From 03d0402594dc2e8f7c6daad8773d0990973e6466 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 17 Jan 2022 02:48:50 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MARKED-2342073 - https://snyk.io/vuln/SNYK-JS-MARKED-2342082 --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 8a71a0caedb86..84f1bcfc1ddad 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4436,9 +4436,9 @@ "dev": true }, "marked": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/marked/-/marked-3.0.4.tgz", - "integrity": "sha512-jBo8AOayNaEcvBhNobg6/BLhdsK3NvnKWJg33MAAPbvTWiG4QBn9gpW1+7RssrKu4K1dKlN+0goVQwV41xEfOA==" + "version": "4.0.10", + "resolved": "https://registry.npmjs.org/marked/-/marked-4.0.10.tgz", + "integrity": "sha512-+QvuFj0nGgO970fySghXGmuw+Fd0gD2x3+MqCWLIPf5oxdv1Ka6b2q+z9RP01P/IaKPMEramy+7cNy/Lw8c3hw==" }, "mathml-tag-names": { "version": "2.1.3", diff --git a/package.json b/package.json index 18c155fb09859..def98e3d69dfb 100644 --- a/package.json +++ b/package.json @@ -44,7 +44,7 @@ "jstransformer-handlebars": "^1.1.0", "junk": "^3.1.0", "lodash.defaultsdeep": "^4.6.1", - "marked": "^3.0.4", + "marked": "^4.0.10", "metalsmith": "^2.3.0", "metalsmith-collections": "^0.9.0", "metalsmith-discover-helpers": "^0.1.1",