From 867c9a0fdc47502bcc82a5f1ad2f42f3ea15726b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 19 Nov 2025 02:25:00 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 --- package-lock.json | 10 +++++++--- package.json | 2 +- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index e24993fa337a..a4fbf4da1f46 100644 --- a/package-lock.json +++ b/package-lock.json @@ -51,7 +51,7 @@ "is-svg": "5.0.0", "javascript-stringify": "^2.1.0", "js-cookie": "^3.0.1", - "js-yaml": "^4.1.0", + "js-yaml": "^4.1.1", "liquidjs": "9.22.1", "lodash": "^4.17.21", "lodash-es": "^4.17.21", @@ -13322,7 +13322,9 @@ "license": "MIT" }, "node_modules/js-yaml": { - "version": "4.1.0", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz", + "integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==", "license": "MIT", "dependencies": { "argparse": "^2.0.1" @@ -28841,7 +28843,9 @@ "version": "4.0.0" }, "js-yaml": { - "version": "4.1.0", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz", + "integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==", "requires": { "argparse": "^2.0.1" } diff --git a/package.json b/package.json index 293cacf00c54..61fa33d3a3f4 100644 --- a/package.json +++ b/package.json @@ -53,7 +53,7 @@ "is-svg": "5.0.0", "javascript-stringify": "^2.1.0", "js-cookie": "^3.0.1", - "js-yaml": "^4.1.0", + "js-yaml": "^4.1.1", "liquidjs": "9.22.1", "lodash": "^4.17.21", "lodash-es": "^4.17.21",