Merge pull request #17708 from bigbluebutton/snyk-fix-481323b5bee22ad9812154adaddc62a3

[Snyk] Security upgrade yaml from 1.10.2 to 2.2.2
2023-05-03 11:21:28 -04:00 · 2023-05-03 11:21:28 -04:00 · 8fa2507d6c
commit 8fa2507d6c
parent da50d3b728 b024f62c55
2 changed files with 12 additions and 4 deletions
--- a/bigbluebutton-html5/package-lock.json
+++ b/bigbluebutton-html5/package-lock.json
@ -4282,6 +4282,14 @@
            "parse-json": "^5.0.0",
            "path-type": "^4.0.0",
            "yaml": "^1.10.0"
+          },
+          "dependencies": {
+            "yaml": {
+              "version": "1.10.2",
+              "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz",
+              "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==",
+              "dev": true
+            }
          }
        },
        "debug": {
@ -7186,9 +7194,9 @@
      "dev": true
    },
    "yaml": {
-      "version": "1.10.2",
-      "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz",
-      "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg=="
+      "version": "2.2.2",
+      "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.2.2.tgz",
+      "integrity": "sha512-CBKFWExMn46Foo4cldiChEzn7S7SRV+wqiluAb6xmueD/fGyRHIhX8m14vVGgeFWjN540nKCNVj6P21eQjgTuA=="
    },
    "zen-observable": {
      "version": "0.8.15",
--- a/bigbluebutton-html5/package.json
+++ b/bigbluebutton-html5/package.json
@ -93,7 +93,7 @@
    "wasm-check": "^2.0.3",
    "webrtc-adapter": "^8.1.1",
    "winston": "^3.7.2",
-    "yaml": "^1.7.2"
+    "yaml": "^2.2.2"
  },
  "devDependencies": {
    "chai": "~4.2.0",