From d9170f26cf3ca4a49b0b21ee4f37b4bcd3adfbf3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 16 Apr 2023 00:57:03 +0000 Subject: [PATCH] chore: Bump helmet from 4.6.0 to 6.1.5 in /server Bumps [helmet](https://github.com/helmetjs/helmet) from 4.6.0 to 6.1.5. - [Release notes](https://github.com/helmetjs/helmet/releases) - [Changelog](https://github.com/helmetjs/helmet/blob/main/CHANGELOG.md) - [Commits](https://github.com/helmetjs/helmet/compare/v4.6.0...v6.1.5) --- updated-dependencies: - dependency-name: helmet dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- server/package.json | 2 +- server/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/server/package.json b/server/package.json index d5dff7aa96..5c0d6ac1a2 100644 --- a/server/package.json +++ b/server/package.json @@ -7,7 +7,7 @@ "express-hbs": "2.4.0", "fs-extra": "10.1.0", "handlebars": "4.7.7", - "helmet": "4.6.0", + "helmet": "6.1.5", "helmet-csp": "3.4.0", "http-proxy-middleware": "2.0.6", "logdown": "3.3.1", diff --git a/server/yarn.lock b/server/yarn.lock index 491ccbee90..7049baa367 100644 --- a/server/yarn.lock +++ b/server/yarn.lock @@ -2300,10 +2300,10 @@ helmet-csp@3.4.0: resolved "https://registry.yarnpkg.com/helmet-csp/-/helmet-csp-3.4.0.tgz#7fdd0b0274cd90a64664e2ed8e48f9a430037233" integrity sha512-a+YgzWw6dajqhQfb6ktxil0FsQuWTKzrLSUfy55dxS8fuvl1jidTIMPZ2udN15mjjcpBPgTHNHGF5tyWKYyR8w== -helmet@*, helmet@4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/helmet/-/helmet-4.6.0.tgz#579971196ba93c5978eb019e4e8ec0e50076b4df" - integrity sha512-HVqALKZlR95ROkrnesdhbbZJFi/rIVSoNq6f3jA/9u6MIbTsPh3xZwihjeI5+DO/2sOV6HMHooXcEOuwskHpTg== +helmet@*, helmet@6.1.5: + version "6.1.5" + resolved "https://registry.yarnpkg.com/helmet/-/helmet-6.1.5.tgz#2153387f6d73cce6efdfd85d3a65417cfb7db80c" + integrity sha512-UgAvdoG0BhF9vcCh/j0bWtElo2ZHHk6OzC98NLCM6zK03DEVSM0vUAtT7iR+oTo2Mi6sGelAH3tL6B/uUWxV4g== html-entities@^2.1.0: version "2.3.2"