From 1cd8a85491d3b482d4319d415b789dc51f62f00d Mon Sep 17 00:00:00 2001 From: zondervancalvez Date: Mon, 20 Nov 2023 15:09:42 +0800 Subject: [PATCH] tools(cmd-api-server): address CVE: CVE-2022-25881 Fixes: hyperledger#2862 Signed-off-by: zondervancalvez --- packages/cactus-cmd-api-server/package.json | 2 ++ yarn.lock | 11 ++++++++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/packages/cactus-cmd-api-server/package.json b/packages/cactus-cmd-api-server/package.json index 7d4460f4732..62031358ec6 100644 --- a/packages/cactus-cmd-api-server/package.json +++ b/packages/cactus-cmd-api-server/package.json @@ -103,6 +103,7 @@ "@types/express": "4.17.19", "@types/express-http-proxy": "1.6.2", "@types/google-protobuf": "3.15.5", + "@types/http-cache-semantics": "^4", "@types/json-stable-stringify": "1.0.34", "@types/jsonwebtoken": "8.5.4", "@types/multer": "1.4.7", @@ -117,6 +118,7 @@ "google-protobuf": "3.18.0-rc.2", "grpc-tools": "1.12.4", "grpc_tools_node_protoc_ts": "5.3.3", + "http-cache-semantics": "4.1.1", "http-status-codes": "2.1.4", "protobufjs": "7.2.5" }, diff --git a/yarn.lock b/yarn.lock index 3e81a4e1d8c..489e1575163 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6664,6 +6664,7 @@ __metadata: "@types/express": 4.17.19 "@types/express-http-proxy": 1.6.2 "@types/google-protobuf": 3.15.5 + "@types/http-cache-semantics": ^4 "@types/json-stable-stringify": 1.0.34 "@types/jsonwebtoken": 8.5.4 "@types/multer": 1.4.7 @@ -6692,6 +6693,7 @@ __metadata: google-protobuf: 3.18.0-rc.2 grpc-tools: 1.12.4 grpc_tools_node_protoc_ts: 5.3.3 + http-cache-semantics: 4.1.1 http-status-codes: 2.1.4 jose: 4.9.2 json-stable-stringify: 1.0.2 @@ -7812,7 +7814,7 @@ __metadata: "@hyperledger/cactus-test-tooling": 2.0.0-alpha.2 "@types/express": 4.17.20 "@types/uuid": 9.0.6 - axios: 1.5.1 + axios: 1.6.0 body-parser: 1.20.2 cbor: 9.0.1 express: 4.18.2 @@ -12905,6 +12907,13 @@ __metadata: languageName: node linkType: hard +"@types/http-cache-semantics@npm:^4": + version: 4.0.4 + resolution: "@types/http-cache-semantics@npm:4.0.4" + checksum: 7f4dd832e618bc1e271be49717d7b4066d77c2d4eed5b81198eb987e532bb3e1c7e02f45d77918185bad936f884b700c10cebe06305f50400f382ab75055f9e8 + languageName: node + linkType: hard + "@types/http-cache-semantics@npm:^4.0.1": version: 4.0.1 resolution: "@types/http-cache-semantics@npm:4.0.1"