From 5b52e1ccb15dcdeadab17fa5968568a5880b627a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 28 May 2021 21:49:05 +0000 Subject: [PATCH 01/14] fix: upgrade @sentry/node from 5.7.1 to 5.30.0 Snyk has created this PR to upgrade @sentry/node from 5.7.1 to 5.30.0. See this package in npm: https://www.npmjs.com/package/@sentry/node See this project in Snyk: https://app.snyk.io/org/andruszd/project/ac12b093-bb9e-4263-96d0-fc072a46ea8c?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 119 ++++++++++++++++++++++++++++------------------ package.json | 2 +- 2 files changed, 75 insertions(+), 46 deletions(-) diff --git a/package-lock.json b/package-lock.json index 73f58b4360d01..522bcf1e7ab4c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2211,67 +2211,81 @@ } }, "@sentry/core": { - "version": "5.7.1", - "resolved": "https://registry.npmjs.org/@sentry/core/-/core-5.7.1.tgz", - "integrity": "sha512-AOn3k3uVWh2VyajcHbV9Ta4ieDIeLckfo7UMLM+CTk2kt7C89SayDGayJMSsIrsZlL4qxBoLB9QY4W2FgAGJrg==", - "requires": { - "@sentry/hub": "5.7.1", - "@sentry/minimal": "5.7.1", - "@sentry/types": "5.7.1", - "@sentry/utils": "5.7.1", + "version": "5.30.0", + "resolved": "https://registry.npmjs.org/@sentry/core/-/core-5.30.0.tgz", + "integrity": "sha512-TmfrII8w1PQZSZgPpUESqjB+jC6MvZJZdLtE/0hZ+SrnKhW3x5WlYLvTXZpcWePYBku7rl2wn1RZu6uT0qCTeg==", + "requires": { + "@sentry/hub": "5.30.0", + "@sentry/minimal": "5.30.0", + "@sentry/types": "5.30.0", + "@sentry/utils": "5.30.0", "tslib": "^1.9.3" } }, "@sentry/hub": { - "version": "5.7.1", - "resolved": "https://registry.npmjs.org/@sentry/hub/-/hub-5.7.1.tgz", - "integrity": "sha512-evGh323WR073WSBCg/RkhlUmCQyzU0xzBzCZPscvcoy5hd4SsLE6t9Zin+WACHB9JFsRQIDwNDn+D+pj3yKsig==", + "version": "5.30.0", + "resolved": "https://registry.npmjs.org/@sentry/hub/-/hub-5.30.0.tgz", + "integrity": "sha512-2tYrGnzb1gKz2EkMDQcfLrDTvmGcQPuWxLnJKXJvYTQDGLlEvi2tWz1VIHjunmOvJrB5aIQLhm+dcMRwFZDCqQ==", "requires": { - "@sentry/types": "5.7.1", - "@sentry/utils": "5.7.1", + "@sentry/types": "5.30.0", + "@sentry/utils": "5.30.0", "tslib": "^1.9.3" } }, "@sentry/minimal": { - "version": "5.7.1", - "resolved": "https://registry.npmjs.org/@sentry/minimal/-/minimal-5.7.1.tgz", - "integrity": "sha512-nS/Dg+jWAZtcxQW8wKbkkw4dYvF6uyY/vDiz/jFCaux0LX0uhgXAC9gMOJmgJ/tYBLJ64l0ca5LzpZa7BMJQ0g==", + "version": "5.30.0", + "resolved": "https://registry.npmjs.org/@sentry/minimal/-/minimal-5.30.0.tgz", + "integrity": "sha512-BwWb/owZKtkDX+Sc4zCSTNcvZUq7YcH3uAVlmh/gtR9rmUvbzAA3ewLuB3myi4wWRAMEtny6+J/FN/x+2wn9Xw==", "requires": { - "@sentry/hub": "5.7.1", - "@sentry/types": "5.7.1", + "@sentry/hub": "5.30.0", + "@sentry/types": "5.30.0", "tslib": "^1.9.3" } }, "@sentry/node": { - "version": "5.7.1", - "resolved": "https://registry.npmjs.org/@sentry/node/-/node-5.7.1.tgz", - "integrity": "sha512-hVM10asFStrOhYZzMqFM7V1lrHkr1ydc2n/SFG0ZmIQxfTjCVElyXV/BJASIdqadM1fFIvvtD/EfgkTcZmub1g==", - "requires": { - "@sentry/core": "5.7.1", - "@sentry/hub": "5.7.1", - "@sentry/types": "5.7.1", - "@sentry/utils": "5.7.1", - "cookie": "^0.3.1", - "https-proxy-agent": "^3.0.0", + "version": "5.30.0", + "resolved": "https://registry.npmjs.org/@sentry/node/-/node-5.30.0.tgz", + "integrity": "sha512-Br5oyVBF0fZo6ZS9bxbJZG4ApAjRqAnqFFurMVJJdunNb80brh7a5Qva2kjhm+U6r9NJAB5OmDyPkA1Qnt+QVg==", + "requires": { + "@sentry/core": "5.30.0", + "@sentry/hub": "5.30.0", + "@sentry/tracing": "5.30.0", + "@sentry/types": "5.30.0", + "@sentry/utils": "5.30.0", + "cookie": "^0.4.1", + "https-proxy-agent": "^5.0.0", "lru_map": "^0.3.3", "tslib": "^1.9.3" }, "dependencies": { + "agent-base": { + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", + "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", + "requires": { + "debug": "4" + } + }, + "cookie": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.1.tgz", + "integrity": "sha512-ZwrFkGJxUR3EIoXtO+yVE69Eb7KlixbaeAWfBQB9vVsNn/o+Yw69gBWSSDK825hQNdN+wF8zELf3dFNl/kxkUA==" + }, "debug": { - "version": "3.2.6", - "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz", - "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz", + "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==", "requires": { - "ms": "^2.1.1" + "ms": "2.1.2" } }, "https-proxy-agent": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-3.0.0.tgz", - "integrity": "sha512-y4jAxNEihqvBI5F3SaO2rtsjIOnnNA8sEbuiP+UhJZJHeM2NRm6c09ax2tgqme+SgUUvjao2fJXF4h3D6Cb2HQ==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz", + "integrity": "sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA==", "requires": { - "agent-base": "^4.3.0", - "debug": "^3.1.0" + "agent-base": "6", + "debug": "4" } }, "ms": { @@ -2281,17 +2295,29 @@ } } }, + "@sentry/tracing": { + "version": "5.30.0", + "resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-5.30.0.tgz", + "integrity": "sha512-dUFowCr0AIMwiLD7Fs314Mdzcug+gBVo/+NCMyDw8tFxJkwWAKl7Qa2OZxLQ0ZHjakcj1hNKfCQJ9rhyfOl4Aw==", + "requires": { + "@sentry/hub": "5.30.0", + "@sentry/minimal": "5.30.0", + "@sentry/types": "5.30.0", + "@sentry/utils": "5.30.0", + "tslib": "^1.9.3" + } + }, "@sentry/types": { - "version": "5.7.1", - "resolved": "https://registry.npmjs.org/@sentry/types/-/types-5.7.1.tgz", - "integrity": "sha512-tbUnTYlSliXvnou5D4C8Zr+7/wJrHLbpYX1YkLXuIJRU0NSi81bHMroAuHWILcQKWhVjaV/HZzr7Y/hhWtbXVQ==" + "version": "5.30.0", + "resolved": "https://registry.npmjs.org/@sentry/types/-/types-5.30.0.tgz", + "integrity": "sha512-R8xOqlSTZ+htqrfteCWU5Nk0CDN5ApUTvrlvBuiH1DyP6czDZ4ktbZB0hAgBlVcK0U+qpD3ag3Tqqpa5Q67rPw==" }, "@sentry/utils": { - "version": "5.7.1", - "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-5.7.1.tgz", - "integrity": "sha512-nhirUKj/qFLsR1i9kJ5BRvNyzdx/E2vorIsukuDrbo8e3iZ11JMgCOVrmC8Eq9YkHBqgwX4UnrPumjFyvGMZ2Q==", + "version": "5.30.0", + "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-5.30.0.tgz", + "integrity": "sha512-zaYmoH0NWWtvnJjC9/CBseXMtKHm/tm40sz3YfJRxeQjyzRqNQPgivpd9R/oDJCYj999mzdW382p/qi2ypjLww==", "requires": { - "@sentry/types": "5.7.1", + "@sentry/types": "5.30.0", "tslib": "^1.9.3" } }, @@ -2981,6 +3007,7 @@ "version": "4.3.0", "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-4.3.0.tgz", "integrity": "sha512-salcGninV0nPrwpGNn4VTXBb1SOuXQBiqbrNXoeizJsHrsL6ERFM2Ne3JUSBWRE6aeNJI2ROP/WEEIDUiDe3cg==", + "dev": true, "requires": { "es6-promisify": "^5.0.0" } @@ -8848,6 +8875,7 @@ "version": "5.0.0", "resolved": "https://registry.npmjs.org/es6-promisify/-/es6-promisify-5.0.0.tgz", "integrity": "sha1-UQnWLz5W6pZ8S2NQWu8IKRyKUgM=", + "dev": true, "requires": { "es6-promise": "^4.0.3" }, @@ -8855,7 +8883,8 @@ "es6-promise": { "version": "4.2.8", "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-4.2.8.tgz", - "integrity": "sha512-HJDGx5daxeIvxdBxvG2cb9g4tEvwIk3i8+nhX0yGrYmZUzbkdg8QbDevheDB8gd0//uPj4c1EQua8Q+MViT0/w==" + "integrity": "sha512-HJDGx5daxeIvxdBxvG2cb9g4tEvwIk3i8+nhX0yGrYmZUzbkdg8QbDevheDB8gd0//uPj4c1EQua8Q+MViT0/w==", + "dev": true } } }, diff --git a/package.json b/package.json index 52496071653e1..aa4a497920a83 100644 --- a/package.json +++ b/package.json @@ -23,7 +23,7 @@ }, "dependencies": { "@hapi/joi": "^16.1.7", - "@sentry/node": "^5.7.1", + "@sentry/node": "^5.30.0", "bytes": "^3.1.0", "camelcase": "^5.3.1", "camp": "~17.2.4", From eba27bf7215b71132b314fa7bcd231dff40e4a04 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 28 May 2021 21:49:09 +0000 Subject: [PATCH 02/14] fix: upgrade ioredis from 4.14.1 to 4.27.2 Snyk has created this PR to upgrade ioredis from 4.14.1 to 4.27.2. See this package in npm: https://www.npmjs.com/package/ioredis See this project in Snyk: https://app.snyk.io/org/andruszd/project/ac12b093-bb9e-4263-96d0-fc072a46ea8c?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 44 +++++++++++++++++++++++++------------------- package.json | 2 +- 2 files changed, 26 insertions(+), 20 deletions(-) diff --git a/package-lock.json b/package-lock.json index 73f58b4360d01..173822c32b2d2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -7743,9 +7743,9 @@ "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" }, "denque": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/denque/-/denque-1.4.1.tgz", - "integrity": "sha512-OfzPuSZKGcgr96rf1oODnfjqBFmr1DVoc/TrItj3Ohe0Ah1C5WX5Baquw/9U9KovnQ88EqmJbD66rKYUQYN1tQ==" + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/denque/-/denque-1.5.0.tgz", + "integrity": "sha512-CYiCSgIF1p6EUByQPlGkKnP1M9g0ZV3qMIrqMqZqdwazygIA/YP2vrbcyl1h/WppKJTdl1F85cXIle+394iDAQ==" }, "depd": { "version": "1.1.2", @@ -14845,33 +14845,39 @@ "dev": true }, "ioredis": { - "version": "4.14.1", - "resolved": "https://registry.npmjs.org/ioredis/-/ioredis-4.14.1.tgz", - "integrity": "sha512-94W+X//GHM+1GJvDk6JPc+8qlM7Dul+9K+lg3/aHixPN7ZGkW6qlvX0DG6At9hWtH2v3B32myfZqWoANUJYGJA==", + "version": "4.27.2", + "resolved": "https://registry.npmjs.org/ioredis/-/ioredis-4.27.2.tgz", + "integrity": "sha512-7OpYymIthonkC2Jne5uGWXswdhlua1S1rWGAERaotn0hGJWTSURvxdHA9G6wNbT/qKCloCja/FHsfKXW8lpTmg==", "requires": { "cluster-key-slot": "^1.1.0", - "debug": "^4.1.1", + "debug": "^4.3.1", "denque": "^1.1.0", "lodash.defaults": "^4.2.0", "lodash.flatten": "^4.4.0", - "redis-commands": "1.5.0", + "p-map": "^2.1.0", + "redis-commands": "1.7.0", "redis-errors": "^1.2.0", "redis-parser": "^3.0.0", - "standard-as-callback": "^2.0.1" + "standard-as-callback": "^2.1.0" }, "dependencies": { "debug": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", - "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz", + "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==", "requires": { - "ms": "^2.1.1" + "ms": "2.1.2" } }, "ms": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, + "p-map": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/p-map/-/p-map-2.1.0.tgz", + "integrity": "sha512-y3b8Kpd8OAN444hxfBbFfj1FY/RjtTd8tzYwhUqNYXx0fXx2iX4maP4Qr6qhIKbQXI02wTLAda4fYUbDagTUFw==" } } }, @@ -22108,9 +22114,9 @@ } }, "redis-commands": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/redis-commands/-/redis-commands-1.5.0.tgz", - "integrity": "sha512-6KxamqpZ468MeQC3bkWmCB1fp56XL64D4Kf0zJSwDZbVLLm7KFkoIcHrgRvQ+sk8dnhySs7+yBg94yIkAK7aJg==" + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/redis-commands/-/redis-commands-1.7.0.tgz", + "integrity": "sha512-nJWqw3bTFy21hX/CPKHth6sfhZbdiHP6bTawSgQBlKOVRG7EZkfHbbHwQJnrE4vsQf0CMNE+3gJ4Fmm16vdVlQ==" }, "redis-errors": { "version": "1.2.0", @@ -23797,9 +23803,9 @@ "dev": true }, "standard-as-callback": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/standard-as-callback/-/standard-as-callback-2.0.1.tgz", - "integrity": "sha512-NQOxSeB8gOI5WjSaxjBgog2QFw55FV8TkS6Y07BiB3VJ8xNTvUYm0wl0s8ObgQ5NhdpnNfigMIKjgPESzgr4tg==" + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/standard-as-callback/-/standard-as-callback-2.1.0.tgz", + "integrity": "sha512-qoRRSyROncaz1z0mvYqIE4lCd9p2R90i6GxW3uZv5ucSu8tU7B5HXUP1gG8pVZsYNVaXjk8ClXHPttLyxAL48A==" }, "start-server-and-test": { "version": "1.10.6", diff --git a/package.json b/package.json index 52496071653e1..7c4770ca51251 100644 --- a/package.json +++ b/package.json @@ -42,7 +42,7 @@ "glob": "^7.1.5", "graphql": "^14.5.8", "graphql-tag": "^2.10.1", - "ioredis": "4.14.1", + "ioredis": "4.27.2", "joi-extension-semver": "4.0.0", "js-yaml": "^3.13.1", "jsonpath": "~1.0.2", From ea1ec89d6877bbd1d1521d72f16ec52f1935abea Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 28 May 2021 21:49:13 +0000 Subject: [PATCH 03/14] fix: upgrade query-string from 6.8.3 to 6.14.1 Snyk has created this PR to upgrade query-string from 6.8.3 to 6.14.1. See this package in npm: https://www.npmjs.com/package/query-string See this project in Snyk: https://app.snyk.io/org/andruszd/project/ac12b093-bb9e-4263-96d0-fc072a46ea8c?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 12 +++++++++--- package.json | 2 +- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 73f58b4360d01..328cb45cffd0b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10368,6 +10368,11 @@ "to-regex-range": "^2.1.0" } }, + "filter-obj": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/filter-obj/-/filter-obj-1.1.0.tgz", + "integrity": "sha1-mzERErxsYSehbgFsbF1/GeCAXFs=" + }, "finalhandler": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.1.2.tgz", @@ -21416,11 +21421,12 @@ "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==" }, "query-string": { - "version": "6.8.3", - "resolved": "https://registry.npmjs.org/query-string/-/query-string-6.8.3.tgz", - "integrity": "sha512-llcxWccnyaWlODe7A9hRjkvdCKamEKTh+wH8ITdTc3OhchaqUZteiSCX/2ablWHVrkVIe04dntnaZJ7BdyW0lQ==", + "version": "6.14.1", + "resolved": "https://registry.npmjs.org/query-string/-/query-string-6.14.1.tgz", + "integrity": "sha512-XDxAeVmpfu1/6IjyT/gXHOl+S0vQ9owggJ30hhWKdHAsNPOcasn5o9BW0eejZqL2e4vMjhAxoW3jVHcD6mbcYw==", "requires": { "decode-uri-component": "^0.2.0", + "filter-obj": "^1.1.0", "split-on-first": "^1.0.0", "strict-uri-encode": "^2.0.0" } diff --git a/package.json b/package.json index 52496071653e1..e7c8da2cfd31c 100644 --- a/package.json +++ b/package.json @@ -56,7 +56,7 @@ "pretty-bytes": "^5.3.0", "priorityqueuejs": "^1.0.0", "prom-client": "^11.5.3", - "query-string": "^6.8.3", + "query-string": "^6.14.1", "request": "~2.88.0", "semver": "~6.3.0", "simple-icons": "1.19.0", From 93d2e44a77e8f4c201ce32098e6c3278524ba64a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 28 May 2021 21:49:19 +0000 Subject: [PATCH 04/14] fix: upgrade fast-xml-parser from 3.14.0 to 3.19.0 Snyk has created this PR to upgrade fast-xml-parser from 3.14.0 to 3.19.0. See this package in npm: https://www.npmjs.com/package/fast-xml-parser See this project in Snyk: https://app.snyk.io/org/andruszd/project/ac12b093-bb9e-4263-96d0-fc072a46ea8c?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 73f58b4360d01..5b7eb10cd332b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10206,9 +10206,9 @@ "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=" }, "fast-xml-parser": { - "version": "3.14.0", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.14.0.tgz", - "integrity": "sha512-3SzQnPNtMVqaBVDzYqYt0BTaaLwkd45wTbsUsH1eiE9dnyc4b8mYcm1Q0Rcx9AWkeTj5UZFTTm55Io5yVWS1tg==" + "version": "3.19.0", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.19.0.tgz", + "integrity": "sha512-4pXwmBplsCPv8FOY1WRakF970TjNGnGnfbOnLqjlYvMiF1SR3yOHyxMR/YCXpPTOspNF5gwudqktIP4VsWkvBg==" }, "fastparse": { "version": "1.1.2", diff --git a/package.json b/package.json index 52496071653e1..4bef78260e818 100644 --- a/package.json +++ b/package.json @@ -36,7 +36,7 @@ "dotenv": "^8.2.0", "emojic": "^1.1.15", "escape-string-regexp": "^2.0.0", - "fast-xml-parser": "^3.14.0", + "fast-xml-parser": "^3.19.0", "fsos": "^1.1.6", "gh-badges": "file:gh-badges", "glob": "^7.1.5", From 841d5085a8031fcb0a210c36fa07e3cb7aecffbe Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 28 May 2021 21:49:23 +0000 Subject: [PATCH 05/14] fix: upgrade graphql-tag from 2.10.1 to 2.12.4 Snyk has created this PR to upgrade graphql-tag from 2.10.1 to 2.12.4. See this package in npm: https://www.npmjs.com/package/graphql-tag See this project in Snyk: https://app.snyk.io/org/andruszd/project/ac12b093-bb9e-4263-96d0-fc072a46ea8c?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 16 +++++++++++++--- package.json | 2 +- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 73f58b4360d01..1dc4486d9f97f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13582,9 +13582,19 @@ } }, "graphql-tag": { - "version": "2.10.1", - "resolved": "https://registry.npmjs.org/graphql-tag/-/graphql-tag-2.10.1.tgz", - "integrity": "sha512-jApXqWBzNXQ8jYa/HLkZJaVw9jgwNqZkywa2zfFn16Iv1Zb7ELNHkJaXHR7Quvd5SIGsy6Ny7SUKATgnu05uEg==" + "version": "2.12.4", + "resolved": "https://registry.npmjs.org/graphql-tag/-/graphql-tag-2.12.4.tgz", + "integrity": "sha512-VV1U4O+9x99EkNpNmCUV5RZwq6MnK4+pGbRYWG+lA/m3uo7TSqJF81OkcOP148gFP6fzdl7JWYBrwWVTS9jXww==", + "requires": { + "tslib": "^2.1.0" + }, + "dependencies": { + "tslib": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.2.0.tgz", + "integrity": "sha512-gS9GVHRU+RGn5KQM2rllAlR3dU6m7AcpJKdtH8gFvQiC4Otgk98XnmMU+nZenHt/+VhnBPWwgrJsyrdcw6i23w==" + } + } }, "graphql-type-json": { "version": "0.2.4", diff --git a/package.json b/package.json index 52496071653e1..6c7a49c8290ec 100644 --- a/package.json +++ b/package.json @@ -41,7 +41,7 @@ "gh-badges": "file:gh-badges", "glob": "^7.1.5", "graphql": "^14.5.8", - "graphql-tag": "^2.10.1", + "graphql-tag": "^2.12.4", "ioredis": "4.14.1", "joi-extension-semver": "4.0.0", "js-yaml": "^3.13.1", From b0a43f04baf72337067168bdaed9de81e782126a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 27 Jun 2021 02:11:22 +0000 Subject: [PATCH 06/14] fix: gh-badges/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-CSSWHAT-1298035 --- gh-badges/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gh-badges/package.json b/gh-badges/package.json index 7ee0566661760..399c82417e5de 100644 --- a/gh-badges/package.json +++ b/gh-badges/package.json @@ -38,7 +38,7 @@ "dot": "^1.1.2", "gm": "^1.23.0", "is-css-color": "^1.0.0", - "svgo": "^1.1.1" + "svgo": "^2.3.1" }, "scripts": { "test": "echo 'Run tests from parent dir'; false" From b9e962591984589a8fbb13c4cbde17bac1abc816 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 6 Jul 2021 15:01:34 +0000 Subject: [PATCH 07/14] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984 - https://snyk.io/vuln/SNYK-JS-XMLDOM-1084960 --- package-lock.json | 20 ++++++++++---------- package.json | 4 ++-- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/package-lock.json b/package-lock.json index 73f58b4360d01..5d12e1dd3ee5d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15966,13 +15966,13 @@ "dev": true }, "jsonpath": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/jsonpath/-/jsonpath-1.0.2.tgz", - "integrity": "sha512-rmzlgFZiQPc6q4HDyK8s9Qb4oxBnI5sF61y/Co5PV0lc3q2bIuRsNdueVbhoSHdKM4fxeimphOAtfz47yjCfeA==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/jsonpath/-/jsonpath-1.1.1.tgz", + "integrity": "sha512-l6Cg7jRpixfbgoWgkrl77dgEj8RPvND0wMH6TwQmi9Qs4TFfS9u5cUFnbeKTwj5ga5Y3BTGGNI28k117LJ009w==", "requires": { "esprima": "1.2.2", "static-eval": "2.0.2", - "underscore": "1.7.0" + "underscore": "1.12.1" }, "dependencies": { "esprima": { @@ -25437,9 +25437,9 @@ } }, "underscore": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.7.0.tgz", - "integrity": "sha1-a7rwh3UA02vjTsqlhODbn+8DUgk=" + "version": "1.12.1", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.12.1.tgz", + "integrity": "sha512-hEQt0+ZLDVUMhebKxL4x1BTtDY7bavVofhZ9KZ4aI26X9SRaE+Y3m83XUL1UP2jn8ynjndwCCpEHdUG+9pP1Tw==" }, "unicode-canonical-property-names-ecmascript": { "version": "1.0.4", @@ -26826,9 +26826,9 @@ "dev": true }, "xmldom": { - "version": "0.1.27", - "resolved": "https://registry.npmjs.org/xmldom/-/xmldom-0.1.27.tgz", - "integrity": "sha1-1QH5ezvbQDr4757MIFcxh6rawOk=" + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/xmldom/-/xmldom-0.5.0.tgz", + "integrity": "sha512-Foaj5FXVzgn7xFzsKeNIde9g6aFBxTPi37iwsno8QvApmtg7KYrr+OPyRHcJF7dud2a5nGRBXK3n0dL62Gf7PA==" }, "xmlhttprequest-ssl": { "version": "1.5.5", diff --git a/package.json b/package.json index 52496071653e1..f6dd68d481fd2 100644 --- a/package.json +++ b/package.json @@ -45,7 +45,7 @@ "ioredis": "4.14.1", "joi-extension-semver": "4.0.0", "js-yaml": "^3.13.1", - "jsonpath": "~1.0.2", + "jsonpath": "~1.1.1", "lodash.countby": "^4.6.0", "lodash.throttle": "^4.1.1", "lodash.times": "^4.3.2", @@ -60,7 +60,7 @@ "request": "~2.88.0", "semver": "~6.3.0", "simple-icons": "1.19.0", - "xmldom": "~0.1.27", + "xmldom": "~0.5.0", "xpath": "~0.0.27" }, "scripts": { From 1c6897e88e117aef6531a49fd1eb59ef50180bb9 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 7 Jul 2021 02:33:56 +0000 Subject: [PATCH 08/14] fix: upgrade config from 3.2.3 to 3.3.6 Snyk has created this PR to upgrade config from 3.2.3 to 3.3.6. See this package in npm: https://www.npmjs.com/package/config See this project in Snyk: https://app.snyk.io/org/andruszd/project/ac12b093-bb9e-4263-96d0-fc072a46ea8c?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 24 ++++++++++++++++++++---- package.json | 2 +- 2 files changed, 21 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 32cfafb7ad85e..e949b5e2181ba 100644 --- a/package-lock.json +++ b/package-lock.json @@ -6336,11 +6336,26 @@ } }, "config": { - "version": "3.2.3", - "resolved": "https://registry.npmjs.org/config/-/config-3.2.3.tgz", - "integrity": "sha512-pditxQzO+SkKX/2gs99YnUGEjmBVkTj2o/hGOgC0oYEU7QgLnVVDYmcSL6HiGels/8QtFJpFzi5iKYv4D0dalg==", + "version": "3.3.6", + "resolved": "https://registry.npmjs.org/config/-/config-3.3.6.tgz", + "integrity": "sha512-Hj5916C5HFawjYJat1epbyY2PlAgLpBtDUlr0MxGLgo3p5+7kylyvnRY18PqJHgnNWXcdd0eWDemT7eYWuFgwg==", "requires": { - "json5": "^1.0.1" + "json5": "^2.1.1" + }, + "dependencies": { + "json5": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.0.tgz", + "integrity": "sha512-f+8cldu7X/y7RAJurMEJmdoKXGB/X550w2Nr3tTbezL6RwEE/iMcm+tZnXeoZtKuOq6ft8+CqzEkrIgx1fPoQA==", + "requires": { + "minimist": "^1.2.5" + } + }, + "minimist": { + "version": "1.2.5", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", + "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + } } }, "configstore": { @@ -15996,6 +16011,7 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz", "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==", + "dev": true, "requires": { "minimist": "^1.2.0" } diff --git a/package.json b/package.json index 1bcff6230a760..b99c48529db07 100644 --- a/package.json +++ b/package.json @@ -30,7 +30,7 @@ "chalk": "^2.4.2", "check-node-version": "^4.0.1", "chrome-web-store-item-property": "~1.1.2", - "config": "^3.2.3", + "config": "^3.3.6", "cross-env": "^6.0.3", "decamelize": "^3.2.0", "dotenv": "^8.2.0", From 7ce47f283e88a1a5907be7baee122fa5344adfed Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 7 Jul 2021 02:33:59 +0000 Subject: [PATCH 09/14] fix: upgrade moment from 2.24.0 to 2.29.1 Snyk has created this PR to upgrade moment from 2.24.0 to 2.29.1. See this package in npm: https://www.npmjs.com/package/moment See this project in Snyk: https://app.snyk.io/org/andruszd/project/ac12b093-bb9e-4263-96d0-fc072a46ea8c?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 12 +++++++++--- package.json | 2 +- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 32cfafb7ad85e..677c01a385ce8 100644 --- a/package-lock.json +++ b/package-lock.json @@ -7349,6 +7349,12 @@ "cli-cursor": "^1.0.2" } }, + "moment": { + "version": "2.24.0", + "resolved": "https://registry.npmjs.org/moment/-/moment-2.24.0.tgz", + "integrity": "sha512-bV7f+6l2QigeBBZSM/6yTNq4P2fNpSWj/0e7jQcy87A8e7o2nAfP/34/2ky5Vw4B9S446EtIhodAzkFCcR4dQg==", + "dev": true + }, "ms": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", @@ -18100,9 +18106,9 @@ } }, "moment": { - "version": "2.24.0", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.24.0.tgz", - "integrity": "sha512-bV7f+6l2QigeBBZSM/6yTNq4P2fNpSWj/0e7jQcy87A8e7o2nAfP/34/2ky5Vw4B9S446EtIhodAzkFCcR4dQg==" + "version": "2.29.1", + "resolved": "https://registry.npmjs.org/moment/-/moment-2.29.1.tgz", + "integrity": "sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ==" }, "moo": { "version": "0.4.3", diff --git a/package.json b/package.json index 1bcff6230a760..77c92d0521124 100644 --- a/package.json +++ b/package.json @@ -49,7 +49,7 @@ "lodash.countby": "^4.6.0", "lodash.throttle": "^4.1.1", "lodash.times": "^4.3.2", - "moment": "^2.24.0", + "moment": "^2.29.1", "node-env-flag": "^0.1.0", "parse-link-header": "^1.0.1", "path-to-regexp": "^3.1.0", From 623e3d000702f7679abc3433bf7cb0713d436163 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 7 Jul 2021 02:34:03 +0000 Subject: [PATCH 10/14] fix: upgrade dotenv from 8.2.0 to 8.6.0 Snyk has created this PR to upgrade dotenv from 8.2.0 to 8.6.0. See this package in npm: https://www.npmjs.com/package/dotenv See this project in Snyk: https://app.snyk.io/org/andruszd/project/ac12b093-bb9e-4263-96d0-fc072a46ea8c?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 32cfafb7ad85e..024c320785e4c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8069,9 +8069,9 @@ } }, "dotenv": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-8.2.0.tgz", - "integrity": "sha512-8sJ78ElpbDJBHNeBzUbUVLsqKdccaa/BXF1uPTw3GrvQTBgrQrtObr2mUrE38vzYd8cEv+m/JBfDLioYcfXoaw==" + "version": "8.6.0", + "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-8.6.0.tgz", + "integrity": "sha512-IrPdXQsk2BbzvCBGBOTmmSH5SodmqZNt4ERAZDmW4CT+tL8VtvinqywuANaFu4bOMWki16nqf0e4oC0QIaDr/g==" }, "duplexer": { "version": "0.1.1", diff --git a/package.json b/package.json index 1bcff6230a760..737de6e3fe56e 100644 --- a/package.json +++ b/package.json @@ -33,7 +33,7 @@ "config": "^3.2.3", "cross-env": "^6.0.3", "decamelize": "^3.2.0", - "dotenv": "^8.2.0", + "dotenv": "^8.6.0", "emojic": "^1.1.15", "escape-string-regexp": "^2.0.0", "fast-xml-parser": "^3.19.0", From 79110702d384b911f2e060ca5a460831d7e55a11 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 7 Jul 2021 02:34:07 +0000 Subject: [PATCH 11/14] fix: upgrade xpath from 0.0.27 to 0.0.32 Snyk has created this PR to upgrade xpath from 0.0.27 to 0.0.32. See this package in npm: https://www.npmjs.com/package/xpath See this project in Snyk: https://app.snyk.io/org/andruszd/project/ac12b093-bb9e-4263-96d0-fc072a46ea8c?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 32cfafb7ad85e..95e7f69cc6b35 100644 --- a/package-lock.json +++ b/package-lock.json @@ -26887,9 +26887,9 @@ "integrity": "sha1-wodrBhaKrcQOV9l+gRkayPQ5iz4=" }, "xpath": { - "version": "0.0.27", - "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.27.tgz", - "integrity": "sha512-fg03WRxtkCV6ohClePNAECYsmpKKTv5L8y/X3Dn1hQrec3POx2jHZ/0P2qQ6HvsrU1BmeqXcof3NGGueG6LxwQ==" + "version": "0.0.32", + "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.32.tgz", + "integrity": "sha512-rxMJhSIoiO8vXcWvSifKqhvV96GjiD5wYb8/QHdoRyQvraTpp4IEv944nhGausZZ3u7dhQXteZuZbaqfpB7uYw==" }, "xregexp": { "version": "4.2.4", diff --git a/package.json b/package.json index 1bcff6230a760..a4792124d72cd 100644 --- a/package.json +++ b/package.json @@ -61,7 +61,7 @@ "semver": "~6.3.0", "simple-icons": "1.19.0", "xmldom": "~0.5.0", - "xpath": "~0.0.27" + "xpath": "~0.0.32" }, "scripts": { "coverage:test:server": "echo \"Deprecated; run `npm run coverage:test:core` instead.\" && npm run coverage:test:core", From 29e99bba096791736658a80db49c586fcd8ac727 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 7 Jul 2021 02:34:11 +0000 Subject: [PATCH 12/14] fix: upgrade ioredis from 4.27.2 to 4.27.6 Snyk has created this PR to upgrade ioredis from 4.27.2 to 4.27.6. See this package in npm: https://www.npmjs.com/package/ioredis See this project in Snyk: https://app.snyk.io/org/andruszd/project/ac12b093-bb9e-4263-96d0-fc072a46ea8c?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 12 ++++++------ package.json | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/package-lock.json b/package-lock.json index 32cfafb7ad85e..333a462d8c16d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -14889,9 +14889,9 @@ "dev": true }, "ioredis": { - "version": "4.27.2", - "resolved": "https://registry.npmjs.org/ioredis/-/ioredis-4.27.2.tgz", - "integrity": "sha512-7OpYymIthonkC2Jne5uGWXswdhlua1S1rWGAERaotn0hGJWTSURvxdHA9G6wNbT/qKCloCja/FHsfKXW8lpTmg==", + "version": "4.27.6", + "resolved": "https://registry.npmjs.org/ioredis/-/ioredis-4.27.6.tgz", + "integrity": "sha512-6W3ZHMbpCa8ByMyC1LJGOi7P2WiOKP9B3resoZOVLDhi+6dDBOW+KNsRq3yI36Hmnb2sifCxHX+YSarTeXh48A==", "requires": { "cluster-key-slot": "^1.1.0", "debug": "^4.3.1", @@ -14906,9 +14906,9 @@ }, "dependencies": { "debug": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz", - "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==", + "version": "4.3.2", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", + "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", "requires": { "ms": "2.1.2" } diff --git a/package.json b/package.json index 1bcff6230a760..9aa06ff70b01d 100644 --- a/package.json +++ b/package.json @@ -42,7 +42,7 @@ "glob": "^7.1.5", "graphql": "^14.5.8", "graphql-tag": "^2.12.4", - "ioredis": "4.27.2", + "ioredis": "4.27.6", "joi-extension-semver": "4.0.0", "js-yaml": "^3.13.1", "jsonpath": "~1.1.1", From 1430359a90eba0c5356784a8f767711b9169201a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 7 Jul 2021 18:07:41 +0000 Subject: [PATCH 13/14] fix: Dockerfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-ALPINE311-OPENSSL-587980 - https://snyk.io/vuln/SNYK-UPSTREAM-NODE-1055465 - https://snyk.io/vuln/SNYK-UPSTREAM-NODE-1243765 - https://snyk.io/vuln/SNYK-UPSTREAM-NODE-1315789 - https://snyk.io/vuln/SNYK-UPSTREAM-NODE-1315790 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 30d3ef6a09143..42507c1455269 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM node:8-alpine +FROM node:14.17.0-alpine RUN mkdir -p /usr/src/app RUN mkdir /usr/src/app/private From e0cf2a2f4487b76f31dd4b1b8cab5b4830737b1e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 28 Nov 2023 15:12:43 +0000 Subject: [PATCH 14/14] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NTHCHECK-1586032 - https://snyk.io/vuln/SNYK-JS-REQUEST-3361831 - https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873 --- package-lock.json | 300 ++++++++++++++++++---------------------------- package.json | 2 +- 2 files changed, 120 insertions(+), 182 deletions(-) diff --git a/package-lock.json b/package-lock.json index 6d254486dabbd..8f357eb304713 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1941,7 +1941,8 @@ "@hapi/address": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/@hapi/address/-/address-2.1.1.tgz", - "integrity": "sha512-DYuHzu978pP1XW1GD3HGvLnAFjbQTIgc2+V153FGkbS2pgo9haigCdwBnUDrbhaOkgiJlbZvoEqDrcxSLHpiWA==" + "integrity": "sha512-DYuHzu978pP1XW1GD3HGvLnAFjbQTIgc2+V153FGkbS2pgo9haigCdwBnUDrbhaOkgiJlbZvoEqDrcxSLHpiWA==", + "dev": true }, "@hapi/bourne": { "version": "1.3.2", @@ -2926,12 +2927,6 @@ "integrity": "sha512-NuHqBY1PB/D8xU6s/thBgOAiAP7HOYDQ32+BFZILJ8ivkUkAHQnWfn6WhL79Owj1qmUnoN/YPhktdIoucipkAQ==", "dev": true }, - "abab": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/abab/-/abab-1.0.4.tgz", - "integrity": "sha1-X6rZwsB/YN12dw9xzwJbYqY8/U4=", - "optional": true - }, "abbrev": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz", @@ -2971,21 +2966,6 @@ } } }, - "acorn": { - "version": "2.7.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-2.7.0.tgz", - "integrity": "sha1-q259nYhqrKiwhbwzEreaGYQz8Oc=", - "optional": true - }, - "acorn-globals": { - "version": "1.0.9", - "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-1.0.9.tgz", - "integrity": "sha1-VbtemGkVB7dFedBRNBMhfDgMVM8=", - "optional": true, - "requires": { - "acorn": "^2.1.0" - } - }, "acorn-jsx": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.0.1.tgz", @@ -5401,19 +5381,6 @@ "integrity": "sha512-FeKh/xUITytmx5fC709lzTnUJPDjeOrVZJ1cvkLwtxXJp8g0z7FY5heK5w1Iy8cYV5n563wCcnnxMjkAc4JzFA==", "dev": true }, - "cheerio": { - "version": "0.20.0", - "resolved": "https://registry.npmjs.org/cheerio/-/cheerio-0.20.0.tgz", - "integrity": "sha1-XHEPK6uVZTJyhCugHG6mGzVF7DU=", - "requires": { - "css-select": "~1.2.0", - "dom-serializer": "~0.1.0", - "entities": "~1.1.1", - "htmlparser2": "~3.8.1", - "jsdom": "^7.0.2", - "lodash": "^4.1.0" - } - }, "child-process-promise": { "version": "2.2.1", "resolved": "https://registry.npmjs.org/child-process-promise/-/child-process-promise-2.2.1.tgz", @@ -5557,18 +5524,89 @@ } }, "chrome-web-store-item-property": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/chrome-web-store-item-property/-/chrome-web-store-item-property-1.1.2.tgz", - "integrity": "sha1-I33zVsf8K9E93tbURvcSS1Pzj1I=", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/chrome-web-store-item-property/-/chrome-web-store-item-property-1.2.0.tgz", + "integrity": "sha512-I3OUL6dHOfYUAC1MgoR4xh07O2B0OUf8CWCZYL2QiItCy2Z0zUFyHWir8d14OLUoJw/cMl1GNb5ITPJCCa6wJw==", "requires": { - "array-includes": "^3.0.1", - "cheerio": "^0.20.0", + "array-includes": "^3.0.3", "create-error-class": "^3.0.0", - "es6-promise": "^3.0.2", + "es6-promise": "^4.2.8", + "htmlparser2": "^4.0.0", "is-ok": "^1.0.1", - "node-status-codes": "^2.0.0", - "object-assign": "^4.0.1", - "request": "^2.60.0" + "node-status-codes": "^3.0.0", + "object-assign": "^4.1.1", + "request": "^2.88.0" + }, + "dependencies": { + "dom-serializer": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-1.4.1.tgz", + "integrity": "sha512-VHwB3KfrcOOkelEG2ZOfxqLZdfkil8PtJi4P8N2MMXucZq2yLp75ClViUlOVwyoHEDjYU433Aq+5zWP61+RGag==", + "requires": { + "domelementtype": "^2.0.1", + "domhandler": "^4.2.0", + "entities": "^2.0.0" + }, + "dependencies": { + "domhandler": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-4.3.1.tgz", + "integrity": "sha512-GrwoxYN+uWlzO8uhUXRl0P+kHE4GtVPfYzVLcUxPL7KNdHKj66vvlhiweIHqYYXWlw+T8iLMp42Lm67ghw4WMQ==", + "requires": { + "domelementtype": "^2.2.0" + } + } + } + }, + "domelementtype": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-2.3.0.tgz", + "integrity": "sha512-OLETBj6w0OsagBwdXnPdN0cnMfF9opN69co+7ZrbfPGrdpPVNBUj02spi6B1N7wChLQiPn4CSH/zJvXw56gmHw==" + }, + "domhandler": { + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-3.3.0.tgz", + "integrity": "sha512-J1C5rIANUbuYK+FuFL98650rihynUOEzRLxW+90bKZRWB6A1X1Tf82GxR1qAWLyfNPRvjqfip3Q5tdYlmAa9lA==", + "requires": { + "domelementtype": "^2.0.1" + } + }, + "domutils": { + "version": "2.8.0", + "resolved": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz", + "integrity": "sha512-w96Cjofp72M5IIhpjgobBimYEfoPjx1Vx0BSX9P30WBdZW2WIKU0T1Bd0kz2eNZ9ikjKgHbEyKx8BB6H1L3h3A==", + "requires": { + "dom-serializer": "^1.0.1", + "domelementtype": "^2.2.0", + "domhandler": "^4.2.0" + }, + "dependencies": { + "domhandler": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-4.3.1.tgz", + "integrity": "sha512-GrwoxYN+uWlzO8uhUXRl0P+kHE4GtVPfYzVLcUxPL7KNdHKj66vvlhiweIHqYYXWlw+T8iLMp42Lm67ghw4WMQ==", + "requires": { + "domelementtype": "^2.2.0" + } + } + } + }, + "entities": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/entities/-/entities-2.2.0.tgz", + "integrity": "sha512-p92if5Nz619I0w+akJrLZH0MX0Pb5DX39XOwQTtXSdQQOaYH03S1uIQp4mhOZtAXrxq4ViO67YTiLBo2638o9A==" + }, + "htmlparser2": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-4.1.0.tgz", + "integrity": "sha512-4zDq1a1zhE4gQso/c5LP1OtrhYTncXNSpvJYtWJBtXAETPlMfi3IFNjGuQbYLuVY4ZR0QMqRVvo4Pdy9KLyP8Q==", + "requires": { + "domelementtype": "^2.0.1", + "domhandler": "^3.0.0", + "domutils": "^2.0.0", + "entities": "^2.0.0" + } + } } }, "ci-info": { @@ -6877,6 +6915,7 @@ "version": "1.2.0", "resolved": "https://registry.npmjs.org/css-select/-/css-select-1.2.0.tgz", "integrity": "sha1-KzoRBTnFNV8c2NMUYj6HCxIeyFg=", + "dev": true, "requires": { "boolbase": "~1.0.0", "css-what": "2.1", @@ -7072,21 +7111,6 @@ } } }, - "cssom": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.2.tgz", - "integrity": "sha1-uANhcMefB6kP8vFuIihAJ6JDhIs=", - "optional": true - }, - "cssstyle": { - "version": "0.2.37", - "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-0.2.37.tgz", - "integrity": "sha1-VBCXI0yyUTyDzu06zdwn/yeYfVQ=", - "optional": true, - "requires": { - "cssom": "0.3.x" - } - }, "csstype": { "version": "2.6.0", "resolved": "https://registry.npmjs.org/csstype/-/csstype-2.6.0.tgz", @@ -8062,6 +8086,7 @@ "version": "2.3.0", "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-2.3.0.tgz", "integrity": "sha1-LeWaCCLVAn+r/28DLCsloqir5zg=", + "dev": true, "requires": { "domelementtype": "1" } @@ -8070,6 +8095,7 @@ "version": "1.5.1", "resolved": "https://registry.npmjs.org/domutils/-/domutils-1.5.1.tgz", "integrity": "sha1-3NhIiib1Y9YQeeSMn3t+Mjc2gs8=", + "dev": true, "requires": { "dom-serializer": "0", "domelementtype": "1" @@ -8888,9 +8914,9 @@ "dev": true }, "es6-promise": { - "version": "3.3.1", - "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-3.3.1.tgz", - "integrity": "sha1-oIzd6EzNvzTQJ6FFG8kdS80ophM=" + "version": "4.2.8", + "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-4.2.8.tgz", + "integrity": "sha512-HJDGx5daxeIvxdBxvG2cb9g4tEvwIk3i8+nhX0yGrYmZUzbkdg8QbDevheDB8gd0//uPj4c1EQua8Q+MViT0/w==" }, "es6-promisify": { "version": "5.0.0", @@ -8899,14 +8925,6 @@ "dev": true, "requires": { "es6-promise": "^4.0.3" - }, - "dependencies": { - "es6-promise": { - "version": "4.2.8", - "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-4.2.8.tgz", - "integrity": "sha512-HJDGx5daxeIvxdBxvG2cb9g4tEvwIk3i8+nhX0yGrYmZUzbkdg8QbDevheDB8gd0//uPj4c1EQua8Q+MViT0/w==", - "dev": true - } } }, "escape-html": { @@ -11310,24 +11328,24 @@ "dev": true, "optional": true }, - "string-width": { - "version": "1.0.2", + "string_decoder": { + "version": "1.1.1", "bundled": true, "dev": true, "optional": true, "requires": { - "code-point-at": "^1.0.0", - "is-fullwidth-code-point": "^1.0.0", - "strip-ansi": "^3.0.0" + "safe-buffer": "~5.1.0" } }, - "string_decoder": { - "version": "1.1.1", + "string-width": { + "version": "1.0.2", "bundled": true, "dev": true, "optional": true, "requires": { - "safe-buffer": "~5.1.0" + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" } }, "strip-ansi": { @@ -13234,15 +13252,6 @@ "svgo": "^1.1.1" }, "dependencies": { - "@hapi/joi": { - "version": "15.0.3", - "resolved": "https://registry.npmjs.org/@hapi/joi/-/joi-15.0.3.tgz", - "integrity": "sha512-z6CesJ2YBwgVCi+ci8SI8zixoj8bGFn/vZb9MBPbSyoxsS2PnWYjHcyTM17VLK6tx64YVK38SDIh10hJypB+ig==", - "requires": { - "@hapi/address": "2.x.x", - "@hapi/topo": "3.x.x" - } - }, "anafanafo": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/anafanafo/-/anafanafo-1.0.0.tgz", @@ -14019,6 +14028,7 @@ "version": "3.8.3", "resolved": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-3.8.3.tgz", "integrity": "sha1-mWwosZFRaovoZQGn15dX5ccMEGg=", + "dev": true, "requires": { "domelementtype": "1", "domhandler": "2.3", @@ -14030,7 +14040,8 @@ "entities": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/entities/-/entities-1.0.0.tgz", - "integrity": "sha1-sph6o4ITR/zeZCsk/fyeT7cSvyY=" + "integrity": "sha1-sph6o4ITR/zeZCsk/fyeT7cSvyY=", + "dev": true } } }, @@ -15462,7 +15473,8 @@ "isarray": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", - "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=" + "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=", + "dev": true }, "isexe": { "version": "2.0.0", @@ -15939,29 +15951,6 @@ "integrity": "sha512-APGygIJrT5bbz5lsVt8vyLJC0miEbQf/z9ZBfTr4RYvdia8AhWMRlYgivvwHG5zKD/VW3d6qpChCy64hpQET3A==", "dev": true }, - "jsdom": { - "version": "7.2.2", - "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-7.2.2.tgz", - "integrity": "sha1-QLQCdwwr2iNGkJa+6Rq2deOx/G4=", - "optional": true, - "requires": { - "abab": "^1.0.0", - "acorn": "^2.4.0", - "acorn-globals": "^1.0.4", - "cssom": ">= 0.3.0 < 0.4.0", - "cssstyle": ">= 0.2.29 < 0.3.0", - "escodegen": "^1.6.1", - "nwmatcher": ">= 1.3.7 < 2.0.0", - "parse5": "^1.5.1", - "request": "^2.55.0", - "sax": "^1.1.4", - "symbol-tree": ">= 3.1.0 < 4.0.0", - "tough-cookie": "^2.2.0", - "webidl-conversions": "^2.0.0", - "whatwg-url-compat": "~0.6.5", - "xml-name-validator": ">= 2.0.1 < 3.0.0" - } - }, "jsesc": { "version": "2.5.1", "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.1.tgz", @@ -16691,7 +16680,8 @@ "lodash": { "version": "4.17.15", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" + "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==", + "dev": true }, "lodash.at": { "version": "4.6.0", @@ -17006,6 +16996,11 @@ "integrity": "sha512-G2Lj61tXDnVFFOi8VZds+SoQjtQC3dgokKdDG2mTm1tx4m50NUHBOZSBwQQHyy0V12A0JTG4icfZQH+xPyh8VA==", "dev": true }, + "lru_map": { + "version": "0.3.3", + "resolved": "https://registry.npmjs.org/lru_map/-/lru_map-0.3.3.tgz", + "integrity": "sha1-tcg1G5Rky9dQM1p5ZQoOwOVhGN0=" + }, "lru-cache": { "version": "4.1.1", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.1.tgz", @@ -17015,11 +17010,6 @@ "yallist": "^2.1.2" } }, - "lru_map": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/lru_map/-/lru_map-0.3.3.tgz", - "integrity": "sha1-tcg1G5Rky9dQM1p5ZQoOwOVhGN0=" - }, "ltcdr": { "version": "2.2.1", "resolved": "https://registry.npmjs.org/ltcdr/-/ltcdr-2.2.1.tgz", @@ -18387,7 +18377,7 @@ "resolved": "https://registry.npmjs.org/node-env-flag/-/node-env-flag-0.1.0.tgz", "integrity": "sha1-vn1DxRHCeBqg+GiOfY9Cb3WSS8U=", "requires": { - "chai": "^4.2.0" + "chai": "latest" }, "dependencies": { "chai": { @@ -18614,9 +18604,9 @@ } }, "node-status-codes": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/node-status-codes/-/node-status-codes-2.0.1.tgz", - "integrity": "sha1-KYBnZZy2iitGcKu+/eAqOBmYH1s=" + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/node-status-codes/-/node-status-codes-3.0.0.tgz", + "integrity": "sha512-sLrGak9EYPczM9zVeQ9chTOa75KPi6EQN3KRaxsNjcJ9bFpYqM6abhTP67/JTOpgUM2kGZFChTU1YrPyAq6cIw==" }, "node-version": { "version": "1.1.0", @@ -18918,12 +18908,6 @@ "integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0=", "dev": true }, - "nwmatcher": { - "version": "1.4.4", - "resolved": "https://registry.npmjs.org/nwmatcher/-/nwmatcher-1.4.4.tgz", - "integrity": "sha512-3iuY4N5dhgMpCUrOVnuAdGrgxVqV2cJpM+XNccjR2DKOB1RUP0aA+wGXEiNziG/UKboFyGBIoKOaNlJxx8bciQ==", - "optional": true - }, "nyc": { "version": "14.1.1", "resolved": "https://registry.npmjs.org/nyc/-/nyc-14.1.1.tgz", @@ -20134,12 +20118,6 @@ "protocols": "^1.4.0" } }, - "parse5": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/parse5/-/parse5-1.5.1.tgz", - "integrity": "sha1-m387DeMr543CQBsXVzzK8Pb1nZQ=", - "optional": true - }, "parseqs": { "version": "0.0.5", "resolved": "https://registry.npmjs.org/parseqs/-/parseqs-0.0.5.tgz", @@ -22088,6 +22066,7 @@ "version": "1.1.14", "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.1.14.tgz", "integrity": "sha1-fPTFTvZI44EwhMY23SB54WbAgdk=", + "dev": true, "requires": { "core-util-is": "~1.0.0", "inherits": "~2.0.1", @@ -24242,6 +24221,12 @@ "resolved": "https://registry.npmjs.org/strict-uri-encode/-/strict-uri-encode-2.0.0.tgz", "integrity": "sha1-ucczDHBChi9rFC3CdLvMWGbONUY=" }, + "string_decoder": { + "version": "0.10.31", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz", + "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=", + "dev": true + }, "string-argv": { "version": "0.3.1", "resolved": "https://registry.npmjs.org/string-argv/-/string-argv-0.3.1.tgz", @@ -24394,11 +24379,6 @@ } } }, - "string_decoder": { - "version": "0.10.31", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz", - "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=" - }, "stringify-object": { "version": "3.3.0", "resolved": "https://registry.npmjs.org/stringify-object/-/stringify-object-3.3.0.tgz", @@ -24688,12 +24668,6 @@ "integrity": "sha512-e900nM8RRtGhlV36KGEU9k65K3mPb1WV70OdjfxlG2EAuM1noi/E/BaW/uMhL7bPEssK8QV57vN3esixjUvcXQ==", "dev": true }, - "symbol-tree": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.2.tgz", - "integrity": "sha1-rifbOPZgp64uHDt9G8KQgZuFGeY=", - "optional": true - }, "table": { "version": "5.2.3", "resolved": "https://registry.npmjs.org/table/-/table-5.2.3.tgz", @@ -25229,21 +25203,6 @@ "nopt": "~1.0.10" } }, - "tough-cookie": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.3.3.tgz", - "integrity": "sha1-C2GKVWW23qkL80JdBNVe3EdadWE=", - "optional": true, - "requires": { - "punycode": "^1.4.1" - } - }, - "tr46": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", - "integrity": "sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o=", - "optional": true - }, "tree-kill": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/tree-kill/-/tree-kill-1.2.1.tgz", @@ -26081,12 +26040,6 @@ "minimalistic-assert": "^1.0.0" } }, - "webidl-conversions": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-2.0.1.tgz", - "integrity": "sha1-O/glj30xjHRDw28uFpQCoaZwNQY=", - "optional": true - }, "webpack": { "version": "4.41.2", "resolved": "https://registry.npmjs.org/webpack/-/webpack-4.41.2.tgz", @@ -26694,15 +26647,6 @@ } } }, - "whatwg-url-compat": { - "version": "0.6.5", - "resolved": "https://registry.npmjs.org/whatwg-url-compat/-/whatwg-url-compat-0.6.5.tgz", - "integrity": "sha1-AImBEa9om7CXVBzVpFymyHmERb8=", - "optional": true, - "requires": { - "tr46": "~0.0.1" - } - }, "whet.extend": { "version": "0.9.9", "resolved": "https://registry.npmjs.org/whet.extend/-/whet.extend-0.9.9.tgz", @@ -26886,12 +26830,6 @@ "integrity": "sha1-eLpyAgApxbyHuKgaPPzXS0ovweU=", "dev": true }, - "xml-name-validator": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-2.0.1.tgz", - "integrity": "sha1-TYuPHszTQZqjYgYb7O9RXh5VljU=", - "optional": true - }, "xmlcreate": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/xmlcreate/-/xmlcreate-2.0.1.tgz", diff --git a/package.json b/package.json index 5875df2e4eb27..1eef3990eaf6b 100644 --- a/package.json +++ b/package.json @@ -29,7 +29,7 @@ "camp": "~17.2.4", "chalk": "^2.4.2", "check-node-version": "^4.0.1", - "chrome-web-store-item-property": "~1.1.2", + "chrome-web-store-item-property": "~1.2.0", "config": "^3.3.6", "cross-env": "^6.0.3", "decamelize": "^3.2.0",