From 3e2dd7fb42e93b6bd7806268bc882887ebd3980d Mon Sep 17 00:00:00 2001
From: Nicolas Coutin <Ilshidur@users.noreply.github.com>
Date: Tue, 31 Oct 2017 09:28:47 +0100
Subject: [PATCH] fix: vulnerable dependency (extract-zip)

The _extract-zip@1.6.5_ package is [vulnerable to a ReDoS attack](https://snyk.io/test/npm/extract-zip/1.6.5).

Updated to [version 1.6.6](https://snyk.io/test/npm/extract-zip/1.6.6), [where the maintainers fixed it](https://github.com/maxogden/extract-zip/issues/48#issuecomment-340663654) a few hours ago this PR.

This PR can solve failing tests because of some tools (like [Snyk](https://snyk.io)).
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 90c1b686c..fdd9c30bb 100644
--- a/package.json
+++ b/package.json
@@ -40,7 +40,7 @@
   },
   "dependencies": {
     "es6-promise": "~4.0.3",
-    "extract-zip": "~1.6.5",
+    "extract-zip": "~1.6.6",
     "fs-extra": "~1.0.0",
     "hasha": "~2.2.0",
     "kew": "~0.7.0",