From 2c0ae437059ce91c1e82411a85c559b4f2fa390b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 25 Mar 2021 07:01:22 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355 --- package-lock.json | 184 ++++++++++++++++++++++++++++------------------ package.json | 2 +- 2 files changed, 112 insertions(+), 74 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2582698fd3..9b51ff1844 100644 --- a/package-lock.json +++ b/package-lock.json @@ -460,6 +460,11 @@ "@ethersproject/strings": "^5.0.8" } }, + "@octetstream/promisify": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@octetstream/promisify/-/promisify-2.0.2.tgz", + "integrity": "sha512-7XHoRB61hxsz8lBQrjC1tq/3OEIgpvGWg6DKAdwi7WRzruwkmsdwmOoUXbU4Dtd4RSOMDwed0SkP3y8UlMt1Bg==" + }, "@open-policy-agent/opa-wasm": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/@open-policy-agent/opa-wasm/-/opa-wasm-1.2.0.tgz", @@ -949,11 +954,6 @@ "resolved": "https://registry.npmjs.org/@types/graphlib/-/graphlib-2.1.7.tgz", "integrity": "sha512-K7T1n6U2HbTYu+SFHlBjz/RH74OA2D/zF1qlzn8uXbvB4uRg7knOM85ugS2bbXI1TXMh7rLqk4OVRwIwEBaixg==" }, - "@types/hosted-git-info": { - "version": "2.7.0", - "resolved": "https://registry.npmjs.org/@types/hosted-git-info/-/hosted-git-info-2.7.0.tgz", - "integrity": "sha512-OW/D8GqCyQtH8F7xDdDxzPJTBgknZeZhlCakUcBCya2rYPRN53F+0YJVwSPyiyAhrknnjkl3P9qVk0oBI4S1qw==" - }, "@types/http-cache-semantics": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/@types/http-cache-semantics/-/http-cache-semantics-4.0.0.tgz", @@ -4889,11 +4889,18 @@ } }, "event-loop-spinner": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/event-loop-spinner/-/event-loop-spinner-2.0.0.tgz", - "integrity": "sha512-1y4j/Mhttr8ordvHkbDsGzGrlQaSYJoXD/3YKUxiOXIk7myEn9UPfybEk/lLtrcU3D4QvCNmVUxVQaPtvAIaUw==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/event-loop-spinner/-/event-loop-spinner-2.1.0.tgz", + "integrity": "sha512-RJ10wL8/F9AlfBgRCvYctJIXSb9XkVmSCK3GGUvPD3dJrvTjDeDT0tmhcbEC6I2NEjNM9xD38HQJ4F/f/gb4VQ==", "requires": { - "tslib": "^1.10.0" + "tslib": "^2.1.0" + }, + "dependencies": { + "tslib": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.1.0.tgz", + "integrity": "sha512-hcVC3wYEziELGGmEEXue7D75zbwIIVUMWAVbHItGPx0ziyXxrOMQx4rQEVEV45Ut/1IotuEvwqPopzIOkDMf0A==" + } } }, "event-stream": { @@ -5938,6 +5945,26 @@ } } }, + "hcl-to-json": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/hcl-to-json/-/hcl-to-json-0.1.1.tgz", + "integrity": "sha512-sj1RPsdgX/ilBGZGnyjbSHQbRe20hyA6VDXYBGJedHSCdwSWkr/7tr85N7FGeM7KvBjIQX7Gl897bo0Ug73Z/A==", + "requires": { + "debug": "^3.0.1", + "lodash.get": "^4.4.2", + "lodash.set": "^4.3.2" + }, + "dependencies": { + "debug": { + "version": "3.2.7", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.7.tgz", + "integrity": "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==", + "requires": { + "ms": "^2.1.1" + } + } + } + }, "hdkey": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/hdkey/-/hdkey-1.1.2.tgz", @@ -6674,9 +6701,9 @@ "integrity": "sha512-2rRIahhZr2UWb45fIOuvZGpFtz0TyOZLf32KxBbSoUCeZR495zCKlWUKKUByk3geS2eAs7ZAABt0Y/Rx0GiQGA==" }, "is-path-inside": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.2.tgz", - "integrity": "sha512-/2UGPSgmtqwo1ktx8NDHjuPwZWmHhO+gj0f93EkhLB5RgW9RZevWYYlIkS6zePc6U2WpOdQYIwHe9YC4DWEBVg==" + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz", + "integrity": "sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ==" }, "is-plain-obj": { "version": "1.1.0", @@ -9705,6 +9732,14 @@ "asap": "~2.0.6" } }, + "promise-fs": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/promise-fs/-/promise-fs-2.1.1.tgz", + "integrity": "sha512-43p7e4QzAQ3w6eyN0+gbBL7jXiZFWLWYITg9wIObqkBySu/a5K1EDcQ/S6UyB/bmiZWDA4NjTbcopKLTaKcGSw==", + "requires": { + "@octetstream/promisify": "2.0.2" + } + }, "promise-queue": { "version": "2.2.5", "resolved": "https://registry.npmjs.org/promise-queue/-/promise-queue-2.2.5.tgz", @@ -11045,9 +11080,9 @@ "integrity": "sha512-iVICrxOzCynf/SNaBQCw34eM9jROU/s5rzIhpOvzhzuYHfJR/DhZfDkXiZSgKXfgv26HT3Yni3AV/DGw0cGnnw==" }, "snyk": { - "version": "1.460.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.460.0.tgz", - "integrity": "sha512-dSJ4KIJY/b6msLEFkMb9i5x49DJPZ/c27cp3B8g0/PQi4f1GpytpwXPQepN1W+jrPmBIz3sT7b4k6E9ZVlhjkw==", + "version": "1.465.0", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.465.0.tgz", + "integrity": "sha512-+/hCv+8sperGYdwmyV9uhVR2pSn9letE25hnY2QSJ4qTt+Y1q4ioXfR6xENXUlVBNyGg8hxttbp4f3ssZ8B9bQ==", "requires": { "@open-policy-agent/opa-wasm": "^1.2.0", "@snyk/cli-interface": "2.11.0", @@ -11063,6 +11098,7 @@ "configstore": "^5.0.1", "debug": "^4.1.1", "diff": "^4.0.1", + "hcl-to-json": "^0.1.1", "lodash.assign": "^4.2.0", "lodash.camelcase": "^4.3.0", "lodash.clonedeep": "^4.5.0", @@ -11081,26 +11117,26 @@ "lodash.upperfirst": "^4.3.1", "lodash.values": "^4.3.0", "micromatch": "4.0.2", - "needle": "2.5.0", + "needle": "2.6.0", "open": "^7.0.3", "os-name": "^3.0.0", "promise-queue": "^2.2.5", "proxy-agent": "^3.1.1", "proxy-from-env": "^1.0.0", "semver": "^6.0.0", - "snyk-config": "4.0.0-rc.2", + "snyk-config": "4.0.0", "snyk-cpp-plugin": "2.2.1", "snyk-docker-plugin": "4.17.3", "snyk-go-plugin": "1.16.5", - "snyk-gradle-plugin": "3.13.0", + "snyk-gradle-plugin": "3.13.2", "snyk-module": "3.1.0", "snyk-mvn-plugin": "2.25.3", "snyk-nodejs-lockfile-parser": "1.30.2", "snyk-nuget-plugin": "1.21.0", "snyk-php-plugin": "1.9.2", - "snyk-policy": "1.14.1", + "snyk-policy": "1.19.0", "snyk-python-plugin": "1.19.5", - "snyk-resolve": "1.0.1", + "snyk-resolve": "1.1.0", "snyk-resolve-deps": "4.7.2", "snyk-sbt-plugin": "2.11.0", "snyk-tree": "^1.0.0", @@ -11133,6 +11169,26 @@ "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz", "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=" }, + "needle": { + "version": "2.6.0", + "resolved": "https://registry.npmjs.org/needle/-/needle-2.6.0.tgz", + "integrity": "sha512-KKYdza4heMsEfSWD7VPUIz3zX2XDwOyX2d+geb4vrERZMT5RMU6ujjaD+I5Yr54uZxQ2w6XRTAhHBbSCyovZBg==", + "requires": { + "debug": "^3.2.6", + "iconv-lite": "^0.4.4", + "sax": "^1.2.4" + }, + "dependencies": { + "debug": { + "version": "3.2.7", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.7.tgz", + "integrity": "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==", + "requires": { + "ms": "^2.1.1" + } + } + } + }, "semver": { "version": "6.3.0", "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", @@ -11169,9 +11225,9 @@ } }, "snyk-config": { - "version": "4.0.0-rc.2", - "resolved": "https://registry.npmjs.org/snyk-config/-/snyk-config-4.0.0-rc.2.tgz", - "integrity": "sha512-HIXpMCRp5IdQDFH/CY6WqOUt5X5Ec55KC9dFVjlMLe/2zeqsImJn1vbjpE5uBoLYIdYi1SteTqtsJhyJZWRK8g==", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/snyk-config/-/snyk-config-4.0.0.tgz", + "integrity": "sha512-E6jNe0oUjjzVASWBOAc/mA23DhbzABDF9MI6UZvl0gylh2NSXSXw2/LjlqMNOKL2c1qkbSkzLOdIX5XACoLCAQ==", "requires": { "async": "^3.2.0", "debug": "^4.1.1", @@ -11355,9 +11411,9 @@ } }, "snyk-gradle-plugin": { - "version": "3.13.0", - "resolved": "https://registry.npmjs.org/snyk-gradle-plugin/-/snyk-gradle-plugin-3.13.0.tgz", - "integrity": "sha512-t7tibuRHMX0ot5woZlFpblTH20j8BKWxO4wwC7+dGsvS9VtXrlG73moeE5EXfOPb2E8OA7STPKGsEibVIl/j2w==", + "version": "3.13.2", + "resolved": "https://registry.npmjs.org/snyk-gradle-plugin/-/snyk-gradle-plugin-3.13.2.tgz", + "integrity": "sha512-t7lBFgWwS3KU7SgmAeTJnTR44Wew84/IvNbNZ2fF0f+lXd1kZxMG1Ty2brETvxpl+U2JxC8ISILohGXsET+ySg==", "requires": { "@snyk/cli-interface": "2.11.0", "@snyk/dep-graph": "^1.23.1", @@ -11656,9 +11712,9 @@ "integrity": "sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==" }, "p-cancelable": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-2.0.0.tgz", - "integrity": "sha512-wvPXDmbMmu2ksjkB4Z3nZWTSkJEb9lqVdMaCKpZUGJG9TMiNp9XcbG3fn9fPKjem04fJMJnXoyFPk2FmgiaiNg==" + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-2.1.0.tgz", + "integrity": "sha512-HAZyB3ZodPo+BDpb4/Iu7Jv4P6cSazBz9ZM0ChhEXp70scx834aWCEjQRwgt41UzzejUAPdbqqONfRWTPYrPAQ==" }, "p-map": { "version": "2.1.0", @@ -11788,50 +11844,42 @@ } }, "snyk-policy": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/snyk-policy/-/snyk-policy-1.14.1.tgz", - "integrity": "sha512-C5vSkoBYxPnaqb218sm4m6N5s1BhIXlldpIX5xRNnZ0QkDwVj3dy/PfgwxRgVQh7QFGa1ajbvKmsGmm4RRsN8g==", + "version": "1.19.0", + "resolved": "https://registry.npmjs.org/snyk-policy/-/snyk-policy-1.19.0.tgz", + "integrity": "sha512-XYjhOTRPFA7NfDUsH6uH1fbML2OgSFsqdUPbud7x01urNP9CHXgUgAD4NhKMi3dVQK+7IdYadWt0wrFWw4y+qg==", "requires": { "debug": "^4.1.1", "email-validator": "^2.0.4", "js-yaml": "^3.13.1", "lodash.clonedeep": "^4.5.0", + "promise-fs": "^2.1.1", "semver": "^6.0.0", - "snyk-module": "^2.0.2", - "snyk-resolve": "^1.0.1", - "snyk-try-require": "^1.3.1", - "then-fs": "^2.0.0" + "snyk-module": "^3.0.0", + "snyk-resolve": "^1.1.0", + "snyk-try-require": "^2.0.0" }, "dependencies": { - "@types/node": { - "version": "6.14.13", - "resolved": "https://registry.npmjs.org/@types/node/-/node-6.14.13.tgz", - "integrity": "sha512-J1F0XJ/9zxlZel5ZlbeSuHW2OpabrUAqpFuC2sm2I3by8sERQ8+KCjNKUcq8QHuzpGMWiJpo9ZxeHrqrP2KzQw==" + "lru-cache": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", + "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "requires": { + "yallist": "^3.0.2" + } }, "semver": { "version": "6.3.0", "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" }, - "snyk-module": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/snyk-module/-/snyk-module-2.1.0.tgz", - "integrity": "sha512-K5xeA39vLbm23Y/29wFEhKGvo7FwV4x9XhCP5gB22dBPyYiCCNiDERX4ofHQvtM6q96cL0hIroMdlbctv/0nPw==", + "snyk-try-require": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/snyk-try-require/-/snyk-try-require-2.0.1.tgz", + "integrity": "sha512-VCOfFIvqLMXgCXEdooQgu3A40XYIFBnj0X8Y01RJ5iAbu08b4WKGN/uAKaRVF30dABS4EcjsalmCO+YlKUPEIA==", "requires": { - "@types/hosted-git-info": "^2.7.0", - "@types/node": "^6.14.7", - "debug": "^3.1.0", - "hosted-git-info": "^2.7.1" - }, - "dependencies": { - "debug": { - "version": "3.2.7", - "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.7.tgz", - "integrity": "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==", - "requires": { - "ms": "^2.1.1" - } - } + "debug": "^4.1.1", + "lodash.clonedeep": "^4.3.0", + "lru-cache": "^5.1.1" } } } @@ -11847,22 +11895,12 @@ } }, "snyk-resolve": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/snyk-resolve/-/snyk-resolve-1.0.1.tgz", - "integrity": "sha512-7+i+LLhtBo1Pkth01xv+RYJU8a67zmJ8WFFPvSxyCjdlKIcsps4hPQFebhz+0gC5rMemlaeIV6cqwqUf9PEDpw==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/snyk-resolve/-/snyk-resolve-1.1.0.tgz", + "integrity": "sha512-OZMF8I8TOu0S58Z/OS9mr8jkEzGAPByCsAkrWlcmZgPaE0RsxVKVIFPhbMNy/JlYswgGDYYIEsNw+e0j1FnTrw==", "requires": { - "debug": "^3.1.0", - "then-fs": "^2.0.0" - }, - "dependencies": { - "debug": { - "version": "3.2.7", - "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.7.tgz", - "integrity": "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==", - "requires": { - "ms": "^2.1.1" - } - } + "debug": "^4.1.1", + "promise-fs": "^2.1.1" } }, "snyk-resolve-deps": { diff --git a/package.json b/package.json index 06e12e06a3..94bee660d2 100644 --- a/package.json +++ b/package.json @@ -112,7 +112,7 @@ "webpack-cli": "^4.4.0", "ws": "^7.4.2", "zero-fill": "^2.2.4", - "snyk": "^1.437.4" + "snyk": "^1.465.0" }, "devDependencies": { "eslint": "^4.19.1",