From 5042c3ab874f9811e84f5133d6f6fca89796dbef Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 2 Sep 2022 01:07:33 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526 --- package-lock.json | 37 +++++++++++-------------------------- package.json | 2 +- 2 files changed, 12 insertions(+), 27 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0dae97d..fbfb87b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "openkb", - "version": "1.0.23", + "version": "1.0.24", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "openkb", - "version": "1.0.23", + "version": "1.0.24", "license": "MIT", "dependencies": { "async": "^2.6.3", @@ -43,7 +43,7 @@ "remove-markdown": "^0.1.0", "require-main-filename": "^1.0.1", "rimraf": "^2.7.1", - "sanitize-html": "^2.3.2", + "sanitize-html": "^2.7.1", "simplemde": "^1.11.2", "sitemap": "^1.8.1", "speakingurl": "^10.0.0", @@ -2486,14 +2486,6 @@ "node": ">=4" } }, - "node_modules/klona": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/klona/-/klona-2.0.5.tgz", - "integrity": "sha512-pJiBpiXMbt7dkzXe8Ghj/u4FfXOOa98fPW+bihOJ4SjnoijweJrNThJfd3ifXpXhREjpoF2mZVH1GfS9LV3kHQ==", - "engines": { - "node": ">= 8" - } - }, "node_modules/levn": { "version": "0.3.0", "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", @@ -3373,17 +3365,16 @@ "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" }, "node_modules/sanitize-html": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/sanitize-html/-/sanitize-html-2.3.2.tgz", - "integrity": "sha512-p7neuskvC8pSurUjdVmbWPXmc9A4+QpOXIL+4gwFC+av5h+lYCXFT8uEneqsFQg/wEA1IH+cKQA60AaQI6p3cg==", + "version": "2.7.1", + "resolved": "https://registry.npmjs.org/sanitize-html/-/sanitize-html-2.7.1.tgz", + "integrity": "sha512-oOpe8l4J8CaBk++2haoN5yNI5beekjuHv3JRPKUx/7h40Rdr85pemn4NkvUB3TcBP7yjat574sPlcMAyv4UQig==", "dependencies": { "deepmerge": "^4.2.2", "escape-string-regexp": "^4.0.0", "htmlparser2": "^6.0.0", "is-plain-object": "^5.0.0", - "klona": "^2.0.3", "parse-srcset": "^1.0.2", - "postcss": "^8.0.2" + "postcss": "^8.3.11" } }, "node_modules/sanitize-html/node_modules/escape-string-regexp": { @@ -5908,11 +5899,6 @@ "resolved": "https://registry.npmjs.org/junk/-/junk-2.1.0.tgz", "integrity": "sha1-9DG0t/By3FAKXxDOf07HGTDnATQ=" }, - "klona": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/klona/-/klona-2.0.5.tgz", - "integrity": "sha512-pJiBpiXMbt7dkzXe8Ghj/u4FfXOOa98fPW+bihOJ4SjnoijweJrNThJfd3ifXpXhREjpoF2mZVH1GfS9LV3kHQ==" - }, "levn": { "version": "0.3.0", "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", @@ -6564,17 +6550,16 @@ "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" }, "sanitize-html": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/sanitize-html/-/sanitize-html-2.3.2.tgz", - "integrity": "sha512-p7neuskvC8pSurUjdVmbWPXmc9A4+QpOXIL+4gwFC+av5h+lYCXFT8uEneqsFQg/wEA1IH+cKQA60AaQI6p3cg==", + "version": "2.7.1", + "resolved": "https://registry.npmjs.org/sanitize-html/-/sanitize-html-2.7.1.tgz", + "integrity": "sha512-oOpe8l4J8CaBk++2haoN5yNI5beekjuHv3JRPKUx/7h40Rdr85pemn4NkvUB3TcBP7yjat574sPlcMAyv4UQig==", "requires": { "deepmerge": "^4.2.2", "escape-string-regexp": "^4.0.0", "htmlparser2": "^6.0.0", "is-plain-object": "^5.0.0", - "klona": "^2.0.3", "parse-srcset": "^1.0.2", - "postcss": "^8.0.2" + "postcss": "^8.3.11" }, "dependencies": { "escape-string-regexp": { diff --git a/package.json b/package.json index 16d90a3..e3ab348 100644 --- a/package.json +++ b/package.json @@ -44,7 +44,7 @@ "remove-markdown": "^0.1.0", "require-main-filename": "^1.0.1", "rimraf": "^2.7.1", - "sanitize-html": "^2.3.2", + "sanitize-html": "^2.7.1", "simplemde": "^1.11.2", "sitemap": "^1.8.1", "speakingurl": "^10.0.0",