From 198e13b1c4191e6819d0d793ec821df165be5487 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 31 Jul 2024 03:18:31 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-7573289 --- package-lock.json | 15 ++++++++------- package.json | 2 +- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index cd3b89d..b7910cd 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,7 +16,7 @@ "@actions/glob": "^0.3.0", "@actions/http-client": "^2.0.1", "@actions/io": "^1.0.2", - "fast-xml-parser": "^4.3.4", + "fast-xml-parser": "^4.4.1", "json5": "^2.2.3", "semver": "^6.3.1" }, @@ -4784,9 +4784,9 @@ "dev": true }, "node_modules/fast-xml-parser": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.3.4.tgz", - "integrity": "sha512-utnwm92SyozgA3hhH2I8qldf2lBqm6qHOICawRNRFu1qMe3+oqr+GcXjGqTmXTMGE5T4eC03kr/rlh5C1IRdZA==", + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.4.1.tgz", + "integrity": "sha512-xkjOecfnKGkSsOwtZ5Pz7Us/T6mrbPQrq0nh+aCO5V9nk5NLWmasAHumTKjiPJPWANe+kAZ84Jc8ooJkzZ88Sw==", "funding": [ { "type": "github", @@ -4797,6 +4797,7 @@ "url": "https://paypal.me/naturalintelligence" } ], + "license": "MIT", "dependencies": { "strnum": "^1.0.5" }, @@ -13390,9 +13391,9 @@ "dev": true }, "fast-xml-parser": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.3.4.tgz", - "integrity": "sha512-utnwm92SyozgA3hhH2I8qldf2lBqm6qHOICawRNRFu1qMe3+oqr+GcXjGqTmXTMGE5T4eC03kr/rlh5C1IRdZA==", + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.4.1.tgz", + "integrity": "sha512-xkjOecfnKGkSsOwtZ5Pz7Us/T6mrbPQrq0nh+aCO5V9nk5NLWmasAHumTKjiPJPWANe+kAZ84Jc8ooJkzZ88Sw==", "requires": { "strnum": "^1.0.5" } diff --git a/package.json b/package.json index ec8ec36..2bda563 100644 --- a/package.json +++ b/package.json @@ -33,7 +33,7 @@ "@actions/glob": "^0.3.0", "@actions/http-client": "^2.0.1", "@actions/io": "^1.0.2", - "fast-xml-parser": "^4.3.4", + "fast-xml-parser": "^4.4.1", "json5": "^2.2.3", "semver": "^6.3.1" },