From 7644a84ecb9dc904680548c9534a898566c1ccbe Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 29 Apr 2023 14:24:49 +0000 Subject: [PATCH 1/2] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELECTRON-5462056 --- package-lock.json | 14 +++++++------- package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 813aea19a959..1033e1f429de 100644 --- a/package-lock.json +++ b/package-lock.json @@ -140,7 +140,7 @@ "css-loader": "^6.7.2", "diff-so-fancy": "^1.3.0", "dotenv": "^16.0.3", - "electron": "22.3.6", + "electron": "^22.3.7", "electron-builder": "23.5.0", "electron-notarize": "^1.2.1", "eslint": "^7.6.0", @@ -21165,9 +21165,9 @@ } }, "node_modules/electron": { - "version": "22.3.6", - "resolved": "https://registry.npmjs.org/electron/-/electron-22.3.6.tgz", - "integrity": "sha512-/1/DivFHH5AWa/uOuqpkeg12/jjicjkBU8kYv70oeqRFwXzoyuJhgwlzER4jZXnbGjF5Nxz9900oXq/QzAViAw==", + "version": "22.3.7", + "resolved": "https://registry.npmjs.org/electron/-/electron-22.3.7.tgz", + "integrity": "sha512-QUuRCl0QJk0w2yPAQXl6sk4YV1b9353w4e1eO/fF2OUmrGQV9Fy2pEpEDV1PIq/JJ/oeVVlI3H07LHpEcNb0TA==", "dev": true, "hasInstallScript": true, "dependencies": { @@ -55511,9 +55511,9 @@ } }, "electron": { - "version": "22.3.6", - "resolved": "https://registry.npmjs.org/electron/-/electron-22.3.6.tgz", - "integrity": "sha512-/1/DivFHH5AWa/uOuqpkeg12/jjicjkBU8kYv70oeqRFwXzoyuJhgwlzER4jZXnbGjF5Nxz9900oXq/QzAViAw==", + "version": "22.3.7", + "resolved": "https://registry.npmjs.org/electron/-/electron-22.3.7.tgz", + "integrity": "sha512-QUuRCl0QJk0w2yPAQXl6sk4YV1b9353w4e1eO/fF2OUmrGQV9Fy2pEpEDV1PIq/JJ/oeVVlI3H07LHpEcNb0TA==", "dev": true, "requires": { "@electron/get": "^2.0.0", diff --git a/package.json b/package.json index c8340c932f5d..83321c9814b1 100644 --- a/package.json +++ b/package.json @@ -173,7 +173,7 @@ "css-loader": "^6.7.2", "diff-so-fancy": "^1.3.0", "dotenv": "^16.0.3", - "electron": "22.3.6", + "electron": "22.3.7", "electron-builder": "23.5.0", "electron-notarize": "^1.2.1", "eslint": "^7.6.0", From a3abebb6e388d7615ff1c93a91733d1f60c1345b Mon Sep 17 00:00:00 2001 From: Brandon Stites Date: Tue, 2 May 2023 12:55:08 -0600 Subject: [PATCH 2/2] Match lock to our npm install --- package-lock.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package-lock.json b/package-lock.json index 1033e1f429de..dc720b150f53 100644 --- a/package-lock.json +++ b/package-lock.json @@ -140,7 +140,7 @@ "css-loader": "^6.7.2", "diff-so-fancy": "^1.3.0", "dotenv": "^16.0.3", - "electron": "^22.3.7", + "electron": "22.3.7", "electron-builder": "23.5.0", "electron-notarize": "^1.2.1", "eslint": "^7.6.0",