Force upgrade of some outdated dependencies

I don't really like the way to go here, but I guess having those forcefully upgraded is better than staying around with vulnerable dependencies. This patch fixes some vulnerbilities in dependencies that were categories as high severity. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-02 19:14:04 +01:00
parent edfe7fc401
commit b718eac70a
2 changed files with 12 additions and 180 deletions
--- a/package.json
+++ b/package.json
@@ -133,7 +133,9 @@
    "xss": "^1.0.3"
  },
  "resolutions": {
-    "**/tough-cookie": "~2.4.0"
+    "**/tough-cookie": "~2.4.0",
+    "**/minimatch": "^3.0.2",
+    "**/request": "^2.88.0"
  },
  "engines": {
    "node": ">=6.x"