From 423715f3e27ad1fc5acc532b3903695bc142d2fd Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 11 Jan 2025 06:08:27 +0000 Subject: [PATCH] fix: upgrade dotenv from 16.0.1 to 16.4.7 Snyk has created this PR to upgrade dotenv from 16.0.1 to 16.4.7. See this package in yarn: dotenv See this project in Snyk: https://app.snyk.io/org/engineering-container-scanning/project/7c878086-b464-471b-a251-ab2bb8099cc4?utm_source=github&utm_medium=referral&page=upgrade-pr --- package.json | 2 +- yarn.lock | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 3a42fedeb..ee491420c 100644 --- a/package.json +++ b/package.json @@ -82,7 +82,7 @@ "cookie-session": "^2.0.0", "csurf": "^1.11.0", "date-fns": "^1.29.0", - "dotenv": "^16.0.1", + "dotenv": "^16.4.7", "dotenv-expand": "^8.0.3", "dumpme": "^1.0.3", "event-loop-lag": "^1.4.0", diff --git a/yarn.lock b/yarn.lock index cae4ecd2f..2d3034bf7 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3116,11 +3116,16 @@ dotenv-expand@^8.0.1, dotenv-expand@^8.0.3: resolved "https://registry.npmjs.org/dotenv-expand/-/dotenv-expand-8.0.3.tgz#29016757455bcc748469c83a19b36aaf2b83dd6e" integrity sha512-SErOMvge0ZUyWd5B0NXMQlDkN+8r+HhVUsxgOO7IoPDOdDRD2JjExpN6y3KnFR66jsJMwSn1pqIivhU5rcJiNg== -dotenv@^16.0.0, dotenv@^16.0.1: +dotenv@^16.0.0: version "16.0.1" resolved "https://registry.npmjs.org/dotenv/-/dotenv-16.0.1.tgz#8f8f9d94876c35dac989876a5d3a82a267fdce1d" integrity sha512-1K6hR6wtk2FviQ4kEiSjFiH5rpzEVi8WW0x96aztHVMhEspNpc4DVOUTEHtEva5VThQ8IaBX1Pe4gSzpVVUsKQ== +dotenv@^16.4.7: + version "16.4.7" + resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-16.4.7.tgz#0e20c5b82950140aa99be360a8a5f52335f53c26" + integrity sha512-47qPchRCykZC03FhkYAhrvwU4xDBFIj1QPqaarj6mdM/hgUzfPHcpkHJOn3mJAufFeeAxAzeGsr5X0M4k6fLZQ== + dottie@^2.0.2: version "2.0.4" resolved "https://registry.yarnpkg.com/dottie/-/dottie-2.0.4.tgz#9ce42965f45e577a6fa7d988d47852fac70c4e82"