From 04f5bab2baa848f207eeb228a9d5e837564d296f Mon Sep 17 00:00:00 2001
From: amanraj2520 <rajaman@microsoft.com>
Date: Thu, 16 Jun 2022 11:52:01 +0530
Subject: [PATCH] [TEZ-4424][CVE-2021-3918] Upgrade json-schema from 0.2.3 to
 0.4.0 to fix the vulnerability

---
 tez-ui/src/main/webapp/package.json | 3 ++-
 tez-ui/src/main/webapp/yarn.lock    | 6 +++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/tez-ui/src/main/webapp/package.json b/tez-ui/src/main/webapp/package.json
index 47ac36c110..c5e8e8d6f0 100644
--- a/tez-ui/src/main/webapp/package.json
+++ b/tez-ui/src/main/webapp/package.json
@@ -66,6 +66,7 @@
   "resolutions": {
     "**/form-data/async": "2.6.4",
     "**/mkdirp/minimist": "1.2.6",
-    "**/optimist/minimist": "1.2.6"
+    "**/optimist/minimist": "1.2.6",
+    "**/jsprim/json-schema": "0.4.0"
   }
 }
diff --git a/tez-ui/src/main/webapp/yarn.lock b/tez-ui/src/main/webapp/yarn.lock
index 32030ce87a..b9f1220508 100644
--- a/tez-ui/src/main/webapp/yarn.lock
+++ b/tez-ui/src/main/webapp/yarn.lock
@@ -2789,9 +2789,9 @@ json-parse-helpfulerror@^1.0.2:
   dependencies:
     jju "^1.1.0"
 
-json-schema@0.2.3:
-  version "0.2.3"
-  resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13"
+json-schema@0.2.3, json-schema@0.4.0:
+  version "0.4.0"
+  resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.4.0.tgz#f7de4cf6efab838ebaeb3236474cbba5a1930ab5"
 
 json-stable-stringify@^1.0.0, json-stable-stringify@^1.0.1:
   version "1.0.1"