From 988642fbc1137dcb2f58c64bde52cb8c3f877e67 Mon Sep 17 00:00:00 2001 From: James Chartrand Date: Tue, 23 Jan 2018 14:49:22 -0500 Subject: [PATCH] fix: update browser-run to fix security vulnerability with electron --- package-lock.json | 369 ++++++++++++++++++++++++++++++++++++++++------ package.json | 2 +- 2 files changed, 323 insertions(+), 48 deletions(-) diff --git a/package-lock.json b/package-lock.json index 511c1ba..c576872 100644 --- a/package-lock.json +++ b/package-lock.json @@ -88,9 +88,9 @@ } }, "@types/node": { - "version": "7.0.46", - "resolved": "https://registry.npmjs.org/@types/node/-/node-7.0.46.tgz", - "integrity": "sha512-u+JAi1KtmaUoU/EHJkxoiuvzyo91FCE41Z9TZWWcOUU3P8oUdlDLdrGzCGWySPgbRMD17B0B+1aaJLYI9egQ6A==", + "version": "7.0.52", + "resolved": "https://registry.npmjs.org/@types/node/-/node-7.0.52.tgz", + "integrity": "sha512-jjpyQsKGsOF/wUElNjfPULk+d8PKvJOIXk3IUeBYYmNCy5dMWfrI+JiixYNw8ppKOlcRwWTXFl0B+i5oGrf95Q==", "dev": true }, "abbrev": { @@ -1250,9 +1250,9 @@ "dev": true, "requires": { "headless": "0.1.3", - "merge": "1.2.0", - "minimist": "0.0.10", - "mkdirp": "0.5.1", + "merge": "1.0.0", + "minimist": "0.0.5", + "mkdirp": "0.3.5", "plist": "0.2.1", "xtend": "4.0.1" }, @@ -1261,6 +1261,24 @@ "version": "0.1.3", "bundled": true, "dev": true + }, + "merge": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/merge/-/merge-1.0.0.tgz", + "integrity": "sha1-tEOrRtg3xJHmIiBWqw95M+yzVo8=", + "dev": true + }, + "minimist": { + "version": "0.0.5", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.5.tgz", + "integrity": "sha1-16oye87PUY+RBqxrjwA/o7zqhWY=", + "dev": true + }, + "mkdirp": { + "version": "0.3.5", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.3.5.tgz", + "integrity": "sha1-3j5fiWHIjHh+4TaN+EmsRBPsqNc=", + "dev": true } } }, @@ -1295,15 +1313,15 @@ } }, "browser-run": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/browser-run/-/browser-run-4.0.2.tgz", - "integrity": "sha1-su15nxECZW+aRWz/K+eJP4Gca8Y=", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/browser-run/-/browser-run-4.1.1.tgz", + "integrity": "sha512-80VokBH8g5EfT/4NgtxrC4ZUstxaR4dranZBWd0dfwLaRF5gvTWM04/rFB9ifal3NSO1O2Owvf6z2Md9CQM4vQ==", "dev": true, "requires": { "browser-launcher": "1.0.0", "duplexer": "0.1.1", "ecstatic": "2.2.1", - "electron-stream": "5.0.6", + "electron-stream": "5.1.1", "enstore": "1.0.1", "html-inject-script": "1.1.0", "optimist": "0.6.1", @@ -2235,17 +2253,25 @@ "requires": { "he": "1.1.1", "mime": "1.3.6", - "minimist": "0.0.10", - "url-join": "2.0.2" + "minimist": "1.2.0", + "url-join": "2.0.5" + }, + "dependencies": { + "minimist": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz", + "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=", + "dev": true + } } }, "electron": { - "version": "1.7.9", - "resolved": "https://registry.npmjs.org/electron/-/electron-1.7.9.tgz", - "integrity": "sha1-rdVOn4+D7QL2UZ7BATX2mLGTNs8=", + "version": "1.7.11", + "resolved": "https://registry.npmjs.org/electron/-/electron-1.7.11.tgz", + "integrity": "sha1-mTtqp54OeafPzDafTIE/vZoLCNk=", "dev": true, "requires": { - "@types/node": "7.0.46", + "@types/node": "7.0.52", "electron-download": "3.3.0", "extract-zip": "1.6.6" } @@ -2257,27 +2283,75 @@ "dev": true, "requires": { "debug": "2.6.8", - "fs-extra": "1.0.0", + "fs-extra": "0.30.0", "home-path": "1.0.5", - "minimist": "0.0.10", + "minimist": "1.2.0", "nugget": "2.0.1", "path-exists": "2.1.0", - "rc": "1.2.2", + "rc": "1.2.4", "semver": "5.3.0", "sumchecker": "1.3.1" + }, + "dependencies": { + "fs-extra": { + "version": "0.30.0", + "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-0.30.0.tgz", + "integrity": "sha1-8jP/zAjU2n1DLapEl3aYnbHfk/A=", + "dev": true, + "requires": { + "graceful-fs": "4.1.11", + "jsonfile": "2.4.0", + "klaw": "1.3.1", + "path-is-absolute": "1.0.1", + "rimraf": "2.6.2" + } + }, + "minimist": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz", + "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=", + "dev": true + } } }, "electron-stream": { - "version": "5.0.6", - "resolved": "https://registry.npmjs.org/electron-stream/-/electron-stream-5.0.6.tgz", - "integrity": "sha512-0Kf66Y9VBnvXZ3RX21C0GhLIaZjnEtxmcDkN9B3kW2bmS2SEc3rQ6YA60oaQCu+BboZ4zT3JvIyXuT42APBOXg==", + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/electron-stream/-/electron-stream-5.1.1.tgz", + "integrity": "sha512-3zFwB/LCjV912J5nX9QB2a8BRk8cl+ei2siuoQpXYzQ3HCscrsQRJSyWryQyil9U8d7J97mAs1XQIKPPWSmByA==", "dev": true, "requires": { "debug": "2.6.8", - "electron": "1.7.9", + "ecstatic": "3.1.1", + "electron": "1.7.11", "json-stringify-safe": "5.0.1", "stream-read": "1.1.2", "tempy": "0.1.0" + }, + "dependencies": { + "ecstatic": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/ecstatic/-/ecstatic-3.1.1.tgz", + "integrity": "sha512-D9UcjcxDMMqjaQxC0mSsFh/IjJSdiZVPnHrhjHuKXlhLByk5QGGPX1GUIDIjRzhTq4UDCPYwWblw79VBEh3r1w==", + "dev": true, + "requires": { + "he": "1.1.1", + "mime": "1.6.0", + "minimist": "1.2.0", + "url-join": "2.0.5" + } + }, + "mime": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/mime/-/mime-1.6.0.tgz", + "integrity": "sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg==", + "dev": true + }, + "minimist": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz", + "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=", + "dev": true + } } }, "elliptic": { @@ -2338,9 +2412,9 @@ } }, "es6-promise": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-4.1.1.tgz", - "integrity": "sha512-OaU1hHjgJf+b0NzsxCg7NdIYERD6Hy/PEmFLTjw+b65scuisG3Kt4QoTvJ66BBkPZ581gr0kpoVzKnxniM8nng==", + "version": "4.2.3", + "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-4.2.3.tgz", + "integrity": "sha512-vLf5iali3jKqlJoo6SryDwe3nxCmiueNjbjLWDIpNbAcKnQXAsAdZk+pM17nSYp3AQMbTmAQVCQSeDLfA87SNA==", "dev": true }, "escape-string-regexp": { @@ -2486,9 +2560,35 @@ "dev": true, "requires": { "concat-stream": "1.6.0", - "debug": "2.6.8", - "mkdirp": "0.5.1", + "debug": "2.6.9", + "mkdirp": "0.5.0", "yauzl": "2.4.1" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "dev": true, + "requires": { + "ms": "2.0.0" + } + }, + "minimist": { + "version": "0.0.8", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz", + "integrity": "sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0=", + "dev": true + }, + "mkdirp": { + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.0.tgz", + "integrity": "sha1-HXMHam35hs2TROFecfzAWkyavxI=", + "dev": true, + "requires": { + "minimist": "0.0.8" + } + } } }, "extsprintf": { @@ -3948,10 +4048,40 @@ "duplexer2": "0.0.2", "inherits": "2.0.3", "minimist": "0.0.10", - "readable-stream": "2.3.3", + "readable-stream": "1.1.14", "split": "0.3.3", "stream-splicer": "1.3.2", - "through2": "2.0.3" + "through2": "1.1.1" + }, + "dependencies": { + "isarray": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", + "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=", + "dev": true + }, + "readable-stream": { + "version": "1.1.14", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.1.14.tgz", + "integrity": "sha1-fPTFTvZI44EwhMY23SB54WbAgdk=", + "dev": true, + "requires": { + "core-util-is": "1.0.2", + "inherits": "2.0.3", + "isarray": "0.0.1", + "string_decoder": "0.10.31" + } + }, + "through2": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/through2/-/through2-1.1.1.tgz", + "integrity": "sha1-CEfLxESfNAVXTb3M2buEG4OsNUU=", + "dev": true, + "requires": { + "readable-stream": "1.1.14", + "xtend": "4.0.1" + } + } } }, "html-tokenize": { @@ -3962,8 +4092,53 @@ "requires": { "inherits": "2.0.3", "minimist": "0.0.10", - "readable-stream": "2.3.3", - "through2": "2.0.3" + "readable-stream": "1.0.34", + "through2": "0.4.2" + }, + "dependencies": { + "isarray": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", + "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=", + "dev": true + }, + "object-keys": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/object-keys/-/object-keys-0.4.0.tgz", + "integrity": "sha1-KKaq50KN0sOpLz2V8hM13SBOAzY=", + "dev": true + }, + "readable-stream": { + "version": "1.0.34", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.0.34.tgz", + "integrity": "sha1-Elgg40vIQtLyqq+v5MKRbuMsFXw=", + "dev": true, + "requires": { + "core-util-is": "1.0.2", + "inherits": "2.0.3", + "isarray": "0.0.1", + "string_decoder": "0.10.31" + } + }, + "through2": { + "version": "0.4.2", + "resolved": "https://registry.npmjs.org/through2/-/through2-0.4.2.tgz", + "integrity": "sha1-2/WGYDEVHsg1K7bE22SiKSqEC5s=", + "dev": true, + "requires": { + "readable-stream": "1.0.34", + "xtend": "2.1.2" + } + }, + "xtend": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/xtend/-/xtend-2.1.2.tgz", + "integrity": "sha1-bv7MKk2tjmlixJAbM3znuoe10os=", + "dev": true, + "requires": { + "object-keys": "0.4.0" + } + } } }, "htmlescape": { @@ -4391,9 +4566,9 @@ } }, "jquery": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/jquery/-/jquery-3.1.1.tgz", - "integrity": "sha1-NHwcIcfgBBFeCk2jLOzgQfrTyKM=" + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/jquery/-/jquery-3.2.1.tgz", + "integrity": "sha1-XE2d5lKvbNCncBVKYxu6ErAVx4c=" }, "js-tokens": { "version": "3.0.2", @@ -5141,12 +5316,20 @@ "dev": true, "requires": { "debug": "2.6.8", - "minimist": "0.0.10", + "minimist": "1.2.0", "pretty-bytes": "1.0.4", "progress-stream": "1.2.0", "request": "2.81.0", "single-line-log": "1.1.2", "throttleit": "0.0.2" + }, + "dependencies": { + "minimist": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz", + "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=", + "dev": true + } } }, "number-is-nan": { @@ -5530,7 +5713,52 @@ "dev": true, "requires": { "speedometer": "0.1.4", - "through2": "2.0.3" + "through2": "0.2.3" + }, + "dependencies": { + "isarray": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", + "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=", + "dev": true + }, + "object-keys": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/object-keys/-/object-keys-0.4.0.tgz", + "integrity": "sha1-KKaq50KN0sOpLz2V8hM13SBOAzY=", + "dev": true + }, + "readable-stream": { + "version": "1.1.14", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.1.14.tgz", + "integrity": "sha1-fPTFTvZI44EwhMY23SB54WbAgdk=", + "dev": true, + "requires": { + "core-util-is": "1.0.2", + "inherits": "2.0.3", + "isarray": "0.0.1", + "string_decoder": "0.10.31" + } + }, + "through2": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/through2/-/through2-0.2.3.tgz", + "integrity": "sha1-6zKE2k6jEbbMis42U3SKUqvyWj8=", + "dev": true, + "requires": { + "readable-stream": "1.1.14", + "xtend": "2.1.2" + } + }, + "xtend": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/xtend/-/xtend-2.1.2.tgz", + "integrity": "sha1-bv7MKk2tjmlixJAbM3znuoe10os=", + "dev": true, + "requires": { + "object-keys": "0.4.0" + } + } } }, "proto-list": { @@ -5627,15 +5855,23 @@ } }, "rc": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/rc/-/rc-1.2.2.tgz", - "integrity": "sha1-2M6ctX6NZNnHut2YdsfDTL48cHc=", + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/rc/-/rc-1.2.4.tgz", + "integrity": "sha1-oPYGyq4qO4YrvQ74VILAElsxX6M=", "dev": true, "requires": { "deep-extend": "0.4.2", "ini": "1.3.4", - "minimist": "0.0.10", + "minimist": "1.2.0", "strip-json-comments": "2.0.1" + }, + "dependencies": { + "minimist": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz", + "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=", + "dev": true + } } }, "read-only-stream": { @@ -5957,6 +6193,15 @@ "integrity": "sha1-jKCMLLtbVedNr6lr9/0aJ9VoyNA=", "dev": true }, + "rimraf": { + "version": "2.6.2", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.2.tgz", + "integrity": "sha512-lreewLK/BlghmxtfH36YYVg1i8IAce4TI7oao75I1g245+6BctqTVQiBP3YUJ9C6DQOXJmkYR9X9fCLtCOJc5w==", + "dev": true, + "requires": { + "glob": "7.1.2" + } + }, "ripemd160": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.1.tgz", @@ -6477,7 +6722,7 @@ "dev": true, "requires": { "debug": "2.6.8", - "es6-promise": "4.1.1" + "es6-promise": "4.2.3" } }, "supports-color": { @@ -6772,8 +7017,38 @@ "html-select": "2.3.24", "html-tokenize": "1.2.5", "inherits": "2.0.3", - "readable-stream": "2.3.3", - "through2": "2.0.3" + "readable-stream": "1.1.14", + "through2": "1.1.1" + }, + "dependencies": { + "isarray": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", + "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=", + "dev": true + }, + "readable-stream": { + "version": "1.1.14", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.1.14.tgz", + "integrity": "sha1-fPTFTvZI44EwhMY23SB54WbAgdk=", + "dev": true, + "requires": { + "core-util-is": "1.0.2", + "inherits": "2.0.3", + "isarray": "0.0.1", + "string_decoder": "0.10.31" + } + }, + "through2": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/through2/-/through2-1.1.1.tgz", + "integrity": "sha1-CEfLxESfNAVXTb3M2buEG4OsNUU=", + "dev": true, + "requires": { + "readable-stream": "1.1.14", + "xtend": "4.0.1" + } + } } }, "tty-browserify": { @@ -6893,9 +7168,9 @@ } }, "url-join": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/url-join/-/url-join-2.0.2.tgz", - "integrity": "sha1-wHJ1aWetJLi1nldBVRyqx49QuLc=", + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/url-join/-/url-join-2.0.5.tgz", + "integrity": "sha1-WvIvGMBSoACkjXuCxenC4v7tpyg=", "dev": true }, "urlgrey": { diff --git a/package.json b/package.json index bf7bd69..1bcc144 100644 --- a/package.json +++ b/package.json @@ -38,7 +38,7 @@ "devDependencies": { "babel-preset-es2015": "6.24.1", "babelify": "7.3.0", - "browser-run": "4.0.2", + "browser-run": "^4.1.1", "browserify": "14.3.0", "browserify-istanbul": "2.0.0", "codecov.io": "0.1.6",