From 31a75899f11213ae47318e756ec3c7347bcd8915 Mon Sep 17 00:00:00 2001 From: Hwee-Boon Yar Date: Mon, 27 Sep 2021 15:06:55 +0800 Subject: [PATCH] Fix: vulnerability found by GitHub: CVE-2021-3807 --- package.json | 3 ++- yarn.lock | 18 ++++-------------- 2 files changed, 6 insertions(+), 15 deletions(-) diff --git a/package.json b/package.json index 81bdbb326..9695c36fb 100644 --- a/package.json +++ b/package.json @@ -10,6 +10,7 @@ "yargs-parser": "^13.1.2", "ssri": "^8.0.1", "y18n": "^4.0.1", - "set-value": "4.0.1" + "set-value": "4.0.1", + "ansi-regex": "5.0.1" } } diff --git a/yarn.lock b/yarn.lock index eea7eb131..a90fe232e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -186,20 +186,10 @@ ansi-align@^2.0.0: dependencies: string-width "^2.0.0" -ansi-regex@^2.0.0: - version "2.1.1" - resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.1.1.tgz#c3b33ab5ee360d86e0e628f0468ae7ef27d654df" - integrity sha1-w7M6te42DYbg5ijwRorn7yfWVN8= - -ansi-regex@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-3.0.0.tgz#ed0317c322064f79466c02966bddb605ab37d998" - integrity sha1-7QMXwyIGT3lGbAKWa922Bas32Zg= - -ansi-regex@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-4.1.0.tgz#8b9f8f08cf1acb843756a839ca8c7e3168c51997" - integrity sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg== +ansi-regex@5.0.1, ansi-regex@^2.0.0, ansi-regex@^3.0.0, ansi-regex@^4.1.0: + version "5.0.1" + resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-5.0.1.tgz#082cb2c89c9fe8659a311a53bd6a4dc5301db304" + integrity sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ== ansi-styles@^3.2.0, ansi-styles@^3.2.1: version "3.2.1"