Skip to content

Commit

Permalink
package-lock.json: run npm audit fix
Browse files Browse the repository at this point in the history 
Update to semver 7.5.4, word-wrap 1.2.5

$ npm audit

semver  <=5.7.1 || 6.0.0 - 6.3.0 || 7.0.0 - 7.5.1
Severity: moderate
semver vulnerable to Regular Expression Denial of Service - GHSA-c2qf-rxjj-qqgw

Will install semver@7.5.4, which is outside the stated dependency range

word-wrap  <1.2.4
Severity: moderate
word-wrap vulnerable to Regular Expression Denial of Service - GHSA-j8xg-fqg3-53r7

5 moderate severity vulnerabilities

Change-Id: I11577bdecf689450505b57813455221ed28464c1
Reviewed-on: https://go-review.googlesource.com/c/vscode-go/+/551055
TryBot-Result: kokoro <noreply+kokoro@google.com>
Reviewed-by: Peter Weinberger <pjw@google.com>
Commit-Queue: Hyang-Ah Hana Kim <hyangah@gmail.com>
  • Loading branch information
@hyangah
hyangah committed Dec 19, 2023
1 parent 35ca87e commit c37e0fe
Show file tree
Hide file tree
Showing 2 changed files with 38 additions and 162 deletions.
198 changes: 37 additions & 161 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@
"glob": "7.1.7",
"json-rpc2": "2.0.0",
"moment": "2.29.4",
"semver": "7.3.4",
"semver": "7.5.4",
"tree-kill": "file:third_party/tree-kill",
"vscode-debugadapter": "1.45.0",
"vscode-debugprotocol": "1.45.0",
Expand Down

0 comments on commit c37e0fe

Please sign in to comment.