Commit e549a7fb authored by Takuya Noguchi's avatar Takuya Noguchi

Update mixin-deep to 1.3.2

To address a Prototype Pollution vulnerability,
which exists in `mixin-deep` package, versions
`>=2.0.0 <2.0.1 || <1.3.2` (CVE-2019-10746).

- Diff: https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2
- Synk ID: https://app.snyk.io/vuln/SNYK-JS-MIXINDEEP-450212Signed-off-by: default avatarTakuya Noguchi <takninnovationresearch@gmail.com>
parent 8775e4a1
---
title: Update mixin-deep to 1.3.2
merge_request: 30223
author: Takuya Noguchi
type: other
...@@ -7534,9 +7534,9 @@ mississippi@^3.0.0: ...@@ -7534,9 +7534,9 @@ mississippi@^3.0.0:
through2 "^2.0.0" through2 "^2.0.0"
mixin-deep@^1.2.0: mixin-deep@^1.2.0:
version "1.3.1" version "1.3.2"
resolved "https://registry.yarnpkg.com/mixin-deep/-/mixin-deep-1.3.1.tgz#a49e7268dce1a0d9698e45326c5626df3543d0fe" resolved "https://registry.yarnpkg.com/mixin-deep/-/mixin-deep-1.3.2.tgz#1120b43dc359a785dce65b55b82e257ccf479566"
integrity sha512-8ZItLHeEgaqEvd5lYBXfm4EZSFCX29Jb9K+lAHhDKzReKBQKj3R+7NOF6tjqYi9t4oI8VUfaWITJQm86wnXGNQ== integrity sha512-WRoDn//mXBiJ1H40rqa3vH0toePwSsGb45iInWlTySa+Uu4k3tYUSxa2v1KqAiLtvlrSzaExqS1gtk96A9zvEA==
dependencies: dependencies:
for-in "^1.0.2" for-in "^1.0.2"
is-extendable "^1.0.1" is-extendable "^1.0.1"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment