From 5929268ffd774e05a69a5b5aa40a7520a4a4a8f0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 6 Sep 2024 08:15:10 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ASYNC-2441827 - https://snyk.io/vuln/SNYK-JS-LODASH-1040724 - https://snyk.io/vuln/SNYK-JS-LODASH-1018905 --- package-lock.json | 146 ++++++++++++++++++++++------------------------ package.json | 2 +- 2 files changed, 70 insertions(+), 78 deletions(-) diff --git a/package-lock.json b/package-lock.json index f697fb5..a456877 100644 --- a/package-lock.json +++ b/package-lock.json @@ -386,23 +386,10 @@ "eslint-visitor-keys": "^1.1.0" } }, - "CSSselect": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/CSSselect/-/CSSselect-0.7.0.tgz", - "integrity": "sha1-5AVMZ7RnRl88lQDA2gqnh4xLq9I=", - "dev": true, - "requires": { - "CSSwhat": "0.4", - "boolbase": "~1.0.0", - "domutils": "1.4", - "nth-check": "~1.0.0" - } - }, - "CSSwhat": { - "version": "0.4.7", - "resolved": "https://registry.npmjs.org/CSSwhat/-/CSSwhat-0.4.7.tgz", - "integrity": "sha1-hn2g/zn3eGEyQsRM/qg/CqTr35s=", - "dev": true + "@xmldom/xmldom": { + "version": "0.7.13", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.7.13.tgz", + "integrity": "sha512-lm2GW5PkosIzccsaZIz7tp8cPADSIlIHWDFTR1N0SzfinhhYgeIQjFMz4rYzanCScr3DqQLeomUDArp6MWKm+g==" }, "accepts": { "version": "1.0.3", @@ -1166,6 +1153,24 @@ } } }, + "CSSselect": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/CSSselect/-/CSSselect-0.7.0.tgz", + "integrity": "sha1-5AVMZ7RnRl88lQDA2gqnh4xLq9I=", + "dev": true, + "requires": { + "boolbase": "~1.0.0", + "CSSwhat": "0.4", + "domutils": "1.4", + "nth-check": "~1.0.0" + } + }, + "CSSwhat": { + "version": "0.4.7", + "resolved": "https://registry.npmjs.org/CSSwhat/-/CSSwhat-0.4.7.tgz", + "integrity": "sha1-hn2g/zn3eGEyQsRM/qg/CqTr35s=", + "dev": true + }, "csurf": { "version": "1.2.2", "resolved": "https://registry.npmjs.org/csurf/-/csurf-1.2.2.tgz", @@ -3056,7 +3061,8 @@ "lodash": { "version": "4.17.20", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz", - "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==" + "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==", + "dev": true }, "lodash.flattendeep": { "version": "4.4.0", @@ -3261,9 +3267,9 @@ "dev": true }, "node-forge": { - "version": "0.7.6", - "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.7.6.tgz", - "integrity": "sha512-sol30LUpz1jQFBjOKwbjxijiE3b6pjd74YwfD0fJOKPjF+fONKb2Yg8rYgS6+bK6VDl+/wfr4IYpC7jDzLUIfw==" + "version": "0.10.0", + "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.10.0.tgz", + "integrity": "sha512-PPmu8eEeG9saEUvI97fm4OYxXVB6bFvyNTyiUOBichBpFG8A1Ljw3bY62+5oOjDEMHRnd0Y7HQ+x7uzxOzC6JA==" }, "node-preload": { "version": "0.2.1", @@ -3944,40 +3950,45 @@ "dev": true }, "saml": { - "version": "0.14.0", - "resolved": "https://registry.npmjs.org/saml/-/saml-0.14.0.tgz", - "integrity": "sha512-3071zwAK6PI3czQEd0lGt5P7SqI+tU1GeKuJqARRoib+8AsbGoO1Nq9f0WuMx3e59K+GtFYFhGp4i4zvqjwKDQ==", + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/saml/-/saml-1.0.0.tgz", + "integrity": "sha512-Fxoc37EK+XK5vc1Tb2n7ut7906oT2PfL95ppbU5RWnCJ1QI5wZ0Ae7HUd/MbiuLhGVgs5i7DrGbJ2azEybf96A==", "requires": { "async": "~0.2.9", "moment": "2.19.3", "valid-url": "~1.0.9", - "xml-crypto": "~1.0.1", - "xml-encryption": "0.11.2", + "xml-crypto": "2.0.0", + "xml-encryption": "^1.2.1", "xml-name-validator": "~2.0.1", - "xmldom": "=0.1.15", + "xmldom": "0.1.17", "xpath": "0.0.5" }, "dependencies": { "xml-crypto": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/xml-crypto/-/xml-crypto-1.0.2.tgz", - "integrity": "sha512-bDQkgu1yuwl+QoJbi4GBP9MWxpmYkXc8a9iSHbZ7lKqcxzGlDqMRugcl7qK7TsMI0ydU66GG8/eLNvRUk5T2fw==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/xml-crypto/-/xml-crypto-2.0.0.tgz", + "integrity": "sha512-/a04qr7RpONRZHOxROZ6iIHItdsQQjN3sj8lJkYDDss8tAkEaAs0VrFjb3tlhmS5snQru5lTs9/5ISSMdPDHlg==", "requires": { "xmldom": "0.1.27", - "xpath.js": ">=0.0.3" + "xpath": "0.0.27" }, "dependencies": { "xmldom": { "version": "0.1.27", "resolved": "https://registry.npmjs.org/xmldom/-/xmldom-0.1.27.tgz", - "integrity": "sha1-1QH5ezvbQDr4757MIFcxh6rawOk=" + "integrity": "sha512-7WpJBYwyhvsddFJA51SOIU0Be9W44sbGGjc6Z3ly8Wx/Wl7nriMPZ5xf6Np9ASlJ6gACfXcTLukm4DtX372lFw==" + }, + "xpath": { + "version": "0.0.27", + "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.27.tgz", + "integrity": "sha512-fg03WRxtkCV6ohClePNAECYsmpKKTv5L8y/X3Dn1hQrec3POx2jHZ/0P2qQ6HvsrU1BmeqXcof3NGGueG6LxwQ==" } } }, "xmldom": { - "version": "0.1.15", - "resolved": "https://registry.npmjs.org/xmldom/-/xmldom-0.1.15.tgz", - "integrity": "sha1-swSAYvG91S7cQhQkRZ8G3O6y+U0=" + "version": "0.1.17", + "resolved": "https://registry.npmjs.org/xmldom/-/xmldom-0.1.17.tgz", + "integrity": "sha512-VJaHhi9Pv8rWlA0GpTdGQlHTDaHfC6LvZwBM6/8uOOpofT5Fyd7WNEW1ejvU+fTBTGogYs9CO+7DTZYUrb+Bxw==" }, "xpath": { "version": "0.0.5", @@ -4206,6 +4217,12 @@ "readable-stream": "~1.1.8" } }, + "string_decoder": { + "version": "0.10.31", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz", + "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=", + "dev": true + }, "string-width": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.0.tgz", @@ -4237,12 +4254,6 @@ "es-abstract": "^1.17.5" } }, - "string_decoder": { - "version": "0.10.31", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz", - "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=", - "dev": true - }, "strip-ansi": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", @@ -4746,39 +4757,25 @@ } }, "xml-encryption": { - "version": "0.11.2", - "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-0.11.2.tgz", - "integrity": "sha512-jVvES7i5ovdO7N+NjgncA326xYKjhqeAnnvIgRnY7ROLCfFqEDLwP0Sxp/30SHG0AXQV1048T5yinOFyvwGFzg==", - "requires": { - "async": "^2.1.5", - "ejs": "^2.5.6", - "node-forge": "^0.7.0", - "xmldom": "~0.1.15", - "xpath": "0.0.27" + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-1.3.0.tgz", + "integrity": "sha512-3P8C4egMMxSR1BmsRM+fG16a3WzOuUEQKS2U4c3AZ5v7OseIfdUeVkD8dwxIhuLryFZSRWUL5OP6oqkgU7hguA==", + "requires": { + "@xmldom/xmldom": "^0.7.0", + "escape-html": "^1.0.3", + "node-forge": "^0.10.0", + "xpath": "0.0.32" }, "dependencies": { - "async": { - "version": "2.6.3", - "resolved": "https://registry.npmjs.org/async/-/async-2.6.3.tgz", - "integrity": "sha512-zflvls11DCy+dQWzTW2dzuilv8Z5X/pjfmZOWba6TNIVDm+2UDaJmXSOXlasHKfNBs8oo3M0aT50fDEWfKZjXg==", - "requires": { - "lodash": "^4.17.14" - } - }, - "ejs": { - "version": "2.7.4", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-2.7.4.tgz", - "integrity": "sha512-7vmuyh5+kuUyJKePhQfRQBhXV5Ce+RnaeeQArKu1EAMpL3WbgMt5WG6uQZpEVvYSSsxMXRKOewtDk9RaTKXRlA==" - }, - "xmldom": { - "version": "0.1.31", - "resolved": "https://registry.npmjs.org/xmldom/-/xmldom-0.1.31.tgz", - "integrity": "sha512-yS2uJflVQs6n+CyjHoaBmVSqIDevTAWrzMmjG1Gc7h1qQ7uVozNhEPJAwZXWyGQ/Gafo3fCwrcaokezLPupVyQ==" + "escape-html": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", + "integrity": "sha512-NiSupZ4OeuGwr68lGIeym/ksIZMJodUGOSCZ/FSnTxcrekbvqrgdUxlJOMpijaKZVjAJrWrGs/6Jy8OMuyj9ow==" }, "xpath": { - "version": "0.0.27", - "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.27.tgz", - "integrity": "sha512-fg03WRxtkCV6ohClePNAECYsmpKKTv5L8y/X3Dn1hQrec3POx2jHZ/0P2qQ6HvsrU1BmeqXcof3NGGueG6LxwQ==" + "version": "0.0.32", + "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.32.tgz", + "integrity": "sha512-rxMJhSIoiO8vXcWvSifKqhvV96GjiD5wYb8/QHdoRyQvraTpp4IEv944nhGausZZ3u7dhQXteZuZbaqfpB7uYw==" } } }, @@ -4788,19 +4785,14 @@ "integrity": "sha1-TYuPHszTQZqjYgYb7O9RXh5VljU=" }, "xmldom": { - "version": "github:auth0/xmldom#3376bc7beb5551bf68e12b0cc6b0e3669f77d392", - "from": "github:auth0/xmldom#v0.1.19-auth0_1" + "version": "git+ssh://git@github.com/auth0/xmldom.git#3376bc7beb5551bf68e12b0cc6b0e3669f77d392", + "from": "xmldom@auth0/xmldom#v0.1.19-auth0_1" }, "xpath": { "version": "0.0.27", "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.27.tgz", "integrity": "sha512-fg03WRxtkCV6ohClePNAECYsmpKKTv5L8y/X3Dn1hQrec3POx2jHZ/0P2qQ6HvsrU1BmeqXcof3NGGueG6LxwQ==" }, - "xpath.js": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/xpath.js/-/xpath.js-1.1.0.tgz", - "integrity": "sha512-jg+qkfS4K8E7965sqaUl8mRngXiKb3WZGfONgE18pr03FUQiuSV6G+Ej4tS55B+rIQSFEIw3phdVAQ4pPqNWfQ==" - }, "xtend": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz", diff --git a/package.json b/package.json index 8f06bc8..8b34796 100644 --- a/package.json +++ b/package.json @@ -25,7 +25,7 @@ "ejs": "3.1.5", "flowstate": "0.4.1", "querystring": "0.2.0", - "saml": "0.14.0", + "saml": "1.0.0", "xml-crypto": "1.5.3", "xmldom": "auth0/xmldom#v0.1.19-auth0_1", "xpath": "0.0.27",