Fix dependency vulnerability by upgrading xmlhttprequest-ssl via yarn.lock (#10990)

2024-12-23 09:52:26 +01:00 · 2021-05-05 12:02:41 -02:30 · 2021-05-05 12:02:41 -02:30 · 838fe95753
commit 838fe95753
parent 96fe563579
2 changed files with 5 additions and 4 deletions
--- a/package.json
+++ b/package.json
@ -72,6 +72,7 @@
    "**/redux/symbol-observable": "^2.0.3",
    "**/redux-devtools-instrument/symbol-observable": "^2.0.3",
    "**/rxjs/symbol-observable": "^2.0.3",
    "**/xmlhttprequest-ssl": "^1.6.2",
    "3box/ipfs/ipld-zcash/zcash-bitcore-lib/lodash": "^4.17.19",
    "3box/ipfs/ipld-zcash/zcash-bitcore-lib/elliptic": "^6.5.4",
    "3box/**/libp2p-crypto/node-forge": "^0.10.0",
--- a/yarn.lock
+++ b/yarn.lock
@ -27334,10 +27334,10 @@ xmlchars@^2.2.0:
  resolved "https://registry.yarnpkg.com/xmlchars/-/xmlchars-2.2.0.tgz#060fe1bcb7f9c76fe2a17db86a9bc3ab894210cb"
  integrity sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==
-xmlhttprequest-ssl@~1.5.4:
+xmlhttprequest-ssl@^1.6.2, xmlhttprequest-ssl@~1.5.4:
-  version "1.5.5"
+  version "1.6.2"
-  resolved "https://registry.yarnpkg.com/xmlhttprequest-ssl/-/xmlhttprequest-ssl-1.5.5.tgz#c2876b06168aadc40e57d97e81191ac8f4398b3e"
+  resolved "https://registry.yarnpkg.com/xmlhttprequest-ssl/-/xmlhttprequest-ssl-1.6.2.tgz#dd6899bfbcf684b554e393c30b13b9f3b001a7ee"
-  integrity sha1-wodrBhaKrcQOV9l+gRkayPQ5iz4=
+  integrity sha512-tYOaldF/0BLfKuoA39QMwD4j2m8lq4DIncqj1yuNELX4vz9+z/ieG/vwmctjJce+boFHXstqhWnHSxc4W8f4qg==
 xmlhttprequest@*, xmlhttprequest@1.8.0, xmlhttprequest@^1.8.0:
  version "1.8.0"