From d4c8b48c4cd072f59c9f64eeb323b5c12bd2e978 Mon Sep 17 00:00:00 2001 From: Fara Woolf Date: Tue, 17 Sep 2024 10:23:07 -0400 Subject: [PATCH] fix: security audit failures --- package.json | 2 ++ pnpm-lock.yaml | 48 +++++++++++++++++++++++++----------------------- 2 files changed, 27 insertions(+), 23 deletions(-) diff --git a/package.json b/package.json index f209c512a7..e112d2b2cb 100644 --- a/package.json +++ b/package.json @@ -361,7 +361,9 @@ }, "resolutions": { "axios": "1.7.4", + "body-parser": "1.20.3", "braces": "3.0.3", + "dset": "3.1.4", "fast-xml-parser": "4.4.1", "nanoid": "3.3.4", "socket.io-parser": "4.2.4", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index f4ea865ecf..5366f0b440 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -6,7 +6,9 @@ settings: overrides: axios: 1.7.4 + body-parser: 1.20.3 braces: 3.0.3 + dset: 3.1.4 fast-xml-parser: 4.4.1 nanoid: 3.3.4 socket.io-parser: 4.2.4 @@ -671,10 +673,10 @@ importers: version: 1.1.2 web-ext: specifier: 7.8.0 - version: 7.8.0(body-parser@1.20.2) + version: 7.8.0(body-parser@1.20.3) web-ext-submit: specifier: 7.8.0 - version: 7.8.0(body-parser@1.20.2) + version: 7.8.0(body-parser@1.20.3) webpack: specifier: 5.94.0 version: 5.94.0(@swc/core@1.7.18)(esbuild@0.23.1)(webpack-cli@5.1.4(webpack-bundle-analyzer@4.10.2)(webpack-dev-server@4.15.1)(webpack@5.94.0)) @@ -6655,7 +6657,7 @@ packages: addons-scanner-utils@9.3.0: resolution: {integrity: sha512-YZWzNpP+em650XlZNH7NbTUcHJXqC0ihLEgwn17GGTqervyChqQffd9sm/QXNur0dmj7Ks1mD77iTg9XcJw64A==} peerDependencies: - body-parser: 1.20.2 + body-parser: 1.20.3 express: 4.18.2 node-fetch: 2.6.11 safe-compare: 1.1.4 @@ -7139,8 +7141,8 @@ packages: bn.js@5.2.1: resolution: {integrity: sha512-eXRvHzWyYPBuB4NBy0cmYQjGitUrtqwbvlzP3G6VFnNRbsZQIxQ10PbKKHt8gZ/HW/D/747aDl+QkDqg3KQLMQ==} - body-parser@1.20.2: - resolution: {integrity: sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==} + body-parser@1.20.3: + resolution: {integrity: sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==} engines: {node: '>= 0.8', npm: 1.2.8000 || >= 1.4.16} bonjour-service@1.2.1: @@ -8482,8 +8484,8 @@ packages: resolution: {integrity: sha512-IrPdXQsk2BbzvCBGBOTmmSH5SodmqZNt4ERAZDmW4CT+tL8VtvinqywuANaFu4bOMWki16nqf0e4oC0QIaDr/g==} engines: {node: '>=10'} - dset@3.1.3: - resolution: {integrity: sha512-20TuZZHCEZ2O71q9/+8BwKwZ0QtD9D8ObhrihJPr+vLLYlSuAU3/zL4cSlgbfeoGHTjCSJBa7NGcrF9/Bx/WJQ==} + dset@3.1.4: + resolution: {integrity: sha512-2QF/g9/zTaPDc3BjNcVTGoBbXBgYfMTTceLaYcFJ/W9kggFUkhxD/hMEeuLKbugyef9SqAx8cpgwlIP/jinUTA==} engines: {node: '>=4'} dtrace-provider@0.8.8: @@ -20096,7 +20098,7 @@ snapshots: '@emotion/react': 11.13.3(@types/react@18.3.3)(react@18.3.1) '@redux-devtools/app': 6.1.0(@emotion/react@11.13.3(@types/react@18.3.3)(react@18.3.1))(@reduxjs/toolkit@2.2.3(react-redux@9.1.0(@types/react@18.3.3)(react-native@0.74.1(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(@types/react@18.3.3)(encoding@0.1.13)(react@18.2.0))(react@18.3.1)(redux@5.0.1))(react@18.3.1))(@types/react-dom@18.3.0)(@types/react@18.3.3)(@types/styled-components@5.1.34)(react-dom@18.3.1(react@18.3.1))(react-native@0.74.1(@babel/core@7.25.2)(@babel/preset-env@7.25.4(@babel/core@7.25.2))(@types/react@18.3.3)(encoding@0.1.13)(react@18.2.0))(react@18.3.1)(styled-components@5.3.11(@babel/core@7.25.2)(react-dom@18.3.1(react@18.3.1))(react-is@18.3.1)(react@18.3.1)) '@types/react': 18.3.3 - body-parser: 1.20.2 + body-parser: 1.20.3 chalk: 5.3.0 cors: 2.8.5 cross-spawn: 7.0.3 @@ -20477,7 +20479,7 @@ snapshots: dependencies: '@lukeed/uuid': 2.0.1 '@segment/analytics-generic-utils': 1.2.0 - dset: 3.1.3 + dset: 3.1.4 tslib: 2.7.0 '@segment/analytics-generic-utils@1.2.0': @@ -20492,7 +20494,7 @@ snapshots: '@segment/analytics.js-video-plugins': 0.2.1 '@segment/facade': 3.4.10 '@segment/tsub': 2.0.0 - dset: 3.1.3 + dset: 3.1.4 js-cookie: 3.0.1 node-fetch: 2.7.0(encoding@0.1.13) tslib: 2.7.0 @@ -20527,7 +20529,7 @@ snapshots: dependencies: '@stdlib/math-base-special-ldexp': 0.0.5 dlv: 1.1.3 - dset: 3.1.3 + dset: 3.1.4 tiny-hashes: 1.0.1 transitivePeerDependencies: - supports-color @@ -23462,12 +23464,12 @@ snapshots: acorn@8.12.1: {} - addons-linter@6.13.0(body-parser@1.20.2)(node-fetch@3.3.1): + addons-linter@6.13.0(body-parser@1.20.3)(node-fetch@3.3.1): dependencies: '@fluent/syntax': 0.19.0 '@mdn/browser-compat-data': 5.3.14 addons-moz-compare: 1.3.0 - addons-scanner-utils: 9.3.0(body-parser@1.20.2)(node-fetch@3.3.1) + addons-scanner-utils: 9.3.0(body-parser@1.20.3)(node-fetch@3.3.1) ajv: 8.12.0 chalk: 4.1.2 cheerio: 1.0.0-rc.12 @@ -23505,7 +23507,7 @@ snapshots: addons-moz-compare@1.3.0: {} - addons-scanner-utils@9.3.0(body-parser@1.20.2)(node-fetch@3.3.1): + addons-scanner-utils@9.3.0(body-parser@1.20.3)(node-fetch@3.3.1): dependencies: '@types/yauzl': 2.10.0 common-tags: 1.8.2 @@ -23514,7 +23516,7 @@ snapshots: upath: 2.0.1 yauzl: 2.10.0 optionalDependencies: - body-parser: 1.20.2 + body-parser: 1.20.3 node-fetch: 3.3.1 address@1.2.2: {} @@ -24044,7 +24046,7 @@ snapshots: bn.js@5.2.1: {} - body-parser@1.20.2: + body-parser@1.20.3: dependencies: bytes: 3.1.2 content-type: 1.0.5 @@ -24054,7 +24056,7 @@ snapshots: http-errors: 2.0.0 iconv-lite: 0.4.24 on-finished: 2.4.1 - qs: 6.11.0 + qs: 6.13.0 raw-body: 2.5.2 type-is: 1.6.18 unpipe: 1.0.0 @@ -25569,7 +25571,7 @@ snapshots: dotenv@8.6.0: {} - dset@3.1.3: {} + dset@3.1.4: {} dtrace-provider@0.8.8: dependencies: @@ -26327,7 +26329,7 @@ snapshots: dependencies: accepts: 1.3.8 array-flatten: 1.1.1 - body-parser: 1.20.2 + body-parser: 1.20.3 content-disposition: 0.5.4 content-type: 1.0.5 cookie: 0.6.0 @@ -33401,9 +33403,9 @@ snapshots: dependencies: defaults: 1.0.4 - web-ext-submit@7.8.0(body-parser@1.20.2): + web-ext-submit@7.8.0(body-parser@1.20.3): dependencies: - web-ext: 7.8.0(body-parser@1.20.2) + web-ext: 7.8.0(body-parser@1.20.3) transitivePeerDependencies: - body-parser - bufferutil @@ -33412,11 +33414,11 @@ snapshots: - supports-color - utf-8-validate - web-ext@7.8.0(body-parser@1.20.2): + web-ext@7.8.0(body-parser@1.20.3): dependencies: '@babel/runtime': 7.21.0 '@devicefarmer/adbkit': 3.2.3 - addons-linter: 6.13.0(body-parser@1.20.2)(node-fetch@3.3.1) + addons-linter: 6.13.0(body-parser@1.20.3)(node-fetch@3.3.1) bunyan: 1.8.15 camelcase: 7.0.1 chrome-launcher: 0.15.1