Upgrade jasmine-browser-runner dependencies

to fix a security vulnerability. We had a medium security vulnerability because jasmine-browser-runner depends on express 4.20.0 wihich depends on serve-static 0.16.0 which depends on send 0.18.0, which is currently vulnerable due to GHSA-m6fv-jmcg-4jfg. The changes to `yarn.lock` were generated by running `yarn upgrade jasmine-browser-runner` to ensure it's using the patched version (0.19.0) of the `send` dependency.
alphagov · Sep 12, 2024 · dbf7b52 · dbf7b52
1 parent 0aa7fd7
commit dbf7b52
Show file tree

Hide file tree

Showing 2 changed files with 129 additions and 157 deletions.
diff --git a/package.json b/package.json
@@ -41,7 +41,6 @@
     "stylelint-config-gds": "^1.1.1"
   },
   "resolutions": {
-    "express": "^4.20.0",
     "selenium-webdriver": "4.17.0",
     "stylelint/strip-ansi": "6.0.1",
     "stylelint/string-width": "4.2.3"