From 325b2ef9be86b20185528670b13adb03c1ec6a62 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Fri, 7 May 2021 06:13:08 +0000 Subject: [PATCH] build(deps): [security] bump hosted-git-info from 2.8.4 to 3.0.8 Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.4 to 3.0.8. **This update includes a security fix.** - [Release notes](https://github.com/npm/hosted-git-info/releases) - [Changelog](https://github.com/npm/hosted-git-info/blob/latest/CHANGELOG.md) - [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.4...v3.0.8) Signed-off-by: dependabot-preview[bot] --- packages/core/core/package.json | 2 +- packages/embark/package.json | 2 +- yarn.lock | 16 +++++++++++++++- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/packages/core/core/package.json b/packages/core/core/package.json index 7b7e768373..27b885b81e 100644 --- a/packages/core/core/package.json +++ b/packages/core/core/package.json @@ -63,7 +63,7 @@ "flatted": "0.2.3", "fs-extra": "8.1.0", "globule": "1.2.1", - "hosted-git-info": "2.8.4", + "hosted-git-info": "3.0.8", "lodash.clonedeep": "4.5.0", "node-ipc": "9.1.1", "parse-json": "4.0.0", diff --git a/packages/embark/package.json b/packages/embark/package.json index 2df689658a..66352c51d4 100644 --- a/packages/embark/package.json +++ b/packages/embark/package.json @@ -90,7 +90,7 @@ "ganache-cli": "6.8.2", "glob": "7.1.4", "globule": "1.2.1", - "hosted-git-info": "2.8.4", + "hosted-git-info": "3.0.8", "http-proxy": "1.17.0", "istanbul": "0.4.5", "json-parse-better-errors": "1.0.2", diff --git a/yarn.lock b/yarn.lock index 702715e531..038b37bb39 100644 --- a/yarn.lock +++ b/yarn.lock @@ -11595,7 +11595,14 @@ hoist-non-react-statics@^3.1.0, hoist-non-react-statics@^3.3.0: dependencies: react-is "^16.7.0" -hosted-git-info@2.8.4, hosted-git-info@^2.1.4, hosted-git-info@^2.7.1: +hosted-git-info@3.0.8: + version "3.0.8" + resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-3.0.8.tgz#6e35d4cc87af2c5f816e4cb9ce350ba87a3f370d" + integrity sha512-aXpmwoOhRBrw6X3j0h5RloK4x1OzsxMPyxqIHyNfSe2pypkVTZFpEiRoSipPEPlMrh0HW/XsjkJ5WgnCirpNUw== + dependencies: + lru-cache "^6.0.0" + +hosted-git-info@^2.1.4, hosted-git-info@^2.7.1: version "2.8.4" resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.8.4.tgz#44119abaf4bc64692a16ace34700fed9c03e2546" integrity sha512-pzXIvANXEFrc5oFFXRMkbLPQ2rXRoDERwDLyrcUxGhaZhgP54BBSl9Oheh7Vv0T090cszWBxPjkQQ5Sq1PbBRQ== @@ -14814,6 +14821,13 @@ lru-cache@^5.1.1: dependencies: yallist "^3.0.2" +lru-cache@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-6.0.0.tgz#6d6fe6570ebd96aaf90fcad1dafa3b2566db3a94" + integrity sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA== + dependencies: + yallist "^4.0.0" + ltgt@~2.2.0: version "2.2.1" resolved "https://registry.yarnpkg.com/ltgt/-/ltgt-2.2.1.tgz#f35ca91c493f7b73da0e07495304f17b31f87ee5"