From bfa92d2ed302bc384c8c2cd4b1007876603a3043 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 7 Oct 2022 18:03:48 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-RAMDA-1582370 - https://snyk.io/vuln/SNYK-JS-SNYK-3037342 --- package-lock.json | 65 ++++++++++++++++++++++++++--------------------- package.json | 4 +-- 2 files changed, 38 insertions(+), 31 deletions(-) diff --git a/package-lock.json b/package-lock.json index 923e7be..029027e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -29,9 +29,9 @@ "on-headers": "^1.0.2", "optional": "^0.1.4", "pdf-parse": "^1.1.1", - "prepper": "^1.2.0", + "prepper": "^1.2.1", "ramda": "^0.27.0", - "snyk": "^1.425.4", + "snyk": "^1.996.0", "systemic": "^3.3.7", "systemic-domain-runner": "^1.1.0", "systemic-express": "^1.1.1" @@ -2296,6 +2296,7 @@ "resolved": "https://registry.npmjs.org/flat/-/flat-4.1.0.tgz", "integrity": "sha512-Px/TiLIznH7gEDlPXcUD4KnBusa6kR6ayRUVcnEAbreRIuhkqow/mun59BuRXwoYk7ZQOLW1ZM05ilIvK38hFw==", "deprecated": "Fixed a prototype pollution security issue in 4.1.0, please upgrade to ^4.1.1 or ^5.0.1.", + "dev": true, "dependencies": { "is-buffer": "~2.0.3" }, @@ -3229,6 +3230,7 @@ "version": "2.0.4", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-2.0.4.tgz", "integrity": "sha512-Kq1rokWXOPXWuaMAqZiJW4XxsmD9zGx9q4aePabbn3qCRGedtH7Cm+zV8WETitMfu1wdh+Rvd6w5egwSngUX2A==", + "dev": true, "engines": { "node": ">=4" } @@ -4695,22 +4697,25 @@ } }, "node_modules/prepper": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/prepper/-/prepper-1.2.0.tgz", - "integrity": "sha512-ciVYC1bkk8j966RBuX0zmcv79ezezX4d7i3shTvzqezVdE3TWp02mlgrJd6vSV6FqA96BNi6Z/dJLxBmckW6ZA==", + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/prepper/-/prepper-1.2.1.tgz", + "integrity": "sha512-ECpinBH31Q4NyY4nn++vSIFTIDq4d9d4DX7q7BdiJ3X+zjb6XZvY1UsnJ4cN0UX+udQoUvxKpqORzFrUxW7nTg==", "dependencies": { - "flat": "^4.1.0", - "lodash.merge": "^4.6.1", + "flat": "^5.0.2", + "lodash.merge": "^4.6.2", "lodash.set": "^4.3.2", - "ramda": "^0.25.0", + "ramda": "^0.27.2", "require-all": "^3.0.0", "uuid": "^3.3.2" } }, - "node_modules/prepper/node_modules/ramda": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/ramda/-/ramda-0.25.0.tgz", - "integrity": "sha512-GXpfrYVPwx3K7RQ6aYT8KPS8XViSXUVJT1ONhoKPE9VAleW42YE+U+8VEyGWt41EnEQW7gwecYJriTI0pKoecQ==" + "node_modules/prepper/node_modules/flat": { + "version": "5.0.2", + "resolved": "https://registry.npmjs.org/flat/-/flat-5.0.2.tgz", + "integrity": "sha512-b6suED+5/3rTpUBdG1gupIl8MPFCAMA0QXwmljLhvCUKcUvdE4gWky9zpuGCcXHOsz4J9wPGNWq6OKpmIzz3hQ==", + "bin": { + "flat": "cli.js" + } }, "node_modules/process-nextick-args": { "version": "2.0.1", @@ -5335,9 +5340,9 @@ } }, "node_modules/snyk": { - "version": "1.974.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.974.0.tgz", - "integrity": "sha512-LOeQuMxFnA2KDjZCrGL5nNEZfE2twdfEs64cO3OTEOXsTyMzO3pV/8GVrkAvoOGF9KHeICNpZkQSKK0G8JV9wA==", + "version": "1.996.0", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.996.0.tgz", + "integrity": "sha512-nq//Ely0bSt50LzX9Er5lCQNqTpaKn7I7xkhUB3Z+8rs8Jqha360HeQwhbVzsuQS3xT/1+36zt6CcgyLPM1QbA==", "bin": { "snyk": "bin/snyk" }, @@ -8047,6 +8052,7 @@ "version": "4.1.0", "resolved": "https://registry.npmjs.org/flat/-/flat-4.1.0.tgz", "integrity": "sha512-Px/TiLIznH7gEDlPXcUD4KnBusa6kR6ayRUVcnEAbreRIuhkqow/mun59BuRXwoYk7ZQOLW1ZM05ilIvK38hFw==", + "dev": true, "requires": { "is-buffer": "~2.0.3" } @@ -8765,7 +8771,8 @@ "is-buffer": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-2.0.4.tgz", - "integrity": "sha512-Kq1rokWXOPXWuaMAqZiJW4XxsmD9zGx9q4aePabbn3qCRGedtH7Cm+zV8WETitMfu1wdh+Rvd6w5egwSngUX2A==" + "integrity": "sha512-Kq1rokWXOPXWuaMAqZiJW4XxsmD9zGx9q4aePabbn3qCRGedtH7Cm+zV8WETitMfu1wdh+Rvd6w5egwSngUX2A==", + "dev": true }, "is-callable": { "version": "1.1.5", @@ -9923,22 +9930,22 @@ "dev": true }, "prepper": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/prepper/-/prepper-1.2.0.tgz", - "integrity": "sha512-ciVYC1bkk8j966RBuX0zmcv79ezezX4d7i3shTvzqezVdE3TWp02mlgrJd6vSV6FqA96BNi6Z/dJLxBmckW6ZA==", + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/prepper/-/prepper-1.2.1.tgz", + "integrity": "sha512-ECpinBH31Q4NyY4nn++vSIFTIDq4d9d4DX7q7BdiJ3X+zjb6XZvY1UsnJ4cN0UX+udQoUvxKpqORzFrUxW7nTg==", "requires": { - "flat": "^4.1.0", - "lodash.merge": "^4.6.1", + "flat": "^5.0.2", + "lodash.merge": "^4.6.2", "lodash.set": "^4.3.2", - "ramda": "^0.25.0", + "ramda": "^0.27.2", "require-all": "^3.0.0", "uuid": "^3.3.2" }, "dependencies": { - "ramda": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/ramda/-/ramda-0.25.0.tgz", - "integrity": "sha512-GXpfrYVPwx3K7RQ6aYT8KPS8XViSXUVJT1ONhoKPE9VAleW42YE+U+8VEyGWt41EnEQW7gwecYJriTI0pKoecQ==" + "flat": { + "version": "5.0.2", + "resolved": "https://registry.npmjs.org/flat/-/flat-5.0.2.tgz", + "integrity": "sha512-b6suED+5/3rTpUBdG1gupIl8MPFCAMA0QXwmljLhvCUKcUvdE4gWky9zpuGCcXHOsz4J9wPGNWq6OKpmIzz3hQ==" } } }, @@ -10454,9 +10461,9 @@ } }, "snyk": { - "version": "1.974.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.974.0.tgz", - "integrity": "sha512-LOeQuMxFnA2KDjZCrGL5nNEZfE2twdfEs64cO3OTEOXsTyMzO3pV/8GVrkAvoOGF9KHeICNpZkQSKK0G8JV9wA==" + "version": "1.996.0", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.996.0.tgz", + "integrity": "sha512-nq//Ely0bSt50LzX9Er5lCQNqTpaKn7I7xkhUB3Z+8rs8Jqha360HeQwhbVzsuQS3xT/1+36zt6CcgyLPM1QbA==" }, "sparse-bitfield": { "version": "3.0.3", diff --git a/package.json b/package.json index fe03c11..1ef90c7 100644 --- a/package.json +++ b/package.json @@ -52,9 +52,9 @@ "on-headers": "^1.0.2", "optional": "^0.1.4", "pdf-parse": "^1.1.1", - "prepper": "^1.2.0", + "prepper": "^1.2.1", "ramda": "^0.27.0", - "snyk": "^1.425.4", + "snyk": "^1.996.0", "systemic": "^3.3.7", "systemic-domain-runner": "^1.1.0", "systemic-express": "^1.1.1"