ws security bump

Summary: Open alert: https://github.com/facebook/flipper/security/dependabot/react-native/ReactNativeFlipperExample/yarn.lock/ws/open I'm not 100% sure this will address it because we still have 1.1.5 pinned separately but we've had that for a while and it didn't seem to trigger anything? Differential Revision: D29584889 fbshipit-source-id: 885a56e468ebbde63960d73d458b2f390065c029
2021-07-07 09:30:49 -07:00
parent 88d6d000c8
commit 8c7b2fe4d5
2 changed files with 9 additions and 2 deletions
--- a/react-native/ReactNativeFlipperExample/package.json
+++ b/react-native/ReactNativeFlipperExample/package.json
@@ -37,7 +37,7 @@
    "browserslist": "^4.16.5",
    "glob-parent": "5.1.2",
    "**/metro/**/ws": "^1.1.5",
-    "**/@react-native-community/cli-server-api/**/ws": "^1.1.5",
+    "**/@react-native-community/cli-server-api/**/ws": "^5.2.3",
    "**/react-native/**/ws": "^6.2.2",
    "ws": "^7.4.6"
  }
--- a/react-native/ReactNativeFlipperExample/yarn.lock
+++ b/react-native/ReactNativeFlipperExample/yarn.lock
@@ -6203,7 +6203,14 @@ write-file-atomic@^3.0.0:
    signal-exit "^3.0.2"
    typedarray-to-buffer "^3.1.5"

-ws@^1.1.0, ws@^1.1.5:
+ws@^1.1.0, ws@^5.2.3:
+  version "5.2.3"
+  resolved "https://registry.yarnpkg.com/ws/-/ws-5.2.3.tgz#05541053414921bc29c63bee14b8b0dd50b07b3d"
+  integrity sha512-jZArVERrMsKUatIdnLzqvcfydI85dvd/Fp1u/VOpfdDWQ4c9qWXe+VIeAbQ5FrDwciAkr+lzofXLz3Kuf26AOA==
+  dependencies:
+    async-limiter "~1.0.0"
+
+ws@^1.1.5:
  version "1.1.5"
  resolved "https://registry.yarnpkg.com/ws/-/ws-1.1.5.tgz#cbd9e6e75e09fc5d2c90015f21f0c40875e0dd51"
  integrity sha512-o3KqipXNUdS7wpQzBHSe180lBGO60SoK0yVo3CYJgb2MkobuWuBX6dhkYP5ORCLd55y+SaflMOV5fqAB53ux4w==