CVE-2024-47068 bump rollup to 4.22.5

Bump `rollup` from `^1.29.1` to `^4.22.5` to avoid CVE-2024-47068. Bump other rollup-related deps as well.
folio-org · Sep 30, 2024 · f78589e · f78589e
1 parent 63edbc7
commit f78589e
Show file tree

Hide file tree

Showing 2 changed files with 217 additions and 109 deletions.
diff --git a/package.json b/package.json
@@ -38,7 +38,7 @@
     "@babel/preset-env": "^7.0.0",
     "@babel/preset-react": "^7.7.4",
     "@babel/register": "^7.0.0",
-    "@rollup/plugin-node-resolve": "^7.0.0",
+    "@rollup/plugin-node-resolve": "^15.3.0",
     "@testing-library/dom": "^10.4.0",
     "@testing-library/react": "^16.0.0",
     "babel-eslint": "^10.0.3",
@@ -66,10 +66,10 @@
     "react": "^18.0.0",
     "react-dom": "^18.0.0",
     "regenerator-runtime": "^0.13.3",
-    "rollup": "^1.29.1",
-    "rollup-plugin-babel": "^4.3.3",
+    "rollup": "^4.22.5",
+    "rollup-plugin-babel": "^4.4.0",
     "rollup-plugin-commonjs": "^10.1.0",
-    "rollup-plugin-license": "^0.13.0",
+    "rollup-plugin-license": "^3.5.3",
     "rollup-plugin-uglify": "^6.0.4",
     "sinon": "^18.0.0",
     "sinon-chai": "^4.0.0",