From 87e3cc09b3eb852c20a634be5b8c02adc2f4a765 Mon Sep 17 00:00:00 2001
From: Ilkka Laukkanen <ilkka@ilkka.io>
Date: Fri, 10 Mar 2017 12:58:34 +0200
Subject: [PATCH] Bump extract-zip version

This bump allows for a future release of extract-zip, that in turn pulls in a newer future release of concat-stream to mitigate [a possible memory disclosure vulnerability](https://snyk.io/vuln/npm:concat-stream:20160901). extract-zip is already at 1.6.0 so this will not happen without this bump.
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index ccd9fadea..4c7691823 100644
--- a/package.json
+++ b/package.json
@@ -40,7 +40,7 @@
   },
   "dependencies": {
     "es6-promise": "~4.0.3",
-    "extract-zip": "~1.5.0",
+    "extract-zip": "~1.6.0",
     "fs-extra": "~1.0.0",
     "hasha": "~2.2.0",
     "kew": "~0.7.0",