From b07198c493fae0efb6eac14551c16a867775b7d7 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 17 Sep 2024 17:47:36 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DOMPURIFY-7984421 --- package-lock.json | 15 ++++++++------- package.json | 2 +- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index f92429f..c32ba65 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "dependencies": { "copy-text-to-clipboard": "^2.2.0", - "dompurify": "^2.1.1", + "dompurify": "^2.5.4", "fuse.js": "^6.5.3", "history": "^5.0.0", "marked": "^1.2.0", @@ -350,9 +350,10 @@ } }, "node_modules/dompurify": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.1.1.tgz", - "integrity": "sha512-NijiNVkS/OL8mdQL1hUbCD6uty/cgFpmNiuFxrmJ5YPH2cXrPKIewoixoji56rbZ6XBPmtM8GA8/sf9unlSuwg==" + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.5.4.tgz", + "integrity": "sha512-l5NNozANzaLPPe0XaAwvg3uZcHtDBnziX/HjsY1UcDj1MxTK8Dd0Kv096jyPK5HRzs/XM5IMj20dW8Fk+HnbUA==", + "license": "(MPL-2.0 OR Apache-2.0)" }, "node_modules/escape-string-regexp": { "version": "1.0.5", @@ -1410,9 +1411,9 @@ "integrity": "sha512-oSyFlqaTHCItVRGK5RmrmjB+CmaMOW7IaNA/kdxqhoa6d17j/5ce9O9eWXmV/KEdRwqpQA+Vqe8a8Bsybu4YnA==" }, "dompurify": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.1.1.tgz", - "integrity": "sha512-NijiNVkS/OL8mdQL1hUbCD6uty/cgFpmNiuFxrmJ5YPH2cXrPKIewoixoji56rbZ6XBPmtM8GA8/sf9unlSuwg==" + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.5.4.tgz", + "integrity": "sha512-l5NNozANzaLPPe0XaAwvg3uZcHtDBnziX/HjsY1UcDj1MxTK8Dd0Kv096jyPK5HRzs/XM5IMj20dW8Fk+HnbUA==" }, "escape-string-regexp": { "version": "1.0.5", diff --git a/package.json b/package.json index f55e7f3..b9f1c68 100644 --- a/package.json +++ b/package.json @@ -17,7 +17,7 @@ }, "dependencies": { "copy-text-to-clipboard": "^2.2.0", - "dompurify": "^2.4.9", + "dompurify": "^2.5.4", "fuse.js": "^6.5.3", "history": "^5.0.0", "marked": "^1.2.0",