From 4d751fb37cf6461492dd6e73fb73f98c5ba9e654 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 7 Jul 2022 19:53:02 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXTAUTH-2944244 --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 605d7cc..d0d2c3f 100644 --- a/package.json +++ b/package.json @@ -37,7 +37,7 @@ "mdx-bundler": "^9.0.0", "mdx-embed": "^0.0.22", "next": "12.1.5", - "next-auth": "^4.3.3", + "next-auth": "^4.9.0", "next-pwa": "^5.4.1", "next-seo": "4.28.1", "next-themes": "0.1.1", diff --git a/yarn.lock b/yarn.lock index c4743f2..827bffb 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5926,10 +5926,10 @@ negotiator@0.6.2: resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.2.tgz#feacf7ccf525a77ae9634436a64883ffeca346fb" integrity sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw== -next-auth@^4.3.3: - version "4.3.3" - resolved "https://registry.yarnpkg.com/next-auth/-/next-auth-4.3.3.tgz#5ff892e73648a0f33c2af0e9d7cafda729f63ae7" - integrity sha512-bUs+oOOPT18Pq/+4v9q4PA/DGoVoAX6jwY7RTfE/akFXwlny+y/mNS6lPSUwpqcHjljqBaq34PQA3+01SdOOPw== +next-auth@^4.9.0: + version "4.9.0" + resolved "https://registry.yarnpkg.com/next-auth/-/next-auth-4.9.0.tgz#0d8cabcb22a976744131a2e68d5f08756f322593" + integrity sha512-/4S5dFeyNg2nXlD7g/Sh5A4WZWnUMDpEf8x/x+gzmAf5cAY2SjDM6sLk9u4XRmsndsxQpIMWDw03sUTAD+Yzog== dependencies: "@babel/runtime" "^7.16.3" "@panva/hkdf" "^1.0.1"