From 0faa87bbba9643b87a9f33d60d9e8652253f8c34 Mon Sep 17 00:00:00 2001 From: DeepSource Bot Date: Mon, 10 Feb 2025 18:25:13 +0000 Subject: [PATCH] =?UTF-8?q?fix(deps):=20update=20npm/remove-files-webpack-?= =?UTF-8?q?plugin=20from=201.5.0=20=E2=86=92=201.5.0=20fix(deps):=20update?= =?UTF-8?q?=20npm/remove-files-webpack-plugin=20from=201.5.0=20=E2=86=92?= =?UTF-8?q?=201.5.0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This pull request addresses security vulnerabilities in this repository by updating dependencies to a safe version. We recommend manually auditing the package manifest files to verify the fixes. ### Upgrade Summary **remove-files-webpack-plugin**: 1.5.0 → 1.5.0 - Fixes [CVE-2022-25883](https://nvd.nist.gov/vuln/detail/CVE-2022-25883) (High severity) - References: - [https://nvd.nist.gov/vuln/detail/CVE-2022-25883](https://nvd.nist.gov/vuln/detail/CVE-2022-25883) - [https://github.com/npm/node-semver/pull/564](https://github.com/npm/node-semver/pull/564) - [https://github.com/npm/node-semver/pull/585](https://github.com/npm/node-semver/pull/585) - [https://github.com/npm/node-semver/pull/593](https://github.com/npm/node-semver/pull/593) - [https://github.com/npm/node-semver/commit/2f8fd41487acf380194579ecb6f8b1bbfe116be0](https://github.com/npm/node-semver/commit/2f8fd41487acf380194579ecb6f8b1bbfe116be0) - [https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441](https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441) - [https://github.com/npm/node-semver/commit/928e56d21150da0413a3333a3148b20e741a920c](https://github.com/npm/node-semver/commit/928e56d21150da0413a3333a3148b20e741a920c) - [https://github.com/npm/node-semver](https://github.com/npm/node-semver) - [https://github.com/npm/node-semver/blob/main/classes/range.js#L97-L104](https://github.com/npm/node-semver/blob/main/classes/range.js#L97-L104) - [https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104](https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104) - [https://github.com/npm/node-semver/blob/main/internal/re.js#L138](https://github.com/npm/node-semver/blob/main/internal/re.js#L138) - [https://github.com/npm/node-semver/blob/main/internal/re.js#L160](https://github.com/npm/node-semver/blob/main/internal/re.js#L160) - [https://github.com/npm/node-semver/blob/main/internal/re.js%23L138](https://github.com/npm/node-semver/blob/main/internal/re.js%23L138) - [https://github.com/npm/node-semver/blob/main/internal/re.js%23L160](https://github.com/npm/node-semver/blob/main/internal/re.js%23L160) - [https://security.netapp.com/advisory/ntap-20241025-0004](https://security.netapp.com/advisory/ntap-20241025-0004) - [https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795](https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795) --- 🤖 This pull request was automatically generated by DeepSource SCA. To view all vulnerabilities in this repository, please visit the [dashboard](https://app.deepsource.one/gh/NewProfoundOrigin/phaser/dependencies/). --- package-lock.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package-lock.json b/package-lock.json index 7ee8342abe..ff837a9151 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "phaser", - "version": "3.80.0-beta.3", + "version": "3.87.0", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "phaser", - "version": "3.80.0-beta.3", + "version": "3.87.0", "license": "MIT", "dependencies": { "eventemitter3": "^5.0.1"