From 4cccab94fdc04e11ad4707d28db1cf144a35fbe1 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 28 Sep 2020 08:32:18 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NODEFETCH-674311 --- package.json | 2 +- yarn.lock | 54 +++++++++++++++++++++++----------------------------- 2 files changed, 25 insertions(+), 31 deletions(-) diff --git a/package.json b/package.json index ee88f7d15..d343fe814 100644 --- a/package.json +++ b/package.json @@ -43,7 +43,7 @@ "@expo/react-native-action-sheet": "cribspot/react-native-action-sheet#b422c54f26d30b9e85eb14a882ea9cec38600730", "md5": "2.2.1", "moment": "^2.19.0", - "prop-types": "15.5.10", + "prop-types": "15.6.2", "react-native-communications": "2.2.1", "react-native-lightbox": "0.7.0", "react-native-parsed-text": "0.0.19", diff --git a/yarn.lock b/yarn.lock index 8b3429518..50b75902a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -846,9 +846,10 @@ mkdirp@^0.5.0, mkdirp@^0.5.1: dependencies: minimist "0.0.8" -moment@2.18.1: - version "2.18.1" - resolved "https://registry.yarnpkg.com/moment/-/moment-2.18.1.tgz#c36193dd3ce1c2eed2adb7c802dbbc77a81b1c0f" +moment@^2.19.0: + version "2.29.0" + resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.0.tgz#fcbef955844d91deb55438613ddcec56e86a3425" + integrity sha512-z6IJ5HXYiuxvFTI6eiQ9dm77uE0gyy1yXNApVHqTcnIKfY9tIwEjlzsZ6u1LQXvVgKeTnv9Xm7NDvJ7lso3MtA== ms@2.0.0: version "2.0.0" @@ -882,7 +883,7 @@ number-is-nan@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" -object-assign@^4.0.1, object-assign@^4.1.0: +object-assign@^4.0.1, object-assign@^4.1.0, object-assign@^4.1.1: version "4.1.1" resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863" @@ -1001,45 +1002,38 @@ promise@^7.1.1: dependencies: asap "~2.0.3" -prop-types@15.5.10, prop-types@^15.5.10: +prop-types@15.6.2: + version "15.6.2" + resolved "https://registry.yarnpkg.com/prop-types/-/prop-types-15.6.2.tgz#05d5ca77b4453e985d60fc7ff8c859094a497102" + integrity sha512-3pboPvLiWD7dkI3qf3KbUe6hKFKa52w+AE0VCqECtf+QHAKgOL37tTaNCnuX1nAAQ4ZhyP+kYVKf8rLmJ/feDQ== + dependencies: + loose-envify "^1.3.1" + object-assign "^4.1.1" + +prop-types@^15.5.10: version "15.5.10" resolved "https://registry.yarnpkg.com/prop-types/-/prop-types-15.5.10.tgz#2797dfc3126182e3a95e3dfbb2e893ddd7456154" dependencies: fbjs "^0.8.9" loose-envify "^1.3.1" -react-clone-referenced-element@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/react-clone-referenced-element/-/react-clone-referenced-element-1.0.1.tgz#2bba8c69404c5e4a944398600bcc4c941f860682" - react-native-communications@2.2.1: version "2.2.1" resolved "https://registry.yarnpkg.com/react-native-communications/-/react-native-communications-2.2.1.tgz#7883b56b20a002eeb790c113f8616ea8692ca795" -react-native-invertible-scroll-view@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/react-native-invertible-scroll-view/-/react-native-invertible-scroll-view-1.0.0.tgz#60ceb384dc950c34eba3a5aeda39f97cdc7d4e23" +react-native-lightbox@0.7.0: + version "0.7.0" + resolved "https://registry.yarnpkg.com/react-native-lightbox/-/react-native-lightbox-0.7.0.tgz#e52b4d7fcc141f59d7b23f0180de535e35b20ec9" + integrity sha512-HS3T4WlCd0Gb3us2d6Jse5m6KjNhngnKm35Wapq30WtQa9s+/VMmtuktbGPGaWtswcDyOj6qByeJBw9W80iPCA== dependencies: - react-clone-referenced-element "^1.0.1" - react-native-scrollable-mixin "^1.0.1" + prop-types "^15.5.10" -react-native-lightbox@oblador/react-native-lightbox#c84a8543d4511fe6a44c3d7820747c9c1bddd875: - version "0.6.0" - resolved "https://codeload.github.com/oblador/react-native-lightbox/tar.gz/c84a8543d4511fe6a44c3d7820747c9c1bddd875" +react-native-parsed-text@0.0.19: + version "0.0.19" + resolved "https://registry.yarnpkg.com/react-native-parsed-text/-/react-native-parsed-text-0.0.19.tgz#1aacca6f9ee82f939f60ef985df90c97bd55c45a" + integrity sha512-gGzzzXDgSwOh85+6SyBZYc8co9CDG7Jo3qY/wfs5J6m+vcezTF9z5loE30+lT3EsBX4HwhrK7OKJ9bMWSxxO0Q== dependencies: - react-timer-mixin "^0.13.3" - -react-native-parsed-text@0.0.18: - version "0.0.18" - resolved "https://registry.yarnpkg.com/react-native-parsed-text/-/react-native-parsed-text-0.0.18.tgz#b528eb6f1410f552d2e3fd8d80da7ff0a7890c71" - -react-native-scrollable-mixin@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/react-native-scrollable-mixin/-/react-native-scrollable-mixin-1.0.1.tgz#34a32167b64248594154fd0d6a8b03f22740548e" - -react-timer-mixin@^0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/react-timer-mixin/-/react-timer-mixin-0.13.3.tgz#0da8b9f807ec07dc3e854d082c737c65605b3d22" + prop-types "^15.5.10" read-pkg-up@^2.0.0: version "2.0.0"