From 3262663fb0e377e331137dbe44437a6320cf7970 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 4 Nov 2020 08:40:31 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DOMPURIFY-1035544 --- package-lock.json | 102 ++-------------------------------------------- package.json | 2 +- 2 files changed, 4 insertions(+), 100 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1ba67dc59..59b403f47 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4340,79 +4340,6 @@ } } }, - "@vue/compiler-core": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@vue/compiler-core/-/compiler-core-3.0.0.tgz", - "integrity": "sha512-XqPC7vdv4rFE77S71oCHmT1K4Ks3WE2Gi6Lr4B5wn0Idmp+NyQQBUHsCNieMDRiEpgtJrw+yOHslrsV0AfAsfQ==", - "dev": true, - "requires": { - "@babel/parser": "^7.11.5", - "@babel/types": "^7.11.5", - "@vue/shared": "3.0.0", - "estree-walker": "^2.0.1", - "source-map": "^0.6.1" - }, - "dependencies": { - "estree-walker": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/estree-walker/-/estree-walker-2.0.1.tgz", - "integrity": "sha512-tF0hv+Yi2Ot1cwj9eYHtxC0jB9bmjacjQs6ZBTj82H8JwUywFuc+7E83NWfNMwHXZc11mjfFcVXPe9gEP4B8dg==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - } - } - }, - "@vue/compiler-dom": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@vue/compiler-dom/-/compiler-dom-3.0.0.tgz", - "integrity": "sha512-ukDEGOP8P7lCPyStuM3F2iD5w2QPgUu2xwCW2XNeqPjFKIlR2xMsWjy4raI/cLjN6W16GtlMFaZdK8tLj5PRog==", - "dev": true, - "requires": { - "@vue/compiler-core": "3.0.0", - "@vue/shared": "3.0.0" - } - }, - "@vue/reactivity": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@vue/reactivity/-/reactivity-3.0.0.tgz", - "integrity": "sha512-mEGkztGQrAPZRhV7C6PorrpT3+NtuA4dY2QjMzzrW31noKhssWTajRZTwpLF39NBRrF5UU6cp9+1I0FfavMgEQ==", - "dev": true, - "requires": { - "@vue/shared": "3.0.0" - } - }, - "@vue/runtime-core": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@vue/runtime-core/-/runtime-core-3.0.0.tgz", - "integrity": "sha512-3ABMLeA0ZbeVNLbGGLXr+pNUwqXILOqz8WCVGfDWwQb+jW114Cm8djOHVVDoqdvRETQvDf8yHSUmpKHZpQuTkA==", - "dev": true, - "requires": { - "@vue/reactivity": "3.0.0", - "@vue/shared": "3.0.0" - } - }, - "@vue/runtime-dom": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@vue/runtime-dom/-/runtime-dom-3.0.0.tgz", - "integrity": "sha512-f312n5w9gK6mVvkDSj6/Xnot1XjlKXzFBYybmoy6ahAVC8ExbQ+LOWti1IZM/adU8VMNdKaw7Q53Hxz3y5jX8g==", - "dev": true, - "requires": { - "@vue/runtime-core": "3.0.0", - "@vue/shared": "3.0.0", - "csstype": "^2.6.8" - } - }, - "@vue/shared": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@vue/shared/-/shared-3.0.0.tgz", - "integrity": "sha512-4XWL/avABGxU2E2ZF1eZq3Tj7fvksCMssDZUHOykBIMmh5d+KcAnQMC5XHMhtnA0NAvktYsA2YpdsVwVmhWzvA==", - "dev": true - }, "@zkochan/cmd-shim": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/@zkochan/cmd-shim/-/cmd-shim-3.1.0.tgz", @@ -6843,12 +6770,6 @@ } } }, - "csstype": { - "version": "2.6.13", - "resolved": "https://registry.npmjs.org/csstype/-/csstype-2.6.13.tgz", - "integrity": "sha512-ul26pfSQTZW8dcOnD2iiJssfXw0gdNVX9IJDH/X3K5DGPfj+fUYe3kB+swUY6BF3oZDxaID3AJt+9/ojSAE05A==", - "dev": true - }, "currently-unhandled": { "version": "0.4.1", "resolved": "https://registry.npmjs.org/currently-unhandled/-/currently-unhandled-0.4.1.tgz", @@ -7198,9 +7119,9 @@ } }, "dompurify": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.1.1.tgz", - "integrity": "sha512-NijiNVkS/OL8mdQL1hUbCD6uty/cgFpmNiuFxrmJ5YPH2cXrPKIewoixoji56rbZ6XBPmtM8GA8/sf9unlSuwg==" + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.2.2.tgz", + "integrity": "sha512-BsGR4nDLaC5CNBnyT5I+d5pOeaoWvgVeg6Gq/aqmKYWMPR07131u60I80BvExLAJ0FQEIBQ1BTicw+C5+jOyrg==" }, "domutils": { "version": "1.7.0", @@ -19315,23 +19236,6 @@ "integrity": "sha512-DRibZL6DsNhIgYQ+wNdWDL2SL3bKPlVrRiBqV5yuMm++op8W4kGFtaQfCs4KEJn0wBZcHVHJ3eoywX8983k1ow==", "dev": true }, - "vue2": { - "version": "npm:vue@2.6.12", - "resolved": "https://registry.npmjs.org/vue/-/vue-2.6.12.tgz", - "integrity": "sha512-uhmLFETqPPNyuLLbsKz6ioJ4q7AZHzD8ZVFNATNyICSZouqP2Sz0rotWQC8UNBF6VGSCs5abnKJoStA6JbCbfg==", - "dev": true - }, - "vue3": { - "version": "npm:vue@3.0.0", - "resolved": "https://registry.npmjs.org/vue/-/vue-3.0.0.tgz", - "integrity": "sha512-ZMrAARZ32sGIaYKr7Fk2GZEBh/VhulSrGxcGBiAvbN4fhjl3tuJyNFbbbLFqGjndbLoBW66I2ECq8ICdvkKdJw==", - "dev": true, - "requires": { - "@vue/compiler-dom": "3.0.0", - "@vue/runtime-dom": "3.0.0", - "@vue/shared": "3.0.0" - } - }, "w3c-hr-time": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/w3c-hr-time/-/w3c-hr-time-1.0.2.tgz", diff --git a/package.json b/package.json index 2572f7793..3e4f1178f 100644 --- a/package.json +++ b/package.json @@ -54,7 +54,7 @@ "*.js": "eslint --fix" }, "dependencies": { - "dompurify": "^2.0.8", + "dompurify": "^2.2.2", "marked": "^1.1.1", "medium-zoom": "^1.0.6", "opencollective-postinstall": "^2.0.2",