From 1660157be9767e279db19bbee3d27f79cbbe05d7 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 13 Jul 2023 02:48:56 +0000 Subject: [PATCH] fix: src/frontend/package.json & src/frontend/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PROTOBUFJS-5756498 --- src/frontend/package-lock.json | 245 ++++++++++++++++++++++++++++----- src/frontend/package.json | 2 +- 2 files changed, 210 insertions(+), 37 deletions(-) diff --git a/src/frontend/package-lock.json b/src/frontend/package-lock.json index 6e985a5ff4..4e635909c5 100644 --- a/src/frontend/package-lock.json +++ b/src/frontend/package-lock.json @@ -38,7 +38,7 @@ "react-query": "3.39.1", "sharp": "0.30.7", "styled-components": "5.3.5", - "ts-proto": "1.118.0", + "ts-proto": "^1.153.1", "uuid": "8.3.2" }, "devDependencies": { @@ -3917,8 +3917,9 @@ "license": "MIT" }, "node_modules/@types/object-hash": { - "version": "1.3.4", - "license": "MIT" + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/@types/object-hash/-/object-hash-3.0.2.tgz", + "integrity": "sha512-tfyXl1JPCf2hzIDK29gO7qGqJjThKBzg/Cn3bA68R9NmWdOx+f7k5mm4to/n43BHspCwcoUC6FU4NpUoK/h9bQ==" }, "node_modules/@types/pg": { "version": "8.6.1", @@ -4737,6 +4738,17 @@ ], "license": "CC-BY-4.0" }, + "node_modules/case-anything": { + "version": "2.1.13", + "resolved": "https://registry.npmjs.org/case-anything/-/case-anything-2.1.13.tgz", + "integrity": "sha512-zlOQ80VrQ2Ue+ymH5OuM/DlDq64mEm+B9UTdHULv5osUMD6HalNTblf2b1u/m6QecjsnOkBpqVZ+XPwIVsy7Ng==", + "engines": { + "node": ">=12.13" + }, + "funding": { + "url": "https://github.com/sponsors/mesqueeb" + } + }, "node_modules/caseless": { "version": "0.12.0", "dev": true, @@ -5191,6 +5203,25 @@ "node": ">=12" } }, + "node_modules/dprint-node": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/dprint-node/-/dprint-node-1.0.7.tgz", + "integrity": "sha512-NTZOW9A7ipb0n7z7nC3wftvsbceircwVHSgzobJsEQa+7RnOMbhrfX5IflA6CtC4GA63DSAiHYXa4JKEy9F7cA==", + "dependencies": { + "detect-libc": "^1.0.3" + } + }, + "node_modules/dprint-node/node_modules/detect-libc": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-1.0.3.tgz", + "integrity": "sha512-pGjwhsmsp4kL2RTz08wcOlGN83otlqHeD/Z5T8GXZB+/YcpQ/dgo+lbU8ZsGxV0HIvqqxo9l7mqYwyYMD9bKDg==", + "bin": { + "detect-libc": "bin/detect-libc.js" + }, + "engines": { + "node": ">=0.10" + } + }, "node_modules/ecc-jsbn": { "version": "0.1.2", "dev": true, @@ -7279,10 +7310,11 @@ } }, "node_modules/object-hash": { - "version": "1.3.1", - "license": "MIT", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-3.0.0.tgz", + "integrity": "sha512-RSn9F68PjH9HqtltsSnqYC1XXoWe9Bju5+213R98cNGttag9q9yAOTzdbsqvIa7aNm5WffBZFpWYr2aWrklWAw==", "engines": { - "node": ">= 0.10.0" + "node": ">= 6" } }, "node_modules/object-inspect": { @@ -7696,6 +7728,7 @@ }, "node_modules/prettier": { "version": "2.7.1", + "dev": true, "license": "MIT", "bin": { "prettier": "bin-prettier.js" @@ -8609,34 +8642,92 @@ "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" }, "node_modules/ts-poet": { - "version": "4.15.0", - "license": "Apache-2.0", + "version": "6.4.1", + "resolved": "https://registry.npmjs.org/ts-poet/-/ts-poet-6.4.1.tgz", + "integrity": "sha512-AjZEs4h2w4sDfwpHMxQKHrTlNh2wRbM5NRXmLz0RiH+yPGtSQFbe9hBpNocU8vqVNgfh0BIOiXR80xDz3kKxUQ==", "dependencies": { - "lodash": "^4.17.15", - "prettier": "^2.5.1" + "dprint-node": "^1.0.7" } }, "node_modules/ts-proto": { - "version": "1.118.0", - "license": "ISC", + "version": "1.153.1", + "resolved": "https://registry.npmjs.org/ts-proto/-/ts-proto-1.153.1.tgz", + "integrity": "sha512-mGkFXyeVdXadlYND+a666hdbxY6kdNQiboCV9MTvlQsBfE0bkCiM/+QbVFohjhraJ6ctaYjptXiU65AQsWOwtA==", "dependencies": { - "@types/object-hash": "^1.3.0", + "@types/object-hash": "^3.0.2", + "case-anything": "^2.1.10", "dataloader": "^1.4.0", - "object-hash": "^1.3.1", - "protobufjs": "^6.11.3", - "ts-poet": "^4.15.0", - "ts-proto-descriptors": "1.7.1" + "object-hash": "^3.0.0", + "protobufjs": "^7.2.4", + "ts-poet": "^6.4.1", + "ts-proto-descriptors": "1.11.0" }, "bin": { "protoc-gen-ts_proto": "protoc-gen-ts_proto" } }, "node_modules/ts-proto-descriptors": { - "version": "1.7.1", - "license": "ISC", + "version": "1.11.0", + "resolved": "https://registry.npmjs.org/ts-proto-descriptors/-/ts-proto-descriptors-1.11.0.tgz", + "integrity": "sha512-mOBVD9CW77x35eftRFVFQ5bhRl+UpzItDITxQQtJq3vJ/0rjHJOiI/BekkJIwUyWtJjlmO8f9LnN02MDpuZ/hQ==", "dependencies": { - "long": "^4.0.0", - "protobufjs": "^6.8.8" + "protobufjs": "^7.2.4" + } + }, + "node_modules/ts-proto-descriptors/node_modules/long": { + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/long/-/long-5.2.3.tgz", + "integrity": "sha512-lcHwpNoggQTObv5apGNCTdJrO69eHOZMi4BNC+rTLER8iHAqGrUVeLh/irVIM7zTw2bOXA8T6uNPeujwOLg/2Q==" + }, + "node_modules/ts-proto-descriptors/node_modules/protobufjs": { + "version": "7.2.4", + "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-7.2.4.tgz", + "integrity": "sha512-AT+RJgD2sH8phPmCf7OUZR8xGdcJRga4+1cOaXJ64hvcSkVhNcRHOwIxUatPH15+nj59WAGTDv3LSGZPEQbJaQ==", + "hasInstallScript": true, + "dependencies": { + "@protobufjs/aspromise": "^1.1.2", + "@protobufjs/base64": "^1.1.2", + "@protobufjs/codegen": "^2.0.4", + "@protobufjs/eventemitter": "^1.1.0", + "@protobufjs/fetch": "^1.1.0", + "@protobufjs/float": "^1.0.2", + "@protobufjs/inquire": "^1.1.0", + "@protobufjs/path": "^1.1.2", + "@protobufjs/pool": "^1.1.0", + "@protobufjs/utf8": "^1.1.0", + "@types/node": ">=13.7.0", + "long": "^5.0.0" + }, + "engines": { + "node": ">=12.0.0" + } + }, + "node_modules/ts-proto/node_modules/long": { + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/long/-/long-5.2.3.tgz", + "integrity": "sha512-lcHwpNoggQTObv5apGNCTdJrO69eHOZMi4BNC+rTLER8iHAqGrUVeLh/irVIM7zTw2bOXA8T6uNPeujwOLg/2Q==" + }, + "node_modules/ts-proto/node_modules/protobufjs": { + "version": "7.2.4", + "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-7.2.4.tgz", + "integrity": "sha512-AT+RJgD2sH8phPmCf7OUZR8xGdcJRga4+1cOaXJ64hvcSkVhNcRHOwIxUatPH15+nj59WAGTDv3LSGZPEQbJaQ==", + "hasInstallScript": true, + "dependencies": { + "@protobufjs/aspromise": "^1.1.2", + "@protobufjs/base64": "^1.1.2", + "@protobufjs/codegen": "^2.0.4", + "@protobufjs/eventemitter": "^1.1.0", + "@protobufjs/fetch": "^1.1.0", + "@protobufjs/float": "^1.0.2", + "@protobufjs/inquire": "^1.1.0", + "@protobufjs/path": "^1.1.2", + "@protobufjs/pool": "^1.1.0", + "@protobufjs/utf8": "^1.1.0", + "@types/node": ">=13.7.0", + "long": "^5.0.0" + }, + "engines": { + "node": ">=12.0.0" } }, "node_modules/tsconfig-paths": { @@ -11692,7 +11783,9 @@ "version": "18.0.6" }, "@types/object-hash": { - "version": "1.3.4" + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/@types/object-hash/-/object-hash-3.0.2.tgz", + "integrity": "sha512-tfyXl1JPCf2hzIDK29gO7qGqJjThKBzg/Cn3bA68R9NmWdOx+f7k5mm4to/n43BHspCwcoUC6FU4NpUoK/h9bQ==" }, "@types/pg": { "version": "8.6.1", @@ -12191,6 +12284,11 @@ "caniuse-lite": { "version": "1.0.30001367" }, + "case-anything": { + "version": "2.1.13", + "resolved": "https://registry.npmjs.org/case-anything/-/case-anything-2.1.13.tgz", + "integrity": "sha512-zlOQ80VrQ2Ue+ymH5OuM/DlDq64mEm+B9UTdHULv5osUMD6HalNTblf2b1u/m6QecjsnOkBpqVZ+XPwIVsy7Ng==" + }, "caseless": { "version": "0.12.0", "dev": true @@ -12498,6 +12596,21 @@ "dotenv-expand": { "version": "8.0.3" }, + "dprint-node": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/dprint-node/-/dprint-node-1.0.7.tgz", + "integrity": "sha512-NTZOW9A7ipb0n7z7nC3wftvsbceircwVHSgzobJsEQa+7RnOMbhrfX5IflA6CtC4GA63DSAiHYXa4JKEy9F7cA==", + "requires": { + "detect-libc": "^1.0.3" + }, + "dependencies": { + "detect-libc": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-1.0.3.tgz", + "integrity": "sha512-pGjwhsmsp4kL2RTz08wcOlGN83otlqHeD/Z5T8GXZB+/YcpQ/dgo+lbU8ZsGxV0HIvqqxo9l7mqYwyYMD9bKDg==" + } + } + }, "ecc-jsbn": { "version": "0.1.2", "dev": true, @@ -13858,7 +13971,9 @@ "dev": true }, "object-hash": { - "version": "1.3.1" + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-3.0.0.tgz", + "integrity": "sha512-RSn9F68PjH9HqtltsSnqYC1XXoWe9Bju5+213R98cNGttag9q9yAOTzdbsqvIa7aNm5WffBZFpWYr2aWrklWAw==" }, "object-inspect": { "version": "1.12.2", @@ -14116,7 +14231,8 @@ "dev": true }, "prettier": { - "version": "2.7.1" + "version": "2.7.1", + "dev": true }, "pretty-bytes": { "version": "5.6.0", @@ -14668,28 +14784,85 @@ "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" }, "ts-poet": { - "version": "4.15.0", + "version": "6.4.1", + "resolved": "https://registry.npmjs.org/ts-poet/-/ts-poet-6.4.1.tgz", + "integrity": "sha512-AjZEs4h2w4sDfwpHMxQKHrTlNh2wRbM5NRXmLz0RiH+yPGtSQFbe9hBpNocU8vqVNgfh0BIOiXR80xDz3kKxUQ==", "requires": { - "lodash": "^4.17.15", - "prettier": "^2.5.1" + "dprint-node": "^1.0.7" } }, "ts-proto": { - "version": "1.118.0", + "version": "1.153.1", + "resolved": "https://registry.npmjs.org/ts-proto/-/ts-proto-1.153.1.tgz", + "integrity": "sha512-mGkFXyeVdXadlYND+a666hdbxY6kdNQiboCV9MTvlQsBfE0bkCiM/+QbVFohjhraJ6ctaYjptXiU65AQsWOwtA==", "requires": { - "@types/object-hash": "^1.3.0", + "@types/object-hash": "^3.0.2", + "case-anything": "^2.1.10", "dataloader": "^1.4.0", - "object-hash": "^1.3.1", - "protobufjs": "^6.11.3", - "ts-poet": "^4.15.0", - "ts-proto-descriptors": "1.7.1" + "object-hash": "^3.0.0", + "protobufjs": "^7.2.4", + "ts-poet": "^6.4.1", + "ts-proto-descriptors": "1.11.0" + }, + "dependencies": { + "long": { + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/long/-/long-5.2.3.tgz", + "integrity": "sha512-lcHwpNoggQTObv5apGNCTdJrO69eHOZMi4BNC+rTLER8iHAqGrUVeLh/irVIM7zTw2bOXA8T6uNPeujwOLg/2Q==" + }, + "protobufjs": { + "version": "7.2.4", + "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-7.2.4.tgz", + "integrity": "sha512-AT+RJgD2sH8phPmCf7OUZR8xGdcJRga4+1cOaXJ64hvcSkVhNcRHOwIxUatPH15+nj59WAGTDv3LSGZPEQbJaQ==", + "requires": { + "@protobufjs/aspromise": "^1.1.2", + "@protobufjs/base64": "^1.1.2", + "@protobufjs/codegen": "^2.0.4", + "@protobufjs/eventemitter": "^1.1.0", + "@protobufjs/fetch": "^1.1.0", + "@protobufjs/float": "^1.0.2", + "@protobufjs/inquire": "^1.1.0", + "@protobufjs/path": "^1.1.2", + "@protobufjs/pool": "^1.1.0", + "@protobufjs/utf8": "^1.1.0", + "@types/node": ">=13.7.0", + "long": "^5.0.0" + } + } } }, "ts-proto-descriptors": { - "version": "1.7.1", + "version": "1.11.0", + "resolved": "https://registry.npmjs.org/ts-proto-descriptors/-/ts-proto-descriptors-1.11.0.tgz", + "integrity": "sha512-mOBVD9CW77x35eftRFVFQ5bhRl+UpzItDITxQQtJq3vJ/0rjHJOiI/BekkJIwUyWtJjlmO8f9LnN02MDpuZ/hQ==", "requires": { - "long": "^4.0.0", - "protobufjs": "^6.8.8" + "protobufjs": "^7.2.4" + }, + "dependencies": { + "long": { + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/long/-/long-5.2.3.tgz", + "integrity": "sha512-lcHwpNoggQTObv5apGNCTdJrO69eHOZMi4BNC+rTLER8iHAqGrUVeLh/irVIM7zTw2bOXA8T6uNPeujwOLg/2Q==" + }, + "protobufjs": { + "version": "7.2.4", + "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-7.2.4.tgz", + "integrity": "sha512-AT+RJgD2sH8phPmCf7OUZR8xGdcJRga4+1cOaXJ64hvcSkVhNcRHOwIxUatPH15+nj59WAGTDv3LSGZPEQbJaQ==", + "requires": { + "@protobufjs/aspromise": "^1.1.2", + "@protobufjs/base64": "^1.1.2", + "@protobufjs/codegen": "^2.0.4", + "@protobufjs/eventemitter": "^1.1.0", + "@protobufjs/fetch": "^1.1.0", + "@protobufjs/float": "^1.0.2", + "@protobufjs/inquire": "^1.1.0", + "@protobufjs/path": "^1.1.2", + "@protobufjs/pool": "^1.1.0", + "@protobufjs/utf8": "^1.1.0", + "@types/node": ">=13.7.0", + "long": "^5.0.0" + } + } } }, "tsconfig-paths": { diff --git a/src/frontend/package.json b/src/frontend/package.json index 4a5cf8f5f5..2235c212bd 100644 --- a/src/frontend/package.json +++ b/src/frontend/package.json @@ -41,7 +41,7 @@ "react-query": "3.39.1", "sharp": "0.30.7", "styled-components": "5.3.5", - "ts-proto": "1.118.0", + "ts-proto": "1.153.1", "uuid": "8.3.2" }, "devDependencies": {