From dad648549e0a6fd02648f9c59bf3b30353e21ab9 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 29 Apr 2020 06:58:35 +0200 Subject: [PATCH 1/2] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-HANDLEBARS-567742 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 493b4498b96f7..e78a382d55c84 100644 --- a/package.json +++ b/package.json @@ -40,7 +40,7 @@ "autoprefixer": "^9.7.3", "cheerio": "^0.22.0", "fibers": "^4.0.2", - "handlebars": "^4.5.3", + "handlebars": "^4.6.0", "jstransformer-handlebars": "^1.1.0", "junk": "^3.1.0", "lodash.defaultsdeep": "^4.6.1", From 78932a58028d30871eab046c9dfc6f3b5f4d077d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 29 Apr 2020 06:58:36 +0200 Subject: [PATCH 2/2] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-HANDLEBARS-567742 --- package-lock.json | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index de900ebe5ca27..bebea7e9cf7bb 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2970,9 +2970,9 @@ } }, "handlebars": { - "version": "4.5.3", - "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.5.3.tgz", - "integrity": "sha512-3yPecJoJHK/4c6aZhSvxOyG4vJKDshV36VHp0iVCDVh7o9w2vwi3NSnL2MMPj3YdduqaBcu7cGbggJQM0br9xA==", + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.6.0.tgz", + "integrity": "sha512-i1ZUP7Qp2JdkMaFon2a+b0m5geE8Z4ZTLaGkgrObkEd+OkUKyRbRWw4KxuFCoHfdETSY1yf9/574eVoNSiK7pw==", "requires": { "neo-async": "^2.6.0", "optimist": "^0.6.1", @@ -8145,13 +8145,12 @@ } }, "uglify-js": { - "version": "3.6.9", - "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.6.9.tgz", - "integrity": "sha512-pcnnhaoG6RtrvHJ1dFncAe8Od6Nuy30oaJ82ts6//sGSXOP5UjBMEthiProjXmMNHOfd93sqlkztifFMcb+4yw==", + "version": "3.9.1", + "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.9.1.tgz", + "integrity": "sha512-JUPoL1jHsc9fOjVFHdQIhqEEJsQvfKDjlubcCilu8U26uZ73qOg8VsN8O1jbuei44ZPlwL7kmbAdM4tzaUvqnA==", "optional": true, "requires": { - "commander": "~2.20.3", - "source-map": "~0.6.1" + "commander": "~2.20.3" }, "dependencies": { "commander": {