From 4429703f829417c069c4b19830d82449352a7eac Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 5 Apr 2022 16:50:49 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MOMENT-2440688 --- package-lock.json | 19 ++++++++++++------- package.json | 2 +- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index bb9cb75..2e1841b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1599,7 +1599,8 @@ "ansi-regex": { "version": "2.1.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "aproba": { "version": "1.2.0", @@ -2014,7 +2015,8 @@ "safe-buffer": { "version": "5.1.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "safer-buffer": { "version": "2.1.2", @@ -2070,6 +2072,7 @@ "version": "3.0.1", "bundled": true, "dev": true, + "optional": true, "requires": { "ansi-regex": "^2.0.0" } @@ -2113,12 +2116,14 @@ "wrappy": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "yallist": { "version": "3.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true } } }, @@ -3170,9 +3175,9 @@ } }, "moment": { - "version": "2.22.2", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.22.2.tgz", - "integrity": "sha1-PCV/mDn8DpP/UxSWMiOeuQeD/2Y=" + "version": "2.29.2", + "resolved": "https://registry.npmjs.org/moment/-/moment-2.29.2.tgz", + "integrity": "sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg==" }, "moment-duration-format": { "version": "2.2.2", diff --git a/package.json b/package.json index b74467f..153a63f 100644 --- a/package.json +++ b/package.json @@ -21,7 +21,7 @@ "express-session": "^1.15.6", "helmet": "^3.15.0", "marked": "^0.5.2", - "moment": "^2.22.2", + "moment": "^2.29.2", "moment-duration-format": "^2.2.2", "mongodb": "^3.1.10", "mongoose": "^5.3.14",