From 3303251303e061bbe43a6c450d665e1963176758 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 17 Jul 2023 05:47:53 +0000 Subject: [PATCH] fix: upgrade graphlib from 2.1.5 to 2.1.8 Snyk has created this PR to upgrade graphlib from 2.1.5 to 2.1.8. See this package in npm: https://www.npmjs.com/package/graphlib See this project in Snyk: https://app.snyk.io/org/sammyfilly/project/71b395cb-29f7-4e91-b998-ba0bf32d0770?utm_source=github&utm_medium=referral&page=upgrade-pr --- turbo-resolver/package-lock.json | 15 +++++++++++---- turbo-resolver/package.json | 2 +- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/turbo-resolver/package-lock.json b/turbo-resolver/package-lock.json index d4175cac..f94c8678 100644 --- a/turbo-resolver/package-lock.json +++ b/turbo-resolver/package-lock.json @@ -79,11 +79,18 @@ "integrity": "sha1-lriIb3w8NQi5Mta9cMTTqI818ak=" }, "graphlib": { - "version": "2.1.5", - "resolved": "https://registry.npmjs.org/graphlib/-/graphlib-2.1.5.tgz", - "integrity": "sha512-XvtbqCcw+EM5SqQrIetIKKD+uZVNQtDPD1goIg7K73RuRZtVI5rYMdcCVSHm/AS1sCBZ7vt0p5WgXouucHQaOA==", + "version": "2.1.8", + "resolved": "https://registry.npmjs.org/graphlib/-/graphlib-2.1.8.tgz", + "integrity": "sha512-jcLLfkpoVGmH7/InMC/1hIvOPSUh38oJtGhvrOFGzioE1DZ+0YW16RgmOJhHiuWTvGiJQ9Z1Ik43JvkRPRvE+A==", "requires": { - "lodash": "4.17.5" + "lodash": "^4.17.15" + }, + "dependencies": { + "lodash": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + } } }, "hosted-git-info": { diff --git a/turbo-resolver/package.json b/turbo-resolver/package.json index a624bcfc..1547f854 100644 --- a/turbo-resolver/package.json +++ b/turbo-resolver/package.json @@ -8,7 +8,7 @@ }, "dependencies": { "async": "^2.6.0", - "graphlib": "^2.1.5", + "graphlib": "^2.1.8", "npm-package-arg": "^6.0.0", "semver": "^5.7.1", "superagent": "^3.8.2"