From e42090da914a55dffa3bae61534dd69ecdcbc1a2 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 7 Apr 2022 17:02:24 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ASYNC-2441827 --- package-lock.json | 139 +++++++++++++++------------------------------- package.json | 4 +- 2 files changed, 48 insertions(+), 95 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1f9113c..eb6c480 100644 --- a/package-lock.json +++ b/package-lock.json @@ -113,11 +113,6 @@ "resolved": "https://registry.npmjs.org/asap/-/asap-2.0.6.tgz", "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" }, - "async": { - "version": "1.5.2", - "resolved": "https://registry.npmjs.org/async/-/async-1.5.2.tgz", - "integrity": "sha1-7GphrlZIDAw8skHJVhjiCJL5Zyo=" - }, "bail": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/bail/-/bail-1.0.2.tgz", @@ -128,11 +123,6 @@ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz", "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=" }, - "bluebird": { - "version": "3.5.1", - "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.5.1.tgz", - "integrity": "sha512-MKiLiV+I1AA596t9w1sQJ8jkiSr5+ZKi0WKrYGUn6d1Fx+Ij4tIj+m2WMQSGczs5jZVxV339chE8iwk6F64wjA==" - }, "body-parser": { "version": "1.8.4", "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.8.4.tgz", @@ -358,14 +348,6 @@ "typedarray": "^0.0.6" } }, - "consolidate": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/consolidate/-/consolidate-0.14.5.tgz", - "integrity": "sha1-WiUEe8dvcwcmZ8jLUsmJiI9JTGM=", - "requires": { - "bluebird": "^3.1.1" - } - }, "constantinople": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/constantinople/-/constantinople-3.1.0.tgz", @@ -588,11 +570,6 @@ "jsonfile": "^2.1.0" } }, - "fs-readdir-recursive": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/fs-readdir-recursive/-/fs-readdir-recursive-1.1.0.tgz", - "integrity": "sha512-GNanXlVr2pf02+sPN40XN8HG+ePaNcvM0q5mZBd668Obwb0yD5GiUbZOFgwn8kGMY6I3mdyDJzieUy3PTYyTRA==" - }, "fs.realpath": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", @@ -688,14 +665,27 @@ } }, "handlebars": { - "version": "4.0.11", - "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.0.11.tgz", - "integrity": "sha1-Ywo13+ApS8KB7a5v/F0yn8eYLcw=", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.1.1.tgz", + "integrity": "sha512-3Zhi6C0euYZL5sM0Zcy7lInLXKQ+YLcF/olbN010mzGQ4XVm50JeyBnMqofHh696GrciGruC7kCcApPDJvVgwA==", "requires": { - "async": "^1.4.0", + "neo-async": "^2.6.0", "optimist": "^0.6.1", - "source-map": "^0.4.4", - "uglify-js": "^2.6" + "source-map": "^0.6.1", + "uglify-js": "^3.1.4" + }, + "dependencies": { + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + }, + "uglify-js": { + "version": "3.15.3", + "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.15.3.tgz", + "integrity": "sha512-6iCVm2omGJbsu3JWac+p6kUiOpg3wFO2f8lIXjfEb8RrmLjzog1wTPMmwKB7swfzzqxj9YM+sGUM++u1qN4qJg==", + "optional": true + } } }, "has": { @@ -822,6 +812,14 @@ "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.5.tgz", "integrity": "sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw==" }, + "inputformat-to-jstransformer": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/inputformat-to-jstransformer/-/inputformat-to-jstransformer-1.4.0.tgz", + "integrity": "sha512-Ub+Wjb0mjaND4IS/GDvQ+TEyd1i9U4OdrF58mBY7QTYu8CK5K34DPV7mrvo/WQBJLj7UJWQc7QAmFb7CbQ5lLw==", + "requires": { + "require-one": "^1.0.3" + } + }, "irregular-plurals": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/irregular-plurals/-/irregular-plurals-1.4.0.tgz", @@ -1154,11 +1152,6 @@ "resolved": "https://registry.npmjs.org/lodash.mapvalues/-/lodash.mapvalues-4.6.0.tgz", "integrity": "sha1-G6+lAF3p3W9PJmaMMMo3IwzJaJw=" }, - "lodash.omit": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/lodash.omit/-/lodash.omit-4.5.0.tgz", - "integrity": "sha1-brGa5aHuHdnfC5aeZs4Lf6MLXmA=" - }, "lodash.omitby": { "version": "4.6.0", "resolved": "https://registry.npmjs.org/lodash.omitby/-/lodash.omitby-4.6.0.tgz", @@ -1423,25 +1416,14 @@ } }, "metalsmith-layouts": { - "version": "1.8.1", - "resolved": "https://registry.npmjs.org/metalsmith-layouts/-/metalsmith-layouts-1.8.1.tgz", - "integrity": "sha1-o2XTmTnZFGzf5R+t7n2HVXP8y9w=", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/metalsmith-layouts/-/metalsmith-layouts-2.0.0.tgz", + "integrity": "sha512-MrppudyRpGDSUjIL35ZcZ5RnPNCpIBNSO9Pv5a+VsyyMDzHpCOWtVXp42EQatB+SD++UZvE2jBw7cRpl8RHfyw==", "requires": { - "async": "^1.3.0", - "consolidate": "^0.14.0", - "debug": "^2.2.0", - "extend": "^3.0.0", - "fs-readdir-recursive": "^1.0.0", - "is-utf8": "^0.2.0", - "lodash.omit": "^4.0.2", - "multimatch": "^2.0.0" - }, - "dependencies": { - "extend": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.1.tgz", - "integrity": "sha1-p1Xqe8Gt/MWjHOfnYtuq3F5jZEQ=" - } + "inputformat-to-jstransformer": "^1.2.1", + "is-utf8": "^0.2.1", + "jstransformer": "^1.0.0", + "multimatch": "^2.1.0" } }, "metalsmith-lunr": { @@ -1467,28 +1449,6 @@ } } }, - "metalsmith-markdown-taxonomy": { - "version": "0.0.2", - "resolved": "https://registry.npmjs.org/metalsmith-markdown-taxonomy/-/metalsmith-markdown-taxonomy-0.0.2.tgz", - "integrity": "sha512-N+zbq76trOqwO4lhqo18FlUN9DhzDv1vGN6Tj/mOmWTkT3/4MM+Q0pil/SPrUIySDSJpSctc/hom8eLTNJcSeQ==", - "requires": { - "async": "^2.4.1", - "debug": "^2.2.0", - "lodash": "^4.17.4", - "marked": "^0.3.6", - "minimatch": "^3.0.0" - }, - "dependencies": { - "async": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/async/-/async-2.6.0.tgz", - "integrity": "sha512-xAfGg1/NTLBBKlHFmnd7PlmUW9KhVQIUuSrYem9xzFUZy13ScvtyGGejaae9iAVRiRq9+Cx7DPFaAAhCpyxyPw==", - "requires": { - "lodash": "^4.14.0" - } - } - } - }, "metalsmith-matters": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/metalsmith-matters/-/metalsmith-matters-1.2.0.tgz", @@ -1505,18 +1465,6 @@ "resolved": "https://registry.npmjs.org/metalsmith-metacopy/-/metalsmith-metacopy-0.2.0.tgz", "integrity": "sha1-Cl9sK0NNnMgmoUWn8BX3tmT0pfM=" }, - "metalsmith-migrate-safetag": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/metalsmith-migrate-safetag/-/metalsmith-migrate-safetag-0.2.0.tgz", - "integrity": "sha512-/qGKFehHya7amnFlXDB6R2xoBRbGJIYN0+1pStfb2fUgvxnUteH1gqwFnfF9i9uclF3yOtaUHNEMxWKcA6Q3fA==", - "requires": { - "debug": "^2.2.0", - "lodash": "^4.17.4", - "minimatch": "^3.0.0", - "source-map-support": "^0.4.15", - "trim-newlines": "^2.0.0" - } - }, "metalsmith-packages": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/metalsmith-packages/-/metalsmith-packages-0.1.0.tgz", @@ -1545,7 +1493,7 @@ "async": "^2.0.0-rc.2", "debug": "^2.1.0", "multimatch": "^2.1.0", - "pdc": "github:cherbst/node-pdc#720ad811afd5239c27b3bbe9b4cd8677b0cde1df", + "pdc": "pdc@github:cherbst/node-pdc#720ad811afd5239c27b3bbe9b4cd8677b0cde1df", "system-install": "^1.0.0", "which": "^1.0.8" }, @@ -1668,7 +1616,7 @@ "requires": { "async": "^2.4.1", "debug": "^2.2.0", - "hercule": "github:contentascode/hercule#2df09afb83b52c5cf8edc241a85d40a7ef0a546f", + "hercule": "hercule@github:contentascode/hercule#2df09afb83b52c5cf8edc241a85d40a7ef0a546f", "json-pointer": "^0.6.0", "multimatch": "^2.1.0", "pegjs": "^0.10.0" @@ -1819,6 +1767,11 @@ "minimatch": "^3.0.0" } }, + "neo-async": { + "version": "2.6.2", + "resolved": "https://registry.npmjs.org/neo-async/-/neo-async-2.6.2.tgz", + "integrity": "sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==" + }, "node-static": { "version": "0.7.10", "resolved": "https://registry.npmjs.org/node-static/-/node-static-0.7.10.tgz", @@ -2869,6 +2822,11 @@ "resolved": "https://registry.npmjs.org/replace-ext/-/replace-ext-1.0.0.tgz", "integrity": "sha1-3mMSg3P8v3w8z6TeWkgMRaZ5WOs=" }, + "require-one": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/require-one/-/require-one-1.0.3.tgz", + "integrity": "sha1-Dv68zpgP78PfhM4A8mnhnItvSZA=" + }, "resolve": { "version": "1.5.0", "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.5.0.tgz", @@ -3135,11 +3093,6 @@ "resolved": "https://registry.npmjs.org/trim/-/trim-0.0.1.tgz", "integrity": "sha1-WFhUf2spB1fulczMZm+1AITEYN0=" }, - "trim-newlines": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-2.0.0.tgz", - "integrity": "sha1-tAPQuRvlDDMd/EuC7s6yLD3hbSA=" - }, "trim-trailing-lines": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/trim-trailing-lines/-/trim-trailing-lines-1.1.0.tgz", diff --git a/package.json b/package.json index de39a9c..77519cc 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ "license": "CC-BY-SA-3.0", "dependencies": { "filter.js": "github:perfectwebteam/filter.js", - "handlebars": "^4.0.10", + "handlebars": "^4.1.1", "lodash": "^4.17.4", "metalsmith-assets-copy": "0.0.2", "metalsmith-assets-improved": "github:contentascode/metalsmith-assets-improved#release", @@ -26,7 +26,7 @@ "metalsmith-env": "^2.0.0", "metalsmith-filemetadata": "^1.0.0", "metalsmith-ignore": "^0.1.2", - "metalsmith-layouts": "^1.8.1", + "metalsmith-layouts": "^2.0.0", "metalsmith-lunr": "github:contentascode/metalsmith-lunr", "metalsmith-markdown": "^0.2.1", "metalsmith-markdown-taxonomy": "^0.1.0",