From f9c1b4bdb57613da2fa117533cdba607baecc1a8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 21 Sep 2021 23:47:12 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ZRENDER-1586253 --- package.json | 2 +- yarn.lock | 38 +++++++++++++++++++++++++++++--------- 2 files changed, 30 insertions(+), 10 deletions(-) diff --git a/package.json b/package.json index c617343c5..73824ba5b 100644 --- a/package.json +++ b/package.json @@ -30,7 +30,7 @@ "browser-image-resizer": "^1.2.0", "dom-to-image": "^2.6.0", "dotenv": "^8.6.0", - "echarts": "4.9.0", + "echarts": "5.2.1", "echarts-for-react": "^2.0.15-beta.1", "file-saver": "^2.0.5", "fontsource-roboto": "^4.0.0", diff --git a/yarn.lock b/yarn.lock index c60632d09..1072c3820 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2568,6 +2568,13 @@ axios@^0.21.1: dependencies: follow-redirects "^1.10.0" +axios@^0.21.3: + version "0.21.4" + resolved "https://registry.yarnpkg.com/axios/-/axios-0.21.4.tgz#c67b90dc0568e5c1cf2b0b858c43ba28e2eda575" + integrity sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg== + dependencies: + follow-redirects "^1.14.0" + axobject-query@^2.0.2: version "2.2.0" resolved "https://registry.npmjs.org/axobject-query/-/axobject-query-2.2.0.tgz" @@ -4771,12 +4778,13 @@ echarts-for-react@^2.0.15-beta.1: fast-deep-equal "^2.0.1" size-sensor "^1.0.0" -echarts@4.9.0: - version "4.9.0" - resolved "https://registry.npmjs.org/echarts/-/echarts-4.9.0.tgz" - integrity sha512-+ugizgtJ+KmsJyyDPxaw2Br5FqzuBnyOWwcxPKO6y0gc5caYcfnEUIlNStx02necw8jmKmTafmpHhGo4XDtEIA== +echarts@5.2.1: + version "5.2.1" + resolved "https://registry.yarnpkg.com/echarts/-/echarts-5.2.1.tgz#bd58ec011cd82def4a714e4038ef4b73b8417bc3" + integrity sha512-OJ79b22eqRfbSV8vYmDKmA+XWfNbr0Uk/OafWcFNIGDWti2Uw9A6eVCiJLmqPa9Sk+EWL+t5v26aak0z3gxiZw== dependencies: - zrender "4.3.2" + tslib "2.3.0" + zrender "5.2.1" editions@^2.2.0: version "2.3.1" @@ -5824,6 +5832,11 @@ follow-redirects@^1.10.0: resolved "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.13.3.tgz" integrity sha512-DUgl6+HDzB0iEptNQEXLx/KhTmDb8tZUHSeLqpnjpknR70H0nC2t9N73BK6fN4hOvJ84pKlIQVQ4k5FFlBedKA== +follow-redirects@^1.14.0: + version "1.14.4" + resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.14.4.tgz#838fdf48a8bbdd79e52ee51fb1c94e3ed98b9379" + integrity sha512-zwGkiSXC1MUJG/qmeIFH2HBJx9u0V46QGUe3YR1fXG8bXQxq7fLj0RjLZQ5nubr9qNJUZrH+xUcwXEoXNpfS+g== + fontkit@^1.8.1: version "1.8.1" resolved "https://registry.npmjs.org/fontkit/-/fontkit-1.8.1.tgz" @@ -13471,6 +13484,11 @@ ts-pnp@1.1.6, ts-pnp@^1.1.6: resolved "https://registry.npmjs.org/ts-pnp/-/ts-pnp-1.1.6.tgz" integrity sha512-CrG5GqAAzMT7144Cl+UIFP7mz/iIhiy+xQ6GGcnjTezhALT02uPMRw7tgDSESgB5MsfKt55+GPWw4ir1kVtMIQ== +tslib@2.3.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.3.0.tgz#803b8cdab3e12ba581a4ca41c8839bbb0dacb09e" + integrity sha512-N82ooyxVNm6h1riLCoyS9e3fuJ3AMG2zIZs2Gd1ATcSFjSA23Q0fzjjZeh0jbJvWVDZ0cJT8yaNNaaXHzueNjg== + tslib@^1.10.0, tslib@^1.8.1, tslib@^1.9.0, tslib@^1.9.3: version "1.13.0" resolved "https://registry.npmjs.org/tslib/-/tslib-1.13.0.tgz" @@ -14568,7 +14586,9 @@ yup@^0.29.2: synchronous-promise "^2.0.13" toposort "^2.0.2" -zrender@4.3.2: - version "4.3.2" - resolved "https://registry.npmjs.org/zrender/-/zrender-4.3.2.tgz" - integrity sha512-bIusJLS8c4DkIcdiK+s13HiQ/zjQQVgpNohtd8d94Y2DnJqgM1yjh/jpDb8DoL6hd7r8Awagw8e3qK/oLaWr3g== +zrender@5.2.1: + version "5.2.1" + resolved "https://registry.yarnpkg.com/zrender/-/zrender-5.2.1.tgz#5f4bbda915ba6d412b0b19dc2431beaad05417bb" + integrity sha512-M3bPGZuyLTNBC6LiNKXJwSCtglMp8XUEqEBG+2MdICDI3d1s500Y4P0CzldQGsqpRVB7fkvf3BKQQRxsEaTlsw== + dependencies: + tslib "2.3.0"