From 9465b26636e1c6e6f1b88be59ab327c8e8011b5a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 1 Feb 2020 07:52:55 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DOTPROP-543489 --- package-lock.json | 171 +++++++++++++++++++++++++++------------------- package.json | 2 +- 2 files changed, 103 insertions(+), 70 deletions(-) diff --git a/package-lock.json b/package-lock.json index d9662fd580cbbe..ec3f13c576cd18 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2374,6 +2374,34 @@ } } }, + "@snyk/configstore": { + "version": "3.2.0-rc1", + "resolved": "https://registry.npmjs.org/@snyk/configstore/-/configstore-3.2.0-rc1.tgz", + "integrity": "sha512-CV3QggFY8BY3u8PdSSlUGLibqbqCG1zJRmGM2DhnhcxQDRRPTGTP//l7vJphOVsUP1Oe23+UQsj7KRWpRUZiqg==", + "requires": { + "dot-prop": "^5.2.0", + "graceful-fs": "^4.1.2", + "make-dir": "^1.0.0", + "unique-string": "^1.0.0", + "write-file-atomic": "^2.0.0", + "xdg-basedir": "^3.0.0" + }, + "dependencies": { + "dot-prop": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-5.2.0.tgz", + "integrity": "sha512-uEUyaDKoSQ1M4Oq8l45hSE26SnTxL6snNnqvK/VWx5wJhmff5z0FUVJDKDanor/6w3kzE3i7XZOk+7wC0EXr1A==", + "requires": { + "is-obj": "^2.0.0" + } + }, + "is-obj": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-obj/-/is-obj-2.0.0.tgz", + "integrity": "sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==" + } + } + }, "@snyk/dep-graph": { "version": "1.13.1", "resolved": "https://registry.npmjs.org/@snyk/dep-graph/-/dep-graph-1.13.1.tgz", @@ -2450,6 +2478,30 @@ } } }, + "@snyk/update-notifier": { + "version": "2.5.1-rc1", + "resolved": "https://registry.npmjs.org/@snyk/update-notifier/-/update-notifier-2.5.1-rc1.tgz", + "integrity": "sha512-cIK+dMUsXBl4K9AKg5EYhdxWts0tAUvyu1WePse+tjzX4E9poME/wojkDrWQl1/SKLlhA559ftiOODmVa1adCg==", + "requires": { + "@snyk/configstore": "3.2.0-rc1", + "boxen": "^1.2.1", + "chalk": "^2.0.1", + "import-lazy": "^2.1.0", + "is-ci": "^1.0.10", + "is-installed-globally": "^0.1.0", + "is-npm": "^1.0.0", + "latest-version": "^3.0.0", + "semver-diff": "^2.0.0", + "xdg-basedir": "^3.0.0" + }, + "dependencies": { + "import-lazy": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/import-lazy/-/import-lazy-2.1.0.tgz", + "integrity": "sha1-BWmOPUXIjo1+nZLLBYTnfwlvPkM=" + } + } + }, "@tannin/compile": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/@tannin/compile/-/compile-1.0.1.tgz", @@ -2505,9 +2557,9 @@ "integrity": "sha512-EaObqwIvayI5a8dCzhFrjKzVwKLxjoG9T6Ppd5CEo07LRKfQ8Yokw54r5+Wq7FaBQ+yXRvQAYPrHwya1/UFt9g==" }, "@types/js-yaml": { - "version": "3.12.1", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-3.12.1.tgz", - "integrity": "sha512-SGGAhXLHDx+PK4YLNcNGa6goPf9XRWQNAUUbffkwVGGXIxmDKWyGGL4inzq2sPmExu431Ekb9aEMn9BkPqEYFA==" + "version": "3.12.2", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-3.12.2.tgz", + "integrity": "sha512-0CFu/g4mDSNkodVwWijdlr8jH7RoplRWNgovjFLEZeT+QEbbZXjBmCe3HwaWheAlCbHwomTwzZoSedeOycABug==" }, "@types/node": { "version": "10.12.2", @@ -6144,19 +6196,6 @@ "proto-list": "~1.2.1" } }, - "configstore": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/configstore/-/configstore-3.1.2.tgz", - "integrity": "sha512-vtv5HtGjcYUgFrXc6Kx747B83MRRVS5R1VTEQoXvuP+kMI+if6uywV0nDGoiydJRy4yk7h9od5Og0kxx4zUXmw==", - "requires": { - "dot-prop": "^4.1.0", - "graceful-fs": "^4.1.2", - "make-dir": "^1.0.0", - "unique-string": "^1.0.0", - "write-file-atomic": "^2.0.0", - "xdg-basedir": "^3.0.0" - } - }, "console-browserify": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/console-browserify/-/console-browserify-1.1.0.tgz", @@ -7575,9 +7614,9 @@ "dev": true }, "dockerfile-ast": { - "version": "0.0.16", - "resolved": "https://registry.npmjs.org/dockerfile-ast/-/dockerfile-ast-0.0.16.tgz", - "integrity": "sha512-+HZToHjjiLPl46TqBrok5dMrg5oCkZFPSROMQjRmvin0zG4FxK0DJXTpV/CUPYY2zpmEvVza55XLwSHFx/xZMw==", + "version": "0.0.18", + "resolved": "https://registry.npmjs.org/dockerfile-ast/-/dockerfile-ast-0.0.18.tgz", + "integrity": "sha512-SEp95qCox1KAzf8BBtjHoBDD0a7/eNlZJ6fgDf9RxqeSEDwLuEN9YjdZ/tRlkrYLxXR4i+kqZzS4eDRSqs8VKQ==", "requires": { "vscode-languageserver-types": "^3.5.0" } @@ -7658,6 +7697,7 @@ "version": "4.2.0", "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-4.2.0.tgz", "integrity": "sha512-tUMXrxlExSW6U2EXiiKGSBVdYgtV8qlHL+C10TsW4PURY/ic+eaysnSkwB4kA/mBlCyy/IKDJ+Lc3wbWeaXtuQ==", + "dev": true, "requires": { "is-obj": "^1.0.0" } @@ -8344,6 +8384,21 @@ "integrity": "sha1-Qa4u62XvpiJorr/qg6x9eSmbCIc=", "dev": true }, + "event-loop-spinner": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/event-loop-spinner/-/event-loop-spinner-1.1.0.tgz", + "integrity": "sha512-YVFs6dPpZIgH665kKckDktEVvSBccSYJmoZUfhNUdv5d3Xv+Q+SKF4Xis1jolq9aBzuW1ZZhQh/m/zU/TPdDhw==", + "requires": { + "tslib": "^1.10.0" + }, + "dependencies": { + "tslib": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.10.0.tgz", + "integrity": "sha512-qOebF53frne81cf0S9B41ByenJ3/IuH8yJKngAX35CmiZySA0khhkovshKK+jGCaMnVomla7gVlIcc3EvKPbTQ==" + } + } + }, "events": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/events/-/events-3.0.0.tgz", @@ -11773,7 +11828,8 @@ "is-obj": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/is-obj/-/is-obj-1.0.1.tgz", - "integrity": "sha1-PkcprB9f3gJc19g6iW2rn09n2w8=" + "integrity": "sha1-PkcprB9f3gJc19g6iW2rn09n2w8=", + "dev": true }, "is-path-inside": { "version": "2.0.0", @@ -21627,21 +21683,22 @@ } }, "snyk": { - "version": "1.278.2", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.278.2.tgz", - "integrity": "sha512-FJxBh26FJuBQdpzQmvqTxiiKwVEGAgCjXmYw6K0MlwvHt/bdd71SjIUSs2RxABxGomeCBX+0Releo4scuO0UwA==", + "version": "1.290.1", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.290.1.tgz", + "integrity": "sha512-8fB+b+trI5a6mU5cAKXOU2RG15xxr++4zYxkfNpkFkhbUqkcLsJtXD4H7Pcs6vXcOvoiEafyziPTpYurPFDXBQ==", "requires": { "@snyk/cli-interface": "2.3.0", + "@snyk/configstore": "^3.2.0-rc1", "@snyk/dep-graph": "1.13.1", "@snyk/gemfile": "1.2.0", "@snyk/snyk-cocoapods-plugin": "2.0.1", + "@snyk/update-notifier": "^2.5.1-rc1", "@types/agent-base": "^4.2.0", "@types/restify": "^4.3.6", "abbrev": "^1.1.1", "ansi-escapes": "3.2.0", "chalk": "^2.4.2", "cli-spinner": "0.2.10", - "configstore": "^3.1.2", "debug": "^3.1.0", "diff": "^4.0.1", "git-url-parse": "11.1.2", @@ -21655,16 +21712,16 @@ "proxy-from-env": "^1.0.0", "semver": "^6.0.0", "snyk-config": "^2.2.1", - "snyk-docker-plugin": "1.33.1", + "snyk-docker-plugin": "1.38.0", "snyk-go-plugin": "1.11.1", "snyk-gradle-plugin": "3.2.4", "snyk-module": "1.9.1", - "snyk-mvn-plugin": "2.7.0", + "snyk-mvn-plugin": "2.8.0", "snyk-nodejs-lockfile-parser": "1.17.0", "snyk-nuget-plugin": "1.16.0", "snyk-php-plugin": "1.7.0", "snyk-policy": "1.13.5", - "snyk-python-plugin": "1.16.0", + "snyk-python-plugin": "1.17.0", "snyk-resolve": "1.0.1", "snyk-resolve-deps": "4.4.0", "snyk-sbt-plugin": "2.11.0", @@ -21674,7 +21731,6 @@ "strip-ansi": "^5.2.0", "tempfile": "^2.0.0", "then-fs": "^2.0.0", - "update-notifier": "^2.5.0", "uuid": "^3.3.2", "wrap-ansi": "^5.1.0" }, @@ -21819,12 +21875,13 @@ } }, "snyk-docker-plugin": { - "version": "1.33.1", - "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-1.33.1.tgz", - "integrity": "sha512-xfs3DN1tPMTh6J8x2341wGK4HRr+pI5+i/YRuRmsslnBnwk/DkKYcbt8zOIWk6kzMoW8vo+9LqqXBQO/24szKg==", + "version": "1.38.0", + "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-1.38.0.tgz", + "integrity": "sha512-43HbJj6QatuL2BNG+Uq2Taa73wdfSQSID8FJWW4q5/LYgd9D+RtdiE4lAMwxqYYbvThU9uuza4epuF/B1CAlYw==", "requires": { "debug": "^4.1.1", - "dockerfile-ast": "0.0.16", + "dockerfile-ast": "0.0.18", + "event-loop-spinner": "^1.1.0", "semver": "^6.1.0", "tar-stream": "^2.1.0", "tslib": "^1" @@ -21939,11 +21996,11 @@ } }, "snyk-mvn-plugin": { - "version": "2.7.0", - "resolved": "https://registry.npmjs.org/snyk-mvn-plugin/-/snyk-mvn-plugin-2.7.0.tgz", - "integrity": "sha512-DLBt+6ZvtoleXE7Si3wAa6gdPSWsXdIQEY6m2zW2InN9WiaRwIEKMCY822eFmRPZVNNmZNRUIeQsoHZwv/slqQ==", + "version": "2.8.0", + "resolved": "https://registry.npmjs.org/snyk-mvn-plugin/-/snyk-mvn-plugin-2.8.0.tgz", + "integrity": "sha512-Jt6lsVOFOYj7rp0H2IWz/BZS9xxaO0jEFTAoafLCocJIWWuGhPpVocCqmh/hrYAdKY9gS4gVOViMJ3EvcC1r1Q==", "requires": { - "@snyk/cli-interface": "2.2.0", + "@snyk/cli-interface": "2.3.1", "debug": "^4.1.1", "lodash": "^4.17.15", "needle": "^2.4.0", @@ -21952,9 +22009,9 @@ }, "dependencies": { "@snyk/cli-interface": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@snyk/cli-interface/-/cli-interface-2.2.0.tgz", - "integrity": "sha512-sA7V2JhgqJB9z5uYotgQc5iNDv//y+Mdm39rANxmFjtZMSYJZHkP80arzPjw1mB5ni/sWec7ieYUUFeySZBfVg==", + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/@snyk/cli-interface/-/cli-interface-2.3.1.tgz", + "integrity": "sha512-JZvsmhDXSyjv1dkc12lPI3tNTNYlIaOiIQMYFg2RgqF3QmWjTyBUgRZcF7LoKyufHtS4dIudM6k1aHBpSaDrhw==", "requires": { "tslib": "^1.9.3" } @@ -22121,9 +22178,9 @@ } }, "snyk-python-plugin": { - "version": "1.16.0", - "resolved": "https://registry.npmjs.org/snyk-python-plugin/-/snyk-python-plugin-1.16.0.tgz", - "integrity": "sha512-IA53xOcy1s881tbIrIXNqIuCNozd4PAVWN8oF0xgRn2NQbq0e7EWt7kFPJbmZodpLCDpXaKKqV2MHbXruFIsrw==", + "version": "1.17.0", + "resolved": "https://registry.npmjs.org/snyk-python-plugin/-/snyk-python-plugin-1.17.0.tgz", + "integrity": "sha512-EKdVOUlvhiVpXA5TeW8vyxYVqbITAfT+2AbL2ZRiiUNLP5ae+WiNYaPy7aB5HAS9IKBKih+IH8Ag65Xu1IYSYA==", "requires": { "@snyk/cli-interface": "^2.0.3", "tmp": "0.0.33" @@ -24194,30 +24251,6 @@ "integrity": "sha512-bzpH/oBhoS/QI/YtbkqCg6VEiPYjSZtrHQM6/QnJS6OL9pKUFLqb3aFh4Scvwm45+7iAgiMkLhSbaZxUqmrprw==", "dev": true }, - "update-notifier": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/update-notifier/-/update-notifier-2.5.0.tgz", - "integrity": "sha512-gwMdhgJHGuj/+wHJJs9e6PcCszpxR1b236igrOkUofGhqJuG+amlIKwApH1IW1WWl7ovZxsX49lMBWLxSdm5Dw==", - "requires": { - "boxen": "^1.2.1", - "chalk": "^2.0.1", - "configstore": "^3.0.0", - "import-lazy": "^2.1.0", - "is-ci": "^1.0.10", - "is-installed-globally": "^0.1.0", - "is-npm": "^1.0.0", - "latest-version": "^3.0.0", - "semver-diff": "^2.0.0", - "xdg-basedir": "^3.0.0" - }, - "dependencies": { - "import-lazy": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/import-lazy/-/import-lazy-2.1.0.tgz", - "integrity": "sha1-BWmOPUXIjo1+nZLLBYTnfwlvPkM=" - } - } - }, "uri-js": { "version": "4.2.2", "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz", @@ -24415,9 +24448,9 @@ } }, "vscode-languageserver-types": { - "version": "3.15.0", - "resolved": "https://registry.npmjs.org/vscode-languageserver-types/-/vscode-languageserver-types-3.15.0.tgz", - "integrity": "sha512-AXteNagMhBWnZ6gNN0UB4HTiD/7TajgfHl6jaM6O7qz3zDJw0H3Jf83w05phihnBRCML+K6Ockh8f8bL0OObPw==" + "version": "3.15.1", + "resolved": "https://registry.npmjs.org/vscode-languageserver-types/-/vscode-languageserver-types-3.15.1.tgz", + "integrity": "sha512-+a9MPUQrNGRrGU630OGbYVQ+11iOIovjCkqxajPa9w57Sd5ruK8WQNsslzpa0x/QJqC8kRc2DUxWjIFwoNm4ZQ==" }, "w3c-hr-time": { "version": "1.0.1", diff --git a/package.json b/package.json index 562857b747dccb..b63258bbf5af3c 100644 --- a/package.json +++ b/package.json @@ -55,7 +55,7 @@ "@wordpress/url": "file:packages/url", "@wordpress/viewport": "file:packages/viewport", "@wordpress/wordcount": "file:packages/wordcount", - "snyk": "^1.278.2" + "snyk": "^1.290.1" }, "devDependencies": { "@babel/core": "7.2.2",