From 0c6bf36744e930eef2a7167783e1be8ce1dbb294 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 1 Nov 2025 10:51:15 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-VALIDATOR-13395830
---
 package-lock.json | 54 +++++++++++++++++++++++------------------------
 package.json      |  2 +-
 2 files changed, 28 insertions(+), 28 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 4cdd9b2a..5f89df85 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -5227,8 +5227,8 @@
 			"integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA=="
 		},
 		"gltf-pipeline": {
-			"version": "github:freezy/gltf-pipeline#8e7c1450d08374755b3abaf0eb0e3ae9a118c8f2",
-			"from": "github:freezy/gltf-pipeline#hotfix/dedupe",
+			"version": "git+ssh://git@github.com/freezy/gltf-pipeline.git#8e7c1450d08374755b3abaf0eb0e3ae9a118c8f2",
+			"from": "gltf-pipeline@github:freezy/gltf-pipeline#hotfix/dedupe",
 			"requires": {
 				"bluebird": "^3.5.3",
 				"cesium": "^1.54.0",
@@ -6072,6 +6072,11 @@
 			"resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
 			"integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g=="
 		},
+		"is_js": {
+			"version": "0.9.0",
+			"resolved": "https://registry.npmjs.org/is_js/-/is_js-0.9.0.tgz",
+			"integrity": "sha1-CrlFQFArp6+iTIVqqYVWFmnpxS0="
+		},
 		"is-accessor-descriptor": {
 			"version": "0.1.6",
 			"resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-0.1.6.tgz",
@@ -6403,11 +6408,6 @@
 			"resolved": "https://registry.npmjs.org/is-yarn-global/-/is-yarn-global-0.3.0.tgz",
 			"integrity": "sha512-VjSeb/lHmkoyd8ryPVIKvOCn4D1koMqY+vqyjjUfc3xyKtP4dYOxM44sZrnqQSzSds3xyOrUTLTC9LVCVgLngw=="
 		},
-		"is_js": {
-			"version": "0.9.0",
-			"resolved": "https://registry.npmjs.org/is_js/-/is_js-0.9.0.tgz",
-			"integrity": "sha1-CrlFQFArp6+iTIVqqYVWFmnpxS0="
-		},
 		"isarray": {
 			"version": "1.0.0",
 			"resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
@@ -11094,6 +11094,15 @@
 				"tough-cookie": "^2.3.3"
 			}
 		},
+		"require_optional": {
+			"version": "1.0.1",
+			"resolved": "https://registry.npmjs.org/require_optional/-/require_optional-1.0.1.tgz",
+			"integrity": "sha512-qhM/y57enGWHAe3v/NcwML6a3/vfESLe/sGM2dII+gEO0BpKRUkWZow/tyloNqJyN6kXSl3RyyM8Ll5D/sJP8g==",
+			"requires": {
+				"resolve-from": "^2.0.0",
+				"semver": "^5.1.0"
+			}
+		},
 		"require-ancestors": {
 			"version": "1.0.0",
 			"resolved": "https://registry.npmjs.org/require-ancestors/-/require-ancestors-1.0.0.tgz",
@@ -11150,15 +11159,6 @@
 				}
 			}
 		},
-		"require_optional": {
-			"version": "1.0.1",
-			"resolved": "https://registry.npmjs.org/require_optional/-/require_optional-1.0.1.tgz",
-			"integrity": "sha512-qhM/y57enGWHAe3v/NcwML6a3/vfESLe/sGM2dII+gEO0BpKRUkWZow/tyloNqJyN6kXSl3RyyM8Ll5D/sJP8g==",
-			"requires": {
-				"resolve-from": "^2.0.0",
-				"semver": "^5.1.0"
-			}
-		},
 		"resolve": {
 			"version": "1.19.0",
 			"resolved": "https://registry.npmjs.org/resolve/-/resolve-1.19.0.tgz",
@@ -13352,6 +13352,14 @@
 			"resolved": "https://registry.npmjs.org/strict-uri-encode/-/strict-uri-encode-1.1.0.tgz",
 			"integrity": "sha1-J5siXfHVgrH1TmWt3UNS4Y+qBxM="
 		},
+		"string_decoder": {
+			"version": "1.0.3",
+			"resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz",
+			"integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==",
+			"requires": {
+				"safe-buffer": "~5.1.0"
+			}
+		},
 		"string-width": {
 			"version": "3.1.0",
 			"resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz",
@@ -13432,14 +13440,6 @@
 				}
 			}
 		},
-		"string_decoder": {
-			"version": "1.0.3",
-			"resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz",
-			"integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==",
-			"requires": {
-				"safe-buffer": "~5.1.0"
-			}
-		},
 		"strip-ansi": {
 			"version": "5.2.0",
 			"resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz",
@@ -14473,9 +14473,9 @@
 			}
 		},
 		"validator": {
-			"version": "11.1.0",
-			"resolved": "https://registry.npmjs.org/validator/-/validator-11.1.0.tgz",
-			"integrity": "sha512-qiQ5ktdO7CD6C/5/mYV4jku/7qnqzjrxb3C/Q5wR3vGGinHTgJZN/TdFT3ZX4vXhX2R1PXx42fB1cn5W+uJ4lg=="
+			"version": "13.15.20",
+			"resolved": "https://registry.npmjs.org/validator/-/validator-13.15.20.tgz",
+			"integrity": "sha512-KxPOq3V2LmfQPP4eqf3Mq/zrT0Dqp2Vmx2Bn285LwVahLc+CsxOM0crBHczm8ijlcjZ0Q5Xd6LW3z3odTPnlrw=="
 		},
 		"vary": {
 			"version": "1.1.2",
diff --git a/package.json b/package.json
index 743b1c1b..afd03096 100644
--- a/package.json
+++ b/package.json
@@ -105,7 +105,7 @@
 		"uglify-js": "3.11.5",
 		"unrar": "0.2.0",
 		"unzipper": "^0.10.5",
-		"validator": "11.1.0",
+		"validator": "13.15.20",
 		"vpx-js": "1.3.4",
 		"winston": "3.3.3",
 		"winston-daily-rotate-file": "4.5.0",