From a9780556f6e6cdfac0ecbdb161adffe8cc252438 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 25 Oct 2023 15:17:36 +0000
Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-CRYPTOJS-6028119
---
 package.json | 2 +-
 yarn.lock    | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/package.json b/package.json
index 86c8f64..0b25113 100644
--- a/package.json
+++ b/package.json
@@ -25,7 +25,7 @@
   "homepage": "https://github.com/guidesmiths/react-native-uservoice#readme",
   "dependencies": {
     "buffer": "5.0.7",
-    "crypto-js": "3.1.9-1",
+    "crypto-js": "4.2.0",
     "moment": "^2.18.1",
     "query-string": "5.0.0",
     "url-parse": "1.1.9"
diff --git a/yarn.lock b/yarn.lock
index bbd9358..cdbfcfe 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -856,9 +856,10 @@ cross-spawn@^5.1.0:
     shebang-command "^1.2.0"
     which "^1.2.9"
 
-crypto-js@3.1.9-1:
-  version "3.1.9-1"
-  resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-3.1.9-1.tgz#fda19e761fc077e01ffbfdc6e9fdfc59e8806cd8"
+crypto-js@4.2.0:
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-4.2.0.tgz#4d931639ecdfd12ff80e8186dba6af2c2e856631"
+  integrity sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q==
 
 debug@3.1.0, debug@^3.1.0:
   version "3.1.0"