diff options
| author | Takuya Noguchi <takninnovationresearch@gmail.com> | 2019-08-27 10:26:14 +0900 |
|---|---|---|
| committer | Takuya Noguchi <takninnovationresearch@gmail.com> | 2019-08-30 14:55:03 +0900 |
| commit | 1c7587be7d08fae2ed199a71a447b63613705542 (patch) | |
| tree | 296a72b75249d9206f42059e81e3f02aab75d358 | |
| parent | 84064567de1322e8e603f9891e61a9864cb1cbe2 (diff) | |
| download | gitlab-ce-1c7587be7d08fae2ed199a71a447b63613705542.tar.gz | |
Update eslint-utils to 1.4.2
> In eslint-utils before 1.4.1, the getStaticValue function can execute arbitrary code.
- https://github.com/mysticatea/eslint-utils/security/advisories/GHSA-3gx7-xhv7-5mx3
- https://nvd.nist.gov/vuln/detail/CVE-2019-15657
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
| -rw-r--r-- | yarn.lock | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/yarn.lock b/yarn.lock index 78f9b461c36..e63df9de1c7 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4671,9 +4671,11 @@ eslint-scope@^4.0.0: estraverse "^4.1.1" eslint-utils@^1.3.1: - version "1.3.1" - resolved "https://registry.yarnpkg.com/eslint-utils/-/eslint-utils-1.3.1.tgz#9a851ba89ee7c460346f97cf8939c7298827e512" - integrity sha512-Z7YjnIldX+2XMcjr7ZkgEsOj/bREONV60qYeB/bjMAqqqZ4zxKyWX+BOUkdmRmA9riiIPVvo5x86m5elviOk0Q== + version "1.4.2" + resolved "https://registry.yarnpkg.com/eslint-utils/-/eslint-utils-1.4.2.tgz#166a5180ef6ab7eb462f162fd0e6f2463d7309ab" + integrity sha512-eAZS2sEUMlIeCjBeubdj45dmBHQwPHWyBcT1VSYB7o9x9WRRqKxyUoiXlRjyAwzN7YEzHJlYg0NmzDRWx6GP4Q== + dependencies: + eslint-visitor-keys "^1.0.0" eslint-visitor-keys@^1.0.0: version "1.0.0" |