From ebd68ca9ee009f4deef34af15800764d9ba6072b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 29 Aug 2020 03:37:08 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BL-608877 --- package-lock.json | 31 ++++++++++++++++++------------- package.json | 2 +- 2 files changed, 19 insertions(+), 14 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0fb6b83d3..5f23af98a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5734,9 +5734,9 @@ } }, "go-ipfs-dep": { - "version": "0.4.22-rc1", - "resolved": "https://registry.npmjs.org/go-ipfs-dep/-/go-ipfs-dep-0.4.22-rc1.tgz", - "integrity": "sha512-2C5d9VEcwoiuSZZHg2yhxpiO7IdRYQd8022UQDNQtYCeC8U6BVC9JFXw/iWksr0m0xi97Z1FAN+oXhNNQCxI/A==", + "version": "0.4.22", + "resolved": "https://registry.npmjs.org/go-ipfs-dep/-/go-ipfs-dep-0.4.22.tgz", + "integrity": "sha512-e1hPrnMzuowL8kF0xx3SorSTzmy2fHvKvb2X4lzGBv67M2ClgpFrGQ9MaaiocFNiMopwrWRNcxpHEaLWU8KPKA==", "requires": { "go-platform": "^1.0.0", "gunzip-maybe": "^1.4.1", @@ -5809,9 +5809,9 @@ "dev": true }, "gunzip-maybe": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/gunzip-maybe/-/gunzip-maybe-1.4.1.tgz", - "integrity": "sha512-qtutIKMthNJJgeHQS7kZ9FqDq59/Wn0G2HYCRNjpup7yKfVI6/eqwpmroyZGFoCYaG+sW6psNVb4zoLADHpp2g==", + "version": "1.4.2", + "resolved": "https://registry.npmjs.org/gunzip-maybe/-/gunzip-maybe-1.4.2.tgz", + "integrity": "sha512-4haO1M4mLO91PW57BMsDFf75UmwoRX0GkdD+Faw+Lr+r/OZrOCS0pIBwOL1xCKQqnQzbNFGgK2V2CpBUPeFNTw==", "requires": { "browserify-zlib": "^0.1.4", "is-deflate": "^1.0.0", @@ -7514,6 +7514,11 @@ "minimist": "0.0.8" } }, + "mkdirp-classic": { + "version": "0.5.3", + "resolved": "https://registry.npmjs.org/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz", + "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==" + }, "mocha": { "version": "6.2.0", "resolved": "https://registry.npmjs.org/mocha/-/mocha-6.2.0.tgz", @@ -10085,9 +10090,9 @@ } }, "stream-shift": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/stream-shift/-/stream-shift-1.0.0.tgz", - "integrity": "sha1-1cdSgl5TZ+eG944Y5EXqIjoVWVI=" + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/stream-shift/-/stream-shift-1.0.1.tgz", + "integrity": "sha512-AiisoFqQ0vbGcZgQPY1cdP2I76glaVA/RauYR4G4thNFgkTqr90yXTo4LYX60Jl+sIlPNHHdGSwo01AvbKUSVQ==" }, "stream-to-pull-stream": { "version": "1.7.3", @@ -10335,12 +10340,12 @@ } }, "tar-fs": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.0.0.tgz", - "integrity": "sha512-vaY0obB6Om/fso8a8vakQBzwholQ7v5+uy+tF3Ozvxv1KNezmVQAiWtcNmMHFSFPqL3dJA8ha6gdtFbfX9mcxA==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.0.tgz", + "integrity": "sha512-9uW5iDvrIMCVpvasdFHW0wJPez0K4JnMZtsuIeDI7HyMGJNxmDZDOCQROr7lXyS+iL/QMpj07qcjGYTSdRFXUg==", "requires": { "chownr": "^1.1.1", - "mkdirp": "^0.5.1", + "mkdirp-classic": "^0.5.2", "pump": "^3.0.0", "tar-stream": "^2.0.0" }, diff --git a/package.json b/package.json index 4a84be501..19a7accb2 100644 --- a/package.json +++ b/package.json @@ -79,7 +79,7 @@ "fix-path": "^2.1.0", "fs-extra": "^8.1.0", "get-port": "^5.0.0", - "go-ipfs-dep": "0.4.22-rc1", + "go-ipfs-dep": "0.4.22", "i18next": "^17.0.6", "i18next-electron-language-detector": "0.0.10", "i18next-icu": "^1.1.2",