Upgrade packages to address is-svg vulnerability (#3212)

We have a couple of dependabot vulnerabilities listed, so I updated the rails-webpacker package which led to is-svg being eliminated as a dependency. I'm still waiting on the ssri fix rails/webpacker#2969 and perhaps that will not come until the rails-webpacker gem get a 6.0 release, which should be sometime soon.
brave-intl · May 5, 2021 · 8f048ed · 8f048ed
1 parent 3ae1c8f
commit 8f048ed
Show file tree

Hide file tree

Showing 3 changed files with 2,430 additions and 2,970 deletions.
diff --git a/.nvmrc b/.nvmrc
@@ -1 +1 @@
-14.15.3
+14.16.1
diff --git a/package.json b/package.json
@@ -60,7 +60,7 @@
     "@babel/preset-react": "^7.0.0",
     "@rails/activestorage": "^6.0.3-1",
     "@rails/ujs": "^6.0.3-1",
-    "@rails/webpacker": "^5.2.1",
+    "@rails/webpacker": "^5.3.0",
     "@types/react": "^16.4.7",
     "@types/react-dom": "^16.0.6",
     "axios": "^0.21.1",
@@ -97,7 +97,7 @@
     "autoprefixer": "^9.4.3",
     "babel-plugin-styled-components": "^1.10.0",
     "babel-plugin-transform-class-properties": "^6.24.1",
-    "cssnano": "^4.1.8",
+    "cssnano": "^5.0.2",
     "enzyme": "^3.3.0",
     "enzyme-adapter-react-16": "^1.1.1",
     "enzyme-to-json": "^3.3.4",