fix: package.json & package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-7573289
2024-11-22 03:21:08 +07:00 · 2024-07-31 03:18:31 +00:00 · 2024-07-31 03:18:31 +00:00 · 198e13b1c4
commit 198e13b1c4
parent a362d76e50
2 changed files with 9 additions and 8 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -16,7 +16,7 @@
        "@actions/glob": "^0.3.0",
        "@actions/http-client": "^2.0.1",
        "@actions/io": "^1.0.2",
-        "fast-xml-parser": "^4.3.4",
+        "fast-xml-parser": "^4.4.1",
        "json5": "^2.2.3",
        "semver": "^6.3.1"
      },
@ -4784,9 +4784,9 @@
      "dev": true
    },
    "node_modules/fast-xml-parser": {
-      "version": "4.3.4",
-      "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.3.4.tgz",
-      "integrity": "sha512-utnwm92SyozgA3hhH2I8qldf2lBqm6qHOICawRNRFu1qMe3+oqr+GcXjGqTmXTMGE5T4eC03kr/rlh5C1IRdZA==",
+      "version": "4.4.1",
+      "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.4.1.tgz",
+      "integrity": "sha512-xkjOecfnKGkSsOwtZ5Pz7Us/T6mrbPQrq0nh+aCO5V9nk5NLWmasAHumTKjiPJPWANe+kAZ84Jc8ooJkzZ88Sw==",
      "funding": [
        {
          "type": "github",
@ -4797,6 +4797,7 @@
          "url": "https://paypal.me/naturalintelligence"
        }
      ],
+      "license": "MIT",
      "dependencies": {
        "strnum": "^1.0.5"
      },
@ -13390,9 +13391,9 @@
      "dev": true
    },
    "fast-xml-parser": {
-      "version": "4.3.4",
-      "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.3.4.tgz",
-      "integrity": "sha512-utnwm92SyozgA3hhH2I8qldf2lBqm6qHOICawRNRFu1qMe3+oqr+GcXjGqTmXTMGE5T4eC03kr/rlh5C1IRdZA==",
+      "version": "4.4.1",
+      "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.4.1.tgz",
+      "integrity": "sha512-xkjOecfnKGkSsOwtZ5Pz7Us/T6mrbPQrq0nh+aCO5V9nk5NLWmasAHumTKjiPJPWANe+kAZ84Jc8ooJkzZ88Sw==",
      "requires": {
        "strnum": "^1.0.5"
      }
--- a/package.json
+++ b/package.json
@ -33,7 +33,7 @@
    "@actions/glob": "^0.3.0",
    "@actions/http-client": "^2.0.1",
    "@actions/io": "^1.0.2",
-    "fast-xml-parser": "^4.3.4",
+    "fast-xml-parser": "^4.4.1",
    "json5": "^2.2.3",
    "semver": "^6.3.1"
  },