From f07ee52b39ec1ec5727ebdf7a29e607305370edf Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 5 Oct 2022 17:27:15 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-DSET-1054939
- https://snyk.io/vuln/SNYK-JS-DSET-2330881
---
 package-lock.json | 17 ++++++++---------
 package.json      |  2 +-
 2 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 8a024f8c1f9..6e611166216 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -6,7 +6,7 @@
   "packages": {
     "": {
       "name": "prebid.js",
-      "version": "6.28.0-pre",
+      "version": "7.4.0-pre",
       "license": "Apache-2.0",
       "dependencies": {
         "@babel/core": "^7.16.7",
@@ -17,7 +17,7 @@
         "criteo-direct-rsa-validate": "^1.1.0",
         "crypto-js": "^3.3.0",
         "dlv": "1.1.3",
-        "dset": "2.0.1",
+        "dset": "^3.1.2",
         "express": "^4.15.4",
         "fun-hooks": "^0.9.9",
         "just-clone": "^1.0.2",
@@ -7724,10 +7724,9 @@
       }
     },
     "node_modules/dset": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/dset/-/dset-2.0.1.tgz",
-      "integrity": "sha512-nI29OZMRYq36hOcifB6HTjajNAAiBKSXsyWZrq+VniusseuP2OpNlTiYgsaNRSGvpyq5Wjbc2gQLyBdTyWqhnQ==",
-      "deprecated": "Please use dset@2.1.0 or later for an important security patch",
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/dset/-/dset-3.1.2.tgz",
+      "integrity": "sha512-g/M9sqy3oHe477Ar4voQxWtaPIFw1jTdKZuomOjhCcBx9nHUNn0pu6NopuFFrTh/TRZIKEj+76vLWFu9BNKk+Q==",
       "engines": {
         "node": ">=4"
       }
@@ -29382,9 +29381,9 @@
       }
     },
     "dset": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/dset/-/dset-2.0.1.tgz",
-      "integrity": "sha512-nI29OZMRYq36hOcifB6HTjajNAAiBKSXsyWZrq+VniusseuP2OpNlTiYgsaNRSGvpyq5Wjbc2gQLyBdTyWqhnQ=="
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/dset/-/dset-3.1.2.tgz",
+      "integrity": "sha512-g/M9sqy3oHe477Ar4voQxWtaPIFw1jTdKZuomOjhCcBx9nHUNn0pu6NopuFFrTh/TRZIKEj+76vLWFu9BNKk+Q=="
     },
     "duplexer": {
       "version": "0.1.2",
diff --git a/package.json b/package.json
index 7f28f192680..5f91e2669c8 100644
--- a/package.json
+++ b/package.json
@@ -120,7 +120,7 @@
     "criteo-direct-rsa-validate": "^1.1.0",
     "crypto-js": "^3.3.0",
     "dlv": "1.1.3",
-    "dset": "2.0.1",
+    "dset": "3.1.2",
     "express": "^4.15.4",
     "fun-hooks": "^0.9.9",
     "just-clone": "^1.0.2",