Force upgrade xmldom to address vuln (dependency of enketo)

thecartercenter · Oct 27, 2022 · bebbb44 · bebbb44
1 parent 6772249
commit bebbb44
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 4 deletions.
diff --git a/package.json b/package.json
@@ -29,6 +29,9 @@
       "\\.css$": "<rootDir>/app/javascript/__mocks__/style-mock.js"
     }
   },
+  "resolutions": {
+    "@xmldom/xmldom": "0.7.6"
+  },
   "dependencies": {
     "@babel/core": "7.19.0",
     "@babel/helper-string-parser": "7.18.10",

diff --git a/yarn.lock b/yarn.lock
@@ -2122,10 +2122,10 @@
   resolved "https://registry.yarnpkg.com/@webpack-cli/serve/-/serve-1.7.0.tgz#e1993689ac42d2b16e9194376cfb6753f6254db1"
   integrity sha512-oxnCNGj88fL+xzV+dacXs44HcDwf1ovs3AuEzvP7mqXw7fQntqIhQ1BRmynh4qEKQSSSRSWVyXRjmTbZIX9V2Q==
 
-"@xmldom/xmldom@^0.7.0":
-  version "0.7.5"
-  resolved "https://registry.yarnpkg.com/@xmldom/xmldom/-/xmldom-0.7.5.tgz#09fa51e356d07d0be200642b0e4f91d8e6dd408d"
-  integrity sha512-V3BIhmY36fXZ1OtVcI9W+FxQqxVLsPKcNjWigIaa81dLC9IolJl5Mt4Cvhmr0flUnjSpTdrbMTSbXqYqV5dT6A==
+"@xmldom/xmldom@0.7.6", "@xmldom/xmldom@^0.7.0":
+  version "0.7.6"
+  resolved "https://registry.yarnpkg.com/@xmldom/xmldom/-/xmldom-0.7.6.tgz#6f55073fa73e65776bd85826958b98c8cd1457b5"
+  integrity sha512-HHXP9hskkFQHy8QxxUXkS7946FFIhYVfGqsk0WLwllmexN9x/+R4UBLvurHEuyXRfVEObVR8APuQehykLviwSQ==
 
 "@xtuc/ieee754@^1.2.0":
   version "1.2.0"