From 1fc71da1d60d3a0392f79eef0cb9ccce198035c8 Mon Sep 17 00:00:00 2001 From: Brad Jorsch Date: Mon, 30 Aug 2021 18:35:21 -0400 Subject: [PATCH] Upgrade copy-webpack-plugin Depends on a vulnerable version of glob-parent. --- pnpm-lock.yaml | 94 +++++++++---------- projects/plugins/jetpack/package.json | 2 +- .../tools/webpack.config.extensions.js | 14 +-- 3 files changed, 56 insertions(+), 54 deletions(-) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 33e14a59e8d7c..915bc8c76e8a9 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -539,7 +539,7 @@ importers: component-uid: 0.0.2 concurrently: 6.0.2 cookie: 0.4.1 - copy-webpack-plugin: 5.1.2 + copy-webpack-plugin: 9.0.1 core-js: 3.11.1 create-react-class: 15.7.0 css-loader: 5.1.1 @@ -658,7 +658,7 @@ importers: clipboard: 2.0.6 component-uid: 0.0.2 cookie: 0.4.1 - copy-webpack-plugin: 5.1.2_webpack@5.51.1 + copy-webpack-plugin: 9.0.1_webpack@5.51.1 core-js: 3.11.1 create-react-class: 15.7.0 debug: 4.3.1 @@ -3522,7 +3522,6 @@ packages: dependencies: '@nodelib/fs.stat': 2.0.4 run-parallel: 1.1.10 - dev: true /@nodelib/fs.stat/1.1.3: resolution: {integrity: sha512-shAmDyaQC4H92APFoIaVDHCx5bStIocgvbwQyxPRrbUY20V1EYTbSDchWbuwlMG3V17cprZhA6+78JfB+3DTPw==} @@ -3532,7 +3531,6 @@ packages: /@nodelib/fs.stat/2.0.4: resolution: {integrity: sha512-IYlHJA0clt2+Vg7bccq+TzRdJvv19c2INqBSsoOLp1je7xjtr7J26+WXR72MCdvU9q1qTzIWDfhMf+DRvQJK4Q==} engines: {node: '>= 8'} - dev: true /@nodelib/fs.walk/1.2.6: resolution: {integrity: sha512-8Broas6vTtW4GIXTAHDoE32hnN2M5ykgCpWGbuXHQ15vEMqr23pB76e/GZcYsZCHALv50ktd24qhEyKr6wBtow==} @@ -3540,7 +3538,6 @@ packages: dependencies: '@nodelib/fs.scandir': 2.1.4 fastq: 1.10.1 - dev: true /@npmcli/move-file/1.1.2: resolution: {integrity: sha512-1SUf/Cg2GzGDyaf15aR9St9TWlb+XvbZXWpDx8YKs7MLzMH/BCeopv+y9vzrzgkfykCGuWOlSu3mZhj2+FQcrg==} @@ -8038,6 +8035,7 @@ packages: ajv: '>=5.0.0' dependencies: ajv: 6.12.6 + dev: true /ajv-keywords/3.5.2_ajv@6.12.6: resolution: {integrity: sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ==} @@ -8081,6 +8079,7 @@ packages: /ansi-colors/3.2.4: resolution: {integrity: sha512-hHUXGagefjN2iRrID63xckIvotOXOojhQKWIPUZ4mNUZ9nLZW+7FMNoE1lOkEhNWYsx/7ysGIuJYCiMAA9FnrA==} engines: {node: '>=6'} + dev: true /ansi-colors/4.1.1: resolution: {integrity: sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA==} @@ -8215,6 +8214,7 @@ packages: /aproba/1.2.0: resolution: {integrity: sha512-Y9J6ZjXtoYh8RnXVCMOU/ttDmk1aBjunq9vO0ta5x85WDQiQfUF9sIPBITdbiiIVcBo03Hi3jMxigBtsddlXRw==} + dev: true /archy/1.0.0: resolution: {integrity: sha1-+cjBN1fMHde8N5rHeyxipcKGjEA=} @@ -8345,7 +8345,6 @@ packages: /array-union/2.1.0: resolution: {integrity: sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw==} engines: {node: '>=8'} - dev: true /array-uniq/1.0.3: resolution: {integrity: sha1-r2rId6Jcx/dOBYiUdThY39sk/bY=} @@ -9446,6 +9445,7 @@ packages: ssri: 6.0.2 unique-filename: 1.1.1 y18n: 4.0.1 + dev: true /cacache/15.0.6: resolution: {integrity: sha512-g1WYDMct/jzW+JdWEyjaX2zoBkZ6ZT9VpOyp2I/VMtDsNLffNat3kqPFfi1eDRSK9/SuKGyORDHcQMcPF8sQ/w==} @@ -9792,6 +9792,7 @@ packages: /chownr/1.1.4: resolution: {integrity: sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==} + dev: true /chownr/2.0.0: resolution: {integrity: sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==} @@ -10283,6 +10284,7 @@ packages: mkdirp: 0.5.5 rimraf: 2.7.1 run-queue: 1.0.3 + dev: true /copy-descriptor/0.1.1: resolution: {integrity: sha1-Z29us8OZl8LuGsOpJP1hJHSPV40=} @@ -10299,25 +10301,20 @@ packages: dependencies: toggle-selection: 1.0.6 - /copy-webpack-plugin/5.1.2_webpack@5.51.1: - resolution: {integrity: sha512-Uh7crJAco3AjBvgAy9Z75CjK8IG+gxaErro71THQ+vv/bl4HaQcpkexAY8KVW/T6D2W2IRr+couF/knIRkZMIQ==} - engines: {node: '>= 6.9.0'} + /copy-webpack-plugin/9.0.1_webpack@5.51.1: + resolution: {integrity: sha512-14gHKKdYIxF84jCEgPgYXCPpldbwpxxLbCmA7LReY7gvbaT555DgeBWBgBZM116tv/fO6RRJrsivBqRyRlukhw==} + engines: {node: '>= 12.13.0'} peerDependencies: - webpack: ^4.0.0 || ^5.0.0 + webpack: ^5.1.0 dependencies: - cacache: 12.0.4 - find-cache-dir: 2.1.0 - glob-parent: 3.1.0 - globby: 7.1.1 - is-glob: 4.0.1 - loader-utils: 1.4.0 - minimatch: 3.0.4 + fast-glob: 3.2.5 + glob-parent: 6.0.1 + globby: 11.0.3 normalize-path: 3.0.0 - p-limit: 2.3.0 - schema-utils: 1.0.0 - serialize-javascript: 4.0.0 + p-limit: 3.1.0 + schema-utils: 3.1.1 + serialize-javascript: 6.0.0 webpack: 5.51.1_webpack-cli@4.8.0 - webpack-log: 2.0.0 dev: false /core-js-compat/3.16.0: @@ -10799,6 +10796,7 @@ packages: /cyclist/1.0.1: resolution: {integrity: sha1-WW6WmP0MgOEgOMK4LW6xs1tiJNk=} + dev: true /d/1.0.1: resolution: {integrity: sha512-m62ShEObQ39CfralilEQRjH6oAMtNCV1xJyEx5LpRYUVN+EviphDgUc/F3hnYbADmkiNs67Y+3ylmlG7Lnu+FA==} @@ -11103,13 +11101,13 @@ packages: engines: {node: '>=4'} dependencies: path-type: 3.0.0 + dev: true /dir-glob/3.0.1: resolution: {integrity: sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA==} engines: {node: '>=8'} dependencies: path-type: 4.0.0 - dev: true /direction/1.0.4: resolution: {integrity: sha512-GYqKi1aH7PJXxdhTeZBFrg8vUBeKXi+cNprXsC1kpJcbcVnV9wBsrOu1cQEdG0WeQwlfHiy3XvnKfIrJ2R0NzQ==} @@ -12482,8 +12480,7 @@ packages: glob-parent: 5.1.2 merge2: 1.4.1 micromatch: 4.0.4 - picomatch: 2.2.3 - dev: true + picomatch: 2.3.0 /fast-json-parse/1.0.3: resolution: {integrity: sha512-FRWsaZRWEJ1ESVNbDWmsAlqDk96gPQezzLghafp5J4GUKjbCz3OkAHuZs5TuPEtkbVQERysLp9xv6c24fBm8Aw==} @@ -12508,7 +12505,6 @@ packages: resolution: {integrity: sha512-AWuv6Ery3pM+dY7LYS8YIaCiQvUaos9OB1RyNgaOWnaX+Tik7Onvcsf8x8c+YtDeT0maYLniBip2hox5KtEXXA==} dependencies: reusify: 1.0.4 - dev: true /fault/1.0.4: resolution: {integrity: sha512-CJ0HCB5tL5fYTEA7ToAq5+kTwd++Borf1/bifxd9iT70QcXr4MRrO3Llf8Ifs70q+SJcGHFtnIE/Nw6giCtECA==} @@ -12564,6 +12560,7 @@ packages: /figgy-pudding/3.5.2: resolution: {integrity: sha512-0btnI/H8f2pavGMN8w40mlSKOfTK2SVJmBfBeVIj3kNw0swwgzyRq0d5TJVOwodFmtvpPeWPN/MCcfuWF0Ezbw==} + dev: true /figures/1.7.0: resolution: {integrity: sha1-y+Hjr/zxzUS4DK3+0o3Hk6lwHS4=} @@ -13021,6 +13018,7 @@ packages: dependencies: inherits: 2.0.4 readable-stream: 2.3.7 + dev: true /fromentries/1.3.2: resolution: {integrity: sha512-cHEpEQHUg0f8XdtZCc2ZAhrHzKzT0MrFUTcvx+hfxYu7rGMDc5SKoXFh+n4YigxsHXRzc6OrCshdR1bWH6HHyg==} @@ -13100,6 +13098,7 @@ packages: iferr: 0.1.5 imurmurhash: 0.1.4 readable-stream: 2.3.7 + dev: true /fs.realpath/1.0.0: resolution: {integrity: sha1-FQStJSMVjKpA20onh8sBQRmU6k8=} @@ -13286,6 +13285,13 @@ packages: dependencies: is-glob: 4.0.1 + /glob-parent/6.0.1: + resolution: {integrity: sha512-kEVjS71mQazDBHKcsq4E9u/vUzaLcw1A8EtUeydawvIWQCJM0qQ08G1H7/XTjFUulla6XQiDOG6MXSaG0HDKog==} + engines: {node: '>=10.13.0'} + dependencies: + is-glob: 4.0.1 + dev: false + /glob-promise/3.4.0_glob@7.1.6: resolution: {integrity: sha512-q08RJ6O+eJn+dVanerAndJwIcumgbDdYiUT7zFQl3Wm1xD6fBKtah7H8ZJChj4wP+8C+QfeVy8xautR7rdmKEw==} engines: {node: '>=4'} @@ -13495,7 +13501,6 @@ packages: ignore: 5.1.8 merge2: 1.4.1 slash: 3.0.0 - dev: true /globby/5.0.0: resolution: {integrity: sha1-69hGZ8oNuzMLmbz8aOrCvFQ3Dg0=} @@ -13508,18 +13513,6 @@ packages: pify: 2.3.0 pinkie-promise: 2.0.1 - /globby/7.1.1: - resolution: {integrity: sha1-+yzP+UAfhgCUXfral0QMypcrhoA=} - engines: {node: '>=4'} - dependencies: - array-union: 1.0.2 - dir-glob: 2.2.2 - glob: 7.1.6 - ignore: 3.3.10 - pify: 3.0.0 - slash: 1.0.0 - dev: false - /globby/9.2.0: resolution: {integrity: sha512-ollPHROa5mcxDEkwg6bPt3QbEf4pDQSNtd6JPL1YvOvAo/7/0VAm9TccUeoTmarjPw4pfUthSCqcyfNB1I3ZSg==} engines: {node: '>=6'} @@ -14216,10 +14209,7 @@ packages: /iferr/0.1.5: resolution: {integrity: sha1-xg7taebY/bazEEofy8ocGS3FtQE=} - - /ignore/3.3.10: - resolution: {integrity: sha512-Pgs951kaMm5GXP7MOvxERINe3gsaVjUWFm+UZPSq9xYriQAksyhg0csnS0KXSNRD5NmNdapXEpjxG49+AKh/ug==} - dev: false + dev: true /ignore/4.0.6: resolution: {integrity: sha512-cyFDKrqc/YdcWFniJhzI42+AzS+gNwmUzOSFcRCQYwySuBBBy/KjuxWLZ/FHEH6Moq1NizMOBWyTcv8O4OZIMg==} @@ -14229,7 +14219,6 @@ packages: /ignore/5.1.8: resolution: {integrity: sha512-BMpfD7PpiETpBl/A6S498BaIJ6Y/ABT93ETbby2fP00v4EbvPBXWEoaR1UBPKs3iR53pJY7EtZk5KACI57i1Uw==} engines: {node: '>= 4'} - dev: true /immer/8.0.1: resolution: {integrity: sha512-aqXhGP7//Gui2+UrEtvxZxSquQVXTpZ7KDxfCcKAF3Vysvw0CViVaW9RZ1j1xlIYqaaaipBoqdqeibkc18PNvA==} @@ -16440,6 +16429,7 @@ packages: resolution: {integrity: sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==} dependencies: yallist: 3.1.1 + dev: true /lru-cache/6.0.0: resolution: {integrity: sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==} @@ -16727,7 +16717,6 @@ packages: /merge2/1.4.1: resolution: {integrity: sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==} engines: {node: '>= 8'} - dev: true /methods/1.1.2: resolution: {integrity: sha1-VSmk1nZUE07cxSZmVoNbD4Ua/O4=} @@ -16761,7 +16750,7 @@ packages: engines: {node: '>=8.6'} dependencies: braces: 3.0.2 - picomatch: 2.2.3 + picomatch: 2.3.0 /micromodal/0.4.6: resolution: {integrity: sha512-2VDso2a22jWPpqwuWT/4RomVpoU3Bl9qF9D01xzwlNp5UVsImeA0gY4nSpF44vqcQtQOtkiMUV9EZkAJSRxBsg==} @@ -16916,6 +16905,7 @@ packages: pumpify: 1.5.1 stream-each: 1.2.3 through2: 2.0.5 + dev: true /mitt/2.1.0: resolution: {integrity: sha512-ILj2TpLiysu2wkBbWjAmww7TkZb65aiQO+DkVdUTBpBXq+MHYiETENkKFMtsJZX1Lf4pe4QOrTSjIfUwN5lRdg==} @@ -17009,6 +16999,7 @@ packages: mkdirp: 0.5.5 rimraf: 2.7.1 run-queue: 1.0.3 + dev: true /mri/1.1.6: resolution: {integrity: sha512-oi1b3MfbyGa7FJMP9GmLTttni5JoICpYBRlq+x5V16fZbLsnL9N3wFqqIm/nIG43FjUFkFh9Epzp/kzUGUnJxQ==} @@ -17765,6 +17756,7 @@ packages: cyclist: 1.0.1 inherits: 2.0.4 readable-stream: 2.3.7 + dev: true /param-case/3.0.4: resolution: {integrity: sha512-RXlj7zCYokReqWpOPH9oYivUzLYZ5vAPIfEmCTNViosC78F8F0H9y7T7gG2M39ymgutxF5gcFEsyZQSph9Bp3A==} @@ -17960,6 +17952,7 @@ packages: engines: {node: '>=4'} dependencies: pify: 3.0.0 + dev: true /path-type/4.0.0: resolution: {integrity: sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==} @@ -18026,6 +18019,7 @@ packages: /pify/3.0.0: resolution: {integrity: sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=} engines: {node: '>=4'} + dev: true /pify/4.0.1: resolution: {integrity: sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g==} @@ -18790,6 +18784,7 @@ packages: dependencies: end-of-stream: 1.4.4 once: 1.4.0 + dev: true /pumpify/1.5.1: resolution: {integrity: sha512-oClZI37HvuUJJxSKKrC17bZ9Cu0ZYhEAGPsPUy9KlMUmv9dKX2o77RUmq7f3XjIxbwyGwYzbzQ1L2Ks8sIradQ==} @@ -20501,7 +20496,6 @@ packages: /reusify/1.0.4: resolution: {integrity: sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==} engines: {iojs: '>=1.0.0', node: '>=0.10.0'} - dev: true /rework-plugin-function/1.0.2: resolution: {integrity: sha1-Es5G+1sptdk1FGaD9rmM9J0jc7k=} @@ -20664,12 +20658,12 @@ packages: /run-parallel/1.1.10: resolution: {integrity: sha512-zb/1OuZ6flOlH6tQyMPUrE3x3Ulxjlo9WIVXR4yVYi4H9UXQaeIsPbLn2R3O3vQCnDKkAl2qHiuocKKX4Tz/Sw==} - dev: true /run-queue/1.0.3: resolution: {integrity: sha1-6Eg5bwV9Ij8kOGkkYY4laUFh7Ec=} dependencies: aproba: 1.2.0 + dev: true /rungen/0.3.2: resolution: {integrity: sha1-QAwJ6+kU57F+C27zJjQA/Cq8fLM=} @@ -20852,6 +20846,7 @@ packages: ajv: 6.12.6 ajv-errors: 1.0.1_ajv@6.12.6 ajv-keywords: 3.5.2_ajv@6.12.6 + dev: true /schema-utils/2.7.0: resolution: {integrity: sha512-0ilKFI6QQF5nxDZLFn2dMjvc4hjg/Wkg7rHd3jK6/A4a1Hl9VFdQWvgB1UMGoU94pad1P/8N7fMcEnLnSiju8A==} @@ -20951,6 +20946,7 @@ packages: resolution: {integrity: sha512-GaNA54380uFefWghODBWEGisLZFj00nS5ACs6yHa9nLqlLpVLO8ChDGeKRjZnV4Nh4n0Qi7nhYZD/9fCPzEqkw==} dependencies: randombytes: 2.1.0 + dev: true /serialize-javascript/5.0.1: resolution: {integrity: sha512-SaaNal9imEO737H2c05Og0/8LUXG7EnsZyMa8MzkmuHoELfT6txuj0cMqRj6zfPKnmQ1yasR4PCJc8x+M4JSPA==} @@ -21362,6 +21358,7 @@ packages: resolution: {integrity: sha512-cepbSq/neFK7xB6A50KHN0xHDotYzq58wWCa5LeWqnPrHG8GzfEjO/4O8kpmcGW+oaxkvhEJCWgbgNk4/ZV93Q==} dependencies: figgy-pudding: 3.5.2 + dev: true /ssri/8.0.1: resolution: {integrity: sha512-97qShzy1AiyxvPNIkLWoGua7xoQzzPjQ0HAH4B0rWKo7SZ6USuPcrUiAFrws0UH8RrbWmgq3LMTObhPIHbbBeQ==} @@ -21439,6 +21436,7 @@ packages: dependencies: end-of-stream: 1.4.4 stream-shift: 1.0.1 + dev: true /stream-exhaust/1.0.2: resolution: {integrity: sha512-b/qaq/GlBK5xaq1yrK9/zFcyRSTNxmcZwFLGSTG0mXgZl/4Z6GgiyYOXOvY7N3eEvFRAG1bkDRz5EPGSvPYQlw==} @@ -23196,6 +23194,7 @@ packages: dependencies: ansi-colors: 3.2.4 uuid: 3.4.0 + dev: true /webpack-merge/5.7.3: resolution: {integrity: sha512-6/JUQv0ELQ1igjGDzHkXbVDRxkfA57Zw7PfiupdLFJYrgFqY5ZP8xxbpp2lU3EPwYx89ht5Z/aDkD40hFCm5AA==} @@ -23575,6 +23574,7 @@ packages: /yallist/3.1.1: resolution: {integrity: sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==} + dev: true /yallist/4.0.0: resolution: {integrity: sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==} diff --git a/projects/plugins/jetpack/package.json b/projects/plugins/jetpack/package.json index e8cd0f9622362..b965d5dc88b13 100644 --- a/projects/plugins/jetpack/package.json +++ b/projects/plugins/jetpack/package.json @@ -92,7 +92,7 @@ "clipboard": "2.0.6", "component-uid": "0.0.2", "cookie": "0.4.1", - "copy-webpack-plugin": "5.1.2", + "copy-webpack-plugin": "9.0.1", "core-js": "3.11.1", "create-react-class": "15.7.0", "debug": "4.3.1", diff --git a/projects/plugins/jetpack/tools/webpack.config.extensions.js b/projects/plugins/jetpack/tools/webpack.config.extensions.js index 39a7b33e4c31d..7bcb1aca32504 100644 --- a/projects/plugins/jetpack/tools/webpack.config.extensions.js +++ b/projects/plugins/jetpack/tools/webpack.config.extensions.js @@ -154,12 +154,14 @@ module.exports = [ }, plugins: [ ...extensionsWebpackConfig.plugins, - new CopyWebpackPlugin( [ - { - from: presetPath, - to: 'index.json', - }, - ] ), + new CopyWebpackPlugin( { + patterns: [ + { + from: presetPath, + to: 'index.json', + }, + ], + } ), new CopyBlockEditorAssetsPlugin(), ], },