jens/flipper
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update xmldom for RN apps (security fix)

Browse Source 
Summary: Same security vuln. Need to hard-code for now as this is deep down in the dependency tree for an RN dep called `xcode`.

Reviewed By: mweststrate

Differential Revision: D27338548

fbshipit-source-id: b88dcf48471739ebb7762f49589548dae62433be
This commit is contained in:
Pascal Hartig
2021-03-26 05:44:32 -07:00
committed by Facebook GitHub Bot
parent 00442cff4a
commit 276aa682e3
4 changed files with 17 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
react-native/ReactNativeFlipperExample/package.json
View File

@@ -28,5 +28,8 @@
}, },
"relativeDependencies": { "relativeDependencies": {
"react-native-flipper": "../react-native-flipper" "react-native-flipper": "../react-native-flipper"
},
"resolutions": {
"xmldom": "0.5.0"
} }
} }

16
react-native/ReactNativeFlipperExample/yarn.lock
View File

@@ -4992,10 +4992,10 @@ react-native-codegen@^0.0.6:
jscodeshift "^0.11.0" jscodeshift "^0.11.0"
nullthrows "^1.1.1" nullthrows "^1.1.1"
react-native-flipper@^0.80.0: react-native-flipper@^0.82.0:
version "0.80.0" version "0.82.0"
resolved "https://registry.yarnpkg.com/react-native-flipper/-/react-native-flipper-0.80.0.tgz#ac576ccbb5b0babf926d450d8f0689b59cff2d20" resolved "https://registry.yarnpkg.com/react-native-flipper/-/react-native-flipper-0.82.0.tgz#ea5d016d529002dea8b3f1b285f99b930de0ba6c"
integrity sha512-D9IUOY3wCjVupbQS9uWEgUdwO9DD11aOSjxswOeDNozB2GG2xI1iKSeGqNuFFq7Gr522yWVCmjNGpTbjEonPQQ== integrity sha512-blcYREveFfOGByj45f/vRPs8VSF/Rqb02/yQAb8q5+aytIeKkzuWzGIVfYiZrS+Sw9i5dl2pH8GPcC59iEzR9Q==
react-native@^0.64.0: react-native@^0.64.0:
version "0.64.0" version "0.64.0"
@@ -6326,10 +6326,10 @@ xmldoc@^1.1.2:
dependencies: dependencies:
sax "^1.2.1" sax "^1.2.1"
xmldom@0.1.x: xmldom@0.1.x, xmldom@0.5.0:
version "0.1.31" version "0.5.0"
resolved "https://registry.yarnpkg.com/xmldom/-/xmldom-0.1.31.tgz#b76c9a1bd9f0a9737e5a72dc37231cf38375e2ff" resolved "https://registry.yarnpkg.com/xmldom/-/xmldom-0.5.0.tgz#193cb96b84aa3486127ea6272c4596354cb4962e"
integrity sha512-yS2uJflVQs6n+CyjHoaBmVSqIDevTAWrzMmjG1Gc7h1qQ7uVozNhEPJAwZXWyGQ/Gafo3fCwrcaokezLPupVyQ== integrity sha512-Foaj5FXVzgn7xFzsKeNIde9g6aFBxTPi37iwsno8QvApmtg7KYrr+OPyRHcJF7dud2a5nGRBXK3n0dL62Gf7PA==
xtend@~4.0.1: xtend@~4.0.1:
version "4.0.2" version "4.0.2"

3
react-native/react-native-flipper/package.json
View File

@@ -35,6 +35,7 @@
"logkitty": "0.7.1", "logkitty": "0.7.1",
"minimist": "1.2.3", "minimist": "1.2.3",
"kind-of": "6.0.3", "kind-of": "6.0.3",
"node-fetch": "^2.6.1" "node-fetch": "^2.6.1",
"xmldom": "0.5.0"
} }
} }

8
react-native/react-native-flipper/yarn.lock
View File

@@ -4502,10 +4502,10 @@ xmldoc@^1.1.2:
dependencies: dependencies:
sax "^1.2.1" sax "^1.2.1"
xmldom@0.1.x: xmldom@0.1.x, xmldom@0.5.0:
version "0.1.27" version "0.5.0"
resolved "https://registry.yarnpkg.com/xmldom/-/xmldom-0.1.27.tgz#d501f97b3bdb403af8ef9ecc20573187aadac0e9" resolved "https://registry.yarnpkg.com/xmldom/-/xmldom-0.5.0.tgz#193cb96b84aa3486127ea6272c4596354cb4962e"
integrity sha1-1QH5ezvbQDr4757MIFcxh6rawOk= integrity sha512-Foaj5FXVzgn7xFzsKeNIde9g6aFBxTPi37iwsno8QvApmtg7KYrr+OPyRHcJF7dud2a5nGRBXK3n0dL62Gf7PA==
xtend@~4.0.1: xtend@~4.0.1:
version "4.0.2" version "4.0.2"