From 7cf6799c0e7768c3427af62e13e0c9d96f9065ff Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 19 Jan 2022 16:04:52 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MARKED-2342073 - https://snyk.io/vuln/SNYK-JS-MARKED-2342082 --- package-lock.json | 16 +++++++++++++--- package.json | 2 +- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 31a6a3c6..9b85a26a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12000,9 +12000,9 @@ } }, "marked": { - "version": "0.6.2", - "resolved": "https://registry.npmjs.org/marked/-/marked-0.6.2.tgz", - "integrity": "sha512-LqxwVH3P/rqKX4EKGz7+c2G9r98WeM/SW34ybhgNGhUQNKtf1GmmSkJ6cDGJ/t6tiyae49qRkpyTw2B9HOrgUA==" + "version": "4.0.10", + "resolved": "https://registry.npmjs.org/marked/-/marked-4.0.10.tgz", + "integrity": "sha512-+QvuFj0nGgO970fySghXGmuw+Fd0gD2x3+MqCWLIPf5oxdv1Ka6b2q+z9RP01P/IaKPMEramy+7cNy/Lw8c3hw==" }, "math-expression-evaluator": { "version": "1.2.17", @@ -17124,6 +17124,16 @@ "pac-resolver": "^3.0.0", "raw-body": "^2.2.0", "socks-proxy-agent": "^4.0.1" + }, + "dependencies": { + "https-proxy-agent-snyk-fork": { + "version": "git://github.com/snyk/node-https-proxy-agent.git#5e86ccb682d0c833c8daa25ee6f91c670161cd66", + "from": "git://github.com/snyk/node-https-proxy-agent.git#fix/https-agent-vuln", + "requires": { + "agent-base": "^4.3.0", + "debug": "^3.1.0" + } + } } }, "pac-resolver": { diff --git a/package.json b/package.json index f658acff..280c4dab 100644 --- a/package.json +++ b/package.json @@ -77,7 +77,7 @@ "jsonwebtoken": "^8.3.0", "knockout": "3.5.0-rc", "knockout.validation": "2.0.3", - "marked": "0.6.2", + "marked": "4.0.10", "moment": "2.19.3", "node-uuid": "^1.4.7", "q": "1.4.1",