From 3ca2b13500da0d399daa63349f9a9d9e24c9ef6c Mon Sep 17 00:00:00 2001 From: jaybuidl Date: Fri, 21 Jan 2022 00:14:10 +0000 Subject: [PATCH] fix(CVE-2022-0155): upgraded follow-redirects --- contracts/package.json | 1 + yarn.lock | 13 ++++++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/contracts/package.json b/contracts/package.json index cd48a9cb8..45c16c9a4 100644 --- a/contracts/package.json +++ b/contracts/package.json @@ -35,6 +35,7 @@ "ethereum-waffle": "^3.4.0", "ethereumjs-util": "^7.1.3", "ethers": "^5.5.1", + "follow-redirects": "^1.14.7", "hardhat": "^2.6.8", "hardhat-deploy": "^0.9.6", "hardhat-deploy-ethers": "^0.3.0-beta.11", diff --git a/yarn.lock b/yarn.lock index 8b4a789d0..57d5ad44c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1008,6 +1008,7 @@ __metadata: ethereum-waffle: ^3.4.0 ethereumjs-util: ^7.1.3 ethers: ^5.5.1 + follow-redirects: ^1.14.7 hardhat: ^2.6.8 hardhat-deploy: ^0.9.6 hardhat-deploy-ethers: ^0.3.0-beta.11 @@ -7257,6 +7258,16 @@ __metadata: languageName: node linkType: hard +"follow-redirects@npm:^1.14.7": + version: 1.14.7 + resolution: "follow-redirects@npm:1.14.7" + peerDependenciesMeta: + debug: + optional: true + checksum: f6d03e5e30877431065bca0d1b2e3db93949eb799d368a5c07ea8a4b71205f0349a3f8f0191bf13a07c93885522834dca1dc8e527dc99a772c6911fba24edc5f + languageName: node + linkType: hard + "for-each@npm:^0.3.3, for-each@npm:~0.3.3": version: 0.3.3 resolution: "for-each@npm:0.3.3" @@ -15304,7 +15315,7 @@ __metadata: "typescript@patch:typescript@^4.4.3#~builtin, typescript@patch:typescript@^4.4.4#~builtin": version: 4.4.4 - resolution: "typescript@patch:typescript@npm%3A4.4.4#~builtin::version=4.4.4&hash=ddd1e8" + resolution: "typescript@patch:typescript@npm%3A4.4.4#~builtin::version=4.4.4&hash=493e53" bin: tsc: bin/tsc tsserver: bin/tsserver