From f598c5074210bb12e34754bb5e0749d255a54b2f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 21 Jun 2023 18:54:03 +0000 Subject: [PATCH] fix: packages/@vue/cli/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SEMVER-3247795 --- packages/@vue/cli/package.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/@vue/cli/package.json b/packages/@vue/cli/package.json index 8115502b15..2f6a5a24cf 100644 --- a/packages/@vue/cli/package.json +++ b/packages/@vue/cli/package.json @@ -28,7 +28,7 @@ }, "dependencies": { "@vue/cli-shared-utils": "^3.0.0-rc.3", - "@vue/cli-ui": "^3.0.0-rc.3", + "@vue/cli-ui": "^5.0.0", "@vue/cli-ui-addon-webpack": "^3.0.0-rc.3", "chalk": "^2.3.0", "cmd-shim": "^2.0.2", @@ -37,7 +37,7 @@ "deepmerge": "^2.0.1", "download-git-repo": "^1.0.2", "ejs": "^2.5.7", - "execa": "^0.10.0", + "execa": "^2.1.0", "fs-extra": "^6.0.0", "globby": "^8.0.1", "import-global": "^0.1.0", @@ -52,7 +52,7 @@ "request": "^2.83.0", "request-promise-native": "^1.0.5", "resolve": "^1.5.0", - "semver": "^5.4.1", + "semver": "^7.5.2", "shortid": "^2.2.8", "slash": "^1.0.0", "validate-npm-package-name": "^3.0.0",