Skip to content
This repository has been archived by the owner on Dec 2, 2022. It is now read-only.

Commit

Permalink
Dependabot updates (#343)
Browse files Browse the repository at this point in the history
* chore(deps): bump eslint-plugin-import from 2.25.3 to 2.25.4 (#336)

Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import) from 2.25.3 to 2.25.4.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases)
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/main/CHANGELOG.md)
- [Commits](import-js/eslint-plugin-import@v2.25.3...v2.25.4)

---
updated-dependencies:
- dependency-name: eslint-plugin-import
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump @types/jsonwebtoken from 8.5.6 to 8.5.7 (#337)

Bumps [@types/jsonwebtoken](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jsonwebtoken) from 8.5.6 to 8.5.7.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jsonwebtoken)

---
updated-dependencies:
- dependency-name: "@types/jsonwebtoken"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump mocha from 9.1.3 to 9.1.4 (#339)

Bumps [mocha](https://github.com/mochajs/mocha) from 9.1.3 to 9.1.4.
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/master/CHANGELOG.md)
- [Commits](mochajs/mocha@v9.1.3...v9.1.4)

---
updated-dependencies:
- dependency-name: mocha
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump @types/jsonwebtoken from 8.5.7 to 8.5.8 (#341)

Bumps [@types/jsonwebtoken](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jsonwebtoken) from 8.5.7 to 8.5.8.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jsonwebtoken)

---
updated-dependencies:
- dependency-name: "@types/jsonwebtoken"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump axios from 0.24.0 to 0.25.0 (#340)

Bumps [axios](https://github.com/axios/axios) from 0.24.0 to 0.25.0.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/master/CHANGELOG.md)
- [Commits](axios/axios@v0.24.0...v0.25.0)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump follow-redirects from 1.14.4 to 1.14.7 (#338)

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.4 to 1.14.7.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.14.4...v1.14.7)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: package.json & package-lock.json to reduce vulnerabilities (#342)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2330875
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2331908

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Snyk bot <[email protected]>
  • Loading branch information
3 people authored Jan 20, 2022
1 parent ed4b35b commit 274a1c9
Show file tree
Hide file tree
Showing 2 changed files with 45 additions and 61 deletions.
98 changes: 41 additions & 57 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 4 additions & 4 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -28,12 +28,12 @@
"homepage": "https://github.com/opengovsg/spcp-auth-client#readme",
"dependencies": {
"@xmldom/xmldom": "^0.8.0",
"axios": "^0.24.0",
"axios": "^0.25.0",
"base-64": "^1.0.0",
"jsonwebtoken": "^8.3.0",
"lodash": "^4.17.21",
"xml-crypto": "^2.1.3",
"xml-encryption": "^1.3.0",
"xml-encryption": "^2.0.0",
"xml2json-light": "^1.0.6",
"xpath": "0.0.32"
},
Expand All @@ -48,12 +48,12 @@
"chai": "4.3.4",
"eslint": "7.32.0",
"eslint-config-standard": "16.0.3",
"eslint-plugin-import": "2.25.3",
"eslint-plugin-import": "2.25.4",
"eslint-plugin-mocha": "10.0.3",
"eslint-plugin-node": "11.1.0",
"eslint-plugin-promise": "5.2.0",
"eslint-plugin-standard": "5.0.0",
"mocha": "9.1.3",
"mocha": "9.1.4",
"mustache": "4.2.0",
"nyc": "15.1.0",
"sinon": "^12.0.0",
Expand Down

0 comments on commit 274a1c9

Please sign in to comment.