From ea47bd5313d1cf281b316059580fffd6f096a106 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 18 Jan 2022 04:17:18 +0000 Subject: [PATCH] fix: samples/client/petstore/javascript-flowtyped/package.json & samples/client/petstore/javascript-flowtyped/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118 --- .../javascript-flowtyped/package-lock.json | 37 +++++++++++++++++-- .../javascript-flowtyped/package.json | 2 +- 2 files changed, 35 insertions(+), 4 deletions(-) diff --git a/samples/client/petstore/javascript-flowtyped/package-lock.json b/samples/client/petstore/javascript-flowtyped/package-lock.json index 5c5f680b4159..db7774e9470f 100644 --- a/samples/client/petstore/javascript-flowtyped/package-lock.json +++ b/samples/client/petstore/javascript-flowtyped/package-lock.json @@ -1616,6 +1616,11 @@ "parse-json": "^4.0.0" } }, + "data-uri-to-buffer": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-4.0.0.tgz", + "integrity": "sha512-Vr3mLBA8qWmcuschSLAOogKgQ/Jwxulv3RNE4FXnYWRGujzrRWQI4m12fQqRkwX06C0KanhLr4hK+GydchZsaA==" + }, "debug": { "version": "2.6.9", "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", @@ -1902,6 +1907,14 @@ } } }, + "fetch-blob": { + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/fetch-blob/-/fetch-blob-3.1.3.tgz", + "integrity": "sha512-ax1Y5I9w+9+JiM+wdHkhBoxew+zG4AJ2SvAD1v1szpddUIiPERVGBxrMcB2ZqW0Y3PP8bOWYv2zqQq1Jp2kqUQ==", + "requires": { + "web-streams-polyfill": "^3.0.3" + } + }, "file-uri-to-path": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz", @@ -2075,6 +2088,14 @@ "dev": true, "optional": true }, + "formdata-polyfill": { + "version": "4.0.10", + "resolved": "https://registry.npmjs.org/formdata-polyfill/-/formdata-polyfill-4.0.10.tgz", + "integrity": "sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==", + "requires": { + "fetch-blob": "^3.1.2" + } + }, "fragment-cache": { "version": "0.2.1", "resolved": "https://registry.npmjs.org/fragment-cache/-/fragment-cache-0.2.1.tgz", @@ -2748,9 +2769,14 @@ } }, "node-fetch": { - "version": "2.6.1", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.1.tgz", - "integrity": "sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw==" + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-3.1.1.tgz", + "integrity": "sha512-SMk+vKgU77PYotRdWzqZGTZeuFKlsJ0hu4KPviQKkfY+N3vn2MIzr0rvpnYpR8MtB3IEuhlEcuOLbGvLRlA+yg==", + "requires": { + "data-uri-to-buffer": "^4.0.0", + "fetch-blob": "^3.1.3", + "formdata-polyfill": "^4.0.10" + } }, "node-releases": { "version": "1.1.55", @@ -3748,6 +3774,11 @@ "object.getownpropertydescriptors": "^2.1.0" } }, + "web-streams-polyfill": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/web-streams-polyfill/-/web-streams-polyfill-3.2.0.tgz", + "integrity": "sha512-EqPmREeOzttaLRm5HS7io98goBgZ7IVz79aDvqjD0kYXLtFZTc0T/U6wHTPKyIjb+MdN7DFIIX6hgdBEpWmfPA==" + }, "whatwg-fetch": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/whatwg-fetch/-/whatwg-fetch-3.0.0.tgz", diff --git a/samples/client/petstore/javascript-flowtyped/package.json b/samples/client/petstore/javascript-flowtyped/package.json index dd3050b26d2b..22f5c8de12ab 100644 --- a/samples/client/petstore/javascript-flowtyped/package.json +++ b/samples/client/petstore/javascript-flowtyped/package.json @@ -20,7 +20,7 @@ }, "dependencies": { "portable-fetch": "^3.0.0", - "node-fetch": ">=2.6.1" + "node-fetch": ">=3.1.1" }, "devDependencies": { "@babel/cli": "^7.0.0",