From 04fad587efc2fd7d193be0cdf87d7e968efe529f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 2 Feb 2024 17:52:56 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AJV-584908 - https://snyk.io/vuln/SNYK-JS-JSONSCHEMA-1920922 - https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818 - https://snyk.io/vuln/SNYK-JS-MOMENT-2440688 - https://snyk.io/vuln/SNYK-JS-MOMENT-2944238 - https://snyk.io/vuln/SNYK-JS-QS-3153490 - https://snyk.io/vuln/npm:debug:20170905 --- package-lock.json | 126 +++++++++++++++++++++++++--------------------- package.json | 6 +-- 2 files changed, 72 insertions(+), 60 deletions(-) diff --git a/package-lock.json b/package-lock.json index b5ad1707d1db6..3f85e5547ee05 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,7 +1,7 @@ { "name": "nodejs.org", - "requires": true, "lockfileVersion": 1, + "requires": true, "dependencies": { "absolute": { "version": "0.0.1", @@ -2034,7 +2034,8 @@ }, "ansi-regex": { "version": "2.1.1", - "bundled": true + "bundled": true, + "optional": true }, "aproba": { "version": "1.2.0", @@ -2052,11 +2053,13 @@ }, "balanced-match": { "version": "1.0.0", - "bundled": true + "bundled": true, + "optional": true }, "brace-expansion": { "version": "1.1.11", "bundled": true, + "optional": true, "requires": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" @@ -2069,15 +2072,18 @@ }, "code-point-at": { "version": "1.1.0", - "bundled": true + "bundled": true, + "optional": true }, "concat-map": { "version": "0.0.1", - "bundled": true + "bundled": true, + "optional": true }, "console-control-strings": { "version": "1.1.0", - "bundled": true + "bundled": true, + "optional": true }, "core-util-is": { "version": "1.0.2", @@ -2180,7 +2186,8 @@ }, "inherits": { "version": "2.0.3", - "bundled": true + "bundled": true, + "optional": true }, "ini": { "version": "1.3.5", @@ -2190,6 +2197,7 @@ "is-fullwidth-code-point": { "version": "1.0.0", "bundled": true, + "optional": true, "requires": { "number-is-nan": "^1.0.0" } @@ -2202,17 +2210,20 @@ "minimatch": { "version": "3.0.4", "bundled": true, + "optional": true, "requires": { "brace-expansion": "^1.1.7" } }, "minimist": { "version": "0.0.8", - "bundled": true + "bundled": true, + "optional": true }, "minipass": { "version": "2.3.5", "bundled": true, + "optional": true, "requires": { "safe-buffer": "^5.1.2", "yallist": "^3.0.0" @@ -2229,6 +2240,7 @@ "mkdirp": { "version": "0.5.1", "bundled": true, + "optional": true, "requires": { "minimist": "0.0.8" } @@ -2301,7 +2313,8 @@ }, "number-is-nan": { "version": "1.0.1", - "bundled": true + "bundled": true, + "optional": true }, "object-assign": { "version": "4.1.1", @@ -2311,6 +2324,7 @@ "once": { "version": "1.4.0", "bundled": true, + "optional": true, "requires": { "wrappy": "1" } @@ -2386,7 +2400,8 @@ }, "safe-buffer": { "version": "5.1.2", - "bundled": true + "bundled": true, + "optional": true }, "safer-buffer": { "version": "2.1.2", @@ -2413,26 +2428,28 @@ "bundled": true, "optional": true }, - "string-width": { - "version": "1.0.2", + "string_decoder": { + "version": "1.1.1", "bundled": true, + "optional": true, "requires": { - "code-point-at": "^1.0.0", - "is-fullwidth-code-point": "^1.0.0", - "strip-ansi": "^3.0.0" + "safe-buffer": "~5.1.0" } }, - "string_decoder": { - "version": "1.1.1", + "string-width": { + "version": "1.0.2", "bundled": true, "optional": true, "requires": { - "safe-buffer": "~5.1.0" + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" } }, "strip-ansi": { "version": "3.0.1", "bundled": true, + "optional": true, "requires": { "ansi-regex": "^2.0.0" } @@ -2471,11 +2488,13 @@ }, "wrappy": { "version": "1.0.2", - "bundled": true + "bundled": true, + "optional": true }, "yallist": { "version": "3.0.3", - "bundled": true + "bundled": true, + "optional": true } } }, @@ -3661,9 +3680,9 @@ } }, "metalsmith-layouts": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/metalsmith-layouts/-/metalsmith-layouts-2.3.0.tgz", - "integrity": "sha512-WVWpySwnuqnE2CxMbvmZ+cKaGP1PVRcLOivicwNR3jjYcLTZ98XxKldgT+USD3rg52gWzDhAY9i8fYX8ZPBIUg==", + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/metalsmith-layouts/-/metalsmith-layouts-2.3.1.tgz", + "integrity": "sha512-zyJQiAKebqDttd6pgWEDIz2a3uqUmgWnrKx8P94wQRdtWHl5NiDHfibKZAcbzomfwu2PovE/Qc7WLyKIahfEvw==", "requires": { "debug": "^3.1.0", "inputformat-to-jstransformer": "^1.2.1", @@ -3725,13 +3744,13 @@ } }, "metalsmith-permalinks": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/metalsmith-permalinks/-/metalsmith-permalinks-2.1.0.tgz", - "integrity": "sha512-5VILbqJTey4vSxBTAaSqO81EcPm8wsey5kWq30p7/CQ3N15snBinaqCuRGhtbaTb87Bx/fnmJf7UdeuYhq0uoQ==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/metalsmith-permalinks/-/metalsmith-permalinks-2.2.0.tgz", + "integrity": "sha512-j8NMK+DcQvP2xLBhZb0jF81T2b/z937TD4mJz+eYTTMlawCFjcRWfU86vMzGeMciCTSELnXA7QLH7y8o8IEYVg==", "requires": { - "debug": "^4.1.0", - "moment": "^2.5.1", - "slugify": "^1.3.1", + "debug": "^4.1.1", + "moment": "^2.24.0", + "slugify": "^1.3.4", "substitute": "https://github.com/segmentio/substitute/archive/0.1.0.tar.gz" }, "dependencies": { @@ -4680,9 +4699,9 @@ "integrity": "sha1-8FKijacOYYkX7wqKw0wa5aaChrM=" }, "psl": { - "version": "1.1.31", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.1.31.tgz", - "integrity": "sha512-/6pt4+C+T+wZUieKR620OpzN/LlnNKuWjy1iFLQ/UG35JqHlR/89MP1d96dUfkf6Dne3TuLQzOYEYshJ+Hx8mw==" + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", + "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==" }, "punycode": { "version": "2.1.1", @@ -4864,9 +4883,9 @@ "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc=" }, "request": { - "version": "2.88.0", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.0.tgz", - "integrity": "sha512-NAqBSrijGLZdM0WZNsInLJpkJokL72XYjUpnB0iwsRgxh7dB6COrHnTBNwN0E+lHDAJzu7kLAkDeY08z2/A0hg==", + "version": "2.88.2", + "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", + "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", "requires": { "aws-sign2": "~0.7.0", "aws4": "^1.8.0", @@ -4875,7 +4894,7 @@ "extend": "~3.0.2", "forever-agent": "~0.6.1", "form-data": "~2.3.2", - "har-validator": "~5.1.0", + "har-validator": "~5.1.3", "http-signature": "~1.2.0", "is-typedarray": "~1.0.0", "isstream": "~0.1.2", @@ -4885,7 +4904,7 @@ "performance-now": "^2.1.0", "qs": "~6.5.2", "safe-buffer": "^5.1.2", - "tough-cookie": "~2.4.3", + "tough-cookie": "~2.5.0", "tunnel-agent": "^0.6.0", "uuid": "^3.3.2" }, @@ -5453,6 +5472,14 @@ "resolved": "https://registry.npmjs.org/strftime/-/strftime-0.10.0.tgz", "integrity": "sha1-s/D6QZKVICpaKJ9ta+n0kJphcZM=" }, + "string_decoder": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.2.0.tgz", + "integrity": "sha512-6YqyX6ZWEYguAxgZzHGL7SsCeGx3V2TtOTqZz1xSTSWnqsbWwbptafNyvf/ACquZUXV3DANr5BDIwNYe1mN42w==", + "requires": { + "safe-buffer": "~5.1.0" + } + }, "string-width": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz", @@ -5475,14 +5502,6 @@ "function-bind": "^1.0.2" } }, - "string_decoder": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.2.0.tgz", - "integrity": "sha512-6YqyX6ZWEYguAxgZzHGL7SsCeGx3V2TtOTqZz1xSTSWnqsbWwbptafNyvf/ACquZUXV3DANr5BDIwNYe1mN42w==", - "requires": { - "safe-buffer": "~5.1.0" - } - }, "strip-ansi": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", @@ -6090,19 +6109,12 @@ "integrity": "sha512-gVweAectJU3ebq//Ferr2JUY4WKSDe5N+z0FvjDncLGyHmIDoxgY/2Ie4qfEIDm4IS7OA6Rmdm7pdEEdMcV/xQ==" }, "tough-cookie": { - "version": "2.4.3", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.4.3.tgz", - "integrity": "sha512-Q5srk/4vDM54WJsJio3XNn6K2sCG+CQ8G5Wz6bZhRZoAe/+TxjWB/GlFAnYEbkYVlON9FMk/fE3h2RLpPXo4lQ==", + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", + "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", "requires": { - "psl": "^1.1.24", - "punycode": "^1.4.1" - }, - "dependencies": { - "punycode": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz", - "integrity": "sha1-wNWmOycYgArY4esPpSachN1BhF4=" - } + "psl": "^1.1.28", + "punycode": "^2.1.1" } }, "tunnel-agent": { diff --git a/package.json b/package.json index 2ab91ea3a42d9..47105cb9f8735 100644 --- a/package.json +++ b/package.json @@ -46,17 +46,17 @@ "metalsmith-discover-helpers": "^0.1.1", "metalsmith-discover-partials": "^0.1.2", "metalsmith-feed": "1.0.0", - "metalsmith-layouts": "2.3.0", + "metalsmith-layouts": "2.3.1", "metalsmith-markdown": "^1.2.0", "metalsmith-metadata": "0.0.4", - "metalsmith-permalinks": "^2.0.0", + "metalsmith-permalinks": "^2.2.0", "metalsmith-prism": "3.1.1", "metalsmith-stylus": "3.0.0", "metalsmith-yearly-pagination": "^2.0.1", "ncp": "2.0.0", "node-version-data": "1.0.1", "octonode": "^0.9.5", - "request": "^2.88.0", + "request": "^2.88.2", "require-dir": "1.0.0", "semver": "5.6.0", "st": "1.2.2",