chore: bump @babel dependencies (microsoft#27632)

This fixes: ``` Run npm audit --omit dev # npm audit report @babel/traverse <7.23.2 Severity: critical Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code - https://github.com/advisories/GHSA-[6](https://github.com/microsoft/playwright/actions/runs/6535308689/job/17744452034?pr=27631#step:10:7)[7](https://github.com/microsoft/playwright/actions/runs/6535308689/job/17744452034?pr=27631#step:10:8)hx-6x53-jw[9](https://github.com/microsoft/playwright/actions/runs/6535308689/job/17744452034?pr=27631#step:10:10)2 fix available via `npm audit fix` node_modules/@babel/traverse 1 critical severity vulnerability To address all issues, run: npm audit fix Error: Process completed with exit code 1. ```
OctoMind-dev · Oct 27, 2023 · 79f1736 · 79f1736
1 parent 85f9e1c
commit 79f1736
Show file tree

Hide file tree

Showing 9 changed files with 437 additions and 383 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -51,17 +51,17 @@
   ],
   "devDependencies": {
     "@actions/core": "^1.10.0",
-    "@babel/cli": "^7.19.3",
+    "@babel/cli": "^7.23.0",
     "@babel/code-frame": "^7.22.13",
     "@babel/plugin-proposal-class-properties": "^7.18.6",
     "@babel/plugin-proposal-export-namespace-from": "^7.18.9",
     "@babel/plugin-proposal-logical-assignment-operators": "^7.18.9",
     "@babel/plugin-proposal-nullish-coalescing-operator": "^7.18.6",
     "@babel/plugin-proposal-optional-chaining": "^7.18.9",
-    "@babel/plugin-transform-modules-commonjs": "^7.19.6",
-    "@babel/plugin-transform-typescript": "^7.20.2",
-    "@babel/preset-react": "^7.18.6",
-    "@types/babel__core": "^7.20.0",
+    "@babel/plugin-transform-modules-commonjs": "^7.23.0",
+    "@babel/plugin-transform-typescript": "^7.22.15",
+    "@babel/preset-react": "^7.22.15",
+    "@types/babel__core": "^7.20.2",
     "@types/codemirror": "^5.60.7",
     "@types/formidable": "^2.0.4",
     "@types/node": "^16.18.34",

diff --git a/packages/playwright/ThirdPartyNotices.txt b/packages/playwright/ThirdPartyNotices.txt
@@ -8,7 +8,7 @@ This project incorporates components from the projects listed below. The origina
 -	@babel/code-frame@7.22.13 (https://github.com/babel/babel)
 -	@babel/code-frame@7.22.5 (https://github.com/babel/babel)
 -	@babel/compat-data@7.22.20 (https://github.com/babel/babel)
--	@babel/core@7.23.0 (https://github.com/babel/babel)
+-	@babel/core@7.23.2 (https://github.com/babel/babel)
 -	@babel/generator@7.23.0 (https://github.com/babel/babel)
 -	@babel/helper-annotate-as-pure@7.22.5 (https://github.com/babel/babel)
 -	@babel/helper-compilation-targets@7.22.15 (https://github.com/babel/babel)
@@ -29,11 +29,11 @@ This project incorporates components from the projects listed below. The origina
 -	@babel/helper-validator-identifier@7.22.20 (https://github.com/babel/babel)
 -	@babel/helper-validator-identifier@7.22.5 (https://github.com/babel/babel)
 -	@babel/helper-validator-option@7.22.15 (https://github.com/babel/babel)
--	@babel/helpers@7.23.1 (https://github.com/babel/babel)
+-	@babel/helpers@7.23.2 (https://github.com/babel/babel)
 -	@babel/highlight@7.22.20 (https://github.com/babel/babel)
 -	@babel/highlight@7.22.5 (https://github.com/babel/babel)
 -	@babel/parser@7.23.0 (https://github.com/babel/babel)
--	@babel/plugin-proposal-decorators@7.23.0 (https://github.com/babel/babel)
+-	@babel/plugin-proposal-decorators@7.23.2 (https://github.com/babel/babel)
 -	@babel/plugin-syntax-async-generators@7.8.4 (https://github.com/babel/babel/tree/master/packages/babel-plugin-syntax-async-generators)
 -	@babel/plugin-syntax-class-static-block@7.14.5 (https://github.com/babel/babel)
 -	@babel/plugin-syntax-decorators@7.22.10 (https://github.com/babel/babel)
@@ -63,9 +63,9 @@ This project incorporates components from the projects listed below. The origina
 -	@babel/plugin-transform-private-property-in-object@7.22.11 (https://github.com/babel/babel)
 -	@babel/plugin-transform-react-jsx@7.22.15 (https://github.com/babel/babel)
 -	@babel/plugin-transform-typescript@7.22.15 (https://github.com/babel/babel)
--	@babel/preset-typescript@7.23.0 (https://github.com/babel/babel)
+-	@babel/preset-typescript@7.23.2 (https://github.com/babel/babel)
 -	@babel/template@7.22.15 (https://github.com/babel/babel)
--	@babel/traverse@7.23.0 (https://github.com/babel/babel)
+-	@babel/traverse@7.23.2 (https://github.com/babel/babel)
 -	@babel/types@7.23.0 (https://github.com/babel/babel)
 -	@jest/expect-utils@29.5.0 (https://github.com/facebook/jest)
 -	@jest/schemas@29.4.3 (https://github.com/facebook/jest)
@@ -441,7 +441,7 @@ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 =========================================
 END OF @babel/compat-data@7.22.20 AND INFORMATION
 
-%% @babel/core@7.23.0 NOTICES AND INFORMATION BEGIN HERE
+%% @babel/core@7.23.2 NOTICES AND INFORMATION BEGIN HERE
 =========================================
 MIT License
 
@@ -466,7 +466,7 @@ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 =========================================
-END OF @babel/core@7.23.0 AND INFORMATION
+END OF @babel/core@7.23.2 AND INFORMATION
 
 %% @babel/generator@7.23.0 NOTICES AND INFORMATION BEGIN HERE
 =========================================
@@ -1008,7 +1008,7 @@ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 =========================================
 END OF @babel/helper-validator-option@7.22.15 AND INFORMATION
 
-%% @babel/helpers@7.23.1 NOTICES AND INFORMATION BEGIN HERE
+%% @babel/helpers@7.23.2 NOTICES AND INFORMATION BEGIN HERE
 =========================================
 MIT License
 
@@ -1033,7 +1033,7 @@ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 =========================================
-END OF @babel/helpers@7.23.1 AND INFORMATION
+END OF @babel/helpers@7.23.2 AND INFORMATION
 
 %% @babel/highlight@7.22.20 NOTICES AND INFORMATION BEGIN HERE
 =========================================
@@ -1113,7 +1113,7 @@ THE SOFTWARE.
 =========================================
 END OF @babel/parser@7.23.0 AND INFORMATION
 
-%% @babel/plugin-proposal-decorators@7.23.0 NOTICES AND INFORMATION BEGIN HERE
+%% @babel/plugin-proposal-decorators@7.23.2 NOTICES AND INFORMATION BEGIN HERE
 =========================================
 MIT License
 
@@ -1138,7 +1138,7 @@ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 =========================================
-END OF @babel/plugin-proposal-decorators@7.23.0 AND INFORMATION
+END OF @babel/plugin-proposal-decorators@7.23.2 AND INFORMATION
 
 %% @babel/plugin-syntax-async-generators@7.8.4 NOTICES AND INFORMATION BEGIN HERE
 =========================================
@@ -1923,7 +1923,7 @@ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 =========================================
 END OF @babel/plugin-transform-typescript@7.22.15 AND INFORMATION
 
-%% @babel/preset-typescript@7.23.0 NOTICES AND INFORMATION BEGIN HERE
+%% @babel/preset-typescript@7.23.2 NOTICES AND INFORMATION BEGIN HERE
 =========================================
 MIT License
 
@@ -1948,7 +1948,7 @@ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 =========================================
-END OF @babel/preset-typescript@7.23.0 AND INFORMATION
+END OF @babel/preset-typescript@7.23.2 AND INFORMATION
 
 %% @babel/template@7.22.15 NOTICES AND INFORMATION BEGIN HERE
 =========================================
@@ -1977,7 +1977,7 @@ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 =========================================
 END OF @babel/template@7.22.15 AND INFORMATION
 
-%% @babel/traverse@7.23.0 NOTICES AND INFORMATION BEGIN HERE
+%% @babel/traverse@7.23.2 NOTICES AND INFORMATION BEGIN HERE
 =========================================
 MIT License
 
@@ -2002,7 +2002,7 @@ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 =========================================
-END OF @babel/traverse@7.23.0 AND INFORMATION
+END OF @babel/traverse@7.23.2 AND INFORMATION
 
 %% @babel/types@7.23.0 NOTICES AND INFORMATION BEGIN HERE
 =========================================

diff --git a/packages/playwright/bundles/babel/package-lock.json b/packages/playwright/bundles/babel/package-lock.json
diff --git a/packages/playwright/bundles/babel/package.json b/packages/playwright/bundles/babel/package.json
@@ -10,10 +10,10 @@
   },
   "dependencies": {
     "@babel/code-frame": "^7.22.13",
-    "@babel/core": "^7.23.0",
+    "@babel/core": "^7.23.2",
     "@babel/helper-plugin-utils": "^7.22.5",
     "@babel/parser": "^7.23.0",
-    "@babel/plugin-proposal-decorators": "^7.23.0",
+    "@babel/plugin-proposal-decorators": "^7.23.2",
     "@babel/plugin-syntax-async-generators": "^7.8.4",
     "@babel/plugin-syntax-import-assertions": "^7.22.5",
     "@babel/plugin-syntax-json-strings": "^7.8.3",
@@ -31,12 +31,12 @@
     "@babel/plugin-transform-private-methods": "^7.22.5",
     "@babel/plugin-transform-private-property-in-object": "^7.22.11",
     "@babel/plugin-transform-react-jsx": "^7.22.15",
-    "@babel/preset-typescript": "^7.23.0"
+    "@babel/preset-typescript": "^7.23.2"
   },
   "devDependencies": {
-    "@types/babel__code-frame": "^7.0.3",
-    "@types/babel__core": "^7.20.0",
-    "@types/babel__helper-plugin-utils": "^7.10.0",
+    "@types/babel__code-frame": "^7.0.4",
+    "@types/babel__core": "^7.20.2",
+    "@types/babel__helper-plugin-utils": "^7.10.1",
     "@types/babel__traverse": "^7.20.2"
   }
 }
diff --git a/tests/components/ct-vue-cli/package.json b/tests/components/ct-vue-cli/package.json
@@ -14,8 +14,8 @@
     "vue-router": "^4.1.5"
   },
   "devDependencies": {
-    "@babel/core": "^7.12.16",
-    "@babel/eslint-parser": "^7.12.16",
+    "@babel/core": "^7.23.2",
+    "@babel/eslint-parser": "^7.22.15",
     "@vue/cli-plugin-babel": "~5.0.0",
     "@vue/cli-plugin-eslint": "~5.0.0",
     "@vue/cli-plugin-router": "~5.0.0",

diff --git a/tests/components/ct-vue2-cli/package.json b/tests/components/ct-vue2-cli/package.json
@@ -14,8 +14,8 @@
     "vue-router": "^3.6.5"
   },
   "devDependencies": {
-    "@babel/core": "^7.12.16",
-    "@babel/eslint-parser": "^7.12.16",
+    "@babel/core": "^7.23.2",
+    "@babel/eslint-parser": "^7.22.15",
     "@vue/cli-plugin-babel": "~5.0.0",
     "@vue/cli-plugin-eslint": "~5.0.0",
     "@vue/cli-service": "~5.0.0",