Skip to content

Commit

Permalink
package-lock.json: update json5 to v2.2.3
Browse files Browse the repository at this point in the history 
This is dev dependency.

CVE-2022-46175

$ npm audit

json5  <2.2.2
Severity: high
Prototype Pollution in JSON5 via Parse Method - GHSA-9c47-m6qq-7p4h
fix available via `npm audit fix`
node_modules/json5

1 high severity vulnerability

$ npm ls json5
[email protected] /Users/hakim/projects/vscode-go
└─┬ [email protected]
  └── [email protected]

Change-Id: I5398807b0070fb25baf30fd0c809f20d3b21501d
Reviewed-on: https://go-review.googlesource.com/c/vscode-go/+/459565
Run-TryBot: Hyang-Ah Hana Kim <[email protected]>
Reviewed-by: Jamal Carvalho <[email protected]>
TryBot-Result: kokoro <[email protected]>
  • Loading branch information
@hyangah
hyangah committed Jan 4, 2023
1 parent ff1e8cf commit 28ed01d
Showing 1 changed file with 7 additions and 13 deletions.
20 changes: 7 additions & 13 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 28ed01d

Please sign in to comment.