From d0fe98bbfa6ffec86baaba0124c9d6bdd2bb4064 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 14 Apr 2024 20:11:34 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DOMPURIFY-6474511 --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index fe0f0109..4552454a 100644 --- a/package.json +++ b/package.json @@ -11,7 +11,7 @@ "calendar-link": "2.1.1", "date-fns": "2.28.0", "date-fns-tz": "1.3.4", - "dompurify": "2.3.8", + "dompurify": "2.4.9", "react": "17.0.2", "react-add-to-calendar": "0.1.5", "react-big-calendar": "0.40.1", diff --git a/yarn.lock b/yarn.lock index da620b1f..54951824 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4328,10 +4328,10 @@ domhandler@^4.0.0, domhandler@^4.2.0, domhandler@^4.3.1: dependencies: domelementtype "^2.2.0" -dompurify@2.3.8: - version "2.3.8" - resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.3.8.tgz#224fe9ae57d7ebd9a1ae1ac18c1c1ca3f532226f" - integrity sha512-eVhaWoVibIzqdGYjwsBWodIQIaXFSB+cKDf4cfxLMsK0xiud6SE+/WCVx/Xw/UwQsa4cS3T2eITcdtmTg2UKcw== +dompurify@2.4.9: + version "2.4.9" + resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.4.9.tgz#9ccdd9e1780653156b09de873f5372bc1eaf2c40" + integrity sha512-iHtnxYMotKgOTvxIqq677JsKHvCOkAFqj9x8Mek2zdeHW1XjuFKwjpmZeMaXQRQ8AbJZDbcRz/+r1QhwvFtmQg== domutils@1.5.1: version "1.5.1"