From 1ea34886d6ee22c6b705acadd9159f9a27a86647 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 25 Feb 2022 04:36:00 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118 --- package-lock.json | 103 +++++++++++++++++++++++----------------------- package.json | 2 +- 2 files changed, 52 insertions(+), 53 deletions(-) diff --git a/package-lock.json b/package-lock.json index 34c0c9e20a..abce4b4295 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1198,20 +1198,20 @@ } }, "@graphql-tools/batch-execute": { - "version": "8.3.1", - "resolved": "https://registry.npmjs.org/@graphql-tools/batch-execute/-/batch-execute-8.3.1.tgz", - "integrity": "sha512-63kHY8ZdoO5FoeDXYHnAak1R3ysMViMPwWC2XUblFckuVLMUPmB2ONje8rjr2CvzWBHAW8c1Zsex+U3xhKtGIA==", + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/@graphql-tools/batch-execute/-/batch-execute-8.3.2.tgz", + "integrity": "sha512-ICWqM+MvEkIPHm18Q0cmkvm134zeQMomBKmTRxyxMNhL/ouz6Nqld52/brSlaHnzA3fczupeRJzZ0YatruGBcQ==", "requires": { - "@graphql-tools/utils": "^8.5.1", + "@graphql-tools/utils": "^8.6.2", "dataloader": "2.0.0", "tslib": "~2.3.0", "value-or-promise": "1.0.11" }, "dependencies": { "@graphql-tools/utils": { - "version": "8.5.3", - "resolved": "https://registry.npmjs.org/@graphql-tools/utils/-/utils-8.5.3.tgz", - "integrity": "sha512-HDNGWFVa8QQkoQB0H1lftvaO1X5xUaUDk1zr1qDe0xN1NL0E/CrQdJ5UKLqOvH4hkqVUPxQsyOoAZFkaH6rLHg==", + "version": "8.6.2", + "resolved": "https://registry.npmjs.org/@graphql-tools/utils/-/utils-8.6.2.tgz", + "integrity": "sha512-x1DG0cJgpJtImUlNE780B/dfp8pxvVxOD6UeykFH5rHes26S4kGokbgU8F1IgrJ1vAPm/OVBHtd2kicTsPfwdA==", "requires": { "tslib": "~2.3.0" } @@ -1242,63 +1242,64 @@ } }, "@graphql-tools/links": { - "version": "8.2.1", - "resolved": "https://registry.npmjs.org/@graphql-tools/links/-/links-8.2.1.tgz", - "integrity": "sha512-J0igz42eKh/RQxDZPdEE4YiztY3zWTBcsn/bUtJp52XKNj0EIO0fR6WLEocT6uxgWCNnWYPOQUaf7bEgeW44Vg==", - "requires": { - "@graphql-tools/delegate": "^8.4.1", - "@graphql-tools/utils": "^8.5.1", - "apollo-upload-client": "16.0.0", - "cross-fetch": "3.1.4", - "form-data": "4.0.0", + "version": "8.2.2", + "resolved": "https://registry.npmjs.org/@graphql-tools/links/-/links-8.2.2.tgz", + "integrity": "sha512-lWyRvG4KqVj/3dpuQzZN34TXs9+5ETaT1MxhPHe6LIF/DdNQk4Q4Y7VeET/fZ8ZhbzgweMy0AA+ZkrS2HxBcgw==", + "requires": { + "@graphql-tools/delegate": "^8.5.1", + "@graphql-tools/utils": "^8.6.2", + "apollo-upload-client": "17.0.0", + "form-data": "^4.0.0", + "node-fetch": "^2.6.5", "tslib": "~2.3.0" }, "dependencies": { "@graphql-tools/delegate": { - "version": "8.4.2", - "resolved": "https://registry.npmjs.org/@graphql-tools/delegate/-/delegate-8.4.2.tgz", - "integrity": "sha512-CjggOhiL4WtyG2I3kux+1/p8lQxSFHBj0gwa0NxnQ6Vsnpw7Ig5VP1ovPnitFuBv2k4QdC37Nj2xv2n7DRn8fw==", + "version": "8.5.1", + "resolved": "https://registry.npmjs.org/@graphql-tools/delegate/-/delegate-8.5.1.tgz", + "integrity": "sha512-/YPmVxitt57F8sH50pnfXASzOOjEfaUDkX48eF5q6f16+JBncej2zeu+Zm2c68q8MbIxhPlEGfpd0QZeqTvAxw==", "requires": { - "@graphql-tools/batch-execute": "^8.3.1", - "@graphql-tools/schema": "^8.3.1", - "@graphql-tools/utils": "^8.5.3", + "@graphql-tools/batch-execute": "^8.3.2", + "@graphql-tools/schema": "^8.3.2", + "@graphql-tools/utils": "^8.6.2", "dataloader": "2.0.0", + "graphql-executor": "0.0.18", "tslib": "~2.3.0", "value-or-promise": "1.0.11" } }, "@graphql-tools/merge": { - "version": "8.2.1", - "resolved": "https://registry.npmjs.org/@graphql-tools/merge/-/merge-8.2.1.tgz", - "integrity": "sha512-Q240kcUszhXiAYudjuJgNuLgy9CryDP3wp83NOZQezfA6h3ByYKU7xI6DiKrdjyVaGpYN3ppUmdj0uf5GaXzMA==", + "version": "8.2.3", + "resolved": "https://registry.npmjs.org/@graphql-tools/merge/-/merge-8.2.3.tgz", + "integrity": "sha512-XCSmL6/Xg8259OTWNp69B57CPWiVL69kB7pposFrufG/zaAlI9BS68dgzrxmmSqZV5ZHU4r/6Tbf6fwnEJGiSw==", "requires": { - "@graphql-tools/utils": "^8.5.1", + "@graphql-tools/utils": "^8.6.2", "tslib": "~2.3.0" } }, "@graphql-tools/schema": { - "version": "8.3.1", - "resolved": "https://registry.npmjs.org/@graphql-tools/schema/-/schema-8.3.1.tgz", - "integrity": "sha512-3R0AJFe715p4GwF067G5i0KCr/XIdvSfDLvTLEiTDQ8V/hwbOHEKHKWlEBHGRQwkG5lwFQlW1aOn7VnlPERnWQ==", + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/@graphql-tools/schema/-/schema-8.3.2.tgz", + "integrity": "sha512-77feSmIuHdoxMXRbRyxE8rEziKesd/AcqKV6fmxe7Zt+PgIQITxNDew2XJJg7qFTMNM43W77Ia6njUSBxNOkwg==", "requires": { - "@graphql-tools/merge": "^8.2.1", - "@graphql-tools/utils": "^8.5.1", + "@graphql-tools/merge": "^8.2.3", + "@graphql-tools/utils": "^8.6.2", "tslib": "~2.3.0", "value-or-promise": "1.0.11" } }, "@graphql-tools/utils": { - "version": "8.5.3", - "resolved": "https://registry.npmjs.org/@graphql-tools/utils/-/utils-8.5.3.tgz", - "integrity": "sha512-HDNGWFVa8QQkoQB0H1lftvaO1X5xUaUDk1zr1qDe0xN1NL0E/CrQdJ5UKLqOvH4hkqVUPxQsyOoAZFkaH6rLHg==", + "version": "8.6.2", + "resolved": "https://registry.npmjs.org/@graphql-tools/utils/-/utils-8.6.2.tgz", + "integrity": "sha512-x1DG0cJgpJtImUlNE780B/dfp8pxvVxOD6UeykFH5rHes26S4kGokbgU8F1IgrJ1vAPm/OVBHtd2kicTsPfwdA==", "requires": { "tslib": "~2.3.0" } }, "apollo-upload-client": { - "version": "16.0.0", - "resolved": "https://registry.npmjs.org/apollo-upload-client/-/apollo-upload-client-16.0.0.tgz", - "integrity": "sha512-aLhYucyA0T8aBEQ5g+p13qnR9RUyL8xqb8FSZ7e/Kw2KUOsotLUlFluLobqaE7JSUFwc6sKfXIcwB7y4yEjbZg==", + "version": "17.0.0", + "resolved": "https://registry.npmjs.org/apollo-upload-client/-/apollo-upload-client-17.0.0.tgz", + "integrity": "sha512-pue33bWVbdlXAGFPkgz53TTmxVMrKeQr0mdRcftNY+PoHIdbGZD0hoaXHvO6OePJAkFz7OiCFUf98p1G/9+Ykw==", "requires": { "extract-files": "^11.0.0" } @@ -1313,6 +1314,14 @@ "mime-types": "^2.1.12" } }, + "node-fetch": { + "version": "2.6.7", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz", + "integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==", + "requires": { + "whatwg-url": "^5.0.0" + } + }, "tslib": { "version": "2.3.1", "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.3.1.tgz", @@ -4838,21 +4847,6 @@ "cross-spawn": "^7.0.1" } }, - "cross-fetch": { - "version": "3.1.4", - "resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.4.tgz", - "integrity": "sha512-1eAtFWdIubi6T4XPy6ei9iUFoKpUkIF971QLN8lIvvvwueI65+Nw5haMNKUwfJxabqlIIDODJKGrQ66gxC0PbQ==", - "requires": { - "node-fetch": "2.6.1" - }, - "dependencies": { - "node-fetch": { - "version": "2.6.1", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.1.tgz", - "integrity": "sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw==" - } - } - }, "cross-spawn": { "version": "7.0.3", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", @@ -7453,6 +7447,11 @@ "resolved": "https://registry.npmjs.org/graphql/-/graphql-15.7.1.tgz", "integrity": "sha512-x34S6gC0/peBZnlK60zCJox/d45A7p6At9oN9EPA3qhoIAlR4LNZmXRLkICBckwwTMJzVdA8cx3QIQZMOl606A==" }, + "graphql-executor": { + "version": "0.0.18", + "resolved": "https://registry.npmjs.org/graphql-executor/-/graphql-executor-0.0.18.tgz", + "integrity": "sha512-upUSl7tfZCZ5dWG1XkOvpG70Yk3duZKcCoi/uJso4WxJVT6KIrcK4nZ4+2X/hzx46pL8wAukgYHY6iNmocRN+g==" + }, "graphql-extensions": { "version": "0.15.0", "resolved": "https://registry.npmjs.org/graphql-extensions/-/graphql-extensions-0.15.0.tgz", diff --git a/package.json b/package.json index 38809766de..daf95b9d7f 100644 --- a/package.json +++ b/package.json @@ -20,7 +20,7 @@ "license": "BSD-3-Clause", "dependencies": { "@apollographql/graphql-playground-html": "1.6.29", - "@graphql-tools/links": "8.2.1", + "@graphql-tools/links": "8.2.2", "@apollo/client": "3.5.8", "@graphql-tools/stitch": "6.2.4", "@graphql-tools/utils": "6.2.4",