From 03f0b3131f3f3196ba338d68a1d76a85297c4da9 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 27 Jan 2026 00:16:17 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DIFF-14917201 - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 --- package.json | 4 ++-- yarn.lock | 20 ++++++++++---------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/package.json b/package.json index 8456a2687..256ba5bcb 100644 --- a/package.json +++ b/package.json @@ -72,7 +72,7 @@ "csvtojson": "^2.0.10", "debug": "^4.1.1", "dotenv": "^4.0.0", - "elasticsearch": "^16.6.0", + "elasticsearch": "^16.7.3", "erxes-inmemory-storage": "^1.0.16", "erxes-message-broker": "^1.0.17", "erxes-telemetry": "^1.0.4", @@ -106,7 +106,7 @@ "sha256": "^0.2.0", "shelljs": "^0.8.3", "strip": "^3.0.0", - "ts-node": "8.0.3", + "ts-node": "8.1.1", "underscore": "^1.8.3", "uuid": "^3.3.3", "uuid-by-string": "^3.0.2", diff --git a/yarn.lock b/yarn.lock index 8ccfaa281..bdad6f352 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3551,7 +3551,7 @@ diff-sequences@^24.9.0: resolved "https://registry.yarnpkg.com/diff-sequences/-/diff-sequences-24.9.0.tgz#5715d6244e2aa65f48bba0bc972db0b0b11e95b5" integrity sha512-Dj6Wk3tWyTE+Fo1rW8v0Xhwk80um6yFYKbuAxc9c3EZxIHFDYwbi34Uk42u1CdnIiVorvt4RmlSDjIPyzGC2ew== -diff@^3.1.0, diff@^3.2.0, diff@^3.5.0: +diff@^3.2.0, diff@^3.5.0: version "3.5.0" resolved "https://registry.yarnpkg.com/diff/-/diff-3.5.0.tgz#800c0dd1e0a8bfbc95835c202ad220fe317e5a12" integrity sha512-A46qtFgd+g7pDZinpnwiRJtxbC1hpgf0uzP3iG89scHk0AUC7A1TGxf5OiiOUv/JMZR8GOt8hL900hV0bOy5xA== @@ -3669,10 +3669,10 @@ ee-first@1.1.1: resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0= -elasticsearch@^16.6.0: - version "16.6.0" - resolved "https://registry.yarnpkg.com/elasticsearch/-/elasticsearch-16.6.0.tgz#ba6b6096269f205f6fcde4171424dcd67229febe" - integrity sha512-MhsdE2JaBJoV1EGzSkCqqhNGxafXJuhPr+eD3vbXmsk/QWhaiU12oyXF0VhjcL8+UlwTHv0CAUbyjtE1wqoIdw== +elasticsearch@^16.7.3: + version "16.7.3" + resolved "https://registry.yarnpkg.com/elasticsearch/-/elasticsearch-16.7.3.tgz#bf0e1cc129ab2e0f06911953a1b1f3c740715fab" + integrity sha512-e9kUNhwnIlu47fGAr4W6yZJbkpsgQJB0TqNK8rCANe1J4P65B1sGnbCFTgcKY3/dRgCWnuP1AJ4obvzW604xEQ== dependencies: agentkeepalive "^3.4.1" chalk "^1.0.0" @@ -10190,13 +10190,13 @@ ts-node@*: source-map-support "^0.5.6" yn "3.1.1" -ts-node@8.0.3: - version "8.0.3" - resolved "https://registry.yarnpkg.com/ts-node/-/ts-node-8.0.3.tgz#aa60b836a24dafd8bf21b54766841a232fdbc641" - integrity sha512-2qayBA4vdtVRuDo11DEFSsD/SFsBXQBRZZhbRGSIkmYmVkWjULn/GGMdG10KVqkaGndljfaTD8dKjWgcejO8YA== +ts-node@8.1.1: + version "8.1.1" + resolved "https://registry.yarnpkg.com/ts-node/-/ts-node-8.1.1.tgz#2b9621934a0471f0e13c1b75be54ee0f46c31479" + integrity sha512-nd+mdxDP2BjQlyumBCMSU3IQLEjSla1X3uSzDfQ4M5OEZ3iDC01gjhs0FX29jyolATwLKB7YoRJ1Asbxd9EEoA== dependencies: arg "^4.1.0" - diff "^3.1.0" + diff "^4.0.1" make-error "^1.1.1" source-map-support "^0.5.6" yn "^3.0.0"