From 13404df2679461282e35ee7a27da1435a57341d4 Mon Sep 17 00:00:00 2001 From: Joe Previte Date: Wed, 3 Nov 2021 14:09:31 -0700 Subject: [PATCH] chore(deps): fix issues identified by audit-ci (#4438) * fix(deps): ansi-regex issue * fix(deps): upgrade tar to safe version * chore(deps): fix vm2 issue * fix(ci): increase timeout for audit-ci to 15 --- .github/workflows/ci.yaml | 2 +- package.json | 5 +++-- yarn.lock | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 60a44a5dd..5c5e91fb9 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -60,7 +60,7 @@ jobs: name: Run audit-ci needs: prebuild runs-on: ubuntu-latest - timeout-minutes: 5 + timeout-minutes: 15 steps: - name: Checkout repo uses: actions/checkout@v2 diff --git a/package.json b/package.json index ec4882bf1..7babaa8e2 100644 --- a/package.json +++ b/package.json @@ -75,8 +75,9 @@ "browserslist": "^4.16.5", "safe-buffer": "^5.1.1", "vfile-message": "^2.0.2", - "argon2/@mapbox/node-pre-gyp/tar": "^6.1.9", - "path-parse": "^1.0.7" + "tar": "^6.1.9", + "path-parse": "^1.0.7", + "vm2": "^3.9.4" }, "dependencies": { "@coder/logger": "1.1.16", diff --git a/yarn.lock b/yarn.lock index 410eb9415..3015bb9aa 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4534,7 +4534,7 @@ vfile@^4.0.0: unist-util-stringify-position "^2.0.0" vfile-message "^2.0.0" -vm2@^3.9.3: +vm2@^3.9.3, vm2@^3.9.4: version "3.9.5" resolved "https://registry.yarnpkg.com/vm2/-/vm2-3.9.5.tgz#5288044860b4bbace443101fcd3bddb2a0aa2496" integrity sha512-LuCAHZN75H9tdrAiLFf030oW7nJV5xwNMuk1ymOZwopmuK3d2H4L1Kv4+GFHgarKiLfXXLFU+7LDABHnwOkWng==