From eb5bab73532258b5df2b778412ee8da257539193 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 8 Jun 2021 23:11:03 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-WS-1296835
---
 package-lock.json | 16 ++++------------
 package.json      |  2 +-
 2 files changed, 5 insertions(+), 13 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 3501e0bc5c..7c95516f5d 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -11719,29 +11719,21 @@
       }
     },
     "subscriptions-transport-ws": {
-      "version": "0.9.18",
-      "resolved": "https://registry.npmjs.org/subscriptions-transport-ws/-/subscriptions-transport-ws-0.9.18.tgz",
-      "integrity": "sha512-tztzcBTNoEbuErsVQpTN2xUNN/efAZXyCyL5m3x4t6SKrEiTL2N8SaKWBFWM4u56pL79ULif3zjyeq+oV+nOaA==",
+      "version": "0.9.19",
+      "resolved": "https://registry.npmjs.org/subscriptions-transport-ws/-/subscriptions-transport-ws-0.9.19.tgz",
+      "integrity": "sha512-dxdemxFFB0ppCLg10FTtRqH/31FNRL1y1BQv8209MK5I4CwALb7iihQg+7p65lFcIl8MHatINWBLOqpgU4Kyyw==",
       "requires": {
         "backo2": "^1.0.2",
         "eventemitter3": "^3.1.0",
         "iterall": "^1.2.1",
         "symbol-observable": "^1.0.4",
-        "ws": "^5.2.0"
+        "ws": "^5.2.0 || ^6.0.0 || ^7.0.0"
       },
       "dependencies": {
         "symbol-observable": {
           "version": "1.2.0",
           "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-1.2.0.tgz",
           "integrity": "sha512-e900nM8RRtGhlV36KGEU9k65K3mPb1WV70OdjfxlG2EAuM1noi/E/BaW/uMhL7bPEssK8QV57vN3esixjUvcXQ=="
-        },
-        "ws": {
-          "version": "5.2.2",
-          "resolved": "https://registry.npmjs.org/ws/-/ws-5.2.2.tgz",
-          "integrity": "sha512-jaHFD6PFv6UgoIVda6qZllptQsMlDEJkTQcybzzXDYM1XO9Y8em691FGMPmM46WGyLU4z9KMgQN+qrux/nhlHA==",
-          "requires": {
-            "async-limiter": "~1.0.0"
-          }
         }
       }
     },
diff --git a/package.json b/package.json
index 80ae8cec27..7a4c806db4 100644
--- a/package.json
+++ b/package.json
@@ -53,7 +53,7 @@
     "pluralize": "8.0.0",
     "redis": "3.1.2",
     "semver": "7.3.4",
-    "subscriptions-transport-ws": "0.9.18",
+    "subscriptions-transport-ws": "0.9.19",
     "tv4": "1.3.0",
     "uuid": "8.3.2",
     "winston": "3.3.3",