7ce4c133d97c2dbe650b2056 Mon Sep 17 00:00:00 2001 From: Ryan Block Date: Wed, 7 Sep 2022 21:47:11 -0700 Subject: [PATCH] Patch the apparently unpatchable: fix `got` CVE-2022-33987 exposure --- package.json | 2 +- src/cli/cli.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index e8e486d0..fe5fa6d9 100644 --- a/package.json +++ b/package.json @@ -50,7 +50,7 @@ "send": "~0.18.0", "server-destroy": "~1.0.1", "tree-kill": "~1.2.2", - "update-notifier": "5.1.0", + "update-notifier-cjs": "~5.1.3", "ws": "~8.8.1" }, "devDependencies": { diff --git a/src/cli/cli.js b/src/cli/cli.js index 88a2ab61..c0cbe0ba 100755 --- a/src/cli/cli.js +++ b/src/cli/cli.js @@ -1,7 +1,7 @@ #!/usr/bin/env node let cli = require('./index.js') let pkg = require('../../package.json') -let update = require('update-notifier') +let update = require('update-notifier-cjs') let ver = pkg.version /**