From 72c3d051228c548e9770624eed08a9435920cfc6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 8 Mar 2024 17:18:06 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JOSE-6419224 --- package-lock.json | 14 +++++++------- package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 5c586c64..62c04f2d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,7 +13,7 @@ "@peculiar/webcrypto": "~1.4.5", "asn1js": "~3.0.2", "cbor-x": "~1.5.8", - "jose": "^4.15.4", + "jose": "^4.15.5", "pkijs": "~3.0.15", "tldts": "~6.1.11" }, @@ -1730,9 +1730,9 @@ } }, "node_modules/jose": { - "version": "4.15.4", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.4.tgz", - "integrity": "sha512-W+oqK4H+r5sITxfxpSU+MMdr/YSWGvgZMQDIsNoBDGGy4i7GBPTtvFKibQzW06n3U3TqHjhvBJsirShsEJ6eeQ==", + "version": "4.15.5", + "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", + "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", "funding": { "url": "https://github.com/sponsors/panva" } @@ -4345,9 +4345,9 @@ } }, "jose": { - "version": "4.15.4", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.4.tgz", - "integrity": "sha512-W+oqK4H+r5sITxfxpSU+MMdr/YSWGvgZMQDIsNoBDGGy4i7GBPTtvFKibQzW06n3U3TqHjhvBJsirShsEJ6eeQ==" + "version": "4.15.5", + "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", + "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==" }, "js-yaml": { "version": "3.14.1", diff --git a/package.json b/package.json index 6702bd06..3e80bcf1 100644 --- a/package.json +++ b/package.json @@ -53,7 +53,7 @@ "@peculiar/webcrypto": "~1.4.5", "asn1js": "~3.0.2", "cbor-x": "~1.5.8", - "jose": "^4.15.4", + "jose": "^4.15.5", "pkijs": "~3.0.15", "tldts": "~6.1.11" },