From 7591d823f9e6e6a904ce5d8f5c869e917e33ad58 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 7 Sep 2024 17:54:52 +0000 Subject: [PATCH] fix: upgrade multiple dependencies with Snyk Snyk has created this PR to upgrade: - @xmldom/xmldom from 0.7.9 to 0.8.10. See this package in npm: https://www.npmjs.com/package/@xmldom/xmldom - jssha from 3.2.0 to 3.3.1. See this package in npm: https://www.npmjs.com/package/jssha - locutus from 2.0.16 to 2.0.32. See this package in npm: https://www.npmjs.com/package/locutus - openpgp from 5.2.1 to 5.11.2. See this package in npm: https://www.npmjs.com/package/openpgp - papaparse from 5.3.2 to 5.4.1. See this package in npm: https://www.npmjs.com/package/papaparse - webextension-polyfill from 0.9.0 to 0.12.0. See this package in npm: https://www.npmjs.com/package/webextension-polyfill - passbolt-styleguide from 3.12.1 to 3.12.3. See this package in npm: https://www.npmjs.com/package/passbolt-styleguide - validator from 13.7.0 to 13.12.0. See this package in npm: https://www.npmjs.com/package/validator See this project in Snyk: https://app.snyk.io/org/snowcittysecuritysolutions/project/e73061f2-8cbc-4f0b-b8f0-7e8763b77a13?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 155 ++++++++++++++++++++++++++++------------------ package.json | 16 ++--- 2 files changed, 104 insertions(+), 67 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1f59e27a..e17380d2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,23 +9,23 @@ "version": "3.12.0", "license": "AGPL-3.0", "dependencies": { - "@xmldom/xmldom": "^0.7.8", + "@xmldom/xmldom": "^0.8.10", "await-lock": "^2.1.0", "downloadjs": "^1.4.7", "i18next": "^21.6.14", "i18next-http-backend": "^1.4.0", "ip-regex": "^4.3.0", - "jssha": "~3.2.0", + "jssha": "^3.3.1", "kdbxweb": "2.1.1", - "locutus": "~2.0.9", - "openpgp": "5.2.1", - "papaparse": "^5.2.0", - "passbolt-styleguide": "^3.12.1", + "locutus": "^2.0.32", + "openpgp": "^5.11.2", + "papaparse": "^5.4.1", + "passbolt-styleguide": "^3.12.3", "react": "17.0.2", "react-dom": "17.0.2", "secrets-passbolt": "github:passbolt/secrets.js#v2.0.1", - "validator": "^13.7.0", - "webextension-polyfill": "^0.9.0", + "validator": "^13.12.0", + "webextension-polyfill": "^0.12.0", "xregexp": "~5.1.0" }, "devDependencies": { @@ -3464,9 +3464,10 @@ } }, "node_modules/@xmldom/xmldom": { - "version": "0.7.9", - "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.7.9.tgz", - "integrity": "sha512-yceMpm/xd4W2a85iqZyO09gTnHvXF6pyiWjD2jcOJs7hRoZtNNOO1eJlhHj1ixA+xip2hOyGn+LgcvLCMo5zXA==", + "version": "0.8.10", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.10.tgz", + "integrity": "sha512-2WALfTl4xo2SkGCYRt6rDTFfk9R1czmBvUQy12gK2KuRKIpWEhcbbzy8EZXtz/jkRqHX8bFEc6FC1HjX4TUWYw==", + "license": "MIT", "engines": { "node": ">=10.0.0" } @@ -12903,9 +12904,10 @@ } }, "node_modules/jssha": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/jssha/-/jssha-3.2.0.tgz", - "integrity": "sha512-QuruyBENDWdN4tZwJbQq7/eAK85FqrI4oDbXjy5IBhYD+2pTJyBUWZe8ctWaCkrV0gy6AaelgOZZBMeswEa/6Q==", + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/jssha/-/jssha-3.3.1.tgz", + "integrity": "sha512-VCMZj12FCFMQYcFLPRm/0lOBbLi8uM2BhXPTqw3U4YAfs4AZfiApOoBLoN8cQE60Z50m1MYMTQVCfgF/KaCVhQ==", + "license": "BSD-3-Clause", "engines": { "node": "*" } @@ -13005,6 +13007,15 @@ "url": "https://github.com/sponsors/antelle" } }, + "node_modules/kdbxweb/node_modules/@xmldom/xmldom": { + "version": "0.7.13", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.7.13.tgz", + "integrity": "sha512-lm2GW5PkosIzccsaZIz7tp8cPADSIlIHWDFTR1N0SzfinhhYgeIQjFMz4rYzanCScr3DqQLeomUDArp6MWKm+g==", + "license": "MIT", + "engines": { + "node": ">=10.0.0" + } + }, "node_modules/keyv": { "version": "4.5.2", "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.5.2.tgz", @@ -13266,11 +13277,13 @@ } }, "node_modules/locutus": { - "version": "2.0.16", - "resolved": "https://registry.npmjs.org/locutus/-/locutus-2.0.16.tgz", - "integrity": "sha512-pGfl6Hb/1mXLzrX5kl5lH7gz25ey0vwQssZp8Qo2CEF59di6KrAgdFm+0pW8ghLnvNzzJGj5tlWhhv2QbK3jeQ==", + "version": "2.0.32", + "resolved": "https://registry.npmjs.org/locutus/-/locutus-2.0.32.tgz", + "integrity": "sha512-fr7OCpbE4xeefhHqfh6hM2/l9ZB3XvClHgtgFnQNImrM/nqL950o6FO98vmUH8GysfQRCcyBYtZ4C8GcY52Edw==", + "license": "MIT", "engines": { - "node": ">= 10" + "node": ">= 10", + "yarn": ">= 1" } }, "node_modules/lodash": { @@ -14296,9 +14309,10 @@ } }, "node_modules/openpgp": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/openpgp/-/openpgp-5.2.1.tgz", - "integrity": "sha512-zvu63kxe70q3D6WlKC/TB2pzI59I8V/l4G+z/VYgNVOyARsoH9q4i/WqwoHPjWG5HnRjhII3WSvp3gXH2DMPVg==", + "version": "5.11.2", + "resolved": "https://registry.npmjs.org/openpgp/-/openpgp-5.11.2.tgz", + "integrity": "sha512-f8dJFVLwdkvPvW3VPFs6q9Vs2+HNhdvwls7a/MIFcQUB+XiQzRe7alfa3RtwfGJU7oUDDMAWPZ0nYsHa23Az+A==", + "license": "LGPL-3.0+", "dependencies": { "asn1.js": "^5.0.0" }, @@ -14624,9 +14638,10 @@ "dev": true }, "node_modules/papaparse": { - "version": "5.3.2", - "resolved": "https://registry.npmjs.org/papaparse/-/papaparse-5.3.2.tgz", - "integrity": "sha512-6dNZu0Ki+gyV0eBsFKJhYr+MdQYAzFUGlBMNj3GNrmHxmz1lfRa24CjFObPXtjcetlOv5Ad299MhIK0znp3afw==" + "version": "5.4.1", + "resolved": "https://registry.npmjs.org/papaparse/-/papaparse-5.4.1.tgz", + "integrity": "sha512-HipMsgJkZu8br23pW15uvo6sib6wne/4woLZPlFf3rpDyMe9ywEXUsuD7+6K9PRkJlVT51j/sCOYDKGGS3ZJrw==", + "license": "MIT" }, "node_modules/parent-module": { "version": "1.0.1", @@ -14729,9 +14744,10 @@ } }, "node_modules/passbolt-styleguide": { - "version": "3.12.1", - "resolved": "https://registry.npmjs.org/passbolt-styleguide/-/passbolt-styleguide-3.12.1.tgz", - "integrity": "sha512-+1e83lMs4XMcHhMJ5i7LXVGavNQQ0WQLR5FUd++hZoVRyX8QTfjZaNtBbBIhBsf+UHCjYlA7fqnjoP3WDjxmAA==", + "version": "3.12.3", + "resolved": "https://registry.npmjs.org/passbolt-styleguide/-/passbolt-styleguide-3.12.3.tgz", + "integrity": "sha512-b4JCtLL0uvFVVYuQpjZzLkZASkzmTW9/B7JPXBVCLWi/R1fYe63i/uYEQW4Ffqjqmz4p9NqZx2a8E7dIeVtLgA==", + "license": "AGPL-3.0", "dependencies": { "@testing-library/dom": "^8.11.3", "debounce-promise": "^3.1.2", @@ -14760,6 +14776,12 @@ "npm": ">=8.3.1" } }, + "node_modules/passbolt-styleguide/node_modules/webextension-polyfill": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/webextension-polyfill/-/webextension-polyfill-0.9.0.tgz", + "integrity": "sha512-LTtHb0yR49xa9irkstDxba4GATDAcDw3ncnFH9RImoFwDlW47U95ME5sn5IiQX2ghfaECaf6xyXM8yvClIBkkw==", + "license": "MPL-2.0" + }, "node_modules/passbolt-styleguide/node_modules/xregexp": { "version": "4.4.1", "resolved": "https://registry.npmjs.org/xregexp/-/xregexp-4.4.1.tgz", @@ -18136,9 +18158,10 @@ } }, "node_modules/validator": { - "version": "13.7.0", - "resolved": "https://registry.npmjs.org/validator/-/validator-13.7.0.tgz", - "integrity": "sha512-nYXQLCBkpJ8X6ltALua9dRrZDHVYxjJ1wgskNt1lH9fzGjs3tgojGSCBjmEPwkWS1y29+DrizMTW19Pr9uB2nw==", + "version": "13.12.0", + "resolved": "https://registry.npmjs.org/validator/-/validator-13.12.0.tgz", + "integrity": "sha512-c1Q0mCiPlgdTVVVIJIrBuxNicYE+t/7oKeI9MWLj3fh/uq2Pxh/3eeWbVZ4OcGW1TUf53At0njHw5SMdA3tmMg==", + "license": "MIT", "engines": { "node": ">= 0.10" } @@ -18739,9 +18762,10 @@ } }, "node_modules/webextension-polyfill": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/webextension-polyfill/-/webextension-polyfill-0.9.0.tgz", - "integrity": "sha512-LTtHb0yR49xa9irkstDxba4GATDAcDw3ncnFH9RImoFwDlW47U95ME5sn5IiQX2ghfaECaf6xyXM8yvClIBkkw==" + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/webextension-polyfill/-/webextension-polyfill-0.12.0.tgz", + "integrity": "sha512-97TBmpoWJEE+3nFBQ4VocyCdLKfw54rFaJ6EVQYLBCXqCIpLSZkwGgASpv4oPt9gdKCJ80RJlcmNzNn008Ag6Q==", + "license": "MPL-2.0" }, "node_modules/webidl-conversions": { "version": "6.1.0", @@ -21864,9 +21888,9 @@ "requires": {} }, "@xmldom/xmldom": { - "version": "0.7.9", - "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.7.9.tgz", - "integrity": "sha512-yceMpm/xd4W2a85iqZyO09gTnHvXF6pyiWjD2jcOJs7hRoZtNNOO1eJlhHj1ixA+xip2hOyGn+LgcvLCMo5zXA==" + "version": "0.8.10", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.10.tgz", + "integrity": "sha512-2WALfTl4xo2SkGCYRt6rDTFfk9R1czmBvUQy12gK2KuRKIpWEhcbbzy8EZXtz/jkRqHX8bFEc6FC1HjX4TUWYw==" }, "@xtuc/ieee754": { "version": "1.2.0", @@ -26065,7 +26089,7 @@ "requires": { "extend": "^3.0.0", "glob": "^7.1.1", - "glob-parent": "^3.1.0", + "glob-parent": "5.1.2", "is-negated-glob": "^1.0.0", "ordered-read-streams": "^1.0.0", "pumpify": "^1.3.5", @@ -26076,7 +26100,8 @@ }, "dependencies": { "glob-parent": { - "version": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==", "dev": true, "requires": { @@ -29179,9 +29204,9 @@ } }, "jssha": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/jssha/-/jssha-3.2.0.tgz", - "integrity": "sha512-QuruyBENDWdN4tZwJbQq7/eAK85FqrI4oDbXjy5IBhYD+2pTJyBUWZe8ctWaCkrV0gy6AaelgOZZBMeswEa/6Q==" + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/jssha/-/jssha-3.3.1.tgz", + "integrity": "sha512-VCMZj12FCFMQYcFLPRm/0lOBbLi8uM2BhXPTqw3U4YAfs4AZfiApOoBLoN8cQE60Z50m1MYMTQVCfgF/KaCVhQ==" }, "jsx-ast-utils": { "version": "3.3.3", @@ -29271,6 +29296,13 @@ "requires": { "@xmldom/xmldom": "^0.7.4", "fflate": "^0.7.1" + }, + "dependencies": { + "@xmldom/xmldom": { + "version": "0.7.13", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.7.13.tgz", + "integrity": "sha512-lm2GW5PkosIzccsaZIz7tp8cPADSIlIHWDFTR1N0SzfinhhYgeIQjFMz4rYzanCScr3DqQLeomUDArp6MWKm+g==" + } } }, "keyv": { @@ -29498,9 +29530,9 @@ } }, "locutus": { - "version": "2.0.16", - "resolved": "https://registry.npmjs.org/locutus/-/locutus-2.0.16.tgz", - "integrity": "sha512-pGfl6Hb/1mXLzrX5kl5lH7gz25ey0vwQssZp8Qo2CEF59di6KrAgdFm+0pW8ghLnvNzzJGj5tlWhhv2QbK3jeQ==" + "version": "2.0.32", + "resolved": "https://registry.npmjs.org/locutus/-/locutus-2.0.32.tgz", + "integrity": "sha512-fr7OCpbE4xeefhHqfh6hM2/l9ZB3XvClHgtgFnQNImrM/nqL950o6FO98vmUH8GysfQRCcyBYtZ4C8GcY52Edw==" }, "lodash": { "version": "4.17.21", @@ -30299,9 +30331,9 @@ } }, "openpgp": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/openpgp/-/openpgp-5.2.1.tgz", - "integrity": "sha512-zvu63kxe70q3D6WlKC/TB2pzI59I8V/l4G+z/VYgNVOyARsoH9q4i/WqwoHPjWG5HnRjhII3WSvp3gXH2DMPVg==", + "version": "5.11.2", + "resolved": "https://registry.npmjs.org/openpgp/-/openpgp-5.11.2.tgz", + "integrity": "sha512-f8dJFVLwdkvPvW3VPFs6q9Vs2+HNhdvwls7a/MIFcQUB+XiQzRe7alfa3RtwfGJU7oUDDMAWPZ0nYsHa23Az+A==", "requires": { "asn1.js": "^5.0.0" } @@ -30558,9 +30590,9 @@ "dev": true }, "papaparse": { - "version": "5.3.2", - "resolved": "https://registry.npmjs.org/papaparse/-/papaparse-5.3.2.tgz", - "integrity": "sha512-6dNZu0Ki+gyV0eBsFKJhYr+MdQYAzFUGlBMNj3GNrmHxmz1lfRa24CjFObPXtjcetlOv5Ad299MhIK0znp3afw==" + "version": "5.4.1", + "resolved": "https://registry.npmjs.org/papaparse/-/papaparse-5.4.1.tgz", + "integrity": "sha512-HipMsgJkZu8br23pW15uvo6sib6wne/4woLZPlFf3rpDyMe9ywEXUsuD7+6K9PRkJlVT51j/sCOYDKGGS3ZJrw==" }, "parent-module": { "version": "1.0.1", @@ -30642,9 +30674,9 @@ } }, "passbolt-styleguide": { - "version": "3.12.1", - "resolved": "https://registry.npmjs.org/passbolt-styleguide/-/passbolt-styleguide-3.12.1.tgz", - "integrity": "sha512-+1e83lMs4XMcHhMJ5i7LXVGavNQQ0WQLR5FUd++hZoVRyX8QTfjZaNtBbBIhBsf+UHCjYlA7fqnjoP3WDjxmAA==", + "version": "3.12.3", + "resolved": "https://registry.npmjs.org/passbolt-styleguide/-/passbolt-styleguide-3.12.3.tgz", + "integrity": "sha512-b4JCtLL0uvFVVYuQpjZzLkZASkzmTW9/B7JPXBVCLWi/R1fYe63i/uYEQW4Ffqjqmz4p9NqZx2a8E7dIeVtLgA==", "requires": { "@testing-library/dom": "^8.11.3", "debounce-promise": "^3.1.2", @@ -30669,6 +30701,11 @@ "xregexp": "^4.3.0" }, "dependencies": { + "webextension-polyfill": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/webextension-polyfill/-/webextension-polyfill-0.9.0.tgz", + "integrity": "sha512-LTtHb0yR49xa9irkstDxba4GATDAcDw3ncnFH9RImoFwDlW47U95ME5sn5IiQX2ghfaECaf6xyXM8yvClIBkkw==" + }, "xregexp": { "version": "4.4.1", "resolved": "https://registry.npmjs.org/xregexp/-/xregexp-4.4.1.tgz", @@ -33343,9 +33380,9 @@ } }, "validator": { - "version": "13.7.0", - "resolved": "https://registry.npmjs.org/validator/-/validator-13.7.0.tgz", - "integrity": "sha512-nYXQLCBkpJ8X6ltALua9dRrZDHVYxjJ1wgskNt1lH9fzGjs3tgojGSCBjmEPwkWS1y29+DrizMTW19Pr9uB2nw==" + "version": "13.12.0", + "resolved": "https://registry.npmjs.org/validator/-/validator-13.12.0.tgz", + "integrity": "sha512-c1Q0mCiPlgdTVVVIJIrBuxNicYE+t/7oKeI9MWLj3fh/uq2Pxh/3eeWbVZ4OcGW1TUf53At0njHw5SMdA3tmMg==" }, "value-equal": { "version": "1.0.1", @@ -33814,9 +33851,9 @@ "dev": true }, "webextension-polyfill": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/webextension-polyfill/-/webextension-polyfill-0.9.0.tgz", - "integrity": "sha512-LTtHb0yR49xa9irkstDxba4GATDAcDw3ncnFH9RImoFwDlW47U95ME5sn5IiQX2ghfaECaf6xyXM8yvClIBkkw==" + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/webextension-polyfill/-/webextension-polyfill-0.12.0.tgz", + "integrity": "sha512-97TBmpoWJEE+3nFBQ4VocyCdLKfw54rFaJ6EVQYLBCXqCIpLSZkwGgASpv4oPt9gdKCJ80RJlcmNzNn008Ag6Q==" }, "webidl-conversions": { "version": "6.1.0", diff --git a/package.json b/package.json index 9828ceef..449c5fee 100644 --- a/package.json +++ b/package.json @@ -11,23 +11,23 @@ "npm": ">=8.3.1" }, "dependencies": { - "@xmldom/xmldom": "^0.7.8", + "@xmldom/xmldom": "^0.8.10", "await-lock": "^2.1.0", "downloadjs": "^1.4.7", "i18next": "^21.6.14", "i18next-http-backend": "^1.4.0", "ip-regex": "^4.3.0", - "jssha": "~3.2.0", + "jssha": "~3.3.1", "kdbxweb": "2.1.1", - "locutus": "~2.0.9", - "openpgp": "5.2.1", - "papaparse": "^5.2.0", - "passbolt-styleguide": "^3.12.1", + "locutus": "~2.0.32", + "openpgp": "5.11.2", + "papaparse": "^5.4.1", + "passbolt-styleguide": "^3.12.3", "react": "17.0.2", "react-dom": "17.0.2", "secrets-passbolt": "github:passbolt/secrets.js#v2.0.1", - "validator": "^13.7.0", - "webextension-polyfill": "^0.9.0", + "validator": "^13.12.0", + "webextension-polyfill": "^0.12.0", "xregexp": "~5.1.0" }, "devDependencies": {