From 7e85048c54c12209305b4bfd010309d3f4d28101 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 11 Jul 2025 19:39:17 +0000 Subject: [PATCH] fix: admin/package.json & admin/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-WS-7266574 - https://snyk.io/vuln/SNYK-JS-WS-1296835 --- admin/package.json | 2 +- admin/yarn.lock | 25 +++++++++---------------- 2 files changed, 10 insertions(+), 17 deletions(-) diff --git a/admin/package.json b/admin/package.json index 2ce71dfe0f..e0173eb62c 100644 --- a/admin/package.json +++ b/admin/package.json @@ -40,7 +40,7 @@ "recharts": "^1.0.0-alpha.6", "redux": "^3.6.0", "redux-thunk": "^2.2.0", - "subscriptions-transport-ws": "^0.9.5" + "subscriptions-transport-ws": "^0.11.0" }, "scripts": { "start": "NODE_PATH=../ react-scripts start", diff --git a/admin/yarn.lock b/admin/yarn.lock index 875affb37e..fd2f2130f5 100644 --- a/admin/yarn.lock +++ b/admin/yarn.lock @@ -574,11 +574,6 @@ async-each@^1.0.0: resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" integrity sha1-GdOGodntxufByF04iu28xW0zYC0= -async-limiter@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/async-limiter/-/async-limiter-1.0.0.tgz#78faed8c3d074ab81f22b4e985d79e8738f720f8" - integrity sha512-jp/uFnooOiO+L211eZOoSyzpOITMXx1rBITauYykG3BRYPu8h0UcxsPNB04RR5vo4Tyz3+ay17tR6JVf9qzYWg== - async@^1.5.2: version "1.5.2" resolved "https://registry.yarnpkg.com/async/-/async-1.5.2.tgz#ec6a61ae56480c0c3cb241c95618e20892f9672a" @@ -8196,16 +8191,16 @@ stylis@^3.5.0: resolved "https://registry.yarnpkg.com/stylis/-/stylis-3.5.4.tgz#f665f25f5e299cf3d64654ab949a57c768b73fbe" integrity sha512-8/3pSmthWM7lsPBKv7NXkzn2Uc9W7NotcwGNpJaa3k7WMM1XDCA4MgT5k/8BIexd5ydZdboXtU90XH9Ec4Bv/Q== -subscriptions-transport-ws@^0.9.5: - version "0.9.15" - resolved "https://registry.yarnpkg.com/subscriptions-transport-ws/-/subscriptions-transport-ws-0.9.15.tgz#68a8b7ba0037d8c489fb2f5a102d1494db297d0d" - integrity sha512-f9eBfWdHsePQV67QIX+VRhf++dn1adyC/PZHP6XI5AfKnZ4n0FW+v5omxwdHVpd4xq2ZijaHEcmlQrhBY79ZWQ== +subscriptions-transport-ws@^0.11.0: + version "0.11.0" + resolved "https://registry.yarnpkg.com/subscriptions-transport-ws/-/subscriptions-transport-ws-0.11.0.tgz#baf88f050cba51d52afe781de5e81b3c31f89883" + integrity sha512-8D4C6DIH5tGiAIpp5I0wD/xRlNiZAPGHygzCe7VzyzUoxHtawzjNAY9SUTXU05/EY2NMY9/9GF0ycizkXr1CWQ== dependencies: backo2 "^1.0.2" eventemitter3 "^3.1.0" iterall "^1.2.1" symbol-observable "^1.0.4" - ws "^5.2.0" + ws "^5.2.0 || ^6.0.0 || ^7.0.0" supports-color@^2.0.0: version "2.0.0" @@ -9036,12 +9031,10 @@ write@^0.2.1: dependencies: mkdirp "^0.5.1" -ws@^5.2.0: - version "5.2.2" - resolved "https://registry.yarnpkg.com/ws/-/ws-5.2.2.tgz#dffef14866b8e8dc9133582514d1befaf96e980f" - integrity sha512-jaHFD6PFv6UgoIVda6qZllptQsMlDEJkTQcybzzXDYM1XO9Y8em691FGMPmM46WGyLU4z9KMgQN+qrux/nhlHA== - dependencies: - async-limiter "~1.0.0" +"ws@^5.2.0 || ^6.0.0 || ^7.0.0": + version "7.5.10" + resolved "https://registry.yarnpkg.com/ws/-/ws-7.5.10.tgz#58b5c20dc281633f6c19113f39b349bd8bd558d9" + integrity sha512-+dbF1tHwZpXcbOJdVOkzLDxZP1ailvSxM6ZweXTegylPny803bFhA+vqBYw4s31NSAk4S2Qz+AKXK9a4wkdjcQ== xdg-basedir@^3.0.0: version "3.0.0"