From 7b53e1b4a1019b20f6fff62f4201b4dc2eb7bbbf Mon Sep 17 00:00:00 2001
From: "Juan Picado @jotadeveloper" <juanpicado19@gmail.com>
Date: Thu, 26 Sep 2019 19:33:38 +0200
Subject: [PATCH] fix(security): Cross-site Scripting (XSS) for readme

High severity vulnerability found in dompurify
  Description: Cross-site Scripting (XSS)
  Info: https://snyk.io/vuln/SNYK-JS-DOMPURIFY-468981
  Introduced through: @verdaccio/readme@8.1.0
  From: @verdaccio/readme@8.1.0 > dompurify@1.0.11
---
 core/readme/package.json | 2 +-
 yarn.lock                | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/core/readme/package.json b/core/readme/package.json
index 3ebbb732..c2cdd33e 100644
--- a/core/readme/package.json
+++ b/core/readme/package.json
@@ -30,7 +30,7 @@
     "lib"
   ],
   "dependencies": {
-    "dompurify": "2.0.1",
+    "dompurify": "2.0.3",
     "jsdom": "15.1.1",
     "marked": "0.6.2"
   },
diff --git a/yarn.lock b/yarn.lock
index e7db87af..507b3057 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -4116,10 +4116,10 @@ domexception@^1.0.1:
   dependencies:
     webidl-conversions "^4.0.2"
 
-dompurify@2.0.1:
-  version "2.0.1"
-  resolved "https://registry.verdaccio.org/dompurify/-/dompurify-2.0.1.tgz#02e927c164393213f11a288eea154f105ee33349"
-  integrity sha512-57cdUdCG300XfdO+BTYfgBtcP0G6LuwnQ8BZQ2t9wFDIa+DoQT9iaxKox5aJJYovAA3B4wNIeNlqBfnS/OWvRQ==
+dompurify@2.0.3:
+  version "2.0.3"
+  resolved "https://registry.verdaccio.org/dompurify/-/dompurify-2.0.3.tgz#5cc4965a487d54aedba6ba9634b137cfbd7eb50d"
+  integrity sha512-q006uOkD2JGSJgF0qBt7rVhUvUPBWCxpGayALmHvXx2iNlMfNVz7PDGeXEUjNGgIDjADz59VZCv6UE3U8XRWVw==
 
 dot-prop@^3.0.0:
   version "3.0.0"