From da4cf17c5136a3271d8e832c0c864d05947f3288 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 5 Apr 2022 19:08:42 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MOMENT-2440688 --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0ac83eb145fdb..04e36ec19c092 100644 --- a/package-lock.json +++ b/package-lock.json @@ -6472,9 +6472,9 @@ } }, "moment": { - "version": "2.27.0", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.27.0.tgz", - "integrity": "sha512-al0MUK7cpIcglMv3YF13qSgdAIqxHTO7brRtaz3DlSULbqfazqkc5kEjNrLDOM7fsjshoFIihnU8snrP7zUvhQ==" + "version": "2.29.2", + "resolved": "https://registry.npmjs.org/moment/-/moment-2.29.2.tgz", + "integrity": "sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg==" }, "moment-timezone": { "version": "0.5.31", diff --git a/package.json b/package.json index b542abb479a9b..aef4bfdfbde54 100644 --- a/package.json +++ b/package.json @@ -61,7 +61,7 @@ "jstimezonedetect": "^1.0.7", "lodash": "^4.17.20", "marked": "^1.1.1", - "moment": "^2.27.0", + "moment": "^2.29.2", "moment-timezone": "^0.5.31", "nextcloud-vue-collections": "^0.8.1", "p-limit": "^3.0.2",