From 41758e205b998149f27e0b291b5be0a14a0d531b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 5 Sep 2024 23:24:53 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-6139239 - https://snyk.io/vuln/SNYK-JS-LODASH-450202 - https://snyk.io/vuln/SNYK-JS-LODASH-608086 - https://snyk.io/vuln/SNYK-JS-LODASH-73638 - https://snyk.io/vuln/SNYK-JS-AJV-584908 - https://snyk.io/vuln/npm:extend:20180424 - https://snyk.io/vuln/SNYK-JS-LODASH-73639 --- package-lock.json | 145 ++++++++++++++++++++++++++-------------------- package.json | 2 +- 2 files changed, 84 insertions(+), 63 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1cc47e56..a59415d1 100644 --- a/package-lock.json +++ b/package-lock.json @@ -922,16 +922,6 @@ "long": "^3.2.0" } }, - "JSONStream": { - "version": "1.3.3", - "resolved": "https://registry.npmjs.org/JSONStream/-/JSONStream-1.3.3.tgz", - "integrity": "sha512-3Sp6WZZ/lXl+nTDoGpGWHEpTnnC6X5fnkolYZR6nwIfzbxxvA8utPWe1gCt7i0m9uVGsSz2IS8K8mJ7HmlduMg==", - "dev": true, - "requires": { - "jsonparse": "^1.2.0", - "through": ">=2.2.7 <3" - } - }, "abab": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/abab/-/abab-1.0.4.tgz", @@ -998,6 +988,7 @@ "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz", "integrity": "sha1-DNkKVhCT810KmSVsIrcGlDP60Rc=", "dev": true, + "optional": true, "requires": { "kind-of": "^3.0.2", "longest": "^1.0.1", @@ -2884,8 +2875,8 @@ "integrity": "sha512-BoMaddIEJ6B4QVMSDu9IkVImlGOSGA1I2BQyOZHeLQ6qVOJLcLKn97+fL6dGbzWEiqDzfH4OkcveULmeq2MHFQ==", "dev": true, "requires": { - "JSONStream": "^1.0.4", "is-text-path": "^1.0.0", + "JSONStream": "^1.0.4", "lodash": "^4.2.1", "meow": "^4.0.0", "split2": "^2.0.0", @@ -4317,7 +4308,8 @@ "ansi-regex": { "version": "2.1.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "aproba": { "version": "1.2.0", @@ -4338,12 +4330,14 @@ "balanced-match": { "version": "1.0.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "brace-expansion": { "version": "1.1.11", "bundled": true, "dev": true, + "optional": true, "requires": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" @@ -4358,17 +4352,20 @@ "code-point-at": { "version": "1.1.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "concat-map": { "version": "0.0.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "console-control-strings": { "version": "1.1.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "core-util-is": { "version": "1.0.2", @@ -4485,7 +4482,8 @@ "inherits": { "version": "2.0.3", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "ini": { "version": "1.3.5", @@ -4497,6 +4495,7 @@ "version": "1.0.0", "bundled": true, "dev": true, + "optional": true, "requires": { "number-is-nan": "^1.0.0" } @@ -4511,6 +4510,7 @@ "version": "3.0.4", "bundled": true, "dev": true, + "optional": true, "requires": { "brace-expansion": "^1.1.7" } @@ -4518,12 +4518,14 @@ "minimist": { "version": "0.0.8", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "minipass": { "version": "2.2.4", "bundled": true, "dev": true, + "optional": true, "requires": { "safe-buffer": "^5.1.1", "yallist": "^3.0.0" @@ -4542,6 +4544,7 @@ "version": "0.5.1", "bundled": true, "dev": true, + "optional": true, "requires": { "minimist": "0.0.8" } @@ -4622,7 +4625,8 @@ "number-is-nan": { "version": "1.0.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "object-assign": { "version": "4.1.1", @@ -4634,6 +4638,7 @@ "version": "1.4.0", "bundled": true, "dev": true, + "optional": true, "requires": { "wrappy": "1" } @@ -4719,7 +4724,8 @@ "safe-buffer": { "version": "5.1.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "safer-buffer": { "version": "2.1.2", @@ -4751,29 +4757,31 @@ "dev": true, "optional": true }, - "string-width": { - "version": "1.0.2", + "string_decoder": { + "version": "1.1.1", "bundled": true, "dev": true, + "optional": true, "requires": { - "code-point-at": "^1.0.0", - "is-fullwidth-code-point": "^1.0.0", - "strip-ansi": "^3.0.0" + "safe-buffer": "~5.1.0" } }, - "string_decoder": { - "version": "1.1.1", + "string-width": { + "version": "1.0.2", "bundled": true, "dev": true, "optional": true, "requires": { - "safe-buffer": "~5.1.0" + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" } }, "strip-ansi": { "version": "3.0.1", "bundled": true, "dev": true, + "optional": true, "requires": { "ansi-regex": "^2.0.0" } @@ -4817,12 +4825,14 @@ "wrappy": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "yallist": { "version": "3.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true } } }, @@ -5099,30 +5109,30 @@ "dev": true }, "h2x-core": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/h2x-core/-/h2x-core-1.0.0.tgz", - "integrity": "sha1-UTX9oahojryM4kUNifHcaDdRHns=", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/h2x-core/-/h2x-core-1.1.0.tgz", + "integrity": "sha512-vw1GN5i+dKctUEKn6z9CFs2Lh3ktYw8M3knqSvvqd4DhDV7c4d13tVPKSgxbtoXMdIph2Icd401L5m2KzxIosw==", "requires": { - "h2x-generate": "^1.0.0", - "h2x-parse": "^1.0.0", - "h2x-traverse": "^1.0.0" + "h2x-generate": "^1.1.0", + "h2x-parse": "^1.1.0", + "h2x-traverse": "^1.1.0" } }, "h2x-generate": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/h2x-generate/-/h2x-generate-1.0.0.tgz", - "integrity": "sha1-cugCDs7ePlifesq4HoWoNGzFQSY=", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/h2x-generate/-/h2x-generate-1.1.0.tgz", + "integrity": "sha512-L7Hym0yb20QIjvqeULUPOeh/cyvScdOAyJ6oRlh5dF0+w92hf3OiTk1q15KBijde7jGEe+0R4aOmtW8gkPNIzg==", "requires": { - "h2x-traverse": "^1.0.0" + "h2x-traverse": "^1.1.0" } }, "h2x-parse": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/h2x-parse/-/h2x-parse-1.0.0.tgz", - "integrity": "sha1-PTd2QtbV9eP6mUDjYg8Rui0HLpk=", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/h2x-parse/-/h2x-parse-1.1.1.tgz", + "integrity": "sha512-WRSmPF+tIWuUXVEZaYRhcZx/JGEJx8LjZpDDtrvMr5m/GTR0NerydCik5dRzcKXPWCtfXxuJRLR4v2P4HB2B1A==", "requires": { - "h2x-types": "^1.0.0", - "jsdom": "^11.10.0" + "h2x-types": "^1.1.0", + "jsdom": ">=11.0.0" } }, "h2x-plugin-jsx": { @@ -5134,17 +5144,17 @@ } }, "h2x-traverse": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/h2x-traverse/-/h2x-traverse-1.0.0.tgz", - "integrity": "sha1-b2UdQfFOO0Ni6iqQkhOkNRGYLeE=", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/h2x-traverse/-/h2x-traverse-1.1.0.tgz", + "integrity": "sha512-1ND8ZbISLSUgpLHYJRvhvElITvs0g44L7RxjeXViz5XP6rooa+FtXTFLByl2Yg01zj2txubifHIuU4pgvj8l+A==", "requires": { - "h2x-types": "^1.0.0" + "h2x-types": "^1.1.0" } }, "h2x-types": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/h2x-types/-/h2x-types-1.0.0.tgz", - "integrity": "sha1-SCKBb/3fUeSjg6oAWUdw6M4jDR8=" + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/h2x-types/-/h2x-types-1.1.0.tgz", + "integrity": "sha512-QdH5qfLcdF209UsCdM0ZNZ9Dwm2PHvMfeLZtivBrjX3Y/df4US2pwsUC4HBfWhye/mx/t6puODeC7Oacb/Ol8g==" }, "handlebars": { "version": "4.0.11", @@ -6620,6 +6630,16 @@ "integrity": "sha1-P02uSpH6wxX3EGL4UhzCOfE2YoA=", "dev": true }, + "JSONStream": { + "version": "1.3.3", + "resolved": "https://registry.npmjs.org/JSONStream/-/JSONStream-1.3.3.tgz", + "integrity": "sha512-3Sp6WZZ/lXl+nTDoGpGWHEpTnnC6X5fnkolYZR6nwIfzbxxvA8utPWe1gCt7i0m9uVGsSz2IS8K8mJ7HmlduMg==", + "dev": true, + "requires": { + "jsonparse": "^1.2.0", + "through": ">=2.2.7 <3" + } + }, "jsprim": { "version": "1.4.1", "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", @@ -6771,7 +6791,8 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz", "integrity": "sha1-MKCy2jj3N3DoKUoNIuZiXtd9AJc=", - "dev": true + "dev": true, + "optional": true }, "loose-envify": { "version": "1.3.1", @@ -9371,6 +9392,15 @@ "integrity": "sha1-1cdSgl5TZ+eG944Y5EXqIjoVWVI=", "dev": true }, + "string_decoder": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", + "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", + "dev": true, + "requires": { + "safe-buffer": "~5.1.0" + } + }, "string-length": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/string-length/-/string-length-2.0.0.tgz", @@ -9425,15 +9455,6 @@ } } }, - "string_decoder": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", - "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", - "dev": true, - "requires": { - "safe-buffer": "~5.1.0" - } - }, "strip-ansi": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", diff --git a/package.json b/package.json index e1e7e355..ef867ffd 100644 --- a/package.json +++ b/package.json @@ -42,7 +42,7 @@ "chalk": "^2.4.1", "commander": "^2.15.1", "glob": "^7.1.2", - "h2x-core": "^1.0.0", + "h2x-core": "^1.1.0", "h2x-plugin-jsx": "^1.0.0", "loader-utils": "^1.1.0", "lodash": "^4.17.10",