From 4b65ac44283d5917d1ed3057a3b15ade66121c6e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 20 Oct 2024 04:41:59 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DOMPURIFY-8184974 --- package-lock.json | 10 +++++----- package.json | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 8e147b4..07fff95 100644 --- a/package-lock.json +++ b/package-lock.json @@ -322,9 +322,9 @@ } }, "dompurify": { - "version": "2.0.17", - "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.0.17.tgz", - "integrity": "sha512-nNwwJfW55r8akD8MSFz6k75bzyT2y6JEa1O3JrZFBf+Y5R9JXXU4OsRl0B9hKoPgHTw2b7ER5yJ5Md97MMUJPg==" + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.5.0.tgz", + "integrity": "sha512-5RXhAXSCrKTqt9pSbobT9PVRX+oPpENplTZqCiK1l0ya+ZOzwo9kqsGLbYRsAhzIiLCwKEy99XKSSrqnRTLVcw==" }, "ecc-jsbn": { "version": "0.1.2", @@ -909,8 +909,8 @@ } }, "readability": { - "version": "git+https://github.com/mozilla/readability.git#60f470c4bb618a7987d5701b1228ec5ff49f2773", - "from": "git+https://github.com/mozilla/readability.git#60f470c4" + "version": "git+ssh://git@github.com/mozilla/readability.git#60f470c4bb618a7987d5701b1228ec5ff49f2773", + "from": "readability@https://github.com/mozilla/readability#52ab9b5" }, "readable-stream": { "version": "3.6.0", diff --git a/package.json b/package.json index f558975..1e6ed8e 100644 --- a/package.json +++ b/package.json @@ -10,7 +10,7 @@ "axios": "^0.21.1", "readability": "https://github.com/mozilla/readability#52ab9b5", "body-parser": "^1.19.0", - "dompurify": "^2.0.17", + "dompurify": "^2.5.0", "jsdom": "^15.1.1", "log-timestamp": "^0.3.0", "winston": "^3.2.1"