From 6310fde0bf7a9b7c5b61d97f4bc130d4cee26ae4 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 9 Jan 2023 17:03:33 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DEBUG-3227433 --- package.json | 2 +- yarn.lock | 37 ++++++++----------------------------- 2 files changed, 9 insertions(+), 30 deletions(-) diff --git a/package.json b/package.json index 6744dfa0..7bc76a18 100644 --- a/package.json +++ b/package.json @@ -42,7 +42,7 @@ "devtron": "^1.4.0", "electron-devtools-installer": "^2.2.4", "electron-json-storage": "^4.1.4", - "electron-redux": "^1.3.1", + "electron-redux": "^1.4.0", "fs-extra": "^7.0.1", "got": "^9.6.0", "history": "^4.7.2", diff --git a/yarn.lock b/yarn.lock index 35684ce9..b5391be9 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3570,13 +3570,13 @@ electron-publish@20.36.0: lazy-val "^1.0.3" mime "^2.3.1" -electron-redux@^1.3.1: - version "1.3.1" - resolved "https://registry.yarnpkg.com/electron-redux/-/electron-redux-1.3.1.tgz" +electron-redux@^1.4.0: + version "1.5.4" + resolved "https://registry.yarnpkg.com/electron-redux/-/electron-redux-1.5.4.tgz#27eb3df052880f73a2393ff1aad6dff529091b62" + integrity sha512-7fM7OLVR34prk/ZlIv3yRbB4XCZPPQJ9ZfYLPmWPvKIONe2qm1e0on+cMLGgwzREapQrzCmc1VAxs8WNbWgncg== dependencies: - debug "^2.3.3" - flux-standard-action "^1.0.0" - redux "^3.4.0" + debug "^4.1.1" + redux "^4.0.1" electron-to-chromium@^1.2.7, electron-to-chromium@^1.3.82: version "1.3.84" @@ -4177,12 +4177,6 @@ flush-write-stream@^1.0.0: inherits "^2.0.1" readable-stream "^2.0.4" -flux-standard-action@^1.0.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/flux-standard-action/-/flux-standard-action-1.2.0.tgz" - dependencies: - lodash "^4.0.0" - follow-redirects@^1.0.0: version "1.9.0" resolved "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.9.0.tgz" @@ -5954,11 +5948,6 @@ lockfile@^1.0.4: dependencies: signal-exit "^3.0.2" -lodash-es@^4.2.1: - version "4.17.15" - resolved "https://registry.yarnpkg.com/lodash-es/-/lodash-es-4.17.15.tgz#21bd96839354412f23d7a10340e5eac6ee455d78" - integrity sha512-rlrc3yU3+JNOpZ9zj5pQtxnx2THmvRykwL4Xlxoa8I9lHBlVbbyPhgyPMioxVZ4NqyxaVVtaJnzsyOidQIhyyQ== - lodash.debounce@^4.0.8: version "4.0.8" resolved "https://registry.yarnpkg.com/lodash.debounce/-/lodash.debounce-4.0.8.tgz" @@ -5983,7 +5972,7 @@ lodash.uniq@^4.5.0: version "4.5.0" resolved "https://registry.yarnpkg.com/lodash.uniq/-/lodash.uniq-4.5.0.tgz" -lodash@^4.0.0, lodash@^4.0.1, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.3, lodash@^4.17.5, lodash@^4.2.0, lodash@^4.2.1, lodash@^4.3.0, lodash@^4.8.0, lodash@~4.17.10: +lodash@^4.0.1, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.3, lodash@^4.17.5, lodash@^4.2.0, lodash@^4.3.0, lodash@^4.8.0, lodash@~4.17.10: version "4.17.15" resolved "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz" integrity sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A== @@ -7886,16 +7875,6 @@ redux-saga@^0.16.2: resolved "https://registry.yarnpkg.com/redux-saga/-/redux-saga-0.16.2.tgz" integrity sha512-iIjKnRThI5sKPEASpUvySemjzwqwI13e3qP7oLub+FycCRDysLSAOwt958niZW6LhxfmS6Qm1BzbU70w/Koc4w== -redux@^3.4.0: - version "3.7.2" - resolved "https://registry.yarnpkg.com/redux/-/redux-3.7.2.tgz" - integrity sha512-pNqnf9q1hI5HHZRBkj3bAngGZW/JMCmexDlOxw4XagXY2o1327nHH54LoTjiPJ0gizoqPDRqWyX/00g0hD6w+A== - dependencies: - lodash "^4.2.1" - lodash-es "^4.2.1" - loose-envify "^1.1.0" - symbol-observable "^1.0.3" - redux@^4.0.0, redux@^4.0.1: version "4.0.1" resolved "https://registry.yarnpkg.com/redux/-/redux-4.0.1.tgz" @@ -8936,7 +8915,7 @@ svgo@^1.0.5: unquote "~1.1.1" util.promisify "~1.0.0" -symbol-observable@^1.0.3, symbol-observable@^1.2.0: +symbol-observable@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/symbol-observable/-/symbol-observable-1.2.0.tgz" integrity sha512-e900nM8RRtGhlV36KGEU9k65K3mPb1WV70OdjfxlG2EAuM1noi/E/BaW/uMhL7bPEssK8QV57vN3esixjUvcXQ==