From 494c51935908f7cf1c357bd4e454d318ecb015c1 Mon Sep 17 00:00:00 2001 From: Kailash Nadh Date: Sat, 1 Aug 2020 20:28:39 +0530 Subject: [PATCH] Upgrade JS dependencies (security fixes) --- frontend/package.json | 2 ++ frontend/yarn.lock | 18 ++++++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/frontend/package.json b/frontend/package.json index 3cc421e..ccc09bf 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -15,7 +15,9 @@ "codeflask": "^1.4.1", "core-js": "^3.6.5", "dayjs": "^1.8.28", + "elliptic": "^6.5.3", "humps": "^2.0.1", + "lodash": "^4.17.19", "node-sass": "^4.14.1", "qs": "^6.9.4", "quill": "^1.3.7", diff --git a/frontend/yarn.lock b/frontend/yarn.lock index f2f54cf..9326356 100644 --- a/frontend/yarn.lock +++ b/frontend/yarn.lock @@ -3496,6 +3496,19 @@ elliptic@^6.0.0, elliptic@^6.5.2: minimalistic-assert "^1.0.0" minimalistic-crypto-utils "^1.0.0" +elliptic@^6.5.3: + version "6.5.3" + resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.3.tgz#cb59eb2efdaf73a0bd78ccd7015a62ad6e0f93d6" + integrity sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw== + dependencies: + bn.js "^4.4.0" + brorand "^1.0.1" + hash.js "^1.0.0" + hmac-drbg "^1.0.0" + inherits "^2.0.1" + minimalistic-assert "^1.0.0" + minimalistic-crypto-utils "^1.0.0" + emoji-regex@^7.0.1: version "7.0.3" resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-7.0.3.tgz#933a04052860c85e83c122479c4748a8e4c72156" @@ -5613,6 +5626,11 @@ lodash@^4.0.0, lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.14, lodash@^4.17.1 resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.15.tgz#b447f6670a0455bbfeedd11392eff330ea097548" integrity sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A== +lodash@^4.17.19: + version "4.17.19" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.19.tgz#e48ddedbe30b3321783c5b4301fbd353bc1e4a4b" + integrity sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ== + log-symbols@^2.2.0: version "2.2.0" resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-2.2.0.tgz#5740e1c5d6f0dfda4ad9323b5332107ef6b4c40a"