From 4746c3630618bcbd27401a941c01e0386ec6630d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 20 Feb 2018 02:02:34 +0000 Subject: [PATCH] fix: package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/npm:jasmine-core:20180216 - https://snyk.io/vuln/npm:lodash:20180130 - https://snyk.io/vuln/npm:hoek:20180212 - https://snyk.io/vuln/npm:validator:20180218 - https://snyk.io/vuln/npm:validator:20160218 Latest report for pronouns/main: https://snyk.io/test/github/pronouns/main --- package.json | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 803e795..35ff933 100644 --- a/package.json +++ b/package.json @@ -20,7 +20,10 @@ "postinstall": "bower install --config.interactive=false", "heroku-postbuild": "node node_modules/gulp/bin/gulp build" }, - "cacheDirectories": ["node_modules", "public/lib"], + "cacheDirectories": [ + "node_modules", + "public/lib" + ], "dependencies": { "acl": "^0.4.11", "async": "^2.6.0", @@ -47,8 +50,8 @@ "gulp-rev": "^8.1.1", "helmet": "~0.9.1", "imagemin-pngquant": "^5.0.1", - "jasmine-core": "^2.8.0", - "lodash": "^3.10.0", + "jasmine-core": "^3.0.0", + "lodash": "^4.17.5", "lusca": "^1.5.2", "method-override": "^2.3.10", "mongoose": "^4.13.8", @@ -62,12 +65,12 @@ "passport-local": "^1.0.0", "passport-twitter": "^1.0.2", "phantomjs": ">=1.9.0", - "pushbullet": "^1.4.3", + "pushbullet": "^2.0.0", "request": "^2.83.0", "serve-favicon": "^2.4.5", "socket.io": "^1.7.4", "swig": "^1.4.2", - "validator": "^3.41.2", + "validator": "^9.4.1", "winston": "^2.4.0", "wiredep": "^4.0.0" },