From 802d9c4488eabfb9fb8114fe88747d7c46a79bd8 Mon Sep 17 00:00:00 2001 From: Rich Trott Date: Thu, 1 Jul 2021 23:49:46 -0700 Subject: [PATCH] tools: update path-parse to 1.0.7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit path-parse 1.0.6 is vulnerable to ReDoS. Update to 1.0.7. Uh, not that a ReDoS is likely to affect us in this tool. Refs: https://github.com/jbgutierrez/path-parse/commit/09e1086512bd50f2767b8c32fa74c0ff0be4c8cd PR-URL: https://github.com/nodejs/node/pull/39232 Reviewed-By: Michaƫl Zasso Reviewed-By: Zijian Liu --- tools/clang-format/package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/clang-format/package-lock.json b/tools/clang-format/package-lock.json index af57b9891ff830..61f17967f0e4a5 100644 --- a/tools/clang-format/package-lock.json +++ b/tools/clang-format/package-lock.json @@ -92,9 +92,9 @@ "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=" }, "path-parse": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz", - "integrity": "sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==" + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", + "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==" }, "resolve": { "version": "1.8.1",