Skip to content

Commit

Permalink
fix #190: update momentjs version
Browse files Browse the repository at this point in the history 
the current version seems to be prone to a regular expression denial of service attack:
https://nvd.nist.gov/vuln/detail/CVE-2017-18214
  • Loading branch information
@urish
urish committed Apr 11, 2018
1 parent 3ff85a8 commit b56a6fa
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@
"@angular/core": ">=2.0.0 <6.0.0"
},
"dependencies": {
"moment": "^2.16.0"
"moment": "^2.19.3"
},
"devDependencies": {
"@angular/common": "2.4.10",
Expand Down
6 changes: 3 additions & 3 deletions yarn.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1794,9 +1794,9 @@ minimist@~0.0.1:
dependencies:
minimist "0.0.8"

moment@^2.16.0:
version "2.20.1"
resolved "https://registry.yarnpkg.com/moment/-/moment-2.20.1.tgz#d6eb1a46cbcc14a2b2f9434112c1ff8907f313fd"
moment@^2.19.3:
version "2.22.0"
resolved "https://registry.yarnpkg.com/moment/-/moment-2.22.0.tgz#7921ade01017dd45186e7fee5f424f0b8663a730"

[email protected]:
version "2.0.0"
Expand Down

0 comments on commit b56a6fa

Please sign in to comment.