Skip to content

Commit

Permalink
Upgrading jsonpath-plus to v10 to resolve CVE-2024-21534 (#4782)
Browse files Browse the repository at this point in the history 
Fixes #4770

Co-authored-by: Juan Carlos Blanco Delgado <36451129+juancarlosjr97@users.noreply.github.com>
  • Loading branch information
@watson @juancarlosjr97 @bengl
2 people authored and bengl committed Oct 16, 2024
1 parent 950cf21 commit 74f6dc6
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 10 deletions.
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@
"int64-buffer": "^0.1.9",
"istanbul-lib-coverage": "3.2.0",
"jest-docblock": "^29.7.0",
"jsonpath-plus": "^9.0.0",
"jsonpath-plus": "^10.0.0",
"koalas": "^1.0.2",
"limiter": "1.1.5",
"lodash.sortby": "^4.7.0",
Expand Down
18 changes: 9 additions & 9 deletions yarn.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2967,10 +2967,10 @@ js-yaml@^3.13.1:
argparse "^1.0.7"
esprima "^4.0.0"

jsep@^1.3.8:
version "1.3.8"
resolved "https://registry.yarnpkg.com/jsep/-/jsep-1.3.8.tgz#facb6eb908d085d71d950bd2b24b757c7b8a46d7"
integrity sha512-qofGylTGgYj9gZFsHuyWAN4jr35eJ66qJCK4eKDnldohuUoQFbU3iZn2zjvEbd9wOAhP9Wx5DsAAduTyE1PSWQ==
jsep@^1.3.9:
version "1.3.9"
resolved "https://registry.yarnpkg.com/jsep/-/jsep-1.3.9.tgz#8ce42df80ee9c1b39e52d0dd062a465342f35440"
integrity sha512-i1rBX5N7VPl0eYb6+mHNp52sEuaS2Wi8CDYx1X5sn9naevL78+265XJqy1qENEk7mRKwS06NHpUqiBwR7qeodw==

jsesc@^2.5.1:
version "2.5.2"
Expand Down Expand Up @@ -3004,14 +3004,14 @@ json5@^2.2.3:
resolved "https://registry.yarnpkg.com/json5/-/json5-2.2.3.tgz#78cd6f1a19bdc12b73db5ad0c61efd66c1e29283"
integrity sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==

jsonpath-plus@^9.0.0:
version "9.0.0"
resolved "https://registry.yarnpkg.com/jsonpath-plus/-/jsonpath-plus-9.0.0.tgz#bb8703ee481531142bca8dee9a42fe72b8358a7f"
integrity sha512-bqE77VIDStrOTV/czspZhTn+o27Xx9ZJRGVkdVShEtPoqsIx5yALv3lWVU6y+PqYvWPJNWE7ORCQheQkEe0DDA==
jsonpath-plus@^10.0.0:
version "10.0.0"
resolved "https://registry.yarnpkg.com/jsonpath-plus/-/jsonpath-plus-10.0.0.tgz#7a747d47e20a27867dbbc80b57fd554788b91474"
integrity sha512-v7j76HGp/ibKlXYeZ7UrfCLSNDaBWuJMA0GaMjA4sZJtCtY89qgPyToDDcl2zdeHh4B5q/B3g2pQdW76fOg/dA==
dependencies:
"@jsep-plugin/assignment" "^1.2.1"
"@jsep-plugin/regex" "^1.0.3"
jsep "^1.3.8"
jsep "^1.3.9"

jszip@^3.5.0:
version "3.10.1"
Expand Down

0 comments on commit 74f6dc6

Please sign in to comment.