build: bump dependencies to avoid vulnerabilities (#172)

Signed-off-by: Phil Adams <[email protected]>
IBM · Jul 12, 2023 · 5a17566 · 5a17566
1 parent 96d9773
commit 5a17566
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 5 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -1,7 +1,7 @@
-dist: bionic
-
 language: python
 
+dist: jammy
+
 matrix:
   include:
     - python: 3.7
@@ -26,8 +26,10 @@ script:
 before_deploy:
 - pip3 install --editable .
 - pip3 install bumpversion
-- nvm install 14
+- nvm install 18
 - npm install
+- node --version
+- npm --version
 
 deploy:
   - provider: script

diff --git a/package.json b/package.json
@@ -4,11 +4,14 @@
   "description": "This package.json is being used to manage semantic-release and its dependencies",
   "license": "Apache-2.0",
   "devDependencies": {
-    "semantic-release": "19.0.5",
-    "@semantic-release/changelog": "6.0.2",
+    "semantic-release": "21.0.7",
+    "@semantic-release/changelog": "6.0.3",
     "@semantic-release/exec": "6.0.3",
     "@semantic-release/git": "10.0.1"
   },
+  "overrides": {
+    "semver": "^7.5.3"
+  },
   "scripts": {
     "semantic-release": "semantic-release"
   }