Updated express-hbs to 1.1.1

no-issue This includes a bump to handlebars -> 4.1.2, which fixes a potential RCE https://github.com/wycats/handlebars.js/blob/v4.1.2/release-notes.md#v412---april-13th-2019
2024-11-24 06:35:49 +03:00 · 2019-04-15 14:03:23 +02:00 · 2019-04-15 14:03:23 +02:00 · 0f5ca616b8
commit 0f5ca616b8
parent 32a4798d76
2 changed files with 22 additions and 6 deletions
--- a/package.json
+++ b/package.json
@ -61,7 +61,7 @@
    "downsize": "0.0.8",
    "express": "4.16.4",
    "express-brute": "1.0.1",
-    "express-hbs": "1.1.0",
+    "express-hbs": "1.1.1",
    "express-jwt": "5.3.1",
    "express-query-boolean": "2.0.0",
    "express-session": "1.15.6",
--- a/yarn.lock
+++ b/yarn.lock
@ -1895,12 +1895,12 @@ express-brute@1.0.1, express-brute@^1.0.0:
    long-timeout "~0.1.1"
    underscore "~1.8.3"

-express-hbs@1.1.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/express-hbs/-/express-hbs-1.1.0.tgz#703c3855c30c8052c7d6f9df642d538404c492b5"
-  integrity sha512-4TQ8kwsMyiJ5yh3F5tWnAmYtYn4tHx7kjK42/Hlmq00/ekw6KMeRgK1INJtUK4QETJcQXiuTtwx68yNoNVAomQ==
+express-hbs@1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/express-hbs/-/express-hbs-1.1.1.tgz#0a181c01a399c0fe148ef4a006c59afd21c24f20"
+  integrity sha512-nFBXq8SNb58wospQeRsh3FZL+srv6KMVkCKJnUGB3Gm7pXUf4DzaIQ0zUb+qQRCFeAVQHaF7X4vNfIea00FiGA==
  dependencies:
-    handlebars "4.0.13"
+    handlebars "4.1.2"
    js-beautify "1.6.8"
    lodash "4.17.11"
    readdirp "2.1.0"
@ -2762,6 +2762,17 @@ handlebars@4.0.13:
  optionalDependencies:
    uglify-js "^3.1.4"

+handlebars@4.1.2:
+  version "4.1.2"
+  resolved "https://registry.yarnpkg.com/handlebars/-/handlebars-4.1.2.tgz#b6b37c1ced0306b221e094fc7aca3ec23b131b67"
+  integrity sha512-nvfrjqvt9xQ8Z/w0ijewdD/vvWDTOweBUm96NTr66Wfvo1mJenBLwcYmPs3TIBP5ruzYGD7Hx/DaM9RmhroGPw==
+  dependencies:
+    neo-async "^2.6.0"
+    optimist "^0.6.1"
+    source-map "^0.6.1"
+  optionalDependencies:
+    uglify-js "^3.1.4"
+
 har-schema@^2.0.0:
  version "2.0.0"
  resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-2.0.0.tgz#a94c2224ebcac04782a0d9035521f24735b7ec92"
@ -4261,6 +4272,11 @@ negotiator@0.6.1:
  version "0.6.1"
  resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.1.tgz#2b327184e8992101177b28563fb5e7102acd0ca9"

+neo-async@^2.6.0:
+  version "2.6.0"
+  resolved "https://registry.yarnpkg.com/neo-async/-/neo-async-2.6.0.tgz#b9d15e4d71c6762908654b5183ed38b753340835"
+  integrity sha512-MFh0d/Wa7vkKO3Y3LlacqAEeHK0mckVqzDieUKTT+KGxi+zIpeVsFxymkIiRpbpDziHc290Xr9A1O4Om7otoRA==
+
 netjet@1.3.0:
  version "1.3.0"
  resolved "https://registry.yarnpkg.com/netjet/-/netjet-1.3.0.tgz#7e082b49354a30a5b84ffd14fb7f3aa5874a7ce4"