From 2dc33d44bf20925efbc51c6a36eac898ba9f145f Mon Sep 17 00:00:00 2001
From: GitStart-SourceGraph
 <89894075+gitstart-sourcegraph@users.noreply.github.com>
Date: Fri, 8 Jul 2022 15:33:28 +0000
Subject: [PATCH] [SG-36701] Fix for json-schema which is vulnerable to
 Prototype Pollution (#37091)

* Fix for json-schema which is vulnerable to Prototype Pollution

Co-authored-by: gitstart-sourcegraph <gitstart@users.noreply.github.com>
---
 package.json |  3 ++-
 yarn.lock    | 18 +++++++++---------
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/package.json b/package.json
index 6827f92b644..9da66e61eac 100644
--- a/package.json
+++ b/package.json
@@ -485,6 +485,7 @@
     "cssnano": "4.1.10",
     "webpack": "5",
     "tslib": "2.1.0",
-    "prettier": "2.2.1"
+    "prettier": "2.2.1",
+    "jsprim": "1.4.2"
   }
 }
diff --git a/yarn.lock b/yarn.lock
index b1930e36d36..4d17916b171 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -16748,10 +16748,10 @@ json-schema-traverse@^1.0.0:
   resolved "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz#ae7bcb3656ab77a73ba5c49bf654f38e6b6860e2"
   integrity sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==
 
-json-schema@0.2.3:
-  version "0.2.3"
-  resolved "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13"
-  integrity sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=
+json-schema@0.4.0:
+  version "0.4.0"
+  resolved "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz#f7de4cf6efab838ebaeb3236474cbba5a1930ab5"
+  integrity sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==
 
 json-stable-stringify-without-jsonify@^1.0.1:
   version "1.0.1"
@@ -16841,14 +16841,14 @@ jsonwebtoken@8.5.1, jsonwebtoken@^8.5.1:
     ms "^2.1.1"
     semver "^5.6.0"
 
-jsprim@^1.2.2:
-  version "1.4.1"
-  resolved "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz#313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2"
-  integrity sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=
+jsprim@1.4.2, jsprim@^1.2.2:
+  version "1.4.2"
+  resolved "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz#712c65533a15c878ba59e9ed5f0e26d5b77c5feb"
+  integrity sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==
   dependencies:
     assert-plus "1.0.0"
     extsprintf "1.3.0"
-    json-schema "0.2.3"
+    json-schema "0.4.0"
     verror "1.10.0"
 
 "jsx-ast-utils@^2.4.1 || ^3.0.0", jsx-ast-utils@^3.2.1: