From 938972db0396239c2a653905e0597d9b47cbcb62 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon, 12 Aug 2019 21:27:21 +0000
Subject: [PATCH] [Security] Bump ssri from 5.0.0 to 5.3.0

Bumps [ssri](https://github.com/zkat/ssri) from 5.0.0 to 5.3.0. **This update includes a security fix.**
- [Release notes](https://github.com/zkat/ssri/releases)
- [Changelog](https://github.com/zkat/ssri/blob/latest/CHANGELOG.md)
- [Commits](https://github.com/zkat/ssri/compare/v5.0.0...v5.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 yarn.lock | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/yarn.lock b/yarn.lock
index 92bb5f8..45de1f9 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -4921,10 +4921,14 @@ rxjs@^5.5.2:
   dependencies:
     symbol-observable "1.0.1"
 
-safe-buffer@5.1.1, safe-buffer@^5.0.1, safe-buffer@^5.1.0, safe-buffer@^5.1.1, safe-buffer@~5.1.0, safe-buffer@~5.1.1:
+safe-buffer@5.1.1, safe-buffer@~5.1.0, safe-buffer@~5.1.1:
   version "5.1.1"
   resolved "http://registry.npm.taobao.org/safe-buffer/download/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853"
 
+safe-buffer@^5.0.1, safe-buffer@^5.1.0, safe-buffer@^5.1.1:
+  version "5.2.0"
+  resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.0.tgz#b74daec49b1148f88c64b68d49b1e815c1f2f519"
+
 sass-graph@^2.2.4:
   version "2.2.4"
   resolved "http://registry.npm.taobao.org/sass-graph/download/sass-graph-2.2.4.tgz#13fbd63cd1caf0908b9fd93476ad43a51d1e0b49"
@@ -5311,10 +5315,10 @@ sshpk@^1.7.0:
     tweetnacl "~0.14.0"
 
 ssri@^5.0.0:
-  version "5.0.0"
-  resolved "http://registry.npm.taobao.org/ssri/download/ssri-5.0.0.tgz#13c19390b606c821f2a10d02b351c1729b94d8cf"
+  version "5.3.0"
+  resolved "https://registry.yarnpkg.com/ssri/-/ssri-5.3.0.tgz#ba3872c9c6d33a0704a7d71ff045e5ec48999d06"
   dependencies:
-    safe-buffer "^5.1.0"
+    safe-buffer "^5.1.1"
 
 "statuses@>= 1.3.1 < 2":
   version "1.4.0"