From 7eacdc7c8c52971a5ae24cea9d37aad657431ebd Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 28 Nov 2023 16:14:11 +0000 Subject: [PATCH] fix: packages/api/package.json & packages/api/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASHSET-1320032 --- packages/api/package-lock.json | 139 ++++++++++++++++----------------- packages/api/package.json | 2 +- 2 files changed, 68 insertions(+), 73 deletions(-) diff --git a/packages/api/package-lock.json b/packages/api/package-lock.json index 7923d54..bc74441 100644 --- a/packages/api/package-lock.json +++ b/packages/api/package-lock.json @@ -4,16 +4,6 @@ "lockfileVersion": 1, "requires": true, "dependencies": { - "2-thenable": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/2-thenable/-/2-thenable-1.0.0.tgz", - "integrity": "sha512-HqiDzaLDFCXkcCO/SwoyhRwqYtINFHF7t9BDRq4x90TOKNAJpiqUt9X5lQ08bwxYzc067HUywDjGySpebHcUpw==", - "dev": true, - "requires": { - "d": "1", - "es5-ext": "^0.10.47" - } - }, "@ampproject/remapping": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.1.2.tgz", @@ -5564,21 +5554,6 @@ "integrity": "sha512-Vsyi9ogDAY3REZDjYnXMRJJa62SDvxHXxJI5nGDQdZW058dDE+av/anynN2rLKbCKXDRNw3D/sQmqxVflZFi4A==", "dev": true }, - "@types/babel-generator": { - "version": "6.25.5", - "resolved": "https://registry.npmjs.org/@types/babel-generator/-/babel-generator-6.25.5.tgz", - "integrity": "sha512-lhbwMlAy5rfWG+R6l8aPtJdEFX/kcv6LMFIuvUb0i89ehqgD24je9YcB+0fRspQhgJGlEsUImxpw4pQeKS/+8Q==", - "dev": true, - "requires": { - "@types/babel-types": "*" - } - }, - "@types/babel-types": { - "version": "7.0.11", - "resolved": "https://registry.npmjs.org/@types/babel-types/-/babel-types-7.0.11.tgz", - "integrity": "sha512-pkPtJUUY+Vwv6B1inAz55rQvivClHJxc9aVEPPmaq2cbyeMLCiDpbKpcKyX4LAwpNGi+SHBv0tHv6+0gXv0P2A==", - "dev": true - }, "@types/babel__core": { "version": "7.1.19", "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.19.tgz", @@ -5620,6 +5595,21 @@ "@babel/types": "^7.3.0" } }, + "@types/babel-generator": { + "version": "6.25.5", + "resolved": "https://registry.npmjs.org/@types/babel-generator/-/babel-generator-6.25.5.tgz", + "integrity": "sha512-lhbwMlAy5rfWG+R6l8aPtJdEFX/kcv6LMFIuvUb0i89ehqgD24je9YcB+0fRspQhgJGlEsUImxpw4pQeKS/+8Q==", + "dev": true, + "requires": { + "@types/babel-types": "*" + } + }, + "@types/babel-types": { + "version": "7.0.11", + "resolved": "https://registry.npmjs.org/@types/babel-types/-/babel-types-7.0.11.tgz", + "integrity": "sha512-pkPtJUUY+Vwv6B1inAz55rQvivClHJxc9aVEPPmaq2cbyeMLCiDpbKpcKyX4LAwpNGi+SHBv0tHv6+0gXv0P2A==", + "dev": true + }, "@types/babylon": { "version": "6.16.6", "resolved": "https://registry.npmjs.org/@types/babylon/-/babylon-6.16.6.tgz", @@ -6135,6 +6125,16 @@ "integrity": "sha512-NuHqBY1PB/D8xU6s/thBgOAiAP7HOYDQ32+BFZILJ8ivkUkAHQnWfn6WhL79Owj1qmUnoN/YPhktdIoucipkAQ==", "dev": true }, + "2-thenable": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/2-thenable/-/2-thenable-1.0.0.tgz", + "integrity": "sha512-HqiDzaLDFCXkcCO/SwoyhRwqYtINFHF7t9BDRq4x90TOKNAJpiqUt9X5lQ08bwxYzc067HUywDjGySpebHcUpw==", + "dev": true, + "requires": { + "d": "1", + "es5-ext": "^0.10.47" + } + }, "abab": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/abab/-/abab-1.0.4.tgz", @@ -7311,9 +7311,9 @@ "integrity": "sha512-DMD0KiN46eipeziST1LPP/STfDU0sufISXmjSgvVsoU2tqxctQeASejWcfNtxYKqETM1UxQ8sp2OrSBWpHY6sw==" }, "aws-amplify-serverless-plugin": { - "version": "github:DaySmart/aws-amplify-serverless-plugin#0d84c2ab4f262311bcaa9b3937c35fe89bbb11c6", - "from": "github:DaySmart/aws-amplify-serverless-plugin", + "version": "git+ssh://git@github.com/DaySmart/aws-amplify-serverless-plugin.git#0d84c2ab4f262311bcaa9b3937c35fe89bbb11c6", "dev": true, + "from": "aws-amplify-serverless-plugin@DaySmart/aws-amplify-serverless-plugin", "requires": { "amplify-graphql-docs-generator": "^0.1.29", "aws-appsync-codegen": "^0.17.5", @@ -17320,7 +17320,8 @@ "lodash.get": { "version": "4.4.2", "resolved": "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz", - "integrity": "sha1-LRd/ZS+jHpObRDjVNBSZ36OCXpk=" + "integrity": "sha1-LRd/ZS+jHpObRDjVNBSZ36OCXpk=", + "dev": true }, "lodash.isplainobject": { "version": "4.0.6", @@ -17334,11 +17335,6 @@ "integrity": "sha1-vMbEmkKihA7Zl/Mj6tpezRguC/4=", "dev": true }, - "lodash.set": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz", - "integrity": "sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM=" - }, "lodash.sortby": { "version": "4.7.0", "resolved": "https://registry.npmjs.org/lodash.sortby/-/lodash.sortby-4.7.0.tgz", @@ -17503,12 +17499,11 @@ } }, "maskdata": { - "version": "1.1.6", - "resolved": "https://registry.npmjs.org/maskdata/-/maskdata-1.1.6.tgz", - "integrity": "sha512-37GD3UH4jJxOjVLlX6isbnvpVjSsyz2RwLqcq3uBQ8lZFJw4hn3nnN8QLELjsR1m+msrNWqv9YoV7iOTEUwkpA==", + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/maskdata/-/maskdata-1.1.7.tgz", + "integrity": "sha512-USeg3vfBhimJV4ct2hUyEHU0OcH5jvPh4zwrC5cewNHe08Ug2lCT7rMU+ElMw3DW9aAE0XTFMK7dKbzapiwEbw==", "requires": { - "lodash.get": "^4.4.2", - "lodash.set": "^4.3.2" + "lodash": "^4.17.21" } }, "math-random": { @@ -18015,7 +18010,6 @@ "integrity": "sha512-LMiLGYsVNJfVPlQg7v2NYjG7iRIapcLv+oMunlq7fkXVx0BATCjRu7XyWl0G+iuZzHy4CjtM32QB8ox8juTgaw==", "dev": true, "requires": { - "JSONStream": "^1.3.5", "abbrev": "~1.1.1", "ansicolors": "~0.3.2", "ansistyles": "~0.1.3", @@ -18056,6 +18050,7 @@ "init-package-json": "^1.10.3", "is-cidr": "^3.0.0", "json-parse-better-errors": "^1.0.2", + "JSONStream": "^1.3.5", "lazy-property": "~1.0.0", "libcipm": "^4.0.8", "libnpm": "^3.0.1", @@ -18140,15 +18135,6 @@ "write-file-atomic": "^2.4.3" }, "dependencies": { - "JSONStream": { - "version": "1.3.5", - "bundled": true, - "dev": true, - "requires": { - "jsonparse": "^1.2.0", - "through": ">=2.2.7 <3" - } - }, "abbrev": { "version": "1.1.1", "bundled": true, @@ -19593,6 +19579,15 @@ "bundled": true, "dev": true }, + "JSONStream": { + "version": "1.3.5", + "bundled": true, + "dev": true, + "requires": { + "jsonparse": "^1.2.0", + "through": ">=2.2.7 <3" + } + }, "jsprim": { "version": "1.4.2", "bundled": true, @@ -20200,9 +20195,9 @@ "bundled": true, "dev": true, "requires": { - "JSONStream": "^1.3.4", "bluebird": "^3.5.1", "figgy-pudding": "^3.4.1", + "JSONStream": "^1.3.4", "lru-cache": "^5.1.1", "make-fetch-happen": "^5.0.0", "npm-package-arg": "^6.1.0", @@ -20979,6 +20974,21 @@ "bundled": true, "dev": true }, + "string_decoder": { + "version": "1.3.0", + "bundled": true, + "dev": true, + "requires": { + "safe-buffer": "~5.2.0" + }, + "dependencies": { + "safe-buffer": { + "version": "5.2.0", + "bundled": true, + "dev": true + } + } + }, "string-width": { "version": "2.1.1", "bundled": true, @@ -21008,21 +21018,6 @@ } } }, - "string_decoder": { - "version": "1.3.0", - "bundled": true, - "dev": true, - "requires": { - "safe-buffer": "~5.2.0" - }, - "dependencies": { - "safe-buffer": { - "version": "5.2.0", - "bundled": true, - "dev": true - } - } - }, "stringify-package": { "version": "1.0.1", "bundled": true, @@ -25937,6 +25932,14 @@ "integrity": "sha1-J5siXfHVgrH1TmWt3UNS4Y+qBxM=", "dev": true }, + "string_decoder": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", + "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==", + "requires": { + "safe-buffer": "~5.2.0" + } + }, "string-length": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/string-length/-/string-length-2.0.0.tgz", @@ -25974,14 +25977,6 @@ "define-properties": "^1.1.3" } }, - "string_decoder": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", - "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==", - "requires": { - "safe-buffer": "~5.2.0" - } - }, "strip-ansi": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz", diff --git a/packages/api/package.json b/packages/api/package.json index 953c36d..71a689e 100644 --- a/packages/api/package.json +++ b/packages/api/package.json @@ -31,7 +31,7 @@ "graphql": "^15.4.0", "isomorphic-fetch": "^3.0.0", "lodash": "^4.17.21", - "maskdata": "^1.1.4", + "maskdata": "^1.1.7", "micromatch": "^4.0.4", "nested-property": "^4.0.0", "o18k-ts-aws": "^0.1.3",