fix: upgrade dependencies and ignore low severity vulnerabilities (#592)

Ignoring low severity vulnerabilities until lodash issue is resolved: https://www.npmjs.com/advisories/1523
twilio · Jul 2, 2020 · 40f694e · 40f694e
1 parent c8b8a3c
commit 40f694e
Showing 1 changed file with 8 additions and 8 deletions.
diff --git a/package.json b/package.json
@@ -20,27 +20,27 @@
     "url": "/~https://github.com/twilio/twilio-node.git"
   },
   "dependencies": {
-    "@types/express": "^4.17.3",
+    "@types/express": "^4.17.6",
     "axios": "^0.19.2",
-    "dayjs": "^1.8.21",
+    "dayjs": "^1.8.29",
     "jsonwebtoken": "^8.5.1",
     "lodash": "^4.17.15",
     "q": "2.0.x",
-    "qs": "^6.9.1",
+    "qs": "^6.9.4",
     "rootpath": "^0.1.2",
     "scmp": "^2.1.0",
     "url-parse": "^1.4.7",
     "xmlbuilder": "^13.0.2"
   },
   "devDependencies": {
-    "@types/lodash": "^4.14.149",
+    "@types/lodash": "^4.14.157",
     "@types/node": "^9.6.55",
-    "eslint": "^6.8.0",
+    "eslint": "^7.3.1",
     "express": "^4.17.1",
     "jasmine": "^3.5.0",
-    "jsdoc": "^3.6.3",
+    "jsdoc": "^3.6.4",
     "jshint": "^2.11.0",
-    "mock-fs": "^4.11.0",
+    "mock-fs": "^4.12.0",
     "nock": "^10.0.6",
     "node-mocks-http": "^1.8.1",
     "proxyquire": "^2.1.3",
@@ -55,7 +55,7 @@
     "check": "npm run jshint && npm run jscs",
     "ci": "npm test && npm run nsp",
     "jsdoc": "jsdoc -r lib -d docs",
-    "nsp": "if [ `npm --version | cut -d'.' -f1` -ge \"6\" ]; then npm audit; else echo \"npm audit is not available for npm < 6.0\"; fi"
+    "nsp": "if [ `npm --version | cut -d'.' -f1` -ge \"6\" ]; then npm audit --audit-level=moderate; else echo \"npm audit is not available for npm < 6.0\"; fi"
   },
   "files": [
     "lib",