From 6c5a4daefb7f433868fe22161c778ff7a72133ff Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 20 Sep 2019 02:49:37 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/npm:adm-zip:20180415 - https://snyk.io/vuln/npm:ejs:20161128 - https://snyk.io/vuln/npm:st:20140206 --- package-lock.json | 107 ++++------------------------------------------ package.json | 6 +-- 2 files changed, 12 insertions(+), 101 deletions(-) diff --git a/package-lock.json b/package-lock.json index 47f5ec03a7c..e87dc3bd404 100644 --- a/package-lock.json +++ b/package-lock.json @@ -78,9 +78,9 @@ "dev": true }, "adm-zip": { - "version": "0.4.7", - "resolved": "https://registry.npmjs.org/adm-zip/-/adm-zip-0.4.7.tgz", - "integrity": "sha1-hgbCy/HEJs6MjsABdER/1Jtur8E=" + "version": "0.4.11", + "resolved": "https://registry.npmjs.org/adm-zip/-/adm-zip-0.4.11.tgz", + "integrity": "sha512-L8vcjDTCOIJk7wFvmlEUN7AsSb8T+2JrdP7KINBjzr24TJ5Mwj590sLu3BC7zNZowvJWa/JtPmD8eJCzdtDWjA==" }, "ansi-regex": { "version": "2.1.1", @@ -207,14 +207,6 @@ "integrity": "sha512-ccav/yGvoa80BQDljCxsmmQ3Xvx60/UpBIij5QN21W3wBi/hhIC9OoO+KLpu9IJTS9j4DRVJ3aDDF9cMSoa2lw==", "dev": true }, - "basic-auth": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/basic-auth/-/basic-auth-2.0.1.tgz", - "integrity": "sha512-NF+epuEdnUYVlGuhaxbbq+dvJttwLnGY+YixlXlME5KpQ5W3CnXA5cVTneY3SPbPDRkcjMbifrwmFYcClgOZeg==", - "requires": { - "safe-buffer": "5.1.2" - } - }, "bcrypt-pbkdf": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", @@ -1274,9 +1266,9 @@ "integrity": "sha1-jJshKJjYzZ8alDZlDOe+ICyen/A=" }, "ejs": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-1.0.0.tgz", - "integrity": "sha1-ycYKSKRu5FL7MqccMXuV5aofyz0=" + "version": "2.5.3", + "resolved": "https://registry.npmjs.org/ejs/-/ejs-2.5.3.tgz", + "integrity": "sha1-v+rh4vf6UcRSd2n8qhTFynPrXkc=" }, "ejs-locals": { "version": "1.0.2", @@ -2119,37 +2111,6 @@ "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.0.tgz", "integrity": "sha1-IWnPdTjhsMyH+4jhUC2EdLv3mGQ=" }, - "method-override": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/method-override/-/method-override-3.0.0.tgz", - "integrity": "sha512-IJ2NNN/mSl9w3kzWB92rcdHpz+HjkxhDJWNDBqSlas+zQdP8wBiJzITPg08M/k2uVvMow7Sk41atndNtt/PHSA==", - "requires": { - "debug": "3.1.0", - "methods": "~1.1.2", - "parseurl": "~1.3.2", - "vary": "~1.1.2" - }, - "dependencies": { - "debug": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz", - "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==", - "requires": { - "ms": "2.0.0" - } - }, - "ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" - }, - "vary": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", - "integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw=" - } - } - }, "methods": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz", @@ -2324,51 +2285,6 @@ } } }, - "morgan": { - "version": "1.9.1", - "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.9.1.tgz", - "integrity": "sha512-HQStPIV4y3afTiCYVxirakhlCfGkI161c76kKFca7Fk1JusM//Qeo1ej2XaMniiNeaZklMVrh3vTtIzpzwbpmA==", - "requires": { - "basic-auth": "~2.0.0", - "debug": "2.6.9", - "depd": "~1.1.2", - "on-finished": "~2.3.0", - "on-headers": "~1.0.1" - }, - "dependencies": { - "debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", - "requires": { - "ms": "2.0.0" - } - }, - "depd": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", - "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=" - }, - "ee-first": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", - "integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=" - }, - "ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" - }, - "on-finished": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.3.0.tgz", - "integrity": "sha1-IPEzZIGwg811M3mSoWlxqi2QaUc=", - "requires": { - "ee-first": "1.1.1" - } - } - } - }, "mpath": { "version": "0.1.1", "resolved": "https://registry.npmjs.org/mpath/-/mpath-0.1.1.tgz", @@ -4282,11 +4198,6 @@ "ee-first": "1.0.5" } }, - "on-headers": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz", - "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==" - }, "once": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", @@ -4842,9 +4753,9 @@ } }, "st": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/st/-/st-0.2.4.tgz", - "integrity": "sha1-lzGPVUhf/L5whuIrQNYXWJI8/6A=", + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/st/-/st-0.2.5.tgz", + "integrity": "sha1-HkFn+l29cv5sl/yw059lKBr044o=", "requires": { "async-cache": "~0.1.2", "fd": "~0.0.2", diff --git a/package.json b/package.json index a63eeb5e30e..95d1141cdf1 100644 --- a/package.json +++ b/package.json @@ -17,14 +17,14 @@ }, "dependencies": { "@snyk/nodejs-runtime-agent": "^1.31.0", - "adm-zip": "0.4.7", + "adm-zip": "0.4.11", "body-parser": "1.9.0", "cfenv": "^1.0.4", "consolidate": "0.14.5", "cookie-parser": "1.3.3", "dustjs-helpers": "1.5.0", "dustjs-linkedin": "2.5.0", - "ejs": "1.0.0", + "ejs": "2.5.3", "ejs-locals": "1.0.2", "errorhandler": "1.2.0", "express": "4.12.4", @@ -41,7 +41,7 @@ "ms": "^0.7.1", "npmconf": "0.0.24", "optional": "^0.1.3", - "st": "0.2.4", + "st": "0.2.5", "stream-buffers": "^3.0.1", "tap": "^5.7.0" },