From 86f99235d1e6401596b178ea1967e9479d3615eb Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 3 Nov 2024 05:36:51 +0000 Subject: [PATCH] fix: dashboard/package.json & dashboard/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DOMPURIFY-8318045 --- dashboard/package.json | 2 +- dashboard/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/dashboard/package.json b/dashboard/package.json index 2b05ac817..4a5b3afd1 100644 --- a/dashboard/package.json +++ b/dashboard/package.json @@ -14,7 +14,7 @@ "axios": "^0.21.3", "codemirror": "^5.63.0", "date-fns": "^2.22.1", - "dompurify": "^2.2.9", + "dompurify": "^2.4.2", "es6-promise": "^4.2.8", "formik": "^2.2.8", "grommet": "^2.17.2", diff --git a/dashboard/yarn.lock b/dashboard/yarn.lock index 1d330810f..b5484a582 100644 --- a/dashboard/yarn.lock +++ b/dashboard/yarn.lock @@ -5226,10 +5226,10 @@ domhandler@^2.3.0: dependencies: domelementtype "1" -dompurify@^2.2.9: - version "2.2.9" - resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.2.9.tgz#4b42e244238032d9286a0d2c87b51313581d9624" - integrity sha512-+9MqacuigMIZ+1+EwoEltogyWGFTJZWU3258Rupxs+2CGs4H914G9er6pZbsme/bvb5L67o2rade9n21e4RW/w== +dompurify@^2.4.2: + version "2.5.7" + resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.5.7.tgz#6e0d36b9177db5a99f18ade1f28579db5ab839d7" + integrity sha512-2q4bEI+coQM8f5ez7kt2xclg1XsecaV9ASJk/54vwlfRRNQfDqJz2pzQ8t0Ix/ToBpXlVjrRIx7pFC/o8itG2Q== domutils@1.5.1: version "1.5.1"