From 30861b114f60d1573dbd4c5d8b670a422d0bbe97 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 8 Jul 2022 08:23:11 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MOMENT-2944238 --- package-lock.json | 19 ++++++++++++------- package.json | 2 +- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index bb9cb75..a358939 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1599,7 +1599,8 @@ "ansi-regex": { "version": "2.1.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "aproba": { "version": "1.2.0", @@ -2014,7 +2015,8 @@ "safe-buffer": { "version": "5.1.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "safer-buffer": { "version": "2.1.2", @@ -2070,6 +2072,7 @@ "version": "3.0.1", "bundled": true, "dev": true, + "optional": true, "requires": { "ansi-regex": "^2.0.0" } @@ -2113,12 +2116,14 @@ "wrappy": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "yallist": { "version": "3.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true } } }, @@ -3170,9 +3175,9 @@ } }, "moment": { - "version": "2.22.2", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.22.2.tgz", - "integrity": "sha1-PCV/mDn8DpP/UxSWMiOeuQeD/2Y=" + "version": "2.29.4", + "resolved": "https://registry.npmjs.org/moment/-/moment-2.29.4.tgz", + "integrity": "sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w==" }, "moment-duration-format": { "version": "2.2.2", diff --git a/package.json b/package.json index b74467f..b25caf7 100644 --- a/package.json +++ b/package.json @@ -21,7 +21,7 @@ "express-session": "^1.15.6", "helmet": "^3.15.0", "marked": "^0.5.2", - "moment": "^2.22.2", + "moment": "^2.29.4", "moment-duration-format": "^2.2.2", "mongodb": "^3.1.10", "mongoose": "^5.3.14",