From b56e0a6eaff2c362a73945fa5d9de9342095d3cb Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 22 May 2022 18:31:05 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXTAUTH-2841457 --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 725f294..869a6d5 100644 --- a/package.json +++ b/package.json @@ -37,7 +37,7 @@ "mdx-bundler": "^9.0.0", "mdx-embed": "^0.0.22", "next": "12.1.5", - "next-auth": "^4.3.2", + "next-auth": "^4.3.4", "next-pwa": "^5.4.1", "next-seo": "4.28.1", "next-themes": "0.1.1", diff --git a/yarn.lock b/yarn.lock index 33fbfb9..250fb84 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5933,10 +5933,10 @@ negotiator@0.6.2: resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.2.tgz#feacf7ccf525a77ae9634436a64883ffeca346fb" integrity sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw== -next-auth@^4.3.2: - version "4.3.2" - resolved "https://registry.yarnpkg.com/next-auth/-/next-auth-4.3.2.tgz#eb4976511fb19766d0397bd4de45eee87c5c1998" - integrity sha512-yj9HN9p81Fg3dkrq4Y0FxjfgupiABac7o+ve47j5GPLjo1qE2FFX1pr7g7mwQ1HDUCoGhLmgBpFBR8+pdWgFfQ== +next-auth@^4.3.4: + version "4.3.4" + resolved "https://registry.yarnpkg.com/next-auth/-/next-auth-4.3.4.tgz#7b241e34e1f68632768cef8ee289e33256cb2b19" + integrity sha512-8dGkNicbxY2BYsJq4uOJIEsGt39wXj5AViTBsVfbRQqtAFmZmXYHutf90VBmobm8rT2+Xl60HDUTkuVVK+x+xw== dependencies: "@babel/runtime" "^7.16.3" "@panva/hkdf" "^1.0.1"