From 8029e9f1cc7e59b260eb544b8aaa0ad2017a4a10 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 16 Jan 2022 22:15:19 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MARKED-2342073 - https://snyk.io/vuln/SNYK-JS-MARKED-2342082 --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 11c7cb16307f6..afde2b1cf3be3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4172,9 +4172,9 @@ } }, "marked": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/marked/-/marked-2.0.0.tgz", - "integrity": "sha512-NqRSh2+LlN2NInpqTQnS614Y/3NkVMFFU6sJlRFEpxJ/LHuK/qJECH7/fXZjk4VZstPW/Pevjil/VtSONsLc7Q==" + "version": "4.0.10", + "resolved": "https://registry.npmjs.org/marked/-/marked-4.0.10.tgz", + "integrity": "sha512-+QvuFj0nGgO970fySghXGmuw+Fd0gD2x3+MqCWLIPf5oxdv1Ka6b2q+z9RP01P/IaKPMEramy+7cNy/Lw8c3hw==" }, "mathml-tag-names": { "version": "2.1.3", diff --git a/package.json b/package.json index 08aeff092d25d..5cfcd458e636e 100644 --- a/package.json +++ b/package.json @@ -44,7 +44,7 @@ "jstransformer-handlebars": "^1.1.0", "junk": "^3.1.0", "lodash.defaultsdeep": "^4.6.1", - "marked": "^2.0.0", + "marked": "^4.0.10", "metalsmith": "^2.3.0", "metalsmith-collections": "^0.9.0", "metalsmith-discover-helpers": "^0.1.1",