From 6b1c0844da086242d17c2721ee9e3de6b76aa564 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 30 Nov 2024 04:52:33 +0000 Subject: [PATCH] fix: vuejs/package.json & vuejs/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6671926 --- vuejs/package.json | 2 +- vuejs/yarn.lock | 92 ++++++++++++++++++++++++++-------------------- 2 files changed, 54 insertions(+), 40 deletions(-) diff --git a/vuejs/package.json b/vuejs/package.json index b284fbc3..059861ce 100644 --- a/vuejs/package.json +++ b/vuejs/package.json @@ -15,7 +15,7 @@ }, "dependencies": { "aplayer": "^1.10.1", - "axios": "^0.19.2", + "axios": "^1.7.8", "bulma": "^0.9.0", "bulma-divider": "^0.2.0", "bulma-extensions": "^6.2.7", diff --git a/vuejs/yarn.lock b/vuejs/yarn.lock index d373a1eb..afb2ea43 100644 --- a/vuejs/yarn.lock +++ b/vuejs/yarn.lock @@ -2,7 +2,7 @@ # Manual changes might be lost - proceed with caution! __metadata: - version: 4 + version: 5 cacheKey: 7 "@ant-design-vue/babel-helper-vue-transform-on@npm:^1.0.0": @@ -53,7 +53,7 @@ __metadata: languageName: node linkType: hard -"@babel/core@npm:7.14.6, @babel/core@npm:^7.11.0, @babel/core@npm:^7.14.6, @babel/core@npm:^7.9.6": +"@babel/core@npm:^7.11.0, @babel/core@npm:^7.14.6, @babel/core@npm:^7.9.6": version: 7.14.6 resolution: "@babel/core@npm:7.14.6" dependencies: @@ -2710,12 +2710,14 @@ __metadata: languageName: node linkType: hard -"axios@npm:^0.19.2": - version: 0.19.2 - resolution: "axios@npm:0.19.2" +"axios@npm:^1.7.8": + version: 1.7.8 + resolution: "axios@npm:1.7.8" dependencies: - follow-redirects: 1.5.10 - checksum: bad346deea24050f9953ce09bb8015f85a99a7b8f016806adccfab0b8981827d1fbee9c77c0ef7c70cc48392c1af6bbc65e07c3e88221d17282d2d5fd0a191f6 + follow-redirects: ^1.15.6 + form-data: ^4.0.0 + proxy-from-env: ^1.1.0 + checksum: 8/3d21652faf8e29fb36c47517d2872bb5e2285127a24f5c53ce23082c4eac7f5a88de84dd49d4a1a83068e5301dcfd9067b41e5fbd00b0d20ab7b0a843559273d languageName: node linkType: hard @@ -3998,7 +4000,7 @@ __metadata: languageName: node linkType: hard -"combined-stream@npm:^1.0.6, combined-stream@npm:~1.0.6": +"combined-stream@npm:^1.0.6, combined-stream@npm:^1.0.8, combined-stream@npm:~1.0.6": version: 1.0.8 resolution: "combined-stream@npm:1.0.8" dependencies: @@ -4699,15 +4701,6 @@ __metadata: languageName: node linkType: hard -"debug@npm:=3.1.0": - version: 3.1.0 - resolution: "debug@npm:3.1.0" - dependencies: - ms: 2.0.0 - checksum: 1295acd5e0531761255661d325cd0a80ac8c5f6de8942a53bb23c2197ccb97526972de662ed0e5d9393be83f3428a298a6e7185ecb02f0da6282019cd2ffb4a8 - languageName: node - linkType: hard - "debug@npm:^3.1.1, debug@npm:^3.2.5, debug@npm:^3.2.7": version: 3.2.7 resolution: "debug@npm:3.2.7" @@ -6231,15 +6224,6 @@ __metadata: languageName: node linkType: hard -"follow-redirects@npm:1.5.10": - version: 1.5.10 - resolution: "follow-redirects@npm:1.5.10" - dependencies: - debug: =3.1.0 - checksum: 6e58e02c31337b6b41ffc3d5f3d49920b7db428eddcf374537da00ef121fe473983e12d8557f4304287604168d3efcc288d1f009abaf4c9d61e5db0c0cee3c4a - languageName: node - linkType: hard - "follow-redirects@npm:^1.0.0": version: 1.13.0 resolution: "follow-redirects@npm:1.13.0" @@ -6247,6 +6231,16 @@ __metadata: languageName: node linkType: hard +"follow-redirects@npm:^1.15.6": + version: 1.15.9 + resolution: "follow-redirects@npm:1.15.9" + peerDependenciesMeta: + debug: + optional: true + checksum: 8/859e2bacc7a54506f2bf9aacb10d165df78c8c1b0ceb8023f966621b233717dab56e8d08baadc3ad3b9db58af290413d585c999694b7c146aaf2616340c3d2a6 + languageName: node + linkType: hard + "for-in@npm:^1.0.2": version: 1.0.2 resolution: "for-in@npm:1.0.2" @@ -6268,6 +6262,17 @@ __metadata: languageName: node linkType: hard +"form-data@npm:^4.0.0": + version: 4.0.1 + resolution: "form-data@npm:4.0.1" + dependencies: + asynckit: ^0.4.0 + combined-stream: ^1.0.8 + mime-types: ^2.1.12 + checksum: 8/ccee458cd5baf234d6b57f349fe9cc5f9a2ea8fd1af5ecda501a18fd1572a6dd3bf08a49f00568afd995b6a65af34cb8dec083cf9d582c4e621836499498dd84 + languageName: node + linkType: hard + "form-data@npm:~2.3.2": version: 2.3.3 resolution: "form-data@npm:2.3.3" @@ -6365,25 +6370,26 @@ fsevents@^1.2.7: bindings: ^1.5.0 nan: ^2.12.1 checksum: e70509558b5f49ce9dfacb8f9e2848c6e6751a61966027789561145a9c4ae9ba4c6b28b531bc8b4ae52fdd2d4c90a3bf314e6794717e51838b27910bb41ce588 + conditions: os=darwin languageName: node linkType: hard -"fsevents@patch:fsevents@^1.2.7#builtin": +"fsevents@patch:fsevents@^1.2.7#~builtin": version: 1.2.13 - resolution: "fsevents@patch:fsevents@npm%3A1.2.13#builtin::version=1.2.13&hash=11e9ea" + resolution: "fsevents@patch:fsevents@npm%3A1.2.13#~builtin::version=1.2.13&hash=18f3a7" dependencies: bindings: ^1.5.0 nan: ^2.12.1 - checksum: 7bc048c164eb72f91b18ba7cd2ba30679a0afe57e9cd6352eac4bdbc4ddd4ca2ea98674d0bd3a80e96427469adc433c13532494b36aea40fceab36e198982182 + conditions: os=darwin languageName: node linkType: hard -"fsevents@patch:fsevents@~2.3.2#builtin": +"fsevents@patch:fsevents@~2.3.2#~builtin": version: 2.3.2 - resolution: "fsevents@patch:fsevents@npm%3A2.3.2#builtin::version=2.3.2&hash=11e9ea" + resolution: "fsevents@patch:fsevents@npm%3A2.3.2#~builtin::version=2.3.2&hash=18f3a7" dependencies: node-gyp: latest - checksum: 7b25d9251aefe433d508a0eb614217f0495ae05a9e8af15f7dbf9998e08c4e675acd1cf32361e0fcf71d917d9e8c4b76301fdc72a1ec1105a3ea0994f5e15a8d + conditions: os=darwin languageName: node linkType: hard @@ -6393,6 +6399,7 @@ fsevents@~2.3.2: dependencies: node-gyp: latest checksum: a1883f4ca12b8b403ec528f1a4cb312b0877eacd24719da535cabea78d6fdd78530e3538bdba590a1c0f6c295128f964a89182621885296353a44dcfa4f9db53 + conditions: os=darwin languageName: node linkType: hard @@ -6520,7 +6527,7 @@ fsevents@~2.3.2: "@vue/cli-plugin-eslint": ~4.4.5 "@vue/cli-service": ~4.4.5 aplayer: ^1.10.1 - axios: ^0.19.2 + axios: ^1.7.8 babel-core: ^6.26.3 babel-eslint: ^10.1.0 babel-loader: ^8.2.2 @@ -10903,6 +10910,13 @@ fsevents@~2.3.2: languageName: node linkType: hard +"proxy-from-env@npm:^1.1.0": + version: 1.1.0 + resolution: "proxy-from-env@npm:1.1.0" + checksum: 8/ed7fcc2ba0a33404958e34d95d18638249a68c430e30fcb6c478497d72739ba64ce9810a24f53a7d921d0c065e5b78e3822759800698167256b04659366ca4d4 + languageName: node + linkType: hard + "prr@npm:~1.0.1": version: 1.0.1 resolution: "prr@npm:1.0.1" @@ -11479,23 +11493,23 @@ resolve@^2.0.0-next.3: languageName: node linkType: hard -"resolve@patch:resolve@^1.10.0#builtin, resolve@patch:resolve@^1.10.1#builtin, resolve@patch:resolve@^1.12.0#builtin, resolve@patch:resolve@^1.13.1#builtin, resolve@patch:resolve@^1.14.2#builtin, resolve@patch:resolve@^1.20.0#builtin, resolve@patch:resolve@^1.8.1#builtin": +"resolve@patch:resolve@^1.10.0#~builtin, resolve@patch:resolve@^1.10.1#~builtin, resolve@patch:resolve@^1.12.0#~builtin, resolve@patch:resolve@^1.13.1#~builtin, resolve@patch:resolve@^1.14.2#~builtin, resolve@patch:resolve@^1.20.0#~builtin, resolve@patch:resolve@^1.8.1#~builtin": version: 1.20.0 - resolution: "resolve@patch:resolve@npm%3A1.20.0#builtin::version=1.20.0&hash=3388aa" + resolution: "resolve@patch:resolve@npm%3A1.20.0#~builtin::version=1.20.0&hash=07638b" dependencies: is-core-module: ^2.2.0 path-parse: ^1.0.6 - checksum: c4a515b76026806b5b26513fc7bdb80458c532bc91c02ef45ac928d1025585f93bec0b904be39c02131118a37ff7e3f9258f1526850b025d2ec0948bb5fd03d0 + checksum: 8/a0dd7d16a8e47af23afa9386df2dff10e3e0debb2c7299a42e581d9d9b04d7ad5d2c53f24f1e043f7b3c250cbdc71150063e53d0b6559683d37f790b7c8c3cd5 languageName: node linkType: hard -"resolve@patch:resolve@^2.0.0-next.3#builtin": +"resolve@patch:resolve@^2.0.0-next.3#~builtin": version: 2.0.0-next.3 - resolution: "resolve@patch:resolve@npm%3A2.0.0-next.3#builtin::version=2.0.0-next.3&hash=3388aa" + resolution: "resolve@patch:resolve@npm%3A2.0.0-next.3#~builtin::version=2.0.0-next.3&hash=07638b" dependencies: is-core-module: ^2.2.0 path-parse: ^1.0.6 - checksum: a36d174b5e1b72eb9d05f2457fde2e91a4954f4480ee693681eca3a423978304d6232443726384ebf54fc4039f1ec8da7e8731383aab4c11704d157d5bcf5031 + checksum: 8/21684b4d99a4877337cdbd5484311c811b3e8910edb5d868eec85c6e6550b0f570d911f9a384f9e176172d6713f2715bd0b0887fa512cb8c6aeece018de6a9f8 languageName: node linkType: hard