From ca96b40b7adeff22bd4eacece1eed37f22324e95 Mon Sep 17 00:00:00 2001
From: Kevin Day <kday@library.tamu.edu>
Date: Fri, 9 Dec 2022 11:51:35 -0600
Subject: [PATCH] Issue 234: Security fixes for: minimatch and qs.

Fix child dependencies that are coming in with insecure versions.
This is based on the `npm list --depth=100` and considers what is reported by dependabot for Sage.

see: https://github.com/TAMULib/SAGE/security/dependabot/37
see: https://github.com/TAMULib/SAGE/security/dependabot/34
---
 package.json | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/package.json b/package.json
index ddaab0c..e4425dc 100644
--- a/package.json
+++ b/package.json
@@ -33,6 +33,8 @@
   "devDependencies": {
   },
   "overrides": {
-    "glob-stream": "^7.0.0"
+    "glob-stream": "^7.0.0",
+    "minimatch": "^3.1.2",
+    "qs": "^6.11.0"
   }
 }