From c66c54536cc9ce9749800403f9c9b47b64fb9a01 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 6 Apr 2022 10:00:29 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MOMENT-2440688 --- package.json | 2 +- yarn.lock | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index b9a5d5454..5f076b458 100644 --- a/package.json +++ b/package.json @@ -61,7 +61,7 @@ "http-status": "^1.4.0", "joi": "^17.3.0", "jsonwebtoken": "^8.5.1", - "moment": "^2.24.0", + "moment": "^2.29.2", "mongoose": "^5.13.9", "morgan": "^1.9.1", "nodemailer": "^6.3.1", diff --git a/yarn.lock b/yarn.lock index da50616da..c5d9b48d3 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4698,11 +4698,16 @@ moment-timezone@^0.5.x: dependencies: moment ">= 2.9.0" -"moment@>= 2.9.0", moment@^2.24.0: +"moment@>= 2.9.0": version "2.29.1" resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.1.tgz#b2be769fa31940be9eeea6469c075e35006fa3d3" integrity sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ== +moment@^2.29.2: + version "2.29.2" + resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.2.tgz#00910c60b20843bcba52d37d58c628b47b1f20e4" + integrity sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg== + mongodb@3.7.3: version "3.7.3" resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-3.7.3.tgz#b7949cfd0adc4cc7d32d3f2034214d4475f175a5"