From 9fcd7954e5b2cf1d68391808944f3a8c324598b0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 12 Jan 2025 06:56:16 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIX-8602075 --- package-lock.json | 46 +++++++++++++++++++++++++++++----------------- package.json | 2 +- 2 files changed, 30 insertions(+), 18 deletions(-) diff --git a/package-lock.json b/package-lock.json index 424a071..d03115f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1986,6 +1986,12 @@ "integrity": "sha512-ipixuVrh2OdNmauvtT51o3d8z12p6LtFW9in7U79der/kwejjdNchQC5UMn5u/KxNoM7VHHOs/l8KS8uHxhODQ==", "dev": true }, + "@types/trusted-types": { + "version": "2.0.7", + "resolved": "https://registry.npmjs.org/@types/trusted-types/-/trusted-types-2.0.7.tgz", + "integrity": "sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw==", + "optional": true + }, "@types/uglify-js": { "version": "3.13.1", "resolved": "https://registry.npmjs.org/@types/uglify-js/-/uglify-js-3.13.1.tgz", @@ -2412,11 +2418,6 @@ "require-main-filename": "^2.0.0" } }, - "vue": { - "version": "2.6.14", - "resolved": "https://registry.npmjs.org/vue/-/vue-2.6.14.tgz", - "integrity": "sha512-x2284lgYvjOMj3Za7kqzRcUSxBboHqtgRE2zlos1qWaOye5yUmHn42LB1250NJBLRwEcdrB0JRwyPTEPhfQjiQ==" - }, "vue-jest": { "version": "3.0.7", "resolved": "https://registry.npmjs.org/vue-jest/-/vue-jest-3.0.7.tgz", @@ -6198,6 +6199,14 @@ "domelementtype": "^2.2.0" } }, + "dompurify": { + "version": "3.2.3", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.2.3.tgz", + "integrity": "sha512-U1U5Hzc2MO0oW3DF+G9qYN0aT7atAou4AgI0XjWz061nyBPbdxkfdhfy5uMgGn6+oLFCfn44ZGbdDqCzVmlOWA==", + "requires": { + "@types/trusted-types": "^2.0.7" + } + }, "domutils": { "version": "2.8.0", "resolved": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz", @@ -15343,6 +15352,15 @@ "integrity": "sha1-J5siXfHVgrH1TmWt3UNS4Y+qBxM=", "dev": true }, + "string_decoder": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", + "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", + "dev": true, + "requires": { + "safe-buffer": "~5.1.0" + } + }, "string-hash": { "version": "1.1.3", "resolved": "https://registry.npmjs.org/string-hash/-/string-hash-1.1.3.tgz", @@ -15418,15 +15436,6 @@ "define-properties": "^1.1.3" } }, - "string_decoder": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", - "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", - "dev": true, - "requires": { - "safe-buffer": "~5.1.0" - } - }, "strip-ansi": { "version": "6.0.1", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", @@ -16073,9 +16082,12 @@ } }, "trix": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/trix/-/trix-1.3.1.tgz", - "integrity": "sha512-BbH6mb6gk+AV4f2as38mP6Ucc1LE3OD6XxkZnAgPIduWXYtvg2mI3cZhIZSLqmMh9OITEpOBCCk88IVmyjU7bA==" + "version": "2.1.12", + "resolved": "https://registry.npmjs.org/trix/-/trix-2.1.12.tgz", + "integrity": "sha512-0hQvJdy257XuzRdCzSQ/QvcqyTp+8ixMxVLWxSbWvEzD2kgKFlcrMjgWZbtVkJENaod+jm2sBTOWAZVNWK+DMA==", + "requires": { + "dompurify": "^3.2.3" + } }, "tryer": { "version": "1.0.1", diff --git a/package.json b/package.json index 3dc65eb..039536f 100644 --- a/package.json +++ b/package.json @@ -45,7 +45,7 @@ "test:unit": "vue-cli-service test:unit" }, "dependencies": { - "trix": "^1.3.1" + "trix": "^2.1.12" }, "devDependencies": { "@vue/cli-plugin-babel": "^3.12.1",