From 9e15e488ff1d622e70fe4d63a51b28989ad4151c Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 26 Sep 2022 20:38:37 +0000
Subject: [PATCH] fix: packages/@vue/cli/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-APOLLOSERVERCORE-2928764
- https://snyk.io/vuln/SNYK-JS-EJS-1049328
- https://snyk.io/vuln/SNYK-JS-EJS-2803307
- https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
---
 packages/@vue/cli/package.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/packages/@vue/cli/package.json b/packages/@vue/cli/package.json
index 4433c47534..db82be254a 100644
--- a/packages/@vue/cli/package.json
+++ b/packages/@vue/cli/package.json
@@ -25,7 +25,7 @@
   },
   "dependencies": {
     "@vue/cli-shared-utils": "^4.0.0-rc.1",
-    "@vue/cli-ui": "^4.0.0-rc.1",
+    "@vue/cli-ui": "^5.0.7",
     "@vue/cli-ui-addon-webpack": "^4.0.0-rc.1",
     "@vue/cli-ui-addon-widgets": "^4.0.0-rc.1",
     "chalk": "^2.4.1",
@@ -35,11 +35,11 @@
     "deepmerge": "^3.2.0",
     "didyoumean": "^1.2.1",
     "download-git-repo": "^1.0.2",
-    "ejs": "^2.6.1",
+    "ejs": "^3.1.7",
     "envinfo": "^7.2.0",
     "execa": "^1.0.0",
     "fs-extra": "^7.0.1",
-    "globby": "^9.2.0",
+    "globby": "^10.0.0",
     "import-global": "^0.1.0",
     "inquirer": "^6.3.1",
     "isbinaryfile": "^4.0.0",