From 5d7dee7d01f0bc5ef398d321f0468aa8ba2c6fdd Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 10 Jul 2026 07:04:27 +0000 Subject: [PATCH] fix: ui/package.json & ui/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-17900054 --- ui/package-lock.json | 18 ++++++++++++++---- ui/package.json | 2 +- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/ui/package-lock.json b/ui/package-lock.json index 3a2bb511c..8dfc7dfd7 100644 --- a/ui/package-lock.json +++ b/ui/package-lock.json @@ -31,7 +31,7 @@ "isomorphic-unfetch": "^3.1.0", "jest": "^30.0.0", "js-sha256": "^0.9.0", - "js-yaml": "^4.1.1", + "js-yaml": "^4.3.0", "mini-css-extract-plugin": "^2.9.4", "moment": "^2.30.1", "npm-run-all": "^4.1.5", @@ -17374,9 +17374,19 @@ "license": "MIT" }, "node_modules/js-yaml": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz", - "integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==", + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.3.0.tgz", + "integrity": "sha512-1td788aAnnZ5qs7V2QIRl1owjtYpbKt749Y3xauqQgwIIGF/xXWz1wMTEBx5O3LK3lXLVuqXPdPxj2BoFHaW9Q==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/puzrin" + }, + { + "type": "github", + "url": "https://github.com/sponsors/nodeca" + } + ], "license": "MIT", "dependencies": { "argparse": "^2.0.1" diff --git a/ui/package.json b/ui/package.json index 18afab031..6370ba6ea 100644 --- a/ui/package.json +++ b/ui/package.json @@ -26,7 +26,7 @@ "isomorphic-unfetch": "^3.1.0", "jest": "^30.0.0", "js-sha256": "^0.9.0", - "js-yaml": "^4.1.1", + "js-yaml": "^4.3.0", "mini-css-extract-plugin": "^2.9.4", "moment": "^2.30.1", "npm-run-all": "^4.1.5",