From b37f2cfa2614ea50f466fb8759353d67d4310992 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 15 Aug 2024 09:10:57 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-7361793 --- package-lock.json | 89 +++++++++-------------------------------------- package.json | 2 +- 2 files changed, 18 insertions(+), 73 deletions(-) diff --git a/package-lock.json b/package-lock.json index e51345f..4b615c0 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12,7 +12,7 @@ "@onesignal/node-onesignal": "^1.0.0-beta9", "@sentry/node": "^7.74.0", "@sentry/tracing": "^7.74.0", - "axios": "^1.6.0", + "axios": "^1.7.4", "bcrypt": "^5.1.1", "cors": "^2.8.5", "express": "^4.18.2", @@ -1405,19 +1405,6 @@ "node": ">=8" } }, - "node_modules/@sentry/core": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.23.0.tgz", - "integrity": "sha512-oNLGsscSdMs1urCbpwe868NsoJWyeTOQXOm5w2e78yE7G6zm2Ra473NQio3lweaEvjQgSGpFyEfAn/3ubZbtPw==", - "dependencies": { - "@sentry/types": "7.23.0", - "@sentry/utils": "7.23.0", - "tslib": "^1.9.3" - }, - "engines": { - "node": ">=8" - } - }, "node_modules/@sentry/node": { "version": "7.74.0", "resolved": "https://registry.npmjs.org/@sentry/node/-/node-7.74.0.tgz", @@ -1480,26 +1467,6 @@ "node": ">=8" } }, - "node_modules/@sentry/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.23.0.tgz", - "integrity": "sha512-fZ5XfVRswVZhKoCutQ27UpIHP16tvyc6ws+xq+njHv8Jg8gFBCoOxlJxuFhegD2xxylAn1aiSHNAErFWdajbpA==", - "engines": { - "node": ">=8" - } - }, - "node_modules/@sentry/utils": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.23.0.tgz", - "integrity": "sha512-ad/XXH03MfgDH/7N7FjKEOVaKrfQWdMaE0nCxZCr2RrvlitlmGQmPpms95epr1CpzSU3BDRImlILx6+TlrXOgg==", - "dependencies": { - "@sentry/types": "7.23.0", - "tslib": "^1.9.3" - }, - "engines": { - "node": ">=8" - } - }, "node_modules/@sinclair/typebox": { "version": "0.27.8", "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", @@ -2016,11 +1983,12 @@ "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" }, "node_modules/axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", + "version": "1.7.4", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.4.tgz", + "integrity": "sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw==", + "license": "MIT", "dependencies": { - "follow-redirects": "^1.15.0", + "follow-redirects": "^1.15.6", "form-data": "^4.0.0", "proxy-from-env": "^1.1.0" } @@ -3095,15 +3063,16 @@ } }, "node_modules/follow-redirects": { - "version": "1.15.2", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz", - "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==", + "version": "1.15.6", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", + "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", "funding": [ { "type": "individual", "url": "https://github.com/sponsors/RubenVerborgh" } ], + "license": "MIT", "engines": { "node": ">=4.0" }, @@ -7826,16 +7795,6 @@ } } }, - "@sentry/core": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.23.0.tgz", - "integrity": "sha512-oNLGsscSdMs1urCbpwe868NsoJWyeTOQXOm5w2e78yE7G6zm2Ra473NQio3lweaEvjQgSGpFyEfAn/3ubZbtPw==", - "requires": { - "@sentry/types": "7.23.0", - "@sentry/utils": "7.23.0", - "tslib": "^1.9.3" - } - }, "@sentry/node": { "version": "7.74.0", "resolved": "https://registry.npmjs.org/@sentry/node/-/node-7.74.0.tgz", @@ -7885,20 +7844,6 @@ "@sentry-internal/tracing": "7.74.0" } }, - "@sentry/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.23.0.tgz", - "integrity": "sha512-fZ5XfVRswVZhKoCutQ27UpIHP16tvyc6ws+xq+njHv8Jg8gFBCoOxlJxuFhegD2xxylAn1aiSHNAErFWdajbpA==" - }, - "@sentry/utils": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.23.0.tgz", - "integrity": "sha512-ad/XXH03MfgDH/7N7FjKEOVaKrfQWdMaE0nCxZCr2RrvlitlmGQmPpms95epr1CpzSU3BDRImlILx6+TlrXOgg==", - "requires": { - "@sentry/types": "7.23.0", - "tslib": "^1.9.3" - } - }, "@sinclair/typebox": { "version": "0.27.8", "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", @@ -8362,11 +8307,11 @@ "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" }, "axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", + "version": "1.7.4", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.4.tgz", + "integrity": "sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw==", "requires": { - "follow-redirects": "^1.15.0", + "follow-redirects": "^1.15.6", "form-data": "^4.0.0", "proxy-from-env": "^1.1.0" } @@ -9174,9 +9119,9 @@ } }, "follow-redirects": { - "version": "1.15.2", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz", - "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==" + "version": "1.15.6", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", + "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==" }, "foreground-child": { "version": "3.1.1", diff --git a/package.json b/package.json index a95adc3..06fb7c1 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ "@onesignal/node-onesignal": "^1.0.0-beta9", "@sentry/node": "^7.74.0", "@sentry/tracing": "^7.74.0", - "axios": "^1.6.0", + "axios": "^1.7.4", "bcrypt": "^5.1.1", "cors": "^2.8.5", "express": "^4.18.2",