From b9c33b02674b44b96b3fbcd061e05c70879fa5fb Mon Sep 17 00:00:00 2001 From: Alex Date: Wed, 12 Oct 2022 05:12:43 -0500 Subject: [PATCH] security: patch vm2 (#358) --- services/package-lock.json | 51 +++++++++++++++++++++++++++----------- services/package.json | 2 +- 2 files changed, 37 insertions(+), 16 deletions(-) diff --git a/services/package-lock.json b/services/package-lock.json index 889260e0..beacb18b 100644 --- a/services/package-lock.json +++ b/services/package-lock.json @@ -47,7 +47,7 @@ "pino-pretty": "^4.7.1", "prom-client": "^12.0.0", "tslib": "^2.2.0", - "vm2": "^3.9.4", + "vm2": "^3.9.11", "wait-on": "^5.3.0" }, "devDependencies": { @@ -1591,10 +1591,9 @@ } }, "node_modules/acorn": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.1.1.tgz", - "integrity": "sha512-xYiIVjNuqtKXMxlRMDc6mZUhXehod4a3gbZ1qRlM7icK4EbxUFNLhWoPblCvFtB2Y9CIqHP3CF/rdxLItaQv8g==", - "dev": true, + "version": "8.8.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.8.0.tgz", + "integrity": "sha512-QOxyigPVrpZ2GXT+PFyZTl6TtOFc5egxHIP9IlQ+RbupQuX4RkT/Bee4/kQuC02Xkzg84JcT7oLYtDIQxp+v7w==", "bin": { "acorn": "bin/acorn" }, @@ -9968,9 +9967,13 @@ } }, "node_modules/vm2": { - "version": "3.9.4", - "resolved": "https://registry.npmjs.org/vm2/-/vm2-3.9.4.tgz", - "integrity": "sha512-sOdharrJ7KEePIpHekiWaY1DwgueuiBeX/ZBJUPgETsVlJsXuEx0K0/naATq2haFvJrvZnRiORQRubR0b7Ye6g==", + "version": "3.9.11", + "resolved": "https://registry.npmjs.org/vm2/-/vm2-3.9.11.tgz", + "integrity": "sha512-PFG8iJRSjvvBdisowQ7iVF580DXb1uCIiGaXgm7tynMR1uTBlv7UJlB1zdv5KJ+Tmq1f0Upnj3fayoEOPpCBKg==", + "dependencies": { + "acorn": "^8.7.0", + "acorn-walk": "^8.2.0" + }, "bin": { "vm2": "bin/vm2" }, @@ -9978,6 +9981,14 @@ "node": ">=6.0" } }, + "node_modules/vm2/node_modules/acorn-walk": { + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.2.0.tgz", + "integrity": "sha512-k+iyHEuPgSw6SbuDpGQM+06HQUa04DZ3o+F6CSzXMvvI5KMvnaEqXe+YVe555R9nn6GPt404fos4wcgpw12SDA==", + "engines": { + "node": ">=0.4.0" + } + }, "node_modules/w3c-hr-time": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/w3c-hr-time/-/w3c-hr-time-1.0.2.tgz", @@ -11701,10 +11712,9 @@ } }, "acorn": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.1.1.tgz", - "integrity": "sha512-xYiIVjNuqtKXMxlRMDc6mZUhXehod4a3gbZ1qRlM7icK4EbxUFNLhWoPblCvFtB2Y9CIqHP3CF/rdxLItaQv8g==", - "dev": true + "version": "8.8.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.8.0.tgz", + "integrity": "sha512-QOxyigPVrpZ2GXT+PFyZTl6TtOFc5egxHIP9IlQ+RbupQuX4RkT/Bee4/kQuC02Xkzg84JcT7oLYtDIQxp+v7w==" }, "acorn-globals": { "version": "6.0.0", @@ -18375,9 +18385,20 @@ } }, "vm2": { - "version": "3.9.4", - "resolved": "https://registry.npmjs.org/vm2/-/vm2-3.9.4.tgz", - "integrity": "sha512-sOdharrJ7KEePIpHekiWaY1DwgueuiBeX/ZBJUPgETsVlJsXuEx0K0/naATq2haFvJrvZnRiORQRubR0b7Ye6g==" + "version": "3.9.11", + "resolved": "https://registry.npmjs.org/vm2/-/vm2-3.9.11.tgz", + "integrity": "sha512-PFG8iJRSjvvBdisowQ7iVF580DXb1uCIiGaXgm7tynMR1uTBlv7UJlB1zdv5KJ+Tmq1f0Upnj3fayoEOPpCBKg==", + "requires": { + "acorn": "^8.7.0", + "acorn-walk": "^8.2.0" + }, + "dependencies": { + "acorn-walk": { + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.2.0.tgz", + "integrity": "sha512-k+iyHEuPgSw6SbuDpGQM+06HQUa04DZ3o+F6CSzXMvvI5KMvnaEqXe+YVe555R9nn6GPt404fos4wcgpw12SDA==" + } + } }, "w3c-hr-time": { "version": "1.0.2", diff --git a/services/package.json b/services/package.json index 2d7f2bd8..416a8ebe 100644 --- a/services/package.json +++ b/services/package.json @@ -57,7 +57,7 @@ "pino-pretty": "^4.7.1", "prom-client": "^12.0.0", "tslib": "^2.2.0", - "vm2": "^3.9.4", + "vm2": "^3.9.11", "wait-on": "^5.3.0" }, "devDependencies": {