From e3f6e8f564f8bb31b53254c25087dc09d74f79aa Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 30 Nov 2023 15:13:52 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 --- package-lock.json | 54 ++++++++++++++++++++--------------------------- package.json | 2 +- 2 files changed, 24 insertions(+), 32 deletions(-) diff --git a/package-lock.json b/package-lock.json index 7de7e5b90..99b7983a5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -74,7 +74,7 @@ "toml": "^3.0.0", "ts-node": "^10.7.0", "type-fest": "^2.12.0", - "umzug": "^3.0.0", + "umzug": "^3.3.0", "uuid": "^3.3.3", "validator": "^13.6.0", "winston": "^3.3.3", @@ -8467,26 +8467,6 @@ "node": ">=10" } }, - "node_modules/fs-jetpack": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/fs-jetpack/-/fs-jetpack-4.3.1.tgz", - "integrity": "sha512-dbeOK84F6BiQzk2yqqCVwCPWTxAvVGJ3fMQc6E2wuEohS28mR6yHngbrKuVCK1KHRx/ccByDylqu4H5PCP2urQ==", - "dependencies": { - "minimatch": "^3.0.2", - "rimraf": "^2.6.3" - } - }, - "node_modules/fs-jetpack/node_modules/rimraf": { - "version": "2.7.1", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.7.1.tgz", - "integrity": "sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w==", - "dependencies": { - "glob": "^7.1.3" - }, - "bin": { - "rimraf": "bin.js" - } - }, "node_modules/fs-minipass": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", @@ -8643,6 +8623,7 @@ "version": "7.2.3", "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", + "dev": true, "dependencies": { "fs.realpath": "^1.0.0", "inflight": "^1.0.4", @@ -16231,16 +16212,16 @@ } }, "node_modules/umzug": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/umzug/-/umzug-3.2.1.tgz", - "integrity": "sha512-XyWQowvP9CKZycKc/Zg9SYWrAWX/gJCE799AUTFqk8yC3tp44K1xWr3LoFF0MNEjClKOo1suCr5ASnoy+KltdA==", + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/umzug/-/umzug-3.3.0.tgz", + "integrity": "sha512-842Uv/TmPZxClEm5fuRxItQ38TsYQkqODlOjnnyOAHz7+8WmYXUS2Be8iYsMaaRROE0MeuUNzkevM5UwoSBn6g==", + "deprecated": "Accidental breaking change, use 3.3.1 or higher instead. See https://github.com/sequelize/umzug/issues/614", "dependencies": { "@rushstack/ts-command-line": "^4.12.2", - "emittery": "^0.12.1", - "fs-jetpack": "^4.3.1", + "emittery": "^0.13.0", "glob": "^8.0.3", - "pony-cause": "^2.1.2", - "type-fest": "^2.18.0" + "pony-cause": "^2.1.4", + "type-fest": "^3.0.0" }, "engines": { "node": ">=12" @@ -16255,9 +16236,9 @@ } }, "node_modules/umzug/node_modules/emittery": { - "version": "0.12.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.12.1.tgz", - "integrity": "sha512-pYyW59MIZo0HxPFf+Vb3+gacUu0gxVS3TZwB2ClwkEZywgF9f9OJDoVmNLojTn0vKX3tO9LC+pdQEcLP4Oz/bQ==", + "version": "0.13.1", + "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", + "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", "engines": { "node": ">=12" }, @@ -16294,6 +16275,17 @@ "node": ">=10" } }, + "node_modules/umzug/node_modules/type-fest": { + "version": "3.13.1", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-3.13.1.tgz", + "integrity": "sha512-tLq3bSNx+xSpwvAJnzrK0Ep5CLNWjvFTOp71URMaAEWBfRb9nnJiBoUe0tF8bI4ZFO3omgBR6NvnbzVUT3Ly4g==", + "engines": { + "node": ">=14.16" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/unbox-primitive": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/unbox-primitive/-/unbox-primitive-1.0.2.tgz", diff --git a/package.json b/package.json index e65f2e46e..d7d3a0f69 100644 --- a/package.json +++ b/package.json @@ -90,7 +90,7 @@ "toml": "^3.0.0", "ts-node": "^10.7.0", "type-fest": "^2.12.0", - "umzug": "^3.0.0", + "umzug": "^3.3.0", "uuid": "^3.3.3", "validator": "^13.6.0", "winston": "^3.3.3",