From bd6765401492d30910ad9e35921e6a17245b065e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 2 Feb 2024 21:50:50 +0000 Subject: [PATCH 1/2] Update all non-major dependencies --- .tool-versions | 4 +- .../cloudflare/envs/main/.terraform.lock.hcl | 58 +++++++++---------- .../cloudflare/envs/main/versions.tf | 2 +- .../modules/app/modules/workers/versions.tf | 2 +- .../cloudflare/modules/app/versions.tf | 2 +- package.json | 4 +- pnpm-lock.yaml | 51 ++++++++++++---- 7 files changed, 77 insertions(+), 46 deletions(-) diff --git a/.tool-versions b/.tool-versions index d180ff95..dda531bc 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1,5 +1,5 @@ nodejs 20.11.0 -pnpm 8.14.1 +pnpm 8.15.1 python 3.11.6 kubectl 1.29.1 -argocd 2.9.3 +argocd 2.9.6 diff --git a/infra/terraform/cloudflare/envs/main/.terraform.lock.hcl b/infra/terraform/cloudflare/envs/main/.terraform.lock.hcl index 1bfdad7c..76ee826d 100644 --- a/infra/terraform/cloudflare/envs/main/.terraform.lock.hcl +++ b/infra/terraform/cloudflare/envs/main/.terraform.lock.hcl @@ -2,37 +2,37 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/cloudflare/cloudflare" { - version = "4.22.0" + version = "4.23.0" constraints = "~> 4.0" hashes = [ - "h1:+fKX+Bw3DBbGeE8A3wGrzNwWPu/vk1mBAhbWt8yRmo0=", - "h1:2yNNRaW033gI2bh/r7FDxtu7Nbtey3MGCDN8Zt22pfo=", - "h1:CfB4WUUOe+LLazQ4rwmCRTzl2R16bz2BXf6JHDjfpCk=", - "h1:F8zphUlmZIr1h74tntF7eQeTPoAbosCqLCbiiKPzhtk=", - "h1:HmnweCWDQ26/SLD14TXy5XCgO+MhS2xP6Gpjm9QExOc=", - "h1:QBC0SUNhC/lGZDLDtzh7THOESi7WcujSfvIf0SoYFmQ=", - "h1:QOLcgXrnyppXL2vYQn0lpywvVUaAtdNReDZ8qx/z0k8=", - "h1:RMcBOnouDmXB5buokR2g4iZUUn9uOZwT4vPZ+ZxdOLU=", - "h1:VDX6J5hEMWeHk9FfVCBhvMjIkzTYLQeU+8Cdy2AD6AI=", - "h1:blHUZFk/sm1K0ljOvL48xumk7+sWnn6RhSAEnR9AjMs=", - "h1:dsgOaNfrJFEQEd/oRNB8stTbQtSW7hTvhYqVMyP2vS0=", - "h1:eWlIvRCF6U6p1vr7YoPmiONSLuIjvwKXqd3kwQvDEhU=", - "h1:sH0HCb7DgUrTfdVGqQXNIPxKvb8RkrYBg7OTy1eR4qI=", - "h1:vC0lWgkUzrRuFTML8AqR9tXwJQuSZAaKD36rcC2mrH0=", - "zh:3fd76452845661d6536911fd0ec077531d46d0031b1b46139ea1eee6c926f714", - "zh:44ed58c11d3d1c51d6afa446692b441a89017798a15e7f5d5519a3c91935fc4c", - "zh:46f370d4509bdbbaed0b74218ae6532eaea101c6a94b6dcafd54fe2f79e0a521", - "zh:5e303fb782b42aede9a971adb559a5554461da05de9f71de7114db385c3161d3", - "zh:6c1f4ff22fe80098e4ec35c77c24e96a21a01239d06edfeb73956019409b9fee", - "zh:7a995be9edd05b17f33fa4928f847100949c2631c864119acf4c68221bf12a2c", - "zh:84100a29f7f754d37c8ac6e4d083cb33dd815819cf0f8f5ded42a272970a7b54", + "h1:3AYoWW/CwDPrT8AvvZ2Z+au8GZB1Zwd/MuzOzIZXoqQ=", + "h1:4qoEH7MSBSbLAYs0SN9XfRr40fhvEx39Q89lSBcPiKI=", + "h1:Kn7JXfcIA+vYHZhXtWUxNJ7wJ62ICet3a93gyYez9/U=", + "h1:StgZc0MBcyvZj8ZS9viD+RO3EFYPzqDNS+j//THtr24=", + "h1:YhXRxnfdFfGkey6AfgLyWYZgcN4QeqO8ndM1smuyts8=", + "h1:d01z18ca38AKgZEFy2Yj4Vi6ocihJXG3W+2AXHuao5w=", + "h1:kKjUlIA5LYkrZrYnacHAF/w3whGWBiDP5TF2c40dP7Y=", + "h1:kipnK5UbHy5i26AoVAuXUS1I+5ncYcjyIBKUdYCNyeY=", + "h1:m42hhp7aQEJowwAzwOgwkW3tjvJk3gDNdQ27z5CXb7U=", + "h1:mtJudxlA5Mn3UNEuH/84RTGixdBxrBJiI+Rf4gJUCmg=", + "h1:mwME7g0VS3glSXFJi1xAmhnluStIJ/yxmORP2grrkb0=", + "h1:rEiYUFjChjfrRNf3tIAtJf4wlo2RokV5v61q1hLgQo0=", + "h1:tOY15qW720IhkchkR1vlhc3K6Dmbt+qNKLsGRjeSNr8=", + "h1:uaa+wA2dkyNHUZiHA8OBWr9Az8hXVDBZ8CprVAtW27o=", + "zh:034aae9f29e51b008eb5ff62bcfea4078d92d74fd8eb6e0f1833395002bf483d", + "zh:0e4f72b52647791e34894c231c7d17b55c701fb4ff9d8aeb8355031378b20910", + "zh:248ecf3820a65870a8a811a90488a77a8fcc49ee6e3099734328912250c4145a", + "zh:750114d16fefb3ce6cfc81fc4d86ab3746062dccd3fc5556a6dff39d600d55f3", "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f", - "zh:959ab2fc75472f56a0935c8975e4e6772b708cf0a9d015f99db7663bfaa64776", - "zh:a7f3078eda0057dc8312fd233ca13674e58a1bb62e0652169f34795a4f243378", - "zh:b836b5631522d81fba4c70debf13cdc43a328548ad587f456632cf1dd2d190c2", - "zh:c097295f629e2cdfec44779d9ee0bd61c6ffc1f30b6428dce05eac740693182b", - "zh:cffb10d7e99b18910da2034c775b2bd7222c0860a20e560b0a35f5eeb8937eb6", - "zh:fb4170e6a7bf4150c0c928509b8db77c4322eeb47a3506cdc99250afb93fce46", - "zh:fd068410027acf7fd11864c9427ed1d7783ef2bc05eece01682e33a25c4119b0", + "zh:8fe4b545d8c90eb55b75ede1bc5a6bb1483a00466364cd08b1096abddc52e34b", + "zh:ba203d96d07a313dd77933ff29d09110c1dc5100a44aa540c2c73ea280215c85", + "zh:be22358de9729068edc462985c2c99c4d49eec87c6662e75e7216962b0b47a12", + "zh:c55add4c66855191020b5ed61fe8561403eac9d3f55f343876f1f0a5e2ccf1bc", + "zh:c57034c34a10317715264b9455a74b53b2604a3cb206f2c5089ae61b5e8e18fa", + "zh:c95b026d652cb2f90b526cdc79dc22faa0789a049e55b5f2a41412ac45bca2ec", + "zh:ca49437e5462c060b64d0ebf7a7d1370f55139afdb6a23f032694d363b44243b", + "zh:d52788bd6ca087fa72ae9d22c09693c3f5ce5502a00e2c195bea5f420735006c", + "zh:e43da4d400951310020969bd5952483c05de824d67fdcdddc76ec9d97de0d18e", + "zh:ff150dddcbb0d623ff1948d1359fa956519f0672f832faedb121fc809e9c4c22", ] } diff --git a/infra/terraform/cloudflare/envs/main/versions.tf b/infra/terraform/cloudflare/envs/main/versions.tf index 745ee9b4..ed17affc 100644 --- a/infra/terraform/cloudflare/envs/main/versions.tf +++ b/infra/terraform/cloudflare/envs/main/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = "1.7.0" + required_version = "1.7.2" required_providers { cloudflare = { diff --git a/infra/terraform/cloudflare/modules/app/modules/workers/versions.tf b/infra/terraform/cloudflare/modules/app/modules/workers/versions.tf index 745ee9b4..ed17affc 100644 --- a/infra/terraform/cloudflare/modules/app/modules/workers/versions.tf +++ b/infra/terraform/cloudflare/modules/app/modules/workers/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = "1.7.0" + required_version = "1.7.2" required_providers { cloudflare = { diff --git a/infra/terraform/cloudflare/modules/app/versions.tf b/infra/terraform/cloudflare/modules/app/versions.tf index 745ee9b4..ed17affc 100644 --- a/infra/terraform/cloudflare/modules/app/versions.tf +++ b/infra/terraform/cloudflare/modules/app/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = "1.7.0" + required_version = "1.7.2" required_providers { cloudflare = { diff --git a/package.json b/package.json index 8d571be8..1b76f256 100644 --- a/package.json +++ b/package.json @@ -19,7 +19,7 @@ "author": "", "license": "MIT", "devDependencies": { - "@swc/cli": "^0.1.63", + "@swc/cli": "^0.3.0", "@swc/core": "^1.3.102", "@tsconfig/strictest": "^2.0.2", "@types/lodash-es": "^4.17.12", @@ -39,7 +39,7 @@ "dependencies": { "@discordjs/opus": "^0.9.0", "@discordjs/voice": "^0.16.1", - "@t3-oss/env-core": "^0.7.1", + "@t3-oss/env-core": "^0.8.0", "chalk": "^5.3.0", "discord.js": "^14.14.1", "dotenv": "^16.3.1", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index b362a6f3..c48ab680 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -12,8 +12,8 @@ dependencies: specifier: ^0.16.1 version: 0.16.1(@discordjs/opus@0.9.0) '@t3-oss/env-core': - specifier: ^0.7.1 - version: 0.7.1(typescript@5.3.3)(zod@3.22.4) + specifier: ^0.8.0 + version: 0.8.0(typescript@5.3.3)(zod@3.22.4) chalk: specifier: ^5.3.0 version: 5.3.0 @@ -41,8 +41,8 @@ dependencies: devDependencies: '@swc/cli': - specifier: ^0.1.63 - version: 0.1.63(@swc/core@1.3.102) + specifier: ^0.3.0 + version: 0.3.6(@swc/core@1.3.102) '@swc/core': specifier: ^1.3.102 version: 1.3.102 @@ -728,9 +728,9 @@ packages: engines: {node: '>=10'} dev: true - /@swc/cli@0.1.63(@swc/core@1.3.102): - resolution: {integrity: sha512-EM9oxxHzmmsprYRbGqsS2M4M/Gr5Gkcl0ROYYIdlUyTkhOiX822EQiRCpPCwdutdnzH2GyaTN7wc6i0Y+CKd3A==} - engines: {node: '>= 12.13'} + /@swc/cli@0.3.6(@swc/core@1.3.102): + resolution: {integrity: sha512-ZoQbsJXjiWIlbCgr1m+m7TGNk7pILb3uWm4t423jM8vot8clseclXFU4QCMqJUVcYCSwKStzP3+yYMZvme/lsQ==} + engines: {node: '>= 16.14.0'} hasBin: true peerDependencies: '@swc/core': ^1.2.66 @@ -743,6 +743,8 @@ packages: '@swc/core': 1.3.102 commander: 7.2.0 fast-glob: 3.3.2 + minimatch: 9.0.3 + piscina: 4.3.1 semver: 7.5.4 slash: 3.0.0 source-map: 0.7.4 @@ -878,10 +880,10 @@ packages: defer-to-connect: 2.0.1 dev: true - /@t3-oss/env-core@0.7.1(typescript@5.3.3)(zod@3.22.4): - resolution: {integrity: sha512-3+SQt39OlmSaRLqYVFv8uRm1BpFepM5TIiMytRqO9cjH+wB77o6BIJdeyM5h5U4qLBMEzOJWCY4MBaU/rLwbYw==} + /@t3-oss/env-core@0.8.0(typescript@5.3.3)(zod@3.22.4): + resolution: {integrity: sha512-Tc1pg0KH/tJeI0Z1s/Isp1VsGDj1N03ZAYFV8GjWgMxytF/ve0Dv+opjmTapHICRv8qiB1Y/fsTjkWNMpKPRCQ==} peerDependencies: - typescript: '>=4.7.2' + typescript: '>=5.0.0' zod: ^3.0.0 peerDependenciesMeta: typescript: @@ -2880,6 +2882,22 @@ packages: resolution: {integrity: sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==} dev: true + /nice-napi@1.0.2: + resolution: {integrity: sha512-px/KnJAJZf5RuBGcfD+Sp2pAKq0ytz8j+1NehvgIGFkvtvFrDM3T8E4x/JJODXK9WZow8RRGrbA9QQ3hs+pDhA==} + os: ['!win32'] + requiresBuild: true + dependencies: + node-addon-api: 3.2.1 + node-gyp-build: 4.8.0 + dev: true + optional: true + + /node-addon-api@3.2.1: + resolution: {integrity: sha512-mmcei9JghVNDYydghQmeDX8KoAm0FAiYyIcUt/N4nhyAipB17pllZQDOJD2fotxABnt4Mdz+dKTO7eftLg4d0A==} + requiresBuild: true + dev: true + optional: true + /node-addon-api@5.1.0: resolution: {integrity: sha512-eh0GgfEkpnoWDq+VY8OyvYhFEzBk6jIYbRKdIlyTiAXIVJ8PyBaKb0rp7oDtoddbdoHWhq8wwr+XZ81F1rpNdA==} dev: false @@ -2896,6 +2914,13 @@ packages: whatwg-url: 5.0.0 dev: false + /node-gyp-build@4.8.0: + resolution: {integrity: sha512-u6fs2AEUljNho3EYTJNBfImO5QTo/J/1Etd+NVdCj7qWKUSN/bSLkZwhDv7I+w/MSC6qJ4cknepkAYykDdK8og==} + hasBin: true + requiresBuild: true + dev: true + optional: true + /nopt@5.0.0: resolution: {integrity: sha512-Tbj67rffqceeLpcRXrT7vKAN8CwfPeIBgM7E6iBkmKLV7bEMwpGgYLGv0jACUsECaa/vuxP0IjEont6umdMgtQ==} engines: {node: '>=6'} @@ -3125,6 +3150,12 @@ packages: engines: {node: '>=0.10.0'} dev: true + /piscina@4.3.1: + resolution: {integrity: sha512-MBj0QYm3hJQ/C/wIXTN1OCYC8uQ4BBJ4LVele2P4ZwVQAH04vkk8E1SpDbuemLAL1dZorbuOob9rYqJeWCcCRg==} + optionalDependencies: + nice-napi: 1.0.2 + dev: true + /pkg-types@1.0.3: resolution: {integrity: sha512-nN7pYi0AQqJnoLPC9eHFQ8AcyaixBUOwvqc5TDnIKCMEE6I0y8P7OKA7fPexsXGCGxQDl/cmrLAp26LhcwxZ4A==} dependencies: From b0cc6f3dd6122e2dbabb8a9f6dac2cddd1d40a5e Mon Sep 17 00:00:00 2001 From: na2na-p Date: Sun, 4 Feb 2024 20:19:26 +0900 Subject: [PATCH 2/2] Workaround of Vulnerability --- package.json | 3 +++ pnpm-lock.yaml | 11 +++++++---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/package.json b/package.json index 1b76f256..9da7c2a1 100644 --- a/package.json +++ b/package.json @@ -48,5 +48,8 @@ "resolve": "^1.22.8", "ytdl-core": "^4.11.5", "zod": "^3.22.4" + }, + "resolutions": { + "vite": "5.0.12" } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index c48ab680..7db7c750 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -4,6 +4,9 @@ settings: autoInstallPeers: true excludeLinksFromLockfile: false +overrides: + vite: 5.0.12 + dependencies: '@discordjs/opus': specifier: ^0.9.0 @@ -3813,7 +3816,7 @@ packages: debug: 4.3.4 pathe: 1.1.1 picocolors: 1.0.0 - vite: 5.0.11(@types/node@20.10.8) + vite: 5.0.12(@types/node@20.10.8) transitivePeerDependencies: - '@types/node' - less @@ -3825,8 +3828,8 @@ packages: - terser dev: true - /vite@5.0.11(@types/node@20.10.8): - resolution: {integrity: sha512-XBMnDjZcNAw/G1gEiskiM1v6yzM4GE5aMGvhWTlHAYYhxb7S3/V1s3m2LDHa8Vh6yIWYYB0iJwsEaS523c4oYA==} + /vite@5.0.12(@types/node@20.10.8): + resolution: {integrity: sha512-4hsnEkG3q0N4Tzf1+t6NdN9dg/L3BM+q8SWgbSPnJvrgH2kgdyzfVJwbR1ic69/4uMJJ/3dqDZZE5/WwqW8U1w==} engines: {node: ^18.0.0 || >=20.0.0} hasBin: true peerDependencies: @@ -3905,7 +3908,7 @@ packages: strip-literal: 1.3.0 tinybench: 2.5.1 tinypool: 0.8.1 - vite: 5.0.11(@types/node@20.10.8) + vite: 5.0.12(@types/node@20.10.8) vite-node: 1.1.3(@types/node@20.10.8) why-is-node-running: 2.2.2 transitivePeerDependencies: