From 6fd948636d41c240d45b7969994b55e9f0d9a977 Mon Sep 17 00:00:00 2001 From: Lucas Di Pentima Date: Tue, 7 Apr 2020 16:54:45 -0300 Subject: [PATCH] 16029: Force cypress to request minimist 1.2.5 instead of vulnerable 1.2.0 Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima --- package.json | 3 ++- yarn.lock | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index bbbd6bf4..9a68f9e8 100644 --- a/package.json +++ b/package.json @@ -110,6 +110,7 @@ "react-scripts-ts/webpack-dev-server": "^2.11.4", "react-scripts-ts/**/**/**/**/js-yaml": "^3.13.1", "react-scripts-ts/uglifyjs-webpack-plugin/serialize-javascript": "^2.1.1", - "webpack/terser-webpack-plugin/serialize-javascript": "^2.1.1" + "webpack/terser-webpack-plugin/serialize-javascript": "^2.1.1", + "cypress/minimist": "1.2.5" } } diff --git a/yarn.lock b/yarn.lock index 917a0b25..b78ab876 100644 --- a/yarn.lock +++ b/yarn.lock @@ -7161,7 +7161,7 @@ minimist@0.0.8: resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d" integrity sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0= -minimist@^1.1.0, minimist@^1.1.1, minimist@^1.1.3, minimist@^1.2.0, minimist@^1.2.5: +minimist@1.2.0, minimist@1.2.5, minimist@^1.1.0, minimist@^1.1.1, minimist@^1.1.3, minimist@^1.2.0, minimist@^1.2.5: version "1.2.5" resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.5.tgz#67d66014b66a6a8aaa0c083c5fd58df4e4e97602" integrity sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw== -- 2.30.2