From 9112552a926050d6db3f7dea7141a923d276f86e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 14 Sep 2022 22:06:28 +0000 Subject: [PATCH] fix: web/velocity/package.json & web/velocity/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PARSEURL-3023021 --- web/velocity/package-lock.json | 72 ++++++++++++++++------------------ web/velocity/package.json | 2 +- 2 files changed, 34 insertions(+), 40 deletions(-) diff --git a/web/velocity/package-lock.json b/web/velocity/package-lock.json index f3bd494..7e906b1 100644 --- a/web/velocity/package-lock.json +++ b/web/velocity/package-lock.json @@ -4405,7 +4405,8 @@ "ansi-regex": { "version": "2.1.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "aproba": { "version": "1.2.0", @@ -4820,7 +4821,8 @@ "safe-buffer": { "version": "5.1.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "safer-buffer": { "version": "2.1.2", @@ -4876,6 +4878,7 @@ "version": "3.0.1", "bundled": true, "dev": true, + "optional": true, "requires": { "ansi-regex": "^2.0.0" } @@ -4919,12 +4922,14 @@ "wrappy": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "yallist": { "version": "3.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true } } }, @@ -4980,20 +4985,20 @@ } }, "git-up": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/git-up/-/git-up-4.0.0.tgz", - "integrity": "sha512-zoRfnGaUmRfp2tbVF5tynNFLalKDk3CwlTepXt6ZtFDaWP7xY/pzHjI2YrLiaz503tEnzZWURN4QmcfUtEd0YA==", + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/git-up/-/git-up-7.0.0.tgz", + "integrity": "sha512-ONdIrbBCFusq1Oy0sC71F5azx8bVkvtZtMJAsv+a6lz5YAmbNnLD6HAB4gptHZVLPR8S2/kVN6Gab7lryq5+lQ==", "requires": { - "is-ssh": "^1.3.0", - "parse-url": "^5.0.0" + "is-ssh": "^1.4.0", + "parse-url": "^8.1.0" } }, "git-url-parse": { - "version": "11.1.1", - "resolved": "https://registry.npmjs.org/git-url-parse/-/git-url-parse-11.1.1.tgz", - "integrity": "sha512-xeGuOVB9RLovbmXeX9Dhq0v7bL1bX+mKnpBgpM9ZmTlMWGHyjqjcupxrEL33w6enAMMDRb3O+qncgq+BWlgb4Q==", + "version": "13.0.0", + "resolved": "https://registry.npmjs.org/git-url-parse/-/git-url-parse-13.0.0.tgz", + "integrity": "sha512-X1kozCqKL82dMrCLi4vie9SHDC+QugKskAMs4VUbIkhURKg5yDwxDmf6Ixg73J+/xVgK5TXKhzn8a94nHJHpnA==", "requires": { - "git-up": "^4.0.0" + "git-up": "^7.0.0" } }, "glob": { @@ -6164,11 +6169,11 @@ "dev": true }, "is-ssh": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/is-ssh/-/is-ssh-1.3.0.tgz", - "integrity": "sha1-6+oRaaJhTaOSpjdANmw84EnY3/Y=", + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/is-ssh/-/is-ssh-1.4.0.tgz", + "integrity": "sha512-x7+VxdxOdlV3CYpjvRLBv5Lo9OJerlYanjwFrPR9fuGPjCiNiCzFgAWpiLAohSbsnH4ZAys3SBh+hq5rJosxUQ==", "requires": { - "protocols": "^1.1.0" + "protocols": "^2.0.1" } }, "is-stream": { @@ -7489,30 +7494,19 @@ "dev": true }, "parse-path": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/parse-path/-/parse-path-4.0.0.tgz", - "integrity": "sha512-F2VzhusH0Z2Dgp8SMrFMkYz2sI40deaax2AEmK1UYOf2NY77b0yJzqZ6iUjXwUHJ4VVvJNuV3S+oVEwcPjsxSQ==", + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/parse-path/-/parse-path-7.0.0.tgz", + "integrity": "sha512-Euf9GG8WT9CdqwuWJGdf3RkUcTBArppHABkO7Lm8IzRQp0e2r/kkFnmhu4TSK30Wcu5rVAZLmfPKSBBi9tWFog==", "requires": { - "is-ssh": "^1.3.0", - "protocols": "^1.4.0" + "protocols": "^2.0.0" } }, "parse-url": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/parse-url/-/parse-url-5.0.0.tgz", - "integrity": "sha512-ePfnXkes247DaA0IBTU1YE6/SxM09/Y+QJm/Ne4E9VYY4H+g5/qJ+TG0p5flEqh3qnb+XXbZuob2kqrqIBJpPA==", + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/parse-url/-/parse-url-8.1.0.tgz", + "integrity": "sha512-xDvOoLU5XRrcOZvnI6b8zA6n9O9ejNk/GExuz1yBuWUGn9KA97GI6HTs6u02wKara1CeVmZhH+0TZFdWScR89w==", "requires": { - "is-ssh": "^1.3.0", - "normalize-url": "^3.3.0", - "parse-path": "^4.0.0", - "protocols": "^1.4.0" - }, - "dependencies": { - "normalize-url": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-3.3.0.tgz", - "integrity": "sha512-U+JJi7duF1o+u2pynbp2zXDW2/PADgC30f0GsHZtRh+HOcXHnw137TrNlyxxRvWW5fjKd3bcLHPxofWuCjaeZg==" - } + "parse-path": "^7.0.0" } }, "parseurl": { @@ -9629,9 +9623,9 @@ "dev": true }, "protocols": { - "version": "1.4.6", - "resolved": "https://registry.npmjs.org/protocols/-/protocols-1.4.6.tgz", - "integrity": "sha1-+LsmPqG1/Xp2BNJri+Ob13Z4v4o=" + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/protocols/-/protocols-2.0.1.tgz", + "integrity": "sha512-/XJ368cyBJ7fzLMwLKv1e4vLxOju2MNAIokcr7meSaNcVbWz/CPcW22cP04mwxOErdA5mwjA8Q6w/cdAQxVn7Q==" }, "proxy-addr": { "version": "2.0.4", diff --git a/web/velocity/package.json b/web/velocity/package.json index 645fe98..952a071 100644 --- a/web/velocity/package.json +++ b/web/velocity/package.json @@ -53,7 +53,7 @@ }, "dependencies": { "@absinthe/socket": "^0.2.0", - "git-url-parse": "^11.1.1", + "git-url-parse": "^13.0.0", "phoenix": "^1.4.0", "sockette": "^2.0.3" }