From a0534e6eb112500ffbc3e1a8009fd215811e7107 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 1 Sep 2021 20:40:39 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-WS-1296835
---
 package-lock.json | 19 +++++++++----------
 package.json      |  2 +-
 2 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 83e816a3..a9d38c9c 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -4,12 +4,13 @@
   "requires": true,
   "packages": {
     "": {
+      "name": "bup",
       "dependencies": {
         "node-webcrypto-ossl": "*",
         "pentf": "^1.4.3",
         "puppeteer": "^5.3.1",
         "wrtc": "^0.4.1",
-        "ws": "*"
+        "ws": "^7.4.6"
       },
       "devDependencies": {
         "argparse": "*",
@@ -1022,7 +1023,6 @@
       "dependencies": {
         "anymatch": "~3.1.1",
         "braces": "~3.0.2",
-        "fsevents": "~2.1.2",
         "glob-parent": "~5.1.0",
         "is-binary-path": "~2.1.0",
         "is-glob": "~4.0.1",
@@ -1728,8 +1728,7 @@
         "esprima": "^2.7.1",
         "estraverse": "^1.9.1",
         "esutils": "^2.0.2",
-        "optionator": "^0.8.1",
-        "source-map": "~0.2.0"
+        "optionator": "^0.8.1"
       },
       "bin": {
         "escodegen": "bin/escodegen.js",
@@ -2008,7 +2007,6 @@
       "version": "2.0.1",
       "license": "BSD-2-Clause",
       "dependencies": {
-        "@types/yauzl": "^2.9.1",
         "debug": "^4.1.1",
         "get-stream": "^5.1.0",
         "yauzl": "^2.10.0"
@@ -2356,7 +2354,6 @@
         "minimist": "^1.2.5",
         "neo-async": "^2.6.0",
         "source-map": "^0.6.1",
-        "uglify-js": "^3.1.4",
         "wordwrap": "^1.0.0"
       },
       "bin": {
@@ -5607,7 +5604,6 @@
       "hasInstallScript": true,
       "license": "BSD-2-Clause",
       "dependencies": {
-        "domexception": "^1.0.1",
         "node-pre-gyp": "^0.13.0"
       },
       "engines": {
@@ -5618,8 +5614,9 @@
       }
     },
     "node_modules/ws": {
-      "version": "7.3.1",
-      "license": "MIT",
+      "version": "7.4.6",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz",
+      "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A==",
       "engines": {
         "node": ">=8.3.0"
       },
@@ -9548,7 +9545,9 @@
       }
     },
     "ws": {
-      "version": "7.3.1",
+      "version": "7.4.6",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz",
+      "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A==",
       "requires": {}
     },
     "xmldom": {
diff --git a/package.json b/package.json
index ef61203a..590dc842 100644
--- a/package.json
+++ b/package.json
@@ -15,7 +15,7 @@
     "pentf": "^1.4.3",
     "puppeteer": "^5.3.1",
     "wrtc": "^0.4.1",
-    "ws": "*"
+    "ws": "7.4.6"
   },
   "devDependencies": {
     "argparse": "*",