From f40f12cf66386e18856b543f5933aeb484aef6f7 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 31 Mar 2019 08:47:35 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-JSYAML-173999
---
 package-lock.json | 79 +++++++++--------------------------------------
 package.json      |  2 +-
 2 files changed, 15 insertions(+), 66 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 160c72075..6ae8f134f 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,47 +1,9 @@
 {
   "name": "@adobe/helix-pipeline",
-  "version": "1.1.1",
+  "version": "1.2.0",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
-    "@adobe/helix-shared": {
-      "version": "0.8.4",
-      "resolved": "https://registry.npmjs.org/@adobe/helix-shared/-/helix-shared-0.8.4.tgz",
-      "integrity": "sha512-/jOtKILc21XhuPXy8ahQBHFc7WAfrpAVymOwB4h58a5to/nLwoczJkzxidrQR21ENI5cOrKyBoXOUoOjnREOEQ==",
-      "requires": {
-        "ajv": "6.10.0",
-        "fs-extra": "^7.0.0",
-        "object-hash": "^1.3.1",
-        "triple-beam": "^1.3.0",
-        "uri-js": "^4.2.2",
-        "uuid": "^3.3.2",
-        "winston": "^3.1.0",
-        "yaml": "1.4.0"
-      },
-      "dependencies": {
-        "ajv": {
-          "version": "6.10.0",
-          "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.10.0.tgz",
-          "integrity": "sha512-nffhOpkymDECQyR0mnsUtoCE8RlX38G0rYP+wgLWFyZuUyuuojSSvi/+euOiQBIn63whYwYVIIH1TvE3tu4OEg==",
-          "requires": {
-            "fast-deep-equal": "^2.0.1",
-            "fast-json-stable-stringify": "^2.0.0",
-            "json-schema-traverse": "^0.4.1",
-            "uri-js": "^4.2.2"
-          }
-        },
-        "fast-deep-equal": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz",
-          "integrity": "sha1-ewUhjd+WZ79/Nwv3/bLLFf3Qqkk="
-        },
-        "json-schema-traverse": {
-          "version": "0.4.1",
-          "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz",
-          "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg=="
-        }
-      }
-    },
     "@adobe/jsonschema2md": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/@adobe/jsonschema2md/-/jsonschema2md-2.0.0.tgz",
@@ -5557,9 +5519,9 @@
       "dev": true
     },
     "js-yaml": {
-      "version": "3.12.0",
-      "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.12.0.tgz",
-      "integrity": "sha512-PIt2cnwmPfL4hKNwqeiuz4bKfnzHTBv6HyVgjahA6mPLwPDzjDWrplJBMjHUFxku/N3FlmrbyPclad+I+4mJ3A==",
+      "version": "3.13.0",
+      "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.13.0.tgz",
+      "integrity": "sha512-pZZoSxcCYco+DIKBTimr67J6Hy+EYGZDY/HCWC+iAEA9h1ByhMXAIVUXMcMFpOCxQ/xjXmPI2MkDL5HRm5eFrQ==",
       "requires": {
         "argparse": "^1.0.7",
         "esprima": "^4.0.0"
@@ -6802,6 +6764,16 @@
           "integrity": "sha512-wPVv/y/QQ/Uiirj/vh3oP+1Ww+AWehmi1g5fFWGPF6IpCBCDVrhgHRMvrLfdYcwDh3QJbGXDW4JAuzxElLSqKA==",
           "dev": true
         },
+        "js-yaml": {
+          "version": "3.12.0",
+          "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.12.0.tgz",
+          "integrity": "sha512-PIt2cnwmPfL4hKNwqeiuz4bKfnzHTBv6HyVgjahA6mPLwPDzjDWrplJBMjHUFxku/N3FlmrbyPclad+I+4mJ3A==",
+          "dev": true,
+          "requires": {
+            "argparse": "^1.0.7",
+            "esprima": "^4.0.0"
+          }
+        },
         "lcid": {
           "version": "2.0.0",
           "resolved": "https://registry.npmjs.org/lcid/-/lcid-2.0.0.tgz",
@@ -14925,29 +14897,6 @@
       "integrity": "sha1-HBH5IY8HYImkfdUS+TxmmaaoHVI=",
       "dev": true
     },
-    "yaml": {
-      "version": "1.4.0",
-      "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.4.0.tgz",
-      "integrity": "sha512-rzU83hGJrNgyT7OE2mP/SILeZxEMRJ0mza0n4KFtkNL1aXUZ79ZgZ5pIH56yT6LiqujcAs/Rqzp0ApvvNYfUfw==",
-      "requires": {
-        "@babel/runtime": "^7.3.4"
-      },
-      "dependencies": {
-        "@babel/runtime": {
-          "version": "7.4.2",
-          "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.4.2.tgz",
-          "integrity": "sha512-7Bl2rALb7HpvXFL7TETNzKSAeBVCPHELzc0C//9FCxN8nsiueWSJBqaF+2oIJScyILStASR/Cx5WMkXGYTiJFA==",
-          "requires": {
-            "regenerator-runtime": "^0.13.2"
-          }
-        },
-        "regenerator-runtime": {
-          "version": "0.13.2",
-          "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.2.tgz",
-          "integrity": "sha512-S/TQAZJO+D3m9xeN1WTI8dLKBBiRgXBlTJvbWjCThHWZj9EvHK70Ff50/tYj2J/fvBY6JtFVwRuazHN2E7M9BA=="
-        }
-      }
-    },
     "yargs": {
       "version": "3.32.0",
       "resolved": "http://registry.npmjs.org/yargs/-/yargs-3.32.0.tgz",
diff --git a/package.json b/package.json
index e6cb2a8bc..179a26e32 100644
--- a/package.json
+++ b/package.json
@@ -56,7 +56,7 @@
     "hast-to-hyperscript": "^6.0.0",
     "hast-util-to-html": "^5.0.0",
     "hyperscript": "^2.0.2",
-    "js-yaml": "^3.12.0",
+    "js-yaml": "^3.13.0",
     "jsdom": "^14.0.0",
     "lodash": "^4.17.11",
     "mdast-util-to-hast": "^4.0.0",