From b2b82c48e1c46377d19550559afac1d068ba23cb Mon Sep 17 00:00:00 2001 From: Baptiste Arnaud Date: Mon, 6 Nov 2023 16:24:26 +0100 Subject: [PATCH] :arrow_up: Upgrade Sentry to mitigate security issue https://github.com/getsentry/sentry-javascript/security?mkt_tok=Nzc2LU1KTi01MDEAAAGPNi0ooiOxT0sphdzXd6xHU63d5z5Sc75FNR8cH-6EK-zlvUsUuUqP1YsmnxivxEyXnGZS2cN8XkpuNNGi3NIfoDnwoHci-31tbyJQB8y0Cg --- apps/builder/package.json | 2 +- apps/viewer/package.json | 2 +- packages/bot-engine/package.json | 2 +- packages/lib/package.json | 2 +- pnpm-lock.yaml | 156 +++++++++++++++---------------- 5 files changed, 80 insertions(+), 84 deletions(-) diff --git a/apps/builder/package.json b/apps/builder/package.json index 700f3401e30..252e9e7bbd9 100644 --- a/apps/builder/package.json +++ b/apps/builder/package.json @@ -26,7 +26,7 @@ "@giphy/react-components": "7.1.0", "@googleapis/drive": "8.0.0", "@paralleldrive/cuid2": "2.2.1", - "@sentry/nextjs": "7.73.0", + "@sentry/nextjs": "7.77.0", "@tanstack/react-query": "4.29.19", "@tanstack/react-table": "8.9.3", "@tolgee/format-icu": "5.13.3", diff --git a/apps/viewer/package.json b/apps/viewer/package.json index addf26315d3..40f476b8e77 100644 --- a/apps/viewer/package.json +++ b/apps/viewer/package.json @@ -12,7 +12,7 @@ }, "dependencies": { "@planetscale/database": "1.8.0", - "@sentry/nextjs": "7.73.0", + "@sentry/nextjs": "7.77.0", "@trpc/server": "10.40.0", "@typebot.io/bot-engine": "workspace:*", "@typebot.io/nextjs": "workspace:*", diff --git a/packages/bot-engine/package.json b/packages/bot-engine/package.json index a45410dd7cf..1f43d88dc6f 100644 --- a/packages/bot-engine/package.json +++ b/packages/bot-engine/package.json @@ -8,7 +8,7 @@ "dependencies": { "@paralleldrive/cuid2": "2.2.1", "@planetscale/database": "1.8.0", - "@sentry/nextjs": "7.73.0", + "@sentry/nextjs": "7.77.0", "@trpc/server": "10.40.0", "@typebot.io/emails": "workspace:*", "@typebot.io/env": "workspace:*", diff --git a/packages/lib/package.json b/packages/lib/package.json index fed4faefd6f..f521eea85a7 100644 --- a/packages/lib/package.json +++ b/packages/lib/package.json @@ -22,7 +22,7 @@ "nodemailer": "6.7.8" }, "dependencies": { - "@sentry/nextjs": "7.73.0", + "@sentry/nextjs": "7.77.0", "@trpc/server": "10.40.0", "@udecode/plate-common": "21.1.5", "got": "12.6.0", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index e260dc3c0f7..ab666ed66b6 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -75,8 +75,8 @@ importers: specifier: 2.2.1 version: 2.2.1 '@sentry/nextjs': - specifier: 7.73.0 - version: 7.73.0(next@13.5.4)(react@18.2.0) + specifier: 7.77.0 + version: 7.77.0(next@13.5.4)(react@18.2.0) '@tanstack/react-query': specifier: 4.29.19 version: 4.29.19(react-dom@18.2.0)(react@18.2.0) @@ -513,8 +513,8 @@ importers: specifier: 1.8.0 version: 1.8.0 '@sentry/nextjs': - specifier: 7.73.0 - version: 7.73.0(next@13.5.4)(react@18.2.0) + specifier: 7.77.0 + version: 7.77.0(next@13.5.4)(react@18.2.0) '@trpc/server': specifier: 10.40.0 version: 10.40.0 @@ -649,8 +649,8 @@ importers: specifier: 1.8.0 version: 1.8.0 '@sentry/nextjs': - specifier: 7.73.0 - version: 7.73.0(next@13.5.4)(react@18.2.0) + specifier: 7.77.0 + version: 7.77.0(next@13.5.4)(react@18.2.0) '@trpc/server': specifier: 10.40.0 version: 10.40.0 @@ -1192,8 +1192,8 @@ importers: packages/lib: dependencies: '@sentry/nextjs': - specifier: 7.73.0 - version: 7.73.0(next@13.5.4)(react@18.2.0) + specifier: 7.77.0 + version: 7.77.0(next@13.5.4)(react@18.2.0) '@trpc/server': specifier: 10.40.0 version: 10.40.0 @@ -8199,26 +8199,24 @@ packages: resolution: {integrity: sha512-6i/8UoL0P5y4leBIGzvkZdS85RDMG9y1ihZzmTZQ5LdHUYmZ7pKFoj8X0236s3lusPs1Fa5HTQUpwI+UfTcmeA==} dev: false - /@sentry-internal/tracing@7.73.0: - resolution: {integrity: sha512-ig3WL/Nqp8nRQ52P205NaypGKNfIl/G+cIqge9xPW6zfRb5kJdM1YParw9GSJ1SPjEZBkBORGAML0on5H2FILw==} + /@sentry-internal/tracing@7.77.0: + resolution: {integrity: sha512-8HRF1rdqWwtINqGEdx8Iqs9UOP/n8E0vXUu3Nmbqj4p5sQPA7vvCfq+4Y4rTqZFc7sNdFpDsRION5iQEh8zfZw==} engines: {node: '>=8'} dependencies: - '@sentry/core': 7.73.0 - '@sentry/types': 7.73.0 - '@sentry/utils': 7.73.0 - tslib: 2.6.0 + '@sentry/core': 7.77.0 + '@sentry/types': 7.77.0 + '@sentry/utils': 7.77.0 dev: false - /@sentry/browser@7.73.0: - resolution: {integrity: sha512-e301hUixcJ5+HNKCJwajFF5smF4opXEFSclyWsJuFNufv5J/1C1SDhbwG2JjBt5zzdSoKWJKT1ewR6vpICyoDw==} + /@sentry/browser@7.77.0: + resolution: {integrity: sha512-nJ2KDZD90H8jcPx9BysQLiQW+w7k7kISCWeRjrEMJzjtge32dmHA8G4stlUTRIQugy5F+73cOayWShceFP7QJQ==} engines: {node: '>=8'} dependencies: - '@sentry-internal/tracing': 7.73.0 - '@sentry/core': 7.73.0 - '@sentry/replay': 7.73.0 - '@sentry/types': 7.73.0 - '@sentry/utils': 7.73.0 - tslib: 2.6.0 + '@sentry-internal/tracing': 7.77.0 + '@sentry/core': 7.77.0 + '@sentry/replay': 7.77.0 + '@sentry/types': 7.77.0 + '@sentry/utils': 7.77.0 dev: false /@sentry/cli@1.75.2: @@ -8238,31 +8236,29 @@ packages: - supports-color dev: false - /@sentry/core@7.73.0: - resolution: {integrity: sha512-9FEz4Gq848LOgVN2OxJGYuQqxv7cIVw69VlAzWHEm3njt8mjvlTq+7UiFsGRo84+59V2FQuHxzA7vVjl90WfSg==} + /@sentry/core@7.77.0: + resolution: {integrity: sha512-Tj8oTYFZ/ZD+xW8IGIsU6gcFXD/gfE+FUxUaeSosd9KHwBQNOLhZSsYo/tTVf/rnQI/dQnsd4onPZLiL+27aTg==} engines: {node: '>=8'} dependencies: - '@sentry/types': 7.73.0 - '@sentry/utils': 7.73.0 - tslib: 2.6.0 + '@sentry/types': 7.77.0 + '@sentry/utils': 7.77.0 dev: false - /@sentry/integrations@7.73.0: - resolution: {integrity: sha512-IjVpn4d+aSL9L1Ntu/oAdRwujz4BzzavDsZf96Xgc/AjBnjAEUT+wT1dAwluThfuKDXmWOJHhZ2cHHMfqI+7vw==} + /@sentry/integrations@7.77.0: + resolution: {integrity: sha512-P055qXgBHeZNKnnVEs5eZYLdy6P49Zr77A1aWJuNih/EenzMy922GOeGy2mF6XYrn1YJSjEwsNMNsQkcvMTK8Q==} engines: {node: '>=8'} dependencies: - '@sentry/core': 7.73.0 - '@sentry/types': 7.73.0 - '@sentry/utils': 7.73.0 + '@sentry/core': 7.77.0 + '@sentry/types': 7.77.0 + '@sentry/utils': 7.77.0 localforage: 1.10.0 - tslib: 2.6.0 dev: false - /@sentry/nextjs@7.73.0(next@13.5.4)(react@18.2.0): - resolution: {integrity: sha512-WTTxb3xFFpQ9u8jLx2jXa5oJIlgQs3kQ7wjHoTVOuuk51kB3wtMvq546tA5Kmsgu5uInjznBe4f2qUFYdqiO9Q==} + /@sentry/nextjs@7.77.0(next@13.5.4)(react@18.2.0): + resolution: {integrity: sha512-8tYPBt5luFjrng1sAMJqNjM9sq80q0jbt6yariADU9hEr7Zk8YqFaOI2/Q6yn9dZ6XyytIRtLEo54kk2AO94xw==} engines: {node: '>=8'} peerDependencies: - next: ^10.0.8 || ^11.0 || ^12.0 || ^13.0 + next: ^10.0.8 || ^11.0 || ^12.0 || ^13.0 || ^14.0 react: 16.x || 17.x || 18.x webpack: '>= 4.0.0' peerDependenciesMeta: @@ -8270,85 +8266,80 @@ packages: optional: true dependencies: '@rollup/plugin-commonjs': 24.0.0(rollup@2.78.0) - '@sentry/core': 7.73.0 - '@sentry/integrations': 7.73.0 - '@sentry/node': 7.73.0 - '@sentry/react': 7.73.0(react@18.2.0) - '@sentry/types': 7.73.0 - '@sentry/utils': 7.73.0 - '@sentry/vercel-edge': 7.73.0 + '@sentry/core': 7.77.0 + '@sentry/integrations': 7.77.0 + '@sentry/node': 7.77.0 + '@sentry/react': 7.77.0(react@18.2.0) + '@sentry/types': 7.77.0 + '@sentry/utils': 7.77.0 + '@sentry/vercel-edge': 7.77.0 '@sentry/webpack-plugin': 1.20.0 chalk: 3.0.0 next: 13.5.4(@babel/core@7.22.9)(react-dom@18.2.0)(react@18.2.0) react: 18.2.0 + resolve: 1.22.8 rollup: 2.78.0 stacktrace-parser: 0.1.10 - tslib: 2.6.0 transitivePeerDependencies: - encoding - supports-color dev: false - /@sentry/node@7.73.0: - resolution: {integrity: sha512-i50bRfmgkRRx0XXUbg9jGD/RuznDJxJXc4rBILhoJuhl+BjRIaoXA3ayplfJn8JLZxsNh75uJaCq4IUK70SORw==} + /@sentry/node@7.77.0: + resolution: {integrity: sha512-Ob5tgaJOj0OYMwnocc6G/CDLWC7hXfVvKX/ofkF98+BbN/tQa5poL+OwgFn9BA8ud8xKzyGPxGU6LdZ8Oh3z/g==} engines: {node: '>=8'} dependencies: - '@sentry-internal/tracing': 7.73.0 - '@sentry/core': 7.73.0 - '@sentry/types': 7.73.0 - '@sentry/utils': 7.73.0 - cookie: 0.5.0 + '@sentry-internal/tracing': 7.77.0 + '@sentry/core': 7.77.0 + '@sentry/types': 7.77.0 + '@sentry/utils': 7.77.0 https-proxy-agent: 5.0.1 - lru_map: 0.3.3 - tslib: 2.6.0 transitivePeerDependencies: - supports-color dev: false - /@sentry/react@7.73.0(react@18.2.0): - resolution: {integrity: sha512-RCGlxW0Xp5vsC38LGxUO0Xf11LBzfg75VN+KS3D2FS5GXl0R0JwgUyPNVlod7YMCfwytsKGhfP+YpQvHGQAVwg==} + /@sentry/react@7.77.0(react@18.2.0): + resolution: {integrity: sha512-Q+htKzib5em0MdaQZMmPomaswaU3xhcVqmLi2CxqQypSjbYgBPPd+DuhrXKoWYLDDkkbY2uyfe4Lp3yLRWeXYw==} engines: {node: '>=8'} peerDependencies: react: 15.x || 16.x || 17.x || 18.x dependencies: - '@sentry/browser': 7.73.0 - '@sentry/types': 7.73.0 - '@sentry/utils': 7.73.0 + '@sentry/browser': 7.77.0 + '@sentry/types': 7.77.0 + '@sentry/utils': 7.77.0 hoist-non-react-statics: 3.3.2 react: 18.2.0 - tslib: 2.6.0 dev: false - /@sentry/replay@7.73.0: - resolution: {integrity: sha512-a8IC9SowBisLYD2IdLkXzx7gN4iVwHDJhQvLp2B8ARs1PyPjJ7gCxSMHeGrYp94V0gOXtorNYkrxvuX8ayPROA==} + /@sentry/replay@7.77.0: + resolution: {integrity: sha512-M9Ik2J5ekl+C1Och3wzLRZVaRGK33BlnBwfwf3qKjgLDwfKW+1YkwDfTHbc2b74RowkJbOVNcp4m8ptlehlSaQ==} engines: {node: '>=12'} dependencies: - '@sentry/core': 7.73.0 - '@sentry/types': 7.73.0 - '@sentry/utils': 7.73.0 + '@sentry-internal/tracing': 7.77.0 + '@sentry/core': 7.77.0 + '@sentry/types': 7.77.0 + '@sentry/utils': 7.77.0 dev: false - /@sentry/types@7.73.0: - resolution: {integrity: sha512-/v8++bly8jW7r4cP2wswYiiVpn7eLLcqwnfPUMeCQze4zj3F3nTRIKc9BGHzU0V+fhHa3RwRC2ksqTGq1oJMDg==} + /@sentry/types@7.77.0: + resolution: {integrity: sha512-nfb00XRJVi0QpDHg+JkqrmEBHsqBnxJu191Ded+Cs1OJ5oPXEW6F59LVcBScGvMqe+WEk1a73eH8XezwfgrTsA==} engines: {node: '>=8'} dev: false - /@sentry/utils@7.73.0: - resolution: {integrity: sha512-h3ZK/qpf4k76FhJV9uiSbvMz3V/0Ovy94C+5/9UgPMVCJXFmVsdw8n/dwANJ7LupVPfYP23xFGgebDMFlK1/2w==} + /@sentry/utils@7.77.0: + resolution: {integrity: sha512-NmM2kDOqVchrey3N5WSzdQoCsyDkQkiRxExPaNI2oKQ/jMWHs9yt0tSy7otPBcXs0AP59ihl75Bvm1tDRcsp5g==} engines: {node: '>=8'} dependencies: - '@sentry/types': 7.73.0 - tslib: 2.6.0 + '@sentry/types': 7.77.0 dev: false - /@sentry/vercel-edge@7.73.0: - resolution: {integrity: sha512-5EIJAuHG9w2OBrG76uH51Zlh4SMg3N8n29YiZgOtsBL0FU7AvBpxsIknECmmQOKPFrfCa0ycu2WSWgFXILCYGQ==} + /@sentry/vercel-edge@7.77.0: + resolution: {integrity: sha512-ffddPCgxVeAccPYuH5sooZeHBqDuJ9OIhIRYKoDi4TvmwAzWo58zzZWhRpkHqHgIQdQvhLVZ5F+FSQVWnYSOkw==} engines: {node: '>=8'} dependencies: - '@sentry/core': 7.73.0 - '@sentry/types': 7.73.0 - '@sentry/utils': 7.73.0 - tslib: 2.6.0 + '@sentry/core': 7.77.0 + '@sentry/types': 7.77.0 + '@sentry/utils': 7.77.0 dev: false /@sentry/webpack-plugin@1.20.0: @@ -17779,10 +17770,6 @@ packages: dependencies: yallist: 4.0.0 - /lru_map@0.3.3: - resolution: {integrity: sha512-Pn9cox5CsMYngeDbmChANltQl+5pi6XmTrraMSzhPmMBbmgcxmqWry0U3PGapCU1yB4/LqCcom7qhHZiF/jGfQ==} - dev: false - /magic-string@0.27.0: resolution: {integrity: sha512-8UnnX2PeRAPZuN12svgR9j7M1uWMovg/CEnIwIG0LFkXSJJe4PdfUGiTGl8V9bsBHFUtfVINcSyYxd7q+kx9fA==} engines: {node: '>=12'} @@ -21099,6 +21086,15 @@ packages: path-parse: 1.0.7 supports-preserve-symlinks-flag: 1.0.0 + /resolve@1.22.8: + resolution: {integrity: sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==} + hasBin: true + dependencies: + is-core-module: 2.13.0 + path-parse: 1.0.7 + supports-preserve-symlinks-flag: 1.0.0 + dev: false + /resolve@2.0.0-next.4: resolution: {integrity: sha512-iMDbmAWtfU+MHpxt/I5iWI7cY6YVEZUQ3MBgPQ++XD1PELuJHIl82xBmObyP2KyQmkNB2dsqF7seoQQiAn5yDQ==} hasBin: true