From cec7c92a41fe44de981886f65528685f14a24929 Mon Sep 17 00:00:00 2001 From: Owen Stowe Date: Thu, 4 Jan 2018 18:03:22 -0500 Subject: [PATCH 1/3] Update kss node to solve one of two security vulnerabilites in npm packages --- package-lock.json | 287 ++++++---------------------------------------- package.json | 2 +- 2 files changed, 37 insertions(+), 252 deletions(-) diff --git a/package-lock.json b/package-lock.json index 01bbcef..3d0f524 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "huron", - "version": "2.3.0-beta.6", + "version": "2.3.1", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -10,11 +10,6 @@ "integrity": "sha1-X6rZwsB/YN12dw9xzwJbYqY8/U4=", "dev": true }, - "abbrev": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz", - "integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==" - }, "accepts": { "version": "1.3.4", "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.4.tgz", @@ -1650,14 +1645,6 @@ } } }, - "cli": { - "version": "0.4.4-2", - "resolved": "https://registry.npmjs.org/cli/-/cli-0.4.4-2.tgz", - "integrity": "sha1-o4yPmR3yLuoBeewW3ZD6PzyF+ko=", - "requires": { - "glob": "7.1.2" - } - }, "cli-cursor": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-1.0.2.tgz", @@ -1926,15 +1913,6 @@ } } }, - "config-chain": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/config-chain/-/config-chain-1.1.11.tgz", - "integrity": "sha1-q6CXR9++TD5w52am5BWG4YWfxvI=", - "requires": { - "ini": "1.3.4", - "proto-list": "1.2.4" - } - }, "connect-history-api-fallback": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/connect-history-api-fallback/-/connect-history-api-fallback-1.4.0.tgz", @@ -2252,11 +2230,6 @@ "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz", "integrity": "sha1-9lNNFRSCabIDUue+4m9QH5oZEpA=" }, - "deep-equal": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/deep-equal/-/deep-equal-0.1.2.tgz", - "integrity": "sha1-skbCuApXCkfBG+HZvRBw7IeLh84=" - }, "deep-is": { "version": "0.1.3", "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz", @@ -3245,11 +3218,6 @@ "resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.1.2.tgz", "integrity": "sha1-mMI9qxF1ZXuMBXPozszZGw/xjIQ=" }, - "fresh": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/fresh/-/fresh-0.1.0.tgz", - "integrity": "sha1-A+SwF4Qk5MLV0ZpU2IFM3JeTSFA=" - }, "fs-extra": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-4.0.2.tgz", @@ -4208,11 +4176,6 @@ "resolved": "https://registry.npmjs.org/graceful-readlink/-/graceful-readlink-1.0.1.tgz", "integrity": "sha1-TK+tdrxi8C+gObL5Tpo906ORpyU=" }, - "growl": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/growl/-/growl-1.7.0.tgz", - "integrity": "sha1-3i1mE20ALhErpw8/EMMc98NQsto=" - }, "growly": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/growly/-/growly-1.3.0.tgz", @@ -4727,11 +4690,6 @@ "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz", "integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=" }, - "ini": { - "version": "1.3.4", - "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.4.tgz", - "integrity": "sha1-BTfLedr1m1mhpRff9wbIbsA5Fi4=" - }, "inquirer": { "version": "0.12.0", "resolved": "https://registry.npmjs.org/inquirer/-/inquirer-0.12.0.tgz", @@ -5161,27 +5119,6 @@ "handlebars": "4.0.6" } }, - "jade": { - "version": "0.26.3", - "resolved": "https://registry.npmjs.org/jade/-/jade-0.26.3.tgz", - "integrity": "sha1-jxDXl32NefL2/4YqgbBRPMslaGw=", - "requires": { - "commander": "0.6.1", - "mkdirp": "0.3.0" - }, - "dependencies": { - "commander": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/commander/-/commander-0.6.1.tgz", - "integrity": "sha1-+mihT2qUXVTbvlDYzbMyDp47GgY=" - }, - "mkdirp": { - "version": "0.3.0", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.3.0.tgz", - "integrity": "sha1-G79asbqCevI1dRQ0kEJkVfSB/h4=" - } - } - }, "jest": { "version": "20.0.4", "resolved": "https://registry.npmjs.org/jest/-/jest-20.0.4.tgz", @@ -5567,23 +5504,6 @@ "resolved": "https://registry.npmjs.org/js-base64/-/js-base64-2.3.2.tgz", "integrity": "sha512-Y2/+DnfJJXT1/FCwUebUhLWb3QihxiSC42+ctHLGogmW2jPY6LCapMdFZXRvVP2z6qyKW7s6qncE/9gSqZiArw==" }, - "js-beautify": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/js-beautify/-/js-beautify-1.4.2.tgz", - "integrity": "sha1-iILfRQqejs910ifxzOtajslolrc=", - "requires": { - "config-chain": "1.1.11", - "mkdirp": "0.3.5", - "nopt": "2.1.2" - }, - "dependencies": { - "mkdirp": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.3.5.tgz", - "integrity": "sha1-3j5fiWHIjHh+4TaN+EmsRBPsqNc=" - } - } - }, "js-tokens": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-3.0.2.tgz", @@ -5791,28 +5711,29 @@ "version": "1.3.1", "resolved": "https://registry.npmjs.org/klaw/-/klaw-1.3.1.tgz", "integrity": "sha1-QIhDO0azsbolnXh4XY6W9zugJDk=", + "dev": true, "requires": { "graceful-fs": "4.1.11" } }, "kss": { - "version": "3.0.0-beta.14", - "resolved": "https://registry.npmjs.org/kss/-/kss-3.0.0-beta.14.tgz", - "integrity": "sha1-YGddgpsWkdpdBctTgl8P+cicaGo=", + "version": "3.0.0-beta.18", + "resolved": "https://registry.npmjs.org/kss/-/kss-3.0.0-beta.18.tgz", + "integrity": "sha1-gyojvaTKvs9UJrk4ksG2GNt+ok4=", "requires": { "bluebird": "3.5.1", - "fs-extra": "0.30.0", + "fs-extra": "2.1.2", "glob": "7.1.2", "handlebars": "4.0.6", "marked": "0.3.6", - "twig": "0.9.5", - "yargs": "3.32.0" + "twig": "0.10.3", + "yargs": "6.6.0" }, "dependencies": { "camelcase": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.1.tgz", - "integrity": "sha1-fB0W1nmhu+WcoCys7PsBHiAfWh8=" + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-3.0.0.tgz", + "integrity": "sha1-MvxLn82vhF/N9+c7uXysImHwqwo=" }, "cliui": { "version": "3.2.0", @@ -5825,15 +5746,12 @@ } }, "fs-extra": { - "version": "0.30.0", - "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-0.30.0.tgz", - "integrity": "sha1-8jP/zAjU2n1DLapEl3aYnbHfk/A=", + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-2.1.2.tgz", + "integrity": "sha1-BGxwFjzvmq1GsOSn+kZ/si1x3jU=", "requires": { "graceful-fs": "4.1.11", - "jsonfile": "2.4.0", - "klaw": "1.3.1", - "path-is-absolute": "1.0.1", - "rimraf": "2.6.2" + "jsonfile": "2.4.0" } }, "jsonfile": { @@ -5844,23 +5762,24 @@ "graceful-fs": "4.1.11" } }, - "window-size": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/window-size/-/window-size-0.1.4.tgz", - "integrity": "sha1-+OGqHuWlPsW/FR/6CXQqatdpeHY=" - }, "yargs": { - "version": "3.32.0", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-3.32.0.tgz", - "integrity": "sha1-AwiOnr+edWtpdRYR0qXvWRSCyZU=", + "version": "6.6.0", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-6.6.0.tgz", + "integrity": "sha1-eC7CHvQDNF+DCoCMo9UTr1YGUgg=", "requires": { - "camelcase": "2.1.1", + "camelcase": "3.0.0", "cliui": "3.2.0", "decamelize": "1.2.0", + "get-caller-file": "1.0.2", "os-locale": "1.4.0", + "read-pkg-up": "1.0.1", + "require-directory": "2.1.1", + "require-main-filename": "1.0.1", + "set-blocking": "2.0.0", "string-width": "1.0.2", - "window-size": "0.1.4", - "y18n": "3.2.1" + "which-module": "1.0.0", + "y18n": "3.2.1", + "yargs-parser": "4.2.1" } } } @@ -5940,6 +5859,11 @@ } } }, + "locutus": { + "version": "2.0.9", + "resolved": "https://registry.npmjs.org/locutus/-/locutus-2.0.9.tgz", + "integrity": "sha1-4mWvHoX9GRc+dDhjc4iFYHg6Avw=" + }, "lodash": { "version": "4.17.4", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.4.tgz", @@ -6152,11 +6076,6 @@ "brorand": "1.1.0" } }, - "mime": { - "version": "1.2.6", - "resolved": "https://registry.npmjs.org/mime/-/mime-1.2.6.tgz", - "integrity": "sha1-sfhsdowCX6h7SAdfFwnyiuryA2U=" - }, "mime-db": { "version": "1.30.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.30.0.tgz", @@ -6201,61 +6120,6 @@ "minimist": "0.0.8" } }, - "mocha": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/mocha/-/mocha-1.17.0.tgz", - "integrity": "sha1-WD0SqfIXdbbTfRBKx9sF1Vf6XVA=", - "requires": { - "commander": "2.0.0", - "debug": "2.6.9", - "diff": "1.0.7", - "glob": "3.2.3", - "growl": "1.7.0", - "jade": "0.26.3", - "mkdirp": "0.3.5" - }, - "dependencies": { - "commander": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/commander/-/commander-2.0.0.tgz", - "integrity": "sha1-0bhvkB+LZL2UG96tr5JFMDk76Sg=" - }, - "diff": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/diff/-/diff-1.0.7.tgz", - "integrity": "sha1-JLuwAcSn1VIhaefKvbLCgU7ZHPQ=" - }, - "glob": { - "version": "3.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-3.2.3.tgz", - "integrity": "sha1-4xPusknHr/qlxHUoaw4RW1mDlGc=", - "requires": { - "graceful-fs": "2.0.3", - "inherits": "2.0.3", - "minimatch": "0.2.14" - } - }, - "graceful-fs": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-2.0.3.tgz", - "integrity": "sha1-fNLNsiiko/Nule+mzBQt59GhNtA=" - }, - "minimatch": { - "version": "0.2.14", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-0.2.14.tgz", - "integrity": "sha1-x054BXT2PG+aCQ6Q775u9TpqdWo=", - "requires": { - "lru-cache": "2.7.3", - "sigmund": "1.0.1" - } - }, - "mkdirp": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.3.5.tgz", - "integrity": "sha1-3j5fiWHIjHh+4TaN+EmsRBPsqNc=" - } - } - }, "mock-fs": { "version": "4.4.1", "resolved": "https://registry.npmjs.org/mock-fs/-/mock-fs-4.4.1.tgz", @@ -6373,14 +6237,6 @@ "which": "1.3.0" } }, - "nopt": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/nopt/-/nopt-2.1.2.tgz", - "integrity": "sha1-bMzZd7gBMqB3MdbozljCyDA8+a8=", - "requires": { - "abbrev": "1.1.1" - } - }, "normalize-package-data": { "version": "2.4.0", "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.4.0.tgz", @@ -6749,56 +6605,6 @@ "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=", "dev": true }, - "phpjs": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/phpjs/-/phpjs-1.3.2.tgz", - "integrity": "sha1-XHusVdHeCegFQgIlkxYb2YA0irs=", - "requires": { - "cli": "0.4.4-2", - "deep-equal": "0.1.2", - "glob": "3.2.1", - "js-beautify": "1.4.2", - "mocha": "1.17.0", - "send": "0.1.0", - "underscore": "1.5.2" - }, - "dependencies": { - "glob": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/glob/-/glob-3.2.1.tgz", - "integrity": "sha1-V69w7HO6IyO/4/KaBndl22TF11g=", - "requires": { - "graceful-fs": "1.2.3", - "inherits": "1.0.2", - "minimatch": "0.2.14" - } - }, - "graceful-fs": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-1.2.3.tgz", - "integrity": "sha1-FaSAaldUfLLS2/J/QuiajDRRs2Q=" - }, - "inherits": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-1.0.2.tgz", - "integrity": "sha1-ykMJ2t7mtUzAuNJH6NfHoJdb3Js=" - }, - "minimatch": { - "version": "0.2.14", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-0.2.14.tgz", - "integrity": "sha1-x054BXT2PG+aCQ6Q775u9TpqdWo=", - "requires": { - "lru-cache": "2.7.3", - "sigmund": "1.0.1" - } - }, - "underscore": { - "version": "1.5.2", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.5.2.tgz", - "integrity": "sha1-EzXF5PXm0zu7SwBrqMhqAPVW3gg=" - } - } - }, "pify": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", @@ -7422,11 +7228,6 @@ "integrity": "sha1-4mDHj2Fhzdmw5WzD4Khd4Xx6V74=", "dev": true }, - "proto-list": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/proto-list/-/proto-list-1.2.4.tgz", - "integrity": "sha1-IS1b/hMYMGpCD2QCuOJv85ZHqEk=" - }, "proxy-addr": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.2.tgz", @@ -7537,11 +7338,6 @@ "safe-buffer": "5.1.1" } }, - "range-parser": { - "version": "0.0.4", - "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-0.0.4.tgz", - "integrity": "sha1-wEJ//vUcEKy6B4KkbJYC50T/Ygs=" - }, "raw-body": { "version": "2.3.2", "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.3.2.tgz", @@ -7986,17 +7782,6 @@ "resolved": "https://registry.npmjs.org/semver/-/semver-5.4.1.tgz", "integrity": "sha512-WfG/X9+oATh81XtllIo/I8gOiY9EXRdv1cQdyykeXK17YcUW3EXUAi2To4pcH6nZtJPr7ZOpM5OMyWJZm+8Rsg==" }, - "send": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/send/-/send-0.1.0.tgz", - "integrity": "sha1-z7COvTzsm3/Bo32f+eh1qXHPRkA=", - "requires": { - "debug": "2.6.9", - "fresh": "0.1.0", - "mime": "1.2.6", - "range-parser": "0.0.4" - } - }, "sentence-case": { "version": "1.1.3", "resolved": "https://registry.npmjs.org/sentence-case/-/sentence-case-1.1.3.tgz", @@ -8661,12 +8446,12 @@ "optional": true }, "twig": { - "version": "0.9.5", - "resolved": "https://registry.npmjs.org/twig/-/twig-0.9.5.tgz", - "integrity": "sha1-VTidPgK46uOQ6yhvZLoTP9rYxbY=", + "version": "0.10.3", + "resolved": "https://registry.npmjs.org/twig/-/twig-0.10.3.tgz", + "integrity": "sha1-Z2BOCOGSDr8vr4CpAeJWGJyKPGc=", "requires": { + "locutus": "2.0.9", "minimatch": "3.0.4", - "phpjs": "1.3.2", "walk": "2.3.9" } }, diff --git a/package.json b/package.json index 6322eeb..518c080 100644 --- a/package.json +++ b/package.json @@ -47,7 +47,7 @@ "html-webpack-plugin": "^2.30.1", "immutable": "3.8.1", "json-loader": "0.5.4", - "kss": "3.0.0-beta.14", + "kss": "^3.0.0-beta.18", "lodash": "^4.17.4", "opn": "^5.1.0", "style-loader": "0.13.1", From 267a3dac75713dc811d3e9d6af626ac4aefe5f3e Mon Sep 17 00:00:00 2001 From: Owen Stowe Date: Thu, 4 Jan 2018 18:04:05 -0500 Subject: [PATCH 2/3] Add beta version --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 518c080..a85fc72 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "name": "huron", "description": "An in-browser prototyping tool built on top of webpack and kss-node", "author": "Alley Interactive", - "version": "2.3.1", + "version": "2.3.2-beta", "license": "GPL-2.0", "repository": { "type": "git", From fa121ed209cbddbf45fd9607b1782bce362eaaf7 Mon Sep 17 00:00:00 2001 From: Owen Stowe Date: Thu, 4 Jan 2018 18:06:39 -0500 Subject: [PATCH 3/3] Add master version --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index a85fc72..85a3732 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "name": "huron", "description": "An in-browser prototyping tool built on top of webpack and kss-node", "author": "Alley Interactive", - "version": "2.3.2-beta", + "version": "2.3.2", "license": "GPL-2.0", "repository": { "type": "git",