From 84aa6e975c8dc06f0c3d27ef376c56b447411700 Mon Sep 17 00:00:00 2001 From: "opensearch-trigger-bot[bot]" <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Date: Tue, 7 Mar 2023 10:31:16 -0800 Subject: [PATCH] [CVE-2021-23807] Bump jsonpointer from 4.1.0 to 5.0.1 (#3535) (#3543) * [CVE-2021-23807] Bump jsonpointer from 4.1.0 to 5.0.1 Signed-off-by: Josh Romero (cherry picked from commit 3f6b696c9f62796b4b01653a84bf0e39d93fd1a3) Signed-off-by: github-actions[bot] # Conflicts: # CHANGELOG.md Co-authored-by: github-actions[bot] --- package.json | 3 ++- yarn.lock | 8 ++++---- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index e9fd20aadd76..a2b8a955818a 100644 --- a/package.json +++ b/package.json @@ -118,7 +118,8 @@ "**/unset-value": "^2.0.1", "**/jest-config": "npm:@amoo-miki/jest-config@26.4.2-rc.1", "**/jest-jasmine2": "npm:@amoo-miki/jest-jasmine2@26.4.2-rc.1", - "**/minimatch": "^3.0.5" + "**/minimatch": "^3.0.5", + "**/jsonpointer": "^5.0.0" }, "workspaces": { "packages": [ diff --git a/yarn.lock b/yarn.lock index bfd9bdc7b681..ff38418a1b14 100644 --- a/yarn.lock +++ b/yarn.lock @@ -13417,10 +13417,10 @@ jsonparse@^1.2.0: resolved "https://registry.yarnpkg.com/jsonparse/-/jsonparse-1.3.1.tgz#3f4dae4a91fac315f71062f8521cc239f1366280" integrity sha1-P02uSpH6wxX3EGL4UhzCOfE2YoA= -jsonpointer@^4.0.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/jsonpointer/-/jsonpointer-4.1.0.tgz#501fb89986a2389765ba09e6053299ceb4f2c2cc" - integrity sha512-CXcRvMyTlnR53xMcKnuMzfCA5i/nfblTnnr74CZb6C4vG39eu6w51t7nKmU5MfLfbTgGItliNyjO/ciNPDqClg== +jsonpointer@^4.0.0, jsonpointer@^5.0.0: + version "5.0.1" + resolved "https://registry.yarnpkg.com/jsonpointer/-/jsonpointer-5.0.1.tgz#2110e0af0900fd37467b5907ecd13a7884a1b559" + integrity sha512-p/nXbhSEcu3pZRdkW1OfJhpsVtW1gd4Wa1fnQc9YLiTfAjn0312eMKimbdIQzuZl9aa9xUGaRlP9T/CJE/ditQ== jsprim@^1.2.2: version "1.4.1"