From ab7eb9f9bdbfde84d3b80a5596debf810d285c89 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 26 Nov 2023 22:24:52 +0000 Subject: [PATCH] fix: package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-POSTCSS-5926692 - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 5ab8edff7..f71397382 100644 --- a/package.json +++ b/package.json @@ -9,7 +9,7 @@ }, "dependencies": { "@headlessui/react": "^1.2.0", - "@mdx-js/loader": "^1.5.5", + "@mdx-js/loader": "^2.0.0", "@next/mdx": "^8.1.0", "@rescript/react": "^0.10.3", "@ryyppy/rescript-promise": "2.1.0", @@ -43,7 +43,7 @@ }, "devDependencies": { "autoprefixer": "^10.2.6", - "cssnano": "^4.1.10", + "cssnano": "^5.0.0", "esbuild-loader": "^2.13.1", "postcss-cli": "^8.3.0", "reanalyze": "^2.16.0",