Skip to content

Commit

Permalink
Force non-vulnerable version of json5
Browse files Browse the repository at this point in the history
  • Loading branch information
@edoardopirovano
edoardopirovano committed May 14, 2024
1 parent 3ee6997 commit 3e815dd
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 14 deletions.
4 changes: 4 additions & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,10 @@
"typescript": "^4.9.5",
"yaml": "^2.4.1"
},
"resolutions": {
"//": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"json5": "^2.2.2"
},
"engines": {
"node": ">= 20"
},
Expand Down
16 changes: 2 additions & 14 deletions yarn.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4403,23 +4403,11 @@ json-stable-stringify-without-jsonify@^1.0.1:
resolved "https://registry.yarnpkg.com/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz#9db7b59496ad3f3cfef30a75142d2d930ad72651"
integrity sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==

json5@2.x, json5@^2.2.2:
json5@2.x, json5@^1.0.2, json5@^2.2.0, json5@^2.2.1, json5@^2.2.2:
version "2.2.3"
resolved "https://registry.yarnpkg.com/json5/-/json5-2.2.3.tgz#78cd6f1a19bdc12b73db5ad0c61efd66c1e29283"
integrity sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==

json5@^1.0.2:
version "1.0.2"
resolved "https://registry.yarnpkg.com/json5/-/json5-1.0.2.tgz#63d98d60f21b313b77c4d6da18bfa69d80e1d593"
integrity sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==
dependencies:
minimist "^1.2.0"

json5@^2.2.0, json5@^2.2.1:
version "2.2.1"
resolved "https://registry.yarnpkg.com/json5/-/json5-2.2.1.tgz#655d50ed1e6f95ad1a3caababd2b0efda10b395c"
integrity sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA==

jsonfile@^4.0.0:
version "4.0.0"
resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-4.0.0.tgz#8771aae0799b64076b76640fca058f9c10e33ecb"
Expand Down Expand Up @@ -4679,7 +4667,7 @@ minimatch@^9.0.0:
dependencies:
brace-expansion "^2.0.1"

minimist@^1.2.0, minimist@^1.2.6:
minimist@^1.2.6:
version "1.2.7"
resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.7.tgz#daa1c4d91f507390437c6a8bc01078e7000c4d18"
integrity sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g==
Expand Down

0 comments on commit 3e815dd

Please sign in to comment.