From dc3a4c0007873b9b2ce80c133ef6216f695524e5 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 11 Feb 2024 18:10:44 +0000 Subject: [PATCH] fix: deps/npm/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-IP-6240864 --- deps/npm/package.json | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/deps/npm/package.json b/deps/npm/package.json index 20b80c7ebe21c7..bdcbb5acf5ab77 100644 --- a/deps/npm/package.json +++ b/deps/npm/package.json @@ -53,7 +53,7 @@ "./package.json": "./package.json" }, "dependencies": { - "@npmcli/arborist": "^2.8.3", + "@npmcli/arborist": "^7.0.0", "@npmcli/ci-detect": "^1.2.0", "@npmcli/config": "^2.3.0", "@npmcli/map-workspaces": "^1.0.4", @@ -77,18 +77,18 @@ "init-package-json": "^2.0.4", "is-cidr": "^4.0.2", "json-parse-even-better-errors": "^2.3.1", - "libnpmaccess": "^4.0.2", - "libnpmdiff": "^2.0.4", - "libnpmexec": "^2.0.1", - "libnpmfund": "^1.1.0", - "libnpmhook": "^6.0.2", - "libnpmorg": "^2.0.2", - "libnpmpack": "^2.0.1", - "libnpmpublish": "^4.0.1", - "libnpmsearch": "^3.1.1", - "libnpmteam": "^2.0.3", + "libnpmaccess": "^8.0.0", + "libnpmdiff": "^6.0.0", + "libnpmexec": "^7.0.0", + "libnpmfund": "^4.0.20", + "libnpmhook": "^10.0.0", + "libnpmorg": "^6.0.0", + "libnpmpack": "^6.0.0", + "libnpmpublish": "^9.0.0", + "libnpmsearch": "^7.0.0", + "libnpmteam": "^6.0.0", "libnpmversion": "^1.2.1", - "make-fetch-happen": "^9.1.0", + "make-fetch-happen": "^12.0.0", "minipass": "^3.1.3", "minipass-pipeline": "^1.2.4", "mkdirp": "^1.0.4", @@ -100,12 +100,12 @@ "npm-install-checks": "^4.0.0", "npm-package-arg": "^8.1.5", "npm-pick-manifest": "^6.1.1", - "npm-profile": "^5.0.3", - "npm-registry-fetch": "^11.0.0", + "npm-profile": "^8.0.0", + "npm-registry-fetch": "^15.0.0", "npm-user-validate": "^1.0.1", "npmlog": "^5.0.1", "opener": "^1.5.2", - "pacote": "^11.3.5", + "pacote": "^16.0.0", "parse-conflict-json": "^1.1.1", "qrcode-terminal": "^0.12.0", "read": "~1.0.7",