Skip to content

Commit

Permalink
[1.x backport] Bump joi to v14 to avoid the possibility of prototyp…
Browse files Browse the repository at this point in the history
…e poisoning in a nested dependency (#4211)

Backport PR
#3952

Signed-off-by: Miki <miki@amazon.com>
Co-authored-by: Miki <miki@amazon.com>
(cherry picked from commit 4626066)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

# Conflicts:
#	CHANGELOG.md
  • Loading branch information
github-actions[bot] committed Jun 21, 2023
1 parent 82594e6 commit 0d0d05d
Show file tree
Hide file tree
Showing 4 changed files with 16 additions and 7 deletions.
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -206,7 +206,7 @@
"inert": "^5.1.0",
"inline-style": "^2.0.0",
"ip-cidr": "^2.1.0",
"joi": "^13.5.2",
"joi": "^14.3.1",
"js-yaml": "^3.14.0",
"json-stable-stringify": "^1.0.1",
"json-stringify-safe": "5.0.1",
Expand Down
2 changes: 1 addition & 1 deletion packages/osd-config-schema/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
},
"peerDependencies": {
"lodash": "^4.17.21",
"joi": "^13.5.2",
"joi": "^14.3.1",
"moment": "^2.24.0",
"type-detect": "^4.0.8"
}
Expand Down
2 changes: 1 addition & 1 deletion packages/osd-test/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
"exit-hook": "^2.2.0",
"getopts": "^2.2.5",
"glob": "^7.1.7",
"joi": "^13.5.2",
"joi": "^14.3.1",
"lodash": "^4.17.21",
"parse-link-header": "^2.0.0",
"rxjs": "^6.5.5",
Expand Down
17 changes: 13 additions & 4 deletions yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -11130,9 +11130,9 @@ hoek@5.x.x, hoek@^5.0.4:
integrity sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w==

hoek@6.x.x:
version "6.0.3"
resolved "https://registry.yarnpkg.com/hoek/-/hoek-6.0.3.tgz#7884360426d927865a0a1251fc9c59313af5b798"
integrity sha512-TU6RyZ/XaQCTWRLrdqZZtZqwxUVr6PDMfi6MlWNURZ7A6czanQqX4pFE1mdOUQR9FdPCsZ0UzL8jI/izZ+eBSQ==
version "6.1.3"
resolved "https://registry.yarnpkg.com/hoek/-/hoek-6.1.3.tgz#73b7d33952e01fe27a38b0457294b79dd8da242c"
integrity sha512-YXXAAhmF9zpQbC7LEcREFtXfGq5K1fmd+4PHkBq8NUqmzW3G+Dq10bI/i0KucLRwss3YYFQ0fSfoxBZYiGUqtQ==

hoist-non-react-statics@^2.5.5, hoist-non-react-statics@^3.0.0, hoist-non-react-statics@^3.1.0, hoist-non-react-statics@^3.3.0, hoist-non-react-statics@^3.3.2:
version "3.3.2"
Expand Down Expand Up @@ -13248,7 +13248,7 @@ jju@~1.4.0:
resolved "https://registry.yarnpkg.com/jju/-/jju-1.4.0.tgz#a3abe2718af241a2b2904f84a625970f389ae32a"
integrity sha1-o6vicYryQaKykE+EpiWXDzia4yo=

joi@13.x.x, joi@^13.5.2:
joi@13.x.x:
version "13.7.0"
resolved "https://registry.yarnpkg.com/joi/-/joi-13.7.0.tgz#cfd85ebfe67e8a1900432400b4d03bbd93fb879f"
integrity sha512-xuY5VkHfeOYK3Hdi91ulocfuFopwgbSORmIwzcwHKESQhC7w1kD5jaVSPnqDxS2I8t3RZ9omCKAxNwXN5zG1/Q==
Expand All @@ -13257,6 +13257,15 @@ joi@13.x.x, joi@^13.5.2:
isemail "3.x.x"
topo "3.x.x"

joi@^14.3.1:
version "14.3.1"
resolved "https://registry.yarnpkg.com/joi/-/joi-14.3.1.tgz#164a262ec0b855466e0c35eea2a885ae8b6c703c"
integrity sha512-LQDdM+pkOrpAn4Lp+neNIFV3axv1Vna3j38bisbQhETPMANYRbFJFUyOZcOClYvM/hppMhGWuKSFEK9vjrB+bQ==
dependencies:
hoek "6.x.x"
isemail "3.x.x"
topo "3.x.x"

jpeg-js@^0.4.0:
version "0.4.4"
resolved "https://registry.yarnpkg.com/jpeg-js/-/jpeg-js-0.4.4.tgz#a9f1c6f1f9f0fa80cdb3484ed9635054d28936aa"
Expand Down

0 comments on commit 0d0d05d

Please sign in to comment.