Merge pull request #36 from thiagoolsilva/improv-library-vulnerability

improv(libraryVulnerability): updated library version to avoid vulner…
thiagoolsilva · Jan 29, 2022 · 01602f5 · 01602f5
2 parents 5329445 + 4067980
commit 01602f5
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 16 deletions.
diff --git a/batect.yml b/batect.yml
@@ -9,9 +9,6 @@ containers:
       - local: ~/.ssh/
         container: /home/container-user/.ssh/
         options: cached
-      - local: ~/.ssh/
-        container: /home/container-user/.ssh/
-        options: cached
       - local: ~/.gitconfig
         container: /home/container-user/.gitconfig
         options: cached
@@ -40,7 +37,7 @@ tasks:
     description: Build code
     run:
       container: node-build-env
-      command: bash -c "npm install && yarn projects:bootstrap"
+      command: bash -c "yarn install && yarn projects:bootstrap"
   clean:
     group: Build
     description: Clean project builds

diff --git a/package.json b/package.json
@@ -52,7 +52,7 @@
     "prettier": "2.4.1",
     "pretty-quick": "3.1.1",
     "rimraf": "3.0.2",
-    "shelljs": "0.8.4",
+    "shelljs": "0.8.5",
     "ts-jest": "27.0.5",
     "ts-loader": "9.2.5",
     "ts-node": "10.2.1",
@@ -61,7 +61,8 @@
     "webpack-cli": "4.9.1"
   },
   "resolutions": {
-    "ansi-regex": "^5.0.1",
-    "json-schema": "0.4.0"
+    "json-schema": "0.4.0",
+    "ansi-regex": "5.0.1",
+    "lerna/node-fetch": "2.6.7"
   }
 }
diff --git a/yarn.lock b/yarn.lock
@@ -2128,7 +2128,7 @@ ansi-escapes@^4.2.1:
   dependencies:
     type-fest "^0.21.3"
 
-ansi-regex@^2.0.0, ansi-regex@^3.0.0, ansi-regex@^5.0.0, ansi-regex@^5.0.1:
+ansi-regex@5.0.1, ansi-regex@^2.0.0, ansi-regex@^3.0.0, ansi-regex@^5.0.0, ansi-regex@^5.0.1:
   version "5.0.1"
   resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-5.0.1.tgz#082cb2c89c9fe8659a311a53bd6a4dc5301db304"
   integrity sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==
@@ -5557,10 +5557,10 @@ neo-async@^2.6.0, neo-async@^2.6.2:
   resolved "https://registry.yarnpkg.com/neo-async/-/neo-async-2.6.2.tgz#b4aafb93e3aeb2d8174ca53cf163ab7d7308305f"
   integrity sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==
 
-node-fetch@^2.6.1:
-  version "2.6.5"
-  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.5.tgz#42735537d7f080a7e5f78b6c549b7146be1742fd"
-  integrity sha512-mmlIVHJEu5rnIxgEgez6b9GgWXbkZj5YZ7fx+2r94a2E+Uirsp6HsPTPlomfdHtpt/B0cdKviwkoaM6pyvUOpQ==
+node-fetch@2.6.7, node-fetch@^2.6.1:
+  version "2.6.7"
+  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.7.tgz#24de9fba827e3b4ae44dc8b20256a379160052ad"
+  integrity sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==
   dependencies:
     whatwg-url "^5.0.0"
 
@@ -6678,10 +6678,10 @@ shebang-regex@^3.0.0:
   resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-3.0.0.tgz#ae16f1644d873ecad843b0307b143362d4c42172"
   integrity sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==
 
-[email protected].4:
-  version "0.8.4"
-  resolved "https://registry.yarnpkg.com/shelljs/-/shelljs-0.8.4.tgz#de7684feeb767f8716b326078a8a00875890e3c2"
-  integrity sha512-7gk3UZ9kOfPLIAbslLzyWeGiEqx9e3rxwZM0KE6EL8GlGwjym9Mrlx5/p33bWTu9YG6vcS4MBxYZDHYr5lr8BQ==
+[email protected].5:
+  version "0.8.5"
+  resolved "https://registry.yarnpkg.com/shelljs/-/shelljs-0.8.5.tgz#de055408d8361bed66c669d2f000538ced8ee20c"
+  integrity sha512-TiwcRcrkhHvbrZbnRcFYMLl30Dfov3HKqzp5tO5b4pt6G/SezKcYhmDg15zXVBswHmctSAQKznqNW2LO5tTDow==
   dependencies:
     glob "^7.0.0"
     interpret "^1.0.0"