From 01de90b957a010efeee5674e1e0866ab648fad4f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 15 Feb 2023 16:22:40 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ADMZIP-1065796 - https://snyk.io/vuln/SNYK-JS-KERBEROS-568900 - https://snyk.io/vuln/SNYK-JS-LODASH-567746 - https://snyk.io/vuln/npm:adm-zip:20180415 - https://snyk.io/vuln/npm:marked:20150520 - https://snyk.io/vuln/npm:marked:20170112 - https://snyk.io/vuln/npm:marked:20170815 - https://snyk.io/vuln/npm:marked:20180225 --- package-lock.json | 100 +++++++++++++++++++--------------------------- package.json | 8 ++-- 2 files changed, 46 insertions(+), 62 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9a27820a7a..d8b1134920 100644 --- a/package-lock.json +++ b/package-lock.json @@ -272,9 +272,9 @@ "dev": true }, "adm-zip": { - "version": "0.4.7", - "resolved": "https://registry.npmjs.org/adm-zip/-/adm-zip-0.4.7.tgz", - "integrity": "sha1-hgbCy/HEJs6MjsABdER/1Jtur8E=" + "version": "0.5.2", + "resolved": "https://registry.npmjs.org/adm-zip/-/adm-zip-0.5.2.tgz", + "integrity": "sha512-lUI3ZSNsfQXNYNzGjt68MdxzCs0eW29lgL74y/Y2h4nARgHmH3poFWuK3LonvFbNHFt4dTb2X/QQ4c1ZUWWsJw==" }, "agent-base": { "version": "4.3.0", @@ -447,7 +447,7 @@ "async": { "version": "0.9.0", "resolved": "https://registry.npmjs.org/async/-/async-0.9.0.tgz", - "integrity": "sha1-rDYTsdqb7RtHUQu0ZRuJMeRxRsc=" + "integrity": "sha512-XQJ3MipmCHAIBBMFfu2jaSetneOrXbSyyqeU3Nod867oNOpS+i9FEms5PWgjMxSgBybRf2IVVLtr1YfrDO+okg==" }, "async-cache": { "version": "0.1.5", @@ -845,7 +845,7 @@ "bson": { "version": "0.4.23", "resolved": "https://registry.npmjs.org/bson/-/bson-0.4.23.tgz", - "integrity": "sha1-5louPHUH/63kEJvHV1p25Q+NqRU=" + "integrity": "sha512-xMUimhLm6y4t9BTW6BQGRHs9PODB9082EUX/Gkx6M9T2ktuJ5LvMxY/20ukuk0Uc+WPL37pbMIy731XF7eTxjg==" }, "buffer": { "version": "4.9.1", @@ -1920,7 +1920,7 @@ "es6-promise": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-2.1.1.tgz", - "integrity": "sha1-A+jzxyl5KOVHjWqx0GQyUVB73t0=" + "integrity": "sha512-R/JdLj56a8CEfCYtt4HC1b0CWTy+XD9Ne3YgictYpB4JaFCdn/QZkaV2Mz4P7g3cpkpvMzz6O20+eqvDOWQc+w==" }, "es6-promisify": { "version": "5.0.0", @@ -2796,7 +2796,7 @@ "hooks-fixed": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/hooks-fixed/-/hooks-fixed-1.1.0.tgz", - "integrity": "sha1-DowVM2cI5mERhf45C0RofdUjDbs=" + "integrity": "sha512-G6wwrJomxWd/zCaKYa5dMrhMahd3cTD2W5vBGZ/IRO/p6J/VykgrNLYe5/RV1JLBoq4NERWdohT/w8LSWIZjqA==" }, "hosted-git-info": { "version": "2.8.5", @@ -3422,16 +3422,7 @@ "kareem": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/kareem/-/kareem-1.0.1.tgz", - "integrity": "sha1-eAXSFbtTIU7Dr5aaHQsfF+PnuVw=" - }, - "kerberos": { - "version": "0.0.24", - "resolved": "https://registry.npmjs.org/kerberos/-/kerberos-0.0.24.tgz", - "integrity": "sha512-QO6bFq9eETHB5zcA0OJiQtw137TH45OuUcGtI+QGg2ZJQIPCvwXL2kjCqZZMColcIdbPhj4X40EY5f3oOiBfiw==", - "optional": true, - "requires": { - "nan": "~2.10.0" - } + "integrity": "sha512-FWVjp1u+YDXpxfEZAyGAwulQsjwgqnNkbvju4PivaRHAeR1sOXe4Di4p9NkJlBVL+U1Xd8xBsX4lvtSVo690TA==" }, "keyv": { "version": "3.1.0", @@ -3527,9 +3518,9 @@ } }, "lodash": { - "version": "4.17.4", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.4.tgz", - "integrity": "sha1-eCA6TRwyiuHYbcpkYONptX9AVa4=" + "version": "4.17.20", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz", + "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==" }, "lodash.assign": { "version": "4.2.0", @@ -3611,9 +3602,9 @@ } }, "marked": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/marked/-/marked-0.3.5.tgz", - "integrity": "sha1-QROhWsXXvKFYpargciRYe5+hW5Q=" + "version": "0.3.18", + "resolved": "https://registry.npmjs.org/marked/-/marked-0.3.18.tgz", + "integrity": "sha512-49i2QYhfULqaXzNZpxC808PisuCTGT2fgG0zrzdCI9N3rIfAWfW0nggvbXr6zvpynZdOG5+9xNxdzP0kwZnERw==" }, "md5.js": { "version": "1.3.5", @@ -3664,12 +3655,12 @@ "ms": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" + "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==" }, "vary": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", - "integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw=" + "integrity": "sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg==" } } }, @@ -3878,24 +3869,23 @@ } }, "mongodb-core": { - "version": "1.2.19", - "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-1.2.19.tgz", - "integrity": "sha1-/LNfa2q8XD3h8aSl21JrnjBvPrc=", + "version": "1.2.21", + "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-1.2.21.tgz", + "integrity": "sha512-BoUwbWKWgVO58WoVwsdDmVcxvRU5ss1MlVvfzzVARzPkRbe7bV1pKLvHzJPfrJdXL9Vrikq6gS0OxY1gaVUnVA==", "requires": { - "bson": "~0.4.19", - "kerberos": "~0.0" + "bson": "~0.4.19" } }, "mongoose": { - "version": "4.2.4", - "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-4.2.4.tgz", - "integrity": "sha1-4vjAB92Dj2YztPbJZbqSojKskxc=", + "version": "4.2.5", + "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-4.2.5.tgz", + "integrity": "sha512-Q8c5bgfO8Gr6nYOiGKZdboFYFZ6vHntfsVHWCTgUpdbQxfCcYvH8DQRiMxGzZEB2yjj6pWobK8khsELG0qvYAA==", "requires": { "async": "0.9.0", "bson": "~0.4.18", "hooks-fixed": "1.1.0", "kareem": "1.0.1", - "mongodb": "2.0.46", + "mongodb": "2.0.48", "mpath": "0.1.1", "mpromise": "0.5.4", "mquery": "1.6.3", @@ -3906,24 +3896,24 @@ }, "dependencies": { "mongodb": { - "version": "2.0.46", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-2.0.46.tgz", - "integrity": "sha1-sbhXRl5F4lmx4OAzaYNBpky5NVk=", + "version": "2.0.48", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-2.0.48.tgz", + "integrity": "sha512-v9WAjHBXg9kfICEzdS4wbQbCjZnbCEWtEETbe44Tj6W5i3gULiyW2piYAAVwzWSRHblJhssvpHlpeDjeTsh8Ug==", "requires": { "es6-promise": "2.1.1", - "mongodb-core": "1.2.19", + "mongodb-core": "1.2.21", "readable-stream": "1.0.31" } }, "ms": { "version": "0.7.1", "resolved": "https://registry.npmjs.org/ms/-/ms-0.7.1.tgz", - "integrity": "sha1-nNE8A62/8ltl7/3nzoZO6VIBcJg=" + "integrity": "sha512-lRLiIR9fSNpnP6TC4v8+4OU7oStC01esuNowdQ34L+Gk8e5Puoc88IqJ+XAY/B3Mn2ZKis8l8HX90oU8ivzUHg==" }, "readable-stream": { "version": "1.0.31", "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.0.31.tgz", - "integrity": "sha1-jyUC4LyeOw2huUUgqrtOJgPsr64=", + "integrity": "sha512-tco/Dwv1f/sgIgN6CWdj/restacPKNskK6yps1981ivH2ZmLYcs5o5rVzL3qaO/cSkhN8hYOMWs7+glzOLSgRg==", "requires": { "core-util-is": "~1.0.0", "inherits": "~2.0.1", @@ -3961,17 +3951,17 @@ "ee-first": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", - "integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=" + "integrity": "sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==" }, "ms": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" + "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==" }, "on-finished": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.3.0.tgz", - "integrity": "sha1-IPEzZIGwg811M3mSoWlxqi2QaUc=", + "integrity": "sha512-ikqdkGAAyf/X/gPhXGvfgAytDZtDbr+bkNUJ0N9h5MI/dmdgCs3l6hoHrcUv41sRKew3jIwrp4qQDXiK99Utww==", "requires": { "ee-first": "1.1.1" } @@ -3981,17 +3971,17 @@ "mpath": { "version": "0.1.1", "resolved": "https://registry.npmjs.org/mpath/-/mpath-0.1.1.tgz", - "integrity": "sha1-I9qFK3wjLuCX9HWdKcDunNItXkY=" + "integrity": "sha512-q3I8htqDfa7EiDyY4Nxywpuov+uEqy6FWCNK8iJ1DxxyPvQpbIvdf7LQ5ms9iXrYhj3BJ/ETAaozIo/j6Z7DGA==" }, "mpromise": { "version": "0.5.4", "resolved": "https://registry.npmjs.org/mpromise/-/mpromise-0.5.4.tgz", - "integrity": "sha1-thBhPsbeN0GflEs18Hg7Ten13HU=" + "integrity": "sha512-r+wWWght+ncv5vntgV84NJphcVCk6ZcUdKJc5KnbnOyEMyabLq8SpEqUBW0hoE9T0NDcf5cXw/uso+V3fOQEFA==" }, "mquery": { "version": "1.6.3", "resolved": "https://registry.npmjs.org/mquery/-/mquery-1.6.3.tgz", - "integrity": "sha1-fAK/t+ScgBLOzhVWxeZf72HzyOU=", + "integrity": "sha512-pHgPD0+8w5YsOui7Gri+lnHMO245LvvrigUGRiZPefflqMXKo86CX/zZ/iEzdm5PBmIjzci1FaxjBiZzslKKiw==", "requires": { "bluebird": "2.9.26", "debug": "2.2.0", @@ -4002,12 +3992,12 @@ "bluebird": { "version": "2.9.26", "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-2.9.26.tgz", - "integrity": "sha1-Nidy6k0J9VakufO2TC/RNuh+OlU=" + "integrity": "sha512-rCR4rqoI1uXUObTgSd7M0Jhp4CXxqPdfmp7NDJ5zmxtwWTNeL6mGkPTL5ehuKK62//S1W/cY1vDjuIXwa6wm5A==" }, "debug": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/debug/-/debug-2.2.0.tgz", - "integrity": "sha1-+HBX6ZWxofauaklgZkE3vFbwOdo=", + "integrity": "sha512-X0rGvJcskG1c3TgSCPqHJ0XJgwlcvOC7elJ5Y0hYuKBZoVqWpAMfLOeIh2UI/DCQ5ruodIjvsugZtjUYUw2pUw==", "requires": { "ms": "0.7.1" } @@ -4015,7 +4005,7 @@ "ms": { "version": "0.7.1", "resolved": "https://registry.npmjs.org/ms/-/ms-0.7.1.tgz", - "integrity": "sha1-nNE8A62/8ltl7/3nzoZO6VIBcJg=" + "integrity": "sha512-lRLiIR9fSNpnP6TC4v8+4OU7oStC01esuNowdQ34L+Gk8e5Puoc88IqJ+XAY/B3Mn2ZKis8l8HX90oU8ivzUHg==" } } }, @@ -4027,7 +4017,7 @@ "muri": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/muri/-/muri-1.0.0.tgz", - "integrity": "sha1-3jv2vXHWfq5x12aJuVDS3hGGlcY=" + "integrity": "sha512-jcTyrsIRbGKs/EuXwoLpXEeB3ScobAHgCs1OtrkC23UgJcGKlfPQateVOxqvvbXVLlfBEWLtdOJvrpj18bdJRA==" }, "mute-stream": { "version": "0.0.7", @@ -4056,12 +4046,6 @@ "thenify-all": "^1.0.0" } }, - "nan": { - "version": "2.10.0", - "resolved": "https://registry.npmjs.org/nan/-/nan-2.10.0.tgz", - "integrity": "sha512-bAdJv7fBLhWC+/Bls0Oza+mvTaNQtP+1RyhhhvD95pgUJz6XM5IzgmxOkItJ9tkoCiplvAnXI1tNmmUD/eScyA==", - "optional": true - }, "nconf": { "version": "0.10.0", "resolved": "https://registry.npmjs.org/nconf/-/nconf-0.10.0.tgz", @@ -7667,7 +7651,7 @@ "regexp-clone": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/regexp-clone/-/regexp-clone-0.0.1.tgz", - "integrity": "sha1-p8LgmJH9vzj7sQ03b7cwA+aKxYk=" + "integrity": "sha512-tfYXF0HXEYh3AtgdjqNLQ8+tmZSAKIS7KtOjmB1laJgfbsi+Lf2RVNwLZVOE3U27yBXikzQuIXglLlakvb8Thw==" }, "registry-auth-token": { "version": "3.4.0", @@ -8023,7 +8007,7 @@ "sliced": { "version": "0.0.5", "resolved": "https://registry.npmjs.org/sliced/-/sliced-0.0.5.tgz", - "integrity": "sha1-XtwETKTrb3gW1Qui/GPiXY/kcH8=" + "integrity": "sha512-9bYT917D6H3+q8GlQBJmLVz3bc4OeVGfZ2BB12wvLnluTGfG6/8UdOUbKJDW1EEx9SZMDbjnatkau5/XcUeyOw==" }, "smart-buffer": { "version": "4.1.0", diff --git a/package.json b/package.json index 23795fb473..3234d5371b 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ "test": "snyk test" }, "dependencies": { - "adm-zip": "0.4.7", + "adm-zip": "0.5.2", "body-parser": "1.9.0", "cfenv": "^1.0.4", "consolidate": "0.14.5", @@ -31,12 +31,12 @@ "hbs": "^4.0.4", "humanize-ms": "1.0.1", "jquery": "^2.2.4", - "lodash": "4.17.4", - "marked": "0.3.5", + "lodash": "4.17.20", + "marked": "0.3.18", "method-override": "latest", "moment": "2.15.1", "mongodb": "^3.5.9", - "mongoose": "4.2.4", + "mongoose": "4.2.5", "morgan": "latest", "ms": "^0.7.1", "mysql": "^2.18.1",