From da20cf1b575071d7b16c61470df198430b341a04 Mon Sep 17 00:00:00 2001
From: koji <koji.kanao@opentrons.com>
Date: Wed, 4 Sep 2024 02:54:46 +0900
Subject: [PATCH] chore: update semver version (#16135)

update semver version

[semver vulnerable to Regular Expression Denial of Service](https://github.com/Opentrons/opentrons/security/dependabot/320)

close AUTH-745
---
 app-shell-odd/package.json | 2 +-
 app-shell/package.json     | 2 +-
 app/package.json           | 2 +-
 yarn.lock                  | 9 ++-------
 4 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/app-shell-odd/package.json b/app-shell-odd/package.json
index e080060ca7c..624486e5332 100644
--- a/app-shell-odd/package.json
+++ b/app-shell-odd/package.json
@@ -55,7 +55,7 @@
     "node-fetch": "2.6.7",
     "node-stream-zip": "1.8.2",
     "pump": "3.0.0",
-    "semver": "5.5.0",
+    "semver": "5.7.2",
     "tempy": "1.0.1",
     "uuid": "3.2.1",
     "winston": "3.1.0",
diff --git a/app-shell/package.json b/app-shell/package.json
index e93babb3342..1a1461da837 100644
--- a/app-shell/package.json
+++ b/app-shell/package.json
@@ -63,7 +63,7 @@
     "node-fetch": "2.6.7",
     "node-stream-zip": "1.8.2",
     "pump": "3.0.0",
-    "semver": "5.5.0",
+    "semver": "5.7.2",
     "serialport": "10.5.0",
     "tempy": "1.0.1",
     "usb": "^2.11.0",
diff --git a/app/package.json b/app/package.json
index ad78d15a779..034e5dd7cec 100644
--- a/app/package.json
+++ b/app/package.json
@@ -62,7 +62,7 @@
     "redux-thunk": "2.3.0",
     "reselect": "4.0.0",
     "rxjs": "^6.5.1",
-    "semver": "5.5.0",
+    "semver": "5.7.2",
     "styled-components": "5.3.6",
     "typeface-open-sans": "0.0.75",
     "uuid": "3.2.1"
diff --git a/yarn.lock b/yarn.lock
index 4f42de8f2fc..b49e439640d 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3278,7 +3278,7 @@
     redux-thunk "2.3.0"
     reselect "4.0.0"
     rxjs "^6.5.1"
-    semver "5.5.0"
+    semver "5.7.2"
     styled-components "5.3.6"
     typeface-open-sans "0.0.75"
     uuid "3.2.1"
@@ -19599,16 +19599,11 @@ semver-compare@^1.0.0:
   resolved "https://registry.yarnpkg.com/semver-compare/-/semver-compare-1.0.0.tgz#0dee216a1c941ab37e9efb1788f6afc5ff5537fc"
   integrity sha512-YM3/ITh2MJ5MtzaM429anh+x2jiLVjqILF4m4oyQB18W7Ggea7BfqdH/wGMK7dDiMghv/6WG7znWMwUDzJiXow==
 
-"semver@2 || 3 || 4 || 5", semver@^5.4.1, semver@^5.5.0, semver@^5.6.0:
+"semver@2 || 3 || 4 || 5", semver@5.7.2, semver@^5.4.1, semver@^5.5.0, semver@^5.6.0:
   version "5.7.2"
   resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.2.tgz#48d55db737c3287cd4835e17fa13feace1c41ef8"
   integrity sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g==
 
-semver@5.5.0:
-  version "5.5.0"
-  resolved "https://registry.yarnpkg.com/semver/-/semver-5.5.0.tgz#dc4bbc7a6ca9d916dee5d43516f0092b58f7b8ab"
-  integrity sha512-4SJ3dm0WAwWy/NVeioZh5AntkdJoWKxHxcmyP622fOkgHa4z3R0TdBJICINyaSDE6uNwVc8gZr+ZinwZAH4xIA==
-
 semver@^6.0.0, semver@^6.2.0, semver@^6.3.0, semver@^6.3.1:
   version "6.3.1"
   resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.1.tgz#556d2ef8689146e46dcea4bfdd095f3434dffcb4"