From d4ca90bafcb2e063a791ea391f14e0b88bbf3c71 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 20 Nov 2025 11:29:23 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 --- package-lock.json | 10 +++++++--- package.json | 2 +- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index dcf70ceb614c..2929096fe97a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -43,7 +43,7 @@ "imurmurhash": "^0.1.4", "javascript-stringify": "^2.1.0", "js-cookie": "^3.0.1", - "js-yaml": "^4.1.0", + "js-yaml": "^4.1.1", "liquidjs": "9.22.1", "lodash": "^4.17.21", "lodash-es": "^4.17.21", @@ -13526,7 +13526,9 @@ "license": "MIT" }, "node_modules/js-yaml": { - "version": "4.1.0", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz", + "integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==", "license": "MIT", "dependencies": { "argparse": "^2.0.1" @@ -30351,7 +30353,9 @@ "version": "4.0.0" }, "js-yaml": { - "version": "4.1.0", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz", + "integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==", "requires": { "argparse": "^2.0.1" } diff --git a/package.json b/package.json index 5eb76756a9af..a70c71c77189 100644 --- a/package.json +++ b/package.json @@ -45,7 +45,7 @@ "imurmurhash": "^0.1.4", "javascript-stringify": "^2.1.0", "js-cookie": "^3.0.1", - "js-yaml": "^4.1.0", + "js-yaml": "^4.1.1", "liquidjs": "9.22.1", "lodash": "^4.17.21", "lodash-es": "^4.17.21",