From b6fea7dcd49b0a5ab8fd13f18965c515630691f4 Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Sun, 19 Mar 2023 12:41:13 +0800 Subject: [PATCH] [Snyk] Upgrade moment-timezone from 0.5.40 to 0.5.41 (#2553) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit

Snyk has created this PR to upgrade moment-timezone from 0.5.40 to 0.5.41.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **1 version** ahead of your current version. - The recommended version was released **21 days ago**, on 2023-02-25.
Release notes
Package name: moment-timezone
  • 0.5.41 - 2023-02-25
    • Updated moment npm dependency to 2.29.4 to remove automated warnings about insecure dependencies #1004.
      Moment Timezone still works with core Moment 2.9.0 and higher.
    • Updated all dev dependencies including UglifyJS, which produces the minified builds.
    • Added deprecation warning to the pre-built moment-timezone-with-data-2012-2022 bundles #1035.
      Use the rolling moment-timezone-with-data-10-year-range files instead.
  • 0.5.40 - 2022-12-11
    • Updated data to IANA TZDB 2022g
from moment-timezone GitHub release notes
Commit messages
Package name: moment-timezone
  • 98d3add Build moment-timezone 0.5.41
  • 78cf3ad changelog: Add 0.5.41
  • cd35dc6 Bump version to 0.5.41
  • 76f5a75 Re-number build tasks to match new running order
  • ace9a77 Fix broken badges in README
  • 8080504 Bump moment dependency to 2.29.4 (#1004)
  • 61b14d6 Add deprecation warning to 2012-2022 pre-built files (#1036)
  • fc29369 Bump remaining grunt-contrib packages
  • c83479e tests: Fix guess tests for 2023
  • e501621 Bump y18n from 4.0.0 to 4.0.3 (#1026)
  • 0a7b5dd Bump shelljs and grunt-contrib-jshint (#1025)
  • 6078ad6 Bump ejs and grunt-contrib-nodeunit (#1013)
  • 84e665a Bump qs from 6.5.2 to 6.5.3 (#1021)
  • 5bdbd11 Bump minimatch from 3.0.4 to 3.0.8 (#1016)
  • 8d1a6e1 Bump minimist, mkdirp and handlebars (#1012)
  • cfbbd5c Bump json-schema and jsprim (#1011)
  • 36ccdd3 Bump async from 2.6.2 to 2.6.4 (#1010)
  • 4b38e45 Bump ajv from 6.10.0 to 6.12.6 (#1003)
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/scudette/project/76f4d127-566b-42ef-86f4-bdcbc92b90b4?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/scudette/project/76f4d127-566b-42ef-86f4-bdcbc92b90b4/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/scudette/project/76f4d127-566b-42ef-86f4-bdcbc92b90b4/settings/integration?pkg=moment-timezone&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) --- gui/velociraptor/package-lock.json | 20 ++++++++++---------- gui/velociraptor/package.json | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/gui/velociraptor/package-lock.json b/gui/velociraptor/package-lock.json index 970bdf010e..b05376d323 100644 --- a/gui/velociraptor/package-lock.json +++ b/gui/velociraptor/package-lock.json @@ -16,7 +16,7 @@ "@fortawesome/free-solid-svg-icons": "^6.2.1", "@fortawesome/react-fontawesome": "0.2.0", "@popperjs/core": "^2.11.6", - "ace-builds": "^1.15.2", + "ace-builds": "1.15.2", "axios": ">=1.2.6", "axios-retry": "3.4.0", "bootstrap": "^4.6.2", @@ -33,7 +33,7 @@ "is-svg": "^4.4.0", "lodash": "^4.17.21", "moment": "^2.29.4", - "moment-timezone": "0.5.40", + "moment-timezone": "^0.5.41", "npm-watch": "^0.11.0", "prop-types": "^15.8.1", "qs": "^6.11.0", @@ -6520,11 +6520,11 @@ } }, "node_modules/moment-timezone": { - "version": "0.5.40", - "resolved": "https://registry.npmjs.org/moment-timezone/-/moment-timezone-0.5.40.tgz", - "integrity": "sha512-tWfmNkRYmBkPJz5mr9GVDn9vRlVZOTe6yqY92rFxiOdWXbjaR0+9LwQnZGGuNR63X456NqmEkbskte8tWL5ePg==", + "version": "0.5.41", + "resolved": "https://registry.npmjs.org/moment-timezone/-/moment-timezone-0.5.41.tgz", + "integrity": "sha512-e0jGNZDOHfBXJGz8vR/sIMXvBIGJJcqFjmlg9lmE+5KX1U7/RZNMswfD8nKnNCnQdKTIj50IaRKwl1fvMLyyRg==", "dependencies": { - "moment": ">= 2.9.0" + "moment": "^2.29.4" }, "engines": { "node": "*" @@ -16085,11 +16085,11 @@ "integrity": "sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w==" }, "moment-timezone": { - "version": "0.5.40", - "resolved": "https://registry.npmjs.org/moment-timezone/-/moment-timezone-0.5.40.tgz", - "integrity": "sha512-tWfmNkRYmBkPJz5mr9GVDn9vRlVZOTe6yqY92rFxiOdWXbjaR0+9LwQnZGGuNR63X456NqmEkbskte8tWL5ePg==", + "version": "0.5.41", + "resolved": "https://registry.npmjs.org/moment-timezone/-/moment-timezone-0.5.41.tgz", + "integrity": "sha512-e0jGNZDOHfBXJGz8vR/sIMXvBIGJJcqFjmlg9lmE+5KX1U7/RZNMswfD8nKnNCnQdKTIj50IaRKwl1fvMLyyRg==", "requires": { - "moment": ">= 2.9.0" + "moment": "^2.29.4" } }, "move-concurrently": { diff --git a/gui/velociraptor/package.json b/gui/velociraptor/package.json index 60ab1f02a4..ed5efc1af6 100644 --- a/gui/velociraptor/package.json +++ b/gui/velociraptor/package.json @@ -29,7 +29,7 @@ "is-svg": "^4.4.0", "lodash": "^4.17.21", "moment": "^2.29.4", - "moment-timezone": "0.5.40", + "moment-timezone": "0.5.41", "npm-watch": "^0.11.0", "prop-types": "^15.8.1", "qs": "^6.11.0",