From bb99a2a30b09d6f8c9428d9295df838a462c5baf Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 10 Dec 2020 21:16:56 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://dev.snyk.io/vuln/SNYK-JS-INI-1048974 --- package-lock.json | 55 ++++++++++++++++++++++------------------------- package.json | 2 +- 2 files changed, 27 insertions(+), 30 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2784b7e4f6a..666e5058a4f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1244,13 +1244,6 @@ "requires": { "ini": "^1.3.4", "proto-list": "~1.2.1" - }, - "dependencies": { - "ini": { - "version": "1.3.5", - "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.5.tgz", - "integrity": "sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw==" - } } }, "configstore": { @@ -2738,9 +2731,9 @@ "integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=" }, "ini": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/ini/-/ini-1.1.0.tgz", - "integrity": "sha1-ToCMLOFExsF4iRjgNNZ5e8bPYoE=" + "version": "1.3.7", + "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.7.tgz", + "integrity": "sha512-iKpRpXP+CrP2jyrxvg1kMUpXDyRUFDWurxbnVT1vQPx+Wz9uCYsMIqYuSBLV+PAaZG/d7kRLKRFc9oDMsH+mFQ==" }, "inline-source-map": { "version": "0.6.2", @@ -3835,34 +3828,33 @@ } }, "npmconf": { - "version": "0.0.24", - "resolved": "https://registry.npmjs.org/npmconf/-/npmconf-0.0.24.tgz", - "integrity": "sha1-t4h1sIjMw8Cvo+zrPOMkSxtSOQw=", + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/npmconf/-/npmconf-1.0.1.tgz", + "integrity": "sha1-NQPRLGWFOVsNg3jXbi1KJFOiMyg=", "requires": { - "config-chain": "~1.1.1", - "inherits": "~1.0.0", - "ini": "~1.1.0", + "config-chain": "~1.1.8", + "inherits": "~2.0.0", + "ini": "^1.2.0", "mkdirp": "~0.3.3", "nopt": "2", - "once": "~1.1.1", + "once": "~1.3.0", "osenv": "0.0.3", - "semver": "~1.1.0" + "semver": "2", + "uid-number": "0.0.5" }, "dependencies": { - "inherits": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-1.0.2.tgz", - "integrity": "sha1-ykMJ2t7mtUzAuNJH6NfHoJdb3Js=" - }, "once": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/once/-/once-1.1.1.tgz", - "integrity": "sha1-nbV0kzzLCMOnYU0VQDLAnqbzOec=" + "version": "1.3.3", + "resolved": "https://registry.npmjs.org/once/-/once-1.3.3.tgz", + "integrity": "sha1-suJhVXzkwxTsgwTz+oJmPkKXyiA=", + "requires": { + "wrappy": "1" + } }, "semver": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-1.1.4.tgz", - "integrity": "sha1-LlpOcrqwNHLMl/cnU7RQiRLvVUA=" + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/semver/-/semver-2.3.2.tgz", + "integrity": "sha1-uYSPJdbPNjMwc+ye+IVtQvEjPlI=" } } }, @@ -8798,6 +8790,11 @@ } } }, + "uid-number": { + "version": "0.0.5", + "resolved": "https://registry.npmjs.org/uid-number/-/uid-number-0.0.5.tgz", + "integrity": "sha1-Wj2yPvXb1VuB/ODsmirG/M3ruB4=" + }, "umd": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/umd/-/umd-3.0.3.tgz", diff --git a/package.json b/package.json index da13bc85d2f..a2d239e0995 100644 --- a/package.json +++ b/package.json @@ -38,7 +38,7 @@ "morgan": "latest", "ms": "^0.7.1", "mysql": "^2.18.1", - "npmconf": "0.0.24", + "npmconf": "1.0.1", "optional": "^0.1.3", "st": "0.2.4", "stream-buffers": "^3.0.1",