From cc59e889b08d6e5dfa6ba2283895bd6d2cac9942 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 15 Apr 2024 20:32:44 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-6139239 --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 8456a2687..2b2d95e60 100644 --- a/package.json +++ b/package.json @@ -72,7 +72,7 @@ "csvtojson": "^2.0.10", "debug": "^4.1.1", "dotenv": "^4.0.0", - "elasticsearch": "^16.6.0", + "elasticsearch": "^16.7.3", "erxes-inmemory-storage": "^1.0.16", "erxes-message-broker": "^1.0.17", "erxes-telemetry": "^1.0.4", diff --git a/yarn.lock b/yarn.lock index 8ccfaa281..89ae0cb59 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3669,10 +3669,10 @@ ee-first@1.1.1: resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0= -elasticsearch@^16.6.0: - version "16.6.0" - resolved "https://registry.yarnpkg.com/elasticsearch/-/elasticsearch-16.6.0.tgz#ba6b6096269f205f6fcde4171424dcd67229febe" - integrity sha512-MhsdE2JaBJoV1EGzSkCqqhNGxafXJuhPr+eD3vbXmsk/QWhaiU12oyXF0VhjcL8+UlwTHv0CAUbyjtE1wqoIdw== +elasticsearch@^16.7.3: + version "16.7.3" + resolved "https://registry.yarnpkg.com/elasticsearch/-/elasticsearch-16.7.3.tgz#bf0e1cc129ab2e0f06911953a1b1f3c740715fab" + integrity sha512-e9kUNhwnIlu47fGAr4W6yZJbkpsgQJB0TqNK8rCANe1J4P65B1sGnbCFTgcKY3/dRgCWnuP1AJ4obvzW604xEQ== dependencies: agentkeepalive "^3.4.1" chalk "^1.0.0"