From a1adbe8891eb13963d57a377d54b16b1009a89fa Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 13 Apr 2019 07:46:44 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SEQUELIZE-174167 --- package-lock.json | 12 +++--------- package.json | 2 +- 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1e5266b26..c247a0076 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12314,14 +12314,13 @@ } }, "sequelize": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-5.1.0.tgz", - "integrity": "sha512-LmjEAedMTItkIx0mcBfXVmdkkIQOc+1reuv+UpqSADGvQofZ4Sn9ElUBE8egLgCK4oWjy1Ybsju+YDAJpCv1ww==", + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-5.3.0.tgz", + "integrity": "sha512-UYW7Surds+2zR+UfRQ/IbJ8gg0bSvnIrBvmPPNax+Z9NgSCOibJs5BoM5d+OK0NHMsZCVGYBjI/6ZzMXgDtOHw==", "requires": { "bluebird": "^3.5.0", "cls-bluebird": "^2.1.0", "debug": "^4.1.1", - "depd": "^2.0.0", "dottie": "^2.0.0", "inflection": "1.12.0", "lodash": "^4.17.11", @@ -12344,11 +12343,6 @@ "ms": "^2.1.1" } }, - "depd": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", - "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==" - }, "ms": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz", diff --git a/package.json b/package.json index 95e00de11..42fc4123e 100644 --- a/package.json +++ b/package.json @@ -81,7 +81,7 @@ "pm2": "^3.4.0", "request": "^2.88.0", "request-promise": "^4.2.4", - "sequelize": "^5.1.0", + "sequelize": "^5.3.0", "supertest": "^4.0.2", "swig": "^1.4.2", "winston": "^3.2.1",