From 48cb834d7634ed9d8bebc5700f9ba55241d32839 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 4 Oct 2019 05:44:59 +0000 Subject: [PATCH] fix: package.json, package-lock.json & .snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-HTTPSPROXYAGENT-469131 --- .snyk | 33 +++--- package-lock.json | 289 ++++++++++++++++++++++++++++------------------ package.json | 2 +- 3 files changed, 199 insertions(+), 125 deletions(-) diff --git a/.snyk b/.snyk index 2dd0429..47de6c6 100644 --- a/.snyk +++ b/.snyk @@ -6,32 +6,18 @@ patch: SNYK-JS-LODASH-450202: - request-promise-native > request-promise-core > lodash: patched: '2019-07-05T05:52:34.857Z' - snyk > @snyk/dep-graph > lodash: - patched: '2019-07-05T06:23:05.092Z' - winston > async > lodash: patched: '2019-07-05T05:52:34.857Z' - snyk > inquirer > lodash: - patched: '2019-07-05T06:23:05.092Z' - tedious > adal-node > async > lodash: patched: '2019-07-05T05:52:34.857Z' - snyk > snyk-config > lodash: - patched: '2019-07-05T06:23:05.092Z' - pug > pug-code-gen > constantinople > babel-types > lodash: patched: '2019-07-05T05:52:34.857Z' - snyk > snyk-mvn-plugin > lodash: - patched: '2019-07-05T06:23:05.092Z' - pug > pug-filters > constantinople > babel-types > lodash: patched: '2019-07-05T05:52:34.857Z' - snyk > snyk-nodejs-lockfile-parser > lodash: - patched: '2019-07-05T06:23:05.092Z' - pug > pug-code-gen > pug-attrs > constantinople > babel-types > lodash: patched: '2019-07-05T05:52:34.857Z' - snyk > snyk-nuget-plugin > lodash: - patched: '2019-07-05T06:23:05.092Z' - sequelize > lodash: patched: '2019-07-05T05:52:34.857Z' - snyk > @snyk/dep-graph > graphlib > lodash: - patched: '2019-07-05T06:23:05.092Z' - snyk > snyk-go-plugin > graphlib > lodash: patched: '2019-07-05T06:23:05.092Z' - snyk > snyk-nodejs-lockfile-parser > graphlib > lodash: @@ -40,3 +26,22 @@ patch: patched: '2019-07-05T06:23:05.092Z' - snyk > lodash: patched: '2019-07-05T06:23:05.092Z' + - snyk > @snyk/dep-graph > lodash: + patched: '2019-07-05T06:23:05.092Z' + - snyk > inquirer > lodash: + patched: '2019-07-05T06:23:05.092Z' + - snyk > snyk-config > lodash: + patched: '2019-07-05T06:23:05.092Z' + - snyk > snyk-mvn-plugin > lodash: + patched: '2019-07-05T06:23:05.092Z' + - snyk > snyk-nodejs-lockfile-parser > lodash: + patched: '2019-07-05T06:23:05.092Z' + - snyk > snyk-nuget-plugin > lodash: + patched: '2019-07-05T06:23:05.092Z' + - snyk > @snyk/dep-graph > graphlib > lodash: + patched: '2019-07-05T06:23:05.092Z' + SNYK-JS-HTTPSPROXYAGENT-469131: + - snyk > proxy-agent > https-proxy-agent: + patched: '2019-10-04T05:44:44.876Z' + - snyk > proxy-agent > pac-proxy-agent > https-proxy-agent: + patched: '2019-10-04T05:44:44.876Z' diff --git a/package-lock.json b/package-lock.json index d37835c..5927073 100644 --- a/package-lock.json +++ b/package-lock.json @@ -82,11 +82,32 @@ } }, "@snyk/cli-interface": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@snyk/cli-interface/-/cli-interface-2.0.3.tgz", - "integrity": "sha512-tQxCCEdX8+r71fYoOZB4jaPYUxrhWsdPAuQkbbsge9Vd22Gzy6iCVpLX2Ai0JKkqZ0tLU3cgNB7gulzce6fdAg==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/@snyk/cli-interface/-/cli-interface-2.1.0.tgz", + "integrity": "sha512-b/magC8iNQP9QhSDeV9RQDSaY3sNy57k0UH1Y/sMOSvVLHLsA7dOi/HrPWTiLouyGqcuYzwjkz7bNbu8cwmVDQ==", + "requires": { + "tslib": "^1.9.3" + } + }, + "@snyk/cocoapods-lockfile-parser": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@snyk/cocoapods-lockfile-parser/-/cocoapods-lockfile-parser-2.0.2.tgz", + "integrity": "sha512-DSSlljXGhSECdx7KhK7QlBiGC82fM2dZMzhcWxOsqyUVqzjArRGS9i4CRl/WMK5WDlLgc5bn5Xmpmp/g5Hf9YQ==", "requires": { + "@snyk/dep-graph": "^1.11.0", + "@snyk/ruby-semver": "^2.0.4", + "@types/js-yaml": "^3.12.1", + "core-js": "^3.2.0", + "js-yaml": "^3.13.1", + "source-map-support": "^0.5.7", "tslib": "^1.9.3" + }, + "dependencies": { + "core-js": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/core-js/-/core-js-3.2.1.tgz", + "integrity": "sha512-Qa5XSVefSVPRxy2XfUC13WbvqkxhkwB3ve+pgCQveNgYzbM/UxZeu1dcOX/xr4UmfUd+muuvsaxilQzCyUurMw==" + } } }, "@snyk/composer-lockfile-parser": { @@ -95,13 +116,6 @@ "integrity": "sha512-hb+6E7kMzWlcwfe//ILDoktBPKL2a3+RnJT/CXnzRXaiLQpsdkf5li4q2v0fmvd+4v7L3tTN8KM+//lJyviEkg==", "requires": { "lodash": "^4.17.13" - }, - "dependencies": { - "lodash": { - "version": "4.17.15", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" - } } }, "@snyk/dep-graph": { @@ -129,6 +143,54 @@ "resolved": "https://registry.npmjs.org/@snyk/gemfile/-/gemfile-1.2.0.tgz", "integrity": "sha512-nI7ELxukf7pT4/VraL4iabtNNMz8mUo7EXlqCFld8O5z6mIMLX9llps24iPpaIZOwArkY3FWA+4t+ixyvtTSIA==" }, + "@snyk/ruby-semver": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/@snyk/ruby-semver/-/ruby-semver-2.0.4.tgz", + "integrity": "sha512-ceMD4CBS3qtAg+O0BUvkKdsheUNCqi+/+Rju243Ul8PsUgZnXmGiqfk/2z7DCprRQnxUTra4+IyeDQT7wAheCQ==", + "requires": { + "lodash": "^4.17.14" + } + }, + "@snyk/snyk-cocoapods-plugin": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/@snyk/snyk-cocoapods-plugin/-/snyk-cocoapods-plugin-1.0.2.tgz", + "integrity": "sha512-eb8cawvz2vDLg/DRyzDDgv7+oZhsojNXxF8anX2Iq4ws8GZjd9CrMMMaSU7QehcT4h7jH5ITzbB1HOp+XHm3rw==", + "requires": { + "@snyk/cli-interface": "1.5.0", + "@snyk/cocoapods-lockfile-parser": "2.0.2", + "@snyk/dep-graph": "1.13.0", + "source-map-support": "^0.5.7", + "tslib": "^1.9.3" + }, + "dependencies": { + "@snyk/cli-interface": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/@snyk/cli-interface/-/cli-interface-1.5.0.tgz", + "integrity": "sha512-+Qo+IO3YOXWgazlo+CKxOuWFLQQdaNCJ9cSfhFQd687/FuesaIxWdInaAdfpsLScq0c6M1ieZslXgiZELSzxbg==", + "requires": { + "tslib": "^1.9.3" + } + }, + "@snyk/dep-graph": { + "version": "1.13.0", + "resolved": "https://registry.npmjs.org/@snyk/dep-graph/-/dep-graph-1.13.0.tgz", + "integrity": "sha512-e0XcLH6Kgs/lunf6iDjbxEnm9+JYFEJn6eo/PlEUW+SMWBZ2uEXHBTDNp9oxjJou48PngzWMveEkniBAN+ulOQ==", + "requires": { + "graphlib": "^2.1.5", + "lodash": "^4.7.14", + "object-hash": "^1.3.1", + "semver": "^6.0.0", + "source-map-support": "^0.5.11", + "tslib": "^1.9.3" + } + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" + } + } + }, "@types/agent-base": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/@types/agent-base/-/agent-base-4.2.0.tgz", @@ -376,6 +438,11 @@ "@types/sizzle": "*" } }, + "@types/js-yaml": { + "version": "3.12.1", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-3.12.1.tgz", + "integrity": "sha512-SGGAhXLHDx+PK4YLNcNGa6goPf9XRWQNAUUbffkwVGGXIxmDKWyGGL4inzq2sPmExu431Ekb9aEMn9BkPqEYFA==" + }, "@types/mime": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/@types/mime/-/mime-2.0.1.tgz", @@ -2436,19 +2503,9 @@ } }, "data-uri-to-buffer": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-2.0.1.tgz", - "integrity": "sha512-OkVVLrerfAKZlW2ZZ3Ve2y65jgiWqBKsTfUIAFbn8nVbPcCZg6l6gikKlEYv0kXcmzqGm6mFq/Jf2vriuEkv8A==", - "requires": { - "@types/node": "^8.0.7" - }, - "dependencies": { - "@types/node": { - "version": "8.10.52", - "resolved": "https://registry.npmjs.org/@types/node/-/node-8.10.52.tgz", - "integrity": "sha512-2RbW7WXeLex6RI+kQSxq6Ym0GiVcODeQ4Km7MnnTX5BHdOGQnqVa+s6AUmAW+OFYAJ8wv9QxvNZXm7/kBdGTVw==" - } - } + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-2.0.2.tgz", + "integrity": "sha512-ND9qDTLc6diwj+Xe5cdAgVTbLVdXbtxTJRXRhli8Mowuaan+0EJOtdqJ0QCHNSSPyoXGx9HX2/VMnKeC34AChA==" }, "date-now": { "version": "0.1.4", @@ -2566,7 +2623,6 @@ "version": "1.1.3", "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.1.3.tgz", "integrity": "sha512-3MqfYKj2lLzdMSf8ZIZE/V+Zuy+BgD6f164e8K2w7dgnpKArBDerGYpM46IYYcjnkdPNMjPk9A6VFB8+3SKlXQ==", - "dev": true, "requires": { "object-keys": "^1.0.12" } @@ -2854,6 +2910,17 @@ "source-map-support": "^0.5.7", "tslib": "^1.9.3", "xml2js": "0.4.19" + }, + "dependencies": { + "xml2js": { + "version": "0.4.19", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.4.19.tgz", + "integrity": "sha512-esZnJZJOiJR9wWKMyuvSE1y6Dq5LCuJanqhxslH2bxM6duahNZ+HMpCLhBQGZkbX6xRf8x1Y2eJlgt2q3qo49Q==", + "requires": { + "sax": ">=0.6.0", + "xmlbuilder": "~9.0.1" + } + } } }, "dottie": { @@ -2943,8 +3010,7 @@ "emoji-regex": { "version": "7.0.3", "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-7.0.3.tgz", - "integrity": "sha512-CwBLREIQ7LvYFB0WyRvwhq5N5qPhc6PMjD6bYggFlI5YyDgl+0vxq5VHbMOFqLg7hfWzmu8T5Z1QofhmTIhItA==", - "dev": true + "integrity": "sha512-CwBLREIQ7LvYFB0WyRvwhq5N5qPhc6PMjD6bYggFlI5YyDgl+0vxq5VHbMOFqLg7hfWzmu8T5Z1QofhmTIhItA==" }, "enabled": { "version": "1.0.2", @@ -2993,7 +3059,6 @@ "version": "1.13.0", "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.13.0.tgz", "integrity": "sha512-vDZfg/ykNxQVwup/8E1BZhVzFfBxs9NqMzGcvIJrqg5k2/5Za2bWo40dK2J1pgLngZ7c+Shh8lwYtLGyrwPutg==", - "dev": true, "requires": { "es-to-primitive": "^1.2.0", "function-bind": "^1.1.1", @@ -3007,7 +3072,6 @@ "version": "1.2.0", "resolved": "https://registry.npmjs.org/es-to-primitive/-/es-to-primitive-1.2.0.tgz", "integrity": "sha512-qZryBOJjV//LaxLTV6UC//WewneB3LcXOL9NP++ozKVXsIIIpm/2c13UDiD9Jp2eThsecw9m3jPqDwTyobcdbg==", - "dev": true, "requires": { "is-callable": "^1.1.4", "is-date-object": "^1.0.1", @@ -5101,8 +5165,7 @@ "has-symbols": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.0.tgz", - "integrity": "sha1-uhqPGvKg/DllD1yFA2dwQSIGO0Q=", - "dev": true + "integrity": "sha1-uhqPGvKg/DllD1yFA2dwQSIGO0Q=" }, "has-unicode": { "version": "2.0.1", @@ -5252,10 +5315,9 @@ "integrity": "sha1-7AbBDgo0wPL68Zn3/X/Hj//QPHM=", "dev": true }, - "https-proxy-agent": { - "version": "2.2.2", - "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-2.2.2.tgz", - "integrity": "sha512-c8Ndjc9Bkpfx/vCJueCPy0jlP4ccCCSNDp8xwCZzPjKJUm+B+u9WX2x98Qx4n1PiMNTWo3D7KK5ifNV/yJyRzg==", + "https-proxy-agent-snyk-fork": { + "version": "git://github.com/snyk/node-https-proxy-agent.git#5e86ccb682d0c833c8daa25ee6f91c670161cd66", + "from": "git://github.com/snyk/node-https-proxy-agent.git#fix/https-agent-vuln", "requires": { "agent-base": "^4.3.0", "debug": "^3.1.0" @@ -5406,11 +5468,6 @@ "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz", "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=" }, - "lodash": { - "version": "4.17.15", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" - }, "string-width": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz", @@ -5533,8 +5590,7 @@ "is-callable": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/is-callable/-/is-callable-1.1.4.tgz", - "integrity": "sha512-r5p9sxJjYnArLjObpjA4xu5EKI3CuKHkJXMhT7kwbpUyIFD1n5PMAsoPvWnvtZiNz7LjkYDRZhd7FlI0eMijEA==", - "dev": true + "integrity": "sha512-r5p9sxJjYnArLjObpjA4xu5EKI3CuKHkJXMhT7kwbpUyIFD1n5PMAsoPvWnvtZiNz7LjkYDRZhd7FlI0eMijEA==" }, "is-ci": { "version": "1.2.1", @@ -5556,8 +5612,7 @@ "is-date-object": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/is-date-object/-/is-date-object-1.0.1.tgz", - "integrity": "sha1-mqIOtq7rv/d/vTPnTKAbM1gdOhY=", - "dev": true + "integrity": "sha1-mqIOtq7rv/d/vTPnTKAbM1gdOhY=" }, "is-descriptor": { "version": "0.1.6", @@ -5729,9 +5784,9 @@ } }, "is-retry-allowed": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.1.0.tgz", - "integrity": "sha1-EaBgVotnM5REAz0BJaYaINVk+zQ=" + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.2.0.tgz", + "integrity": "sha512-RUbUeKwvm3XG2VYamhJL1xFktgjvPzL0Hq8C+6yrWIswDy3BIXGqCxhxkc30N9jqK311gVU137K8Ei55/zVJRg==" }, "is-ssh": { "version": "1.3.1", @@ -5750,7 +5805,6 @@ "version": "1.0.2", "resolved": "https://registry.npmjs.org/is-symbol/-/is-symbol-1.0.2.tgz", "integrity": "sha512-HS8bZ9ox60yCJLH9snBpIwv9pYUAkcuLhSA1oero1UB5y9aiQpRA8y2ex945AOtCZL1lJDeIk3G5LthswI46Lw==", - "dev": true, "requires": { "has-symbols": "^1.0.0" } @@ -7347,8 +7401,7 @@ "object-keys": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/object-keys/-/object-keys-1.1.1.tgz", - "integrity": "sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==", - "dev": true + "integrity": "sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==" }, "object-visit": { "version": "1.0.1", @@ -7387,7 +7440,6 @@ "version": "2.0.3", "resolved": "https://registry.npmjs.org/object.getownpropertydescriptors/-/object.getownpropertydescriptors-2.0.3.tgz", "integrity": "sha1-h1jIRvW0B62rDyNuCYbxSwUcqhY=", - "dev": true, "requires": { "define-properties": "^1.1.2", "es-abstract": "^1.5.1" @@ -7596,15 +7648,14 @@ "dev": true }, "pac-proxy-agent": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/pac-proxy-agent/-/pac-proxy-agent-3.0.0.tgz", - "integrity": "sha512-AOUX9jES/EkQX2zRz0AW7lSx9jD//hQS8wFXBvcnd/J2Py9KaMJMqV/LPqJssj1tgGufotb2mmopGPR15ODv1Q==", + "version": "git://github.com/snyk/node-pac-proxy-agent.git#e962ea0fe8db650a55e349e1b422e3ac99bfe451", + "from": "git://github.com/snyk/node-pac-proxy-agent.git#fix/https-proxy-agent-vuln", "requires": { "agent-base": "^4.2.0", "debug": "^3.1.0", "get-uri": "^2.0.0", "http-proxy-agent": "^2.1.0", - "https-proxy-agent": "^2.2.1", + "https-proxy-agent-snyk-fork": "git://github.com/snyk/node-https-proxy-agent.git#fix/https-agent-vuln", "pac-resolver": "^3.0.0", "raw-body": "^2.2.0", "socks-proxy-agent": "^4.0.1" @@ -8080,16 +8131,15 @@ } }, "proxy-agent": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/proxy-agent/-/proxy-agent-3.1.0.tgz", - "integrity": "sha512-IkbZL4ClW3wwBL/ABFD2zJ8iP84CY0uKMvBPk/OceQe/cEjrxzN1pMHsLwhbzUoRhG9QbSxYC+Z7LBkTiBNvrA==", + "version": "git://github.com/snyk/node-proxy-agent.git#c25ef74cbe593a4d60a71ff3053466e4b3171711", + "from": "git://github.com/snyk/node-proxy-agent.git#fix/https-agent-vuln", "requires": { "agent-base": "^4.2.0", "debug": "^3.1.0", "http-proxy-agent": "^2.1.0", - "https-proxy-agent": "^2.2.1", + "https-proxy-agent-snyk-fork": "git://github.com/snyk/node-https-proxy-agent.git#fix/https-agent-vuln", "lru-cache": "^4.1.2", - "pac-proxy-agent": "^3.0.0", + "pac-proxy-agent": "git://github.com/snyk/node-pac-proxy-agent.git#fix/https-proxy-agent-vuln", "proxy-from-env": "^1.0.0", "socks-proxy-agent": "^4.0.1" }, @@ -8790,9 +8840,9 @@ "dev": true }, "rxjs": { - "version": "6.5.2", - "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.5.2.tgz", - "integrity": "sha512-HUb7j3kvb7p7eCUHE3FqjoDsC1xfZQ4AHFWfTKSpZ+sAhhz5X1WX0ZuUqWbzB2QhSLp3DoLUG+hMdEDKqWo2Zg==", + "version": "6.5.3", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.5.3.tgz", + "integrity": "sha512-wuYsAYYFdWTAnAaPoKGNhfpWwKZbJW+HgAJ+mImp+Epl7BG8oNWBCTyRM8gba9k4lk8BgWdoYm21Mo/RYhhbgA==", "requires": { "tslib": "^1.9.0" } @@ -9366,12 +9416,14 @@ } }, "snyk": { - "version": "1.221.1", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.221.1.tgz", - "integrity": "sha512-2NpAeh/r/74dZL8HM/I2OlH/AieTJGKyvF0Ux2YADI/7hSHSLgvrUamH6f53KzwEqDbVdewxzoIc3p9rUMG1Ew==", + "version": "1.230.5", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.230.5.tgz", + "integrity": "sha512-kzy6FHMyneVXcezBVO0xRbEDSZSPj9Z/fDH4HFwOm5cpm/HErQ8B86fO6KtfSNIsruWUFcobEzP1q41nOdleAQ==", "requires": { + "@snyk/cli-interface": "^2.0.3", "@snyk/dep-graph": "1.12.0", "@snyk/gemfile": "1.2.0", + "@snyk/snyk-cocoapods-plugin": "1.0.2", "@types/agent-base": "^4.2.0", "@types/restify": "^4.3.6", "abbrev": "^1.1.1", @@ -9387,23 +9439,23 @@ "needle": "^2.2.4", "opn": "^5.5.0", "os-name": "^3.0.0", - "proxy-agent": "^3.1.0", + "proxy-agent": "git://github.com/snyk/node-proxy-agent.git#fix/https-agent-vuln", "proxy-from-env": "^1.0.0", "semver": "^6.0.0", "snyk-config": "^2.2.1", "snyk-docker-plugin": "1.29.1", "snyk-go-plugin": "1.11.0", - "snyk-gradle-plugin": "^3.0.2", + "snyk-gradle-plugin": "3.1.0", "snyk-module": "1.9.1", "snyk-mvn-plugin": "2.4.0", "snyk-nodejs-lockfile-parser": "1.16.0", "snyk-nuget-plugin": "1.12.1", "snyk-php-plugin": "1.6.4", "snyk-policy": "1.13.5", - "snyk-python-plugin": "^1.13.2", + "snyk-python-plugin": "^1.13.3", "snyk-resolve": "1.0.1", "snyk-resolve-deps": "4.4.0", - "snyk-sbt-plugin": "2.7.0", + "snyk-sbt-plugin": "2.8.0", "snyk-tree": "^1.0.0", "snyk-try-require": "1.3.1", "source-map-support": "^0.5.11", @@ -9411,7 +9463,8 @@ "tempfile": "^2.0.0", "then-fs": "^2.0.0", "update-notifier": "^2.5.0", - "uuid": "^3.3.2" + "uuid": "^3.3.2", + "wrap-ansi": "^5.1.0" }, "dependencies": { "ansi-regex": { @@ -9445,10 +9498,10 @@ "path-is-absolute": "^1.0.0" } }, - "lodash": { - "version": "4.17.15", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" + "is-fullwidth-code-point": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz", + "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=" }, "ms": { "version": "2.1.2", @@ -9460,6 +9513,16 @@ "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" }, + "string-width": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz", + "integrity": "sha512-vafcv6KjVZKSgz06oM/H6GDBrAtz8vdhQakGjFIvNrHA6y3HCF1CInLy+QLq8dTJPQ1b+KDUqDFctkdRW44e1w==", + "requires": { + "emoji-regex": "^7.0.1", + "is-fullwidth-code-point": "^2.0.0", + "strip-ansi": "^5.1.0" + } + }, "strip-ansi": { "version": "5.2.0", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", @@ -9467,6 +9530,16 @@ "requires": { "ansi-regex": "^4.1.0" } + }, + "wrap-ansi": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-5.1.0.tgz", + "integrity": "sha512-QC1/iN/2/RPVJ5jYK8BGttj5z83LmSKmvbvrXPNCLZSEb32KKVDJDl/MOt2N01qU2H/FkzEa9PKto1BqDjtd7Q==", + "requires": { + "ansi-styles": "^3.2.0", + "string-width": "^3.0.0", + "strip-ansi": "^5.0.0" + } } } }, @@ -9488,11 +9561,6 @@ "ms": "^2.1.1" } }, - "lodash": { - "version": "4.17.15", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" - }, "ms": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", @@ -9540,10 +9608,11 @@ } }, "snyk-gradle-plugin": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/snyk-gradle-plugin/-/snyk-gradle-plugin-3.0.2.tgz", - "integrity": "sha512-9nyR03kHmePqBGaQiUeo3RD1YJ4qE5/V4tOmDQ8LNjHTQ54Xr8OXFC5xlJMV8FCtXrRXY0/WX8RMUPEUAm4c9g==", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/snyk-gradle-plugin/-/snyk-gradle-plugin-3.1.0.tgz", + "integrity": "sha512-789Rqyhv1+WYbfy1Qilgsw0FMccedSaCO5n+54CXXGVUZWMsVvqJj3T8k7+vis+9Eq+Sgbdzti8vDtApz6rWWQ==", "requires": { + "@snyk/cli-interface": "^2.1.0", "@types/debug": "^4.1.4", "chalk": "^2.4.2", "clone-deep": "^0.3.0", @@ -9585,11 +9654,6 @@ "tslib": "1.9.3" }, "dependencies": { - "lodash": { - "version": "4.17.15", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" - }, "tslib": { "version": "1.9.3", "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.9.3.tgz", @@ -9608,13 +9672,6 @@ "source-map-support": "^0.5.7", "tslib": "^1.9.3", "uuid": "^3.3.2" - }, - "dependencies": { - "lodash": { - "version": "4.17.15", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" - } } }, "snyk-nuget-plugin": { @@ -9639,11 +9696,6 @@ "ms": "^2.1.1" } }, - "lodash": { - "version": "4.17.15", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" - }, "ms": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", @@ -9712,11 +9764,11 @@ } }, "snyk-python-plugin": { - "version": "1.13.2", - "resolved": "https://registry.npmjs.org/snyk-python-plugin/-/snyk-python-plugin-1.13.2.tgz", - "integrity": "sha512-G9R1cYHw0E/VSx9tFa5nZp+653FIMXheteidrF3hjUe71jRdJELEUV/z5jxqYEWEFemcwGhMfW87De91GChVIQ==", + "version": "1.13.3", + "resolved": "https://registry.npmjs.org/snyk-python-plugin/-/snyk-python-plugin-1.13.3.tgz", + "integrity": "sha512-Ud7mHmpMG4uCChvYLx5jA8HwOV/FNpT65xTxSt+6wsOjIUTuLiqM86mbvgzgk3pir8vMP9yQEsCi1i0zYLBArw==", "requires": { - "@snyk/cli-interface": "^2.0.2", + "@snyk/cli-interface": "^2.0.3", "tmp": "0.0.33" } }, @@ -9789,9 +9841,9 @@ } }, "snyk-sbt-plugin": { - "version": "2.7.0", - "resolved": "https://registry.npmjs.org/snyk-sbt-plugin/-/snyk-sbt-plugin-2.7.0.tgz", - "integrity": "sha512-qQSPkiyd/WNfo0z8MDK+87iIIT2wCn+k6tl9mx0VoNJo/z5jJLAoIc41zkGt/K8TjxA7VF1PV5B3tHqBp1xAVA==", + "version": "2.8.0", + "resolved": "https://registry.npmjs.org/snyk-sbt-plugin/-/snyk-sbt-plugin-2.8.0.tgz", + "integrity": "sha512-ZzyBdND5CsaO0xkv05geZXu8Dd6Llvr/5oTj811U7h7UmrvljrAiABW4RGjRJPrPVuuJaDej2p633sgGtK9UsA==", "requires": { "semver": "^6.1.2", "tmp": "^0.1.0", @@ -10991,6 +11043,15 @@ "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" }, + "util.promisify": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/util.promisify/-/util.promisify-1.0.0.tgz", + "integrity": "sha512-i+6qA2MPhvoKLuxnJNpXAGhg7HphQOSUq2LKMZD0m15EiskXUkMvKdF4Uui0WYeCUGea+o2cw/ZuwehtfsrNkA==", + "requires": { + "define-properties": "^1.1.2", + "object.getownpropertydescriptors": "^2.0.3" + } + }, "utils-merge": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz", @@ -11344,12 +11405,20 @@ "integrity": "sha1-SWsswQnsqNus/i3HK2A8F8WHCtQ=" }, "xml2js": { - "version": "0.4.19", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.4.19.tgz", - "integrity": "sha512-esZnJZJOiJR9wWKMyuvSE1y6Dq5LCuJanqhxslH2bxM6duahNZ+HMpCLhBQGZkbX6xRf8x1Y2eJlgt2q3qo49Q==", + "version": "0.4.22", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.4.22.tgz", + "integrity": "sha512-MWTbxAQqclRSTnehWWe5nMKzI3VmJ8ltiJEco8akcC6j3miOhjjfzKum5sId+CWhfxdOs/1xauYr8/ZDBtQiRw==", "requires": { "sax": ">=0.6.0", - "xmlbuilder": "~9.0.1" + "util.promisify": "~1.0.0", + "xmlbuilder": "~11.0.0" + }, + "dependencies": { + "xmlbuilder": { + "version": "11.0.1", + "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", + "integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA==" + } } }, "xmlbuilder": { diff --git a/package.json b/package.json index 75f3459..604a575 100644 --- a/package.json +++ b/package.json @@ -34,7 +34,7 @@ "sequelize": "^5.17.0", "sequelize-typescript": "^1.0.0", "serve-favicon": "^2.5.0", - "snyk": "^1.221.1", + "snyk": "^1.230.5", "winston": "^3.2.1", "ws": "^7.1.2" },