From 1815244e8f44dad98a63e4a6d637659a8a59cddd Mon Sep 17 00:00:00 2001 From: Denis Nikulin Date: Wed, 26 Jun 2024 13:57:09 +0400 Subject: [PATCH] Bump the qs version to fix vulnerability issue. (#371) --- package-lock.json | 6 +- package.json | 4 +- samples/basic/package-lock.json | 6 +- samples/react/package-lock.json | 6 +- samples/webSample/package-lock.json | 6 +- samples/webpack/package-lock.json | 155 ++++++++++++---------------- test/package-lock.json | 6 +- 7 files changed, 83 insertions(+), 106 deletions(-) diff --git a/package-lock.json b/package-lock.json index fb7b053..415f238 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,17 +1,17 @@ { "name": "typed-rest-client", - "version": "2.0.0", + "version": "2.0.1", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "typed-rest-client", - "version": "2.0.0", + "version": "2.0.1", "license": "MIT", "dependencies": { "des.js": "^1.1.0", "js-md4": "^0.3.2", - "qs": "^6.9.7", + "qs": "^6.10.3", "tunnel": "0.0.6", "underscore": "^1.12.1" }, diff --git a/package.json b/package.json index 06be239..2a25189 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "typed-rest-client", - "version": "2.0.0", + "version": "2.0.1", "description": "Node Rest and Http Clients for use with TypeScript", "main": "./RestClient.js", "scripts": { @@ -45,7 +45,7 @@ "dependencies": { "des.js": "^1.1.0", "js-md4": "^0.3.2", - "qs": "^6.9.7", + "qs": "^6.10.3", "tunnel": "0.0.6", "underscore": "^1.12.1" } diff --git a/samples/basic/package-lock.json b/samples/basic/package-lock.json index 8f23fd5..3b3ce7a 100644 --- a/samples/basic/package-lock.json +++ b/samples/basic/package-lock.json @@ -18,12 +18,12 @@ }, "../../_build": { "name": "typed-rest-client", - "version": "2.0.0", + "version": "2.0.1", "license": "MIT", "dependencies": { "des.js": "^1.1.0", "js-md4": "^0.3.2", - "qs": "^6.9.7", + "qs": "^6.10.3", "tunnel": "0.0.6", "underscore": "^1.12.1" }, @@ -39,7 +39,7 @@ "typescript": "^5.4.5" }, "engines": { - "node": ">= 14.0.0" + "node": ">= 16.0.0" } }, "../../_build/node_modules/call-bind": { diff --git a/samples/react/package-lock.json b/samples/react/package-lock.json index caf3451..099bc03 100644 --- a/samples/react/package-lock.json +++ b/samples/react/package-lock.json @@ -30,12 +30,12 @@ }, "../../_build": { "name": "typed-rest-client", - "version": "2.0.0", + "version": "2.0.1", "license": "MIT", "dependencies": { "des.js": "^1.1.0", "js-md4": "^0.3.2", - "qs": "^6.9.7", + "qs": "^6.10.3", "tunnel": "0.0.6", "underscore": "^1.12.1" }, @@ -51,7 +51,7 @@ "typescript": "^5.4.5" }, "engines": { - "node": ">= 14.0.0" + "node": ">= 16.0.0" } }, "node_modules/@ampproject/remapping": { diff --git a/samples/webSample/package-lock.json b/samples/webSample/package-lock.json index a30bebf..06adf6d 100644 --- a/samples/webSample/package-lock.json +++ b/samples/webSample/package-lock.json @@ -17,12 +17,12 @@ }, "../../_build": { "name": "typed-rest-client", - "version": "2.0.0", + "version": "2.0.1", "license": "MIT", "dependencies": { "des.js": "^1.1.0", "js-md4": "^0.3.2", - "qs": "^6.9.7", + "qs": "^6.10.3", "tunnel": "0.0.6", "underscore": "^1.12.1" }, @@ -38,7 +38,7 @@ "typescript": "^5.4.5" }, "engines": { - "node": ">= 14.0.0" + "node": ">= 16.0.0" } }, "../../_build/node_modules/call-bind": { diff --git a/samples/webpack/package-lock.json b/samples/webpack/package-lock.json index 888253e..c06e058 100644 --- a/samples/webpack/package-lock.json +++ b/samples/webpack/package-lock.json @@ -35,6 +35,32 @@ "webpack-dev-server": "^4.9.3" } }, + "../../_build": { + "name": "typed-rest-client", + "version": "2.0.1", + "license": "MIT", + "dependencies": { + "des.js": "^1.1.0", + "js-md4": "^0.3.2", + "qs": "^6.10.3", + "tunnel": "0.0.6", + "underscore": "^1.12.1" + }, + "devDependencies": { + "@octokit/rest": "^20.1.1", + "@types/mocha": "^2.2.44", + "@types/node": "^20.11.0", + "@types/shelljs": "0.7.4", + "mocha": "^10.4.0", + "nock": "13.5.4", + "semver": "^7.6.2", + "shelljs": "^0.8.5", + "typescript": "^5.4.5" + }, + "engines": { + "node": ">= 16.0.0" + } + }, "node_modules/@ampproject/remapping": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.0.tgz", @@ -2529,12 +2555,12 @@ } }, "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "dependencies": { - "fill-range": "^7.0.1" + "fill-range": "^7.1.1" }, "engines": { "node": ">=8" @@ -3127,15 +3153,6 @@ "node": ">= 0.8" } }, - "node_modules/des.js": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/des.js/-/des.js-1.1.0.tgz", - "integrity": "sha512-r17GxjhUCjSRy8aiJpr8/UadFIzMzJGexI3Nmz4ADi9LYSFx4gTBp80+NaX/YsXWWLhpZ7v/v/ubEc/bCNfKwg==", - "dependencies": { - "inherits": "^2.0.1", - "minimalistic-assert": "^1.0.0" - } - }, "node_modules/destroy": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz", @@ -3717,9 +3734,9 @@ } }, "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "dependencies": { "to-regex-range": "^5.0.1" @@ -4791,11 +4808,6 @@ "url": "https://github.com/chalk/supports-color?sponsor=1" } }, - "node_modules/js-md4": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/js-md4/-/js-md4-0.3.2.tgz", - "integrity": "sha512-/GDnfQYsltsjRswQhN9fhv3EMw2sCpUdrdxyWDOUK7eyD++r3gRhzgiQgc/x4MAv2i1iuQ4lxO5mvqM3vj4bwA==" - }, "node_modules/js-tokens": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", @@ -5020,7 +5032,8 @@ "node_modules/minimalistic-assert": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz", - "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==" + "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==", + "dev": true }, "node_modules/minimatch": { "version": "3.1.2", @@ -5518,6 +5531,7 @@ "version": "6.11.0", "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz", "integrity": "sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==", + "dev": true, "dependencies": { "side-channel": "^1.0.4" }, @@ -6468,14 +6482,6 @@ "integrity": "sha512-d6xOpEDfsi2CZVlPQzGeux8XMwLT9hssAsaPYExaQMuYskwb+x1x7J371tWlbBdWHroy99KnVB6qIkUbs5X3UQ==", "dev": true }, - "node_modules/tunnel": { - "version": "0.0.6", - "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz", - "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==", - "engines": { - "node": ">=0.6.11 <=0.7.0 || >=0.7.3" - } - }, "node_modules/type-is": { "version": "1.6.18", "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", @@ -6490,19 +6496,8 @@ } }, "node_modules/typed-rest-client": { - "version": "2.0.0", - "resolved": "file:../../_build", - "license": "MIT", - "dependencies": { - "des.js": "^1.1.0", - "js-md4": "^0.3.2", - "qs": "^6.9.7", - "tunnel": "0.0.6", - "underscore": "^1.12.1" - }, - "engines": { - "node": ">= 14.0.0" - } + "resolved": "../../_build", + "link": true }, "node_modules/unbox-primitive": { "version": "1.0.2", @@ -6518,11 +6513,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/underscore": { - "version": "1.13.6", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.6.tgz", - "integrity": "sha512-+A5Sja4HP1M08MaXya7p5LvjuM7K6q/2EaC0+iovj/wOcMsTzMvDFbasi/oSapiwOlt252IqsKqPjCl7huKS0A==" - }, "node_modules/unicode-canonical-property-names-ecmascript": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/unicode-canonical-property-names-ecmascript/-/unicode-canonical-property-names-ecmascript-2.0.0.tgz", @@ -7097,16 +7087,16 @@ "dev": true }, "node_modules/ws": { - "version": "8.8.1", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.8.1.tgz", - "integrity": "sha512-bGy2JzvzkPowEJV++hF07hAD6niYSr0JzBNo/J29WsB57A2r7Wlc1UFcTR9IzrPvuNVO4B8LGqF8qcpsVOhJCA==", + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz", + "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==", "dev": true, "engines": { "node": ">=10.0.0" }, "peerDependencies": { "bufferutil": "^4.0.1", - "utf-8-validate": "^5.0.2" + "utf-8-validate": ">=5.0.2" }, "peerDependenciesMeta": { "bufferutil": { @@ -8993,12 +8983,12 @@ } }, "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "requires": { - "fill-range": "^7.0.1" + "fill-range": "^7.1.1" } }, "browserify-zlib": { @@ -9416,15 +9406,6 @@ "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==", "dev": true }, - "des.js": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/des.js/-/des.js-1.1.0.tgz", - "integrity": "sha512-r17GxjhUCjSRy8aiJpr8/UadFIzMzJGexI3Nmz4ADi9LYSFx4gTBp80+NaX/YsXWWLhpZ7v/v/ubEc/bCNfKwg==", - "requires": { - "inherits": "^2.0.1", - "minimalistic-assert": "^1.0.0" - } - }, "destroy": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz", @@ -9871,9 +9852,9 @@ } }, "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "requires": { "to-regex-range": "^5.0.1" @@ -10609,11 +10590,6 @@ } } }, - "js-md4": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/js-md4/-/js-md4-0.3.2.tgz", - "integrity": "sha512-/GDnfQYsltsjRswQhN9fhv3EMw2sCpUdrdxyWDOUK7eyD++r3gRhzgiQgc/x4MAv2i1iuQ4lxO5mvqM3vj4bwA==" - }, "js-tokens": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", @@ -10778,7 +10754,8 @@ "minimalistic-assert": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz", - "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==" + "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==", + "dev": true }, "minimatch": { "version": "3.1.2", @@ -11155,6 +11132,7 @@ "version": "6.11.0", "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz", "integrity": "sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==", + "dev": true, "requires": { "side-channel": "^1.0.4" } @@ -11871,11 +11849,6 @@ "integrity": "sha512-d6xOpEDfsi2CZVlPQzGeux8XMwLT9hssAsaPYExaQMuYskwb+x1x7J371tWlbBdWHroy99KnVB6qIkUbs5X3UQ==", "dev": true }, - "tunnel": { - "version": "0.0.6", - "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz", - "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==" - }, "type-is": { "version": "1.6.18", "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", @@ -11887,12 +11860,21 @@ } }, "typed-rest-client": { - "version": "2.0.0", + "version": "file:../../_build", "requires": { + "@octokit/rest": "^20.1.1", + "@types/mocha": "^2.2.44", + "@types/node": "^20.11.0", + "@types/shelljs": "0.7.4", "des.js": "^1.1.0", "js-md4": "^0.3.2", - "qs": "^6.9.7", + "mocha": "^10.4.0", + "nock": "13.5.4", + "qs": "^6.10.3", + "semver": "^7.6.2", + "shelljs": "^0.8.5", "tunnel": "0.0.6", + "typescript": "^5.4.5", "underscore": "^1.12.1" } }, @@ -11907,11 +11889,6 @@ "which-boxed-primitive": "^1.0.2" } }, - "underscore": { - "version": "1.13.6", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.6.tgz", - "integrity": "sha512-+A5Sja4HP1M08MaXya7p5LvjuM7K6q/2EaC0+iovj/wOcMsTzMvDFbasi/oSapiwOlt252IqsKqPjCl7huKS0A==" - }, "unicode-canonical-property-names-ecmascript": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/unicode-canonical-property-names-ecmascript/-/unicode-canonical-property-names-ecmascript-2.0.0.tgz", @@ -12305,9 +12282,9 @@ "dev": true }, "ws": { - "version": "8.8.1", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.8.1.tgz", - "integrity": "sha512-bGy2JzvzkPowEJV++hF07hAD6niYSr0JzBNo/J29WsB57A2r7Wlc1UFcTR9IzrPvuNVO4B8LGqF8qcpsVOhJCA==", + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz", + "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==", "dev": true, "requires": {} }, diff --git a/test/package-lock.json b/test/package-lock.json index ea9ea2a..543dc41 100644 --- a/test/package-lock.json +++ b/test/package-lock.json @@ -14,12 +14,12 @@ }, "../_build": { "name": "typed-rest-client", - "version": "2.0.0", + "version": "2.0.1", "license": "MIT", "dependencies": { "des.js": "^1.1.0", "js-md4": "^0.3.2", - "qs": "^6.9.7", + "qs": "^6.10.3", "tunnel": "0.0.6", "underscore": "^1.12.1" }, @@ -35,7 +35,7 @@ "typescript": "^5.4.5" }, "engines": { - "node": ">= 14.0.0" + "node": ">= 16.0.0" } }, "../_build/node_modules/call-bind": {