From e9a05c39e776eb2719d3a067a36cfd77a77506d2 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 28 Apr 2022 00:44:16 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-EJS-2803307 --- package-lock.json | 110 +++++++++++++++++++++++----------------------- package.json | 2 +- 2 files changed, 56 insertions(+), 56 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2c6678bd1..c28693398 100644 --- a/package-lock.json +++ b/package-lock.json @@ -71,6 +71,11 @@ "integrity": "sha512-UBYHWph6P3tutkbXpW6XYg9ZPbTKjw/YC2hGG1/GEvWwTbvezBUv3h+mmUFw79T3RFPnmedpiXdOBbXX+4l0jg==", "dev": true }, + "@xmldom/xmldom": { + "version": "0.7.5", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.7.5.tgz", + "integrity": "sha512-V3BIhmY36fXZ1OtVcI9W+FxQqxVLsPKcNjWigIaa81dLC9IolJl5Mt4Cvhmr0flUnjSpTdrbMTSbXqYqV5dT6A==" + }, "abbrev": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz", @@ -2934,11 +2939,6 @@ "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", "integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=" }, - "ejs": { - "version": "2.6.2", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-2.6.2.tgz", - "integrity": "sha512-PcW2a0tyTuPHz3tWyYqtK6r1fZ3gp+3Sop8Ph+ZYN81Ob5rwmbHEzaqs10N3BEsaGTkh/ooniXK+WwszGlc2+Q==" - }, "electron-to-chromium": { "version": "1.3.236", "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.236.tgz", @@ -10819,9 +10819,9 @@ "integrity": "sha1-7K52QVDemYYexcgQ/V0Jaxg5Mqc=" }, "node-forge": { - "version": "0.7.6", - "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.7.6.tgz", - "integrity": "sha512-sol30LUpz1jQFBjOKwbjxijiE3b6pjd74YwfD0fJOKPjF+fONKb2Yg8rYgS6+bK6VDl+/wfr4IYpC7jDzLUIfw==" + "version": "0.10.0", + "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.10.0.tgz", + "integrity": "sha512-PPmu8eEeG9saEUvI97fm4OYxXVB6bFvyNTyiUOBichBpFG8A1Ljw3bY62+5oOjDEMHRnd0Y7HQ+x7uzxOzC6JA==" }, "node-gyp": { "version": "3.8.0", @@ -13732,17 +13732,38 @@ } }, "passport-saml": { - "version": "0.31.0", - "resolved": "https://registry.npmjs.org/passport-saml/-/passport-saml-0.31.0.tgz", - "integrity": "sha1-5NZUyrMPAYv9OQVu/nvPp3CqtGM=", + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/passport-saml/-/passport-saml-1.3.2.tgz", + "integrity": "sha512-oRtv1lF0AeOVGPD/UJMJnOO7AIc/Wgw7qfMxgejm2bjBo85a26LQfP+XnOD5gW7fxRdYKXDAIOvqPhFeGJmyBw==", "requires": { + "debug": "^3.1.0", "passport-strategy": "*", "q": "^1.5.0", - "xml-crypto": "^0.10.1", - "xml-encryption": "^0.11.0", + "xml-crypto": "^1.4.0", + "xml-encryption": "^1.0.0", "xml2js": "0.4.x", - "xmlbuilder": "^9.0.4", + "xmlbuilder": "^11.0.0", "xmldom": "0.1.x" + }, + "dependencies": { + "debug": { + "version": "3.2.7", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.7.tgz", + "integrity": "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==", + "requires": { + "ms": "^2.1.1" + } + }, + "ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" + }, + "xmlbuilder": { + "version": "11.0.1", + "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", + "integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA==" + } } }, "passport-strategy": { @@ -17104,45 +17125,29 @@ } }, "xml-crypto": { - "version": "0.10.1", - "resolved": "https://registry.npmjs.org/xml-crypto/-/xml-crypto-0.10.1.tgz", - "integrity": "sha1-+DL3TM9W8kr8rhFjofyrRNlndKg=", + "version": "1.5.6", + "resolved": "https://registry.npmjs.org/xml-crypto/-/xml-crypto-1.5.6.tgz", + "integrity": "sha512-LCLvc59uItSD3QZprq+XaJWXb0umi3g8Ks3pZis1qZ9OYzQuHb4U//u5+vHr4gjn2KFAAAzFlja6OnS2LG/gRw==", "requires": { - "xmldom": "=0.1.19", - "xpath.js": ">=0.0.3" - }, - "dependencies": { - "xmldom": { - "version": "0.1.19", - "resolved": "https://registry.npmjs.org/xmldom/-/xmldom-0.1.19.tgz", - "integrity": "sha1-Yx/Ad3bv2EEYvyUXGzftTQdaCrw=" - } + "@xmldom/xmldom": "^0.7.0", + "xpath": "0.0.32" } }, "xml-encryption": { - "version": "0.11.2", - "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-0.11.2.tgz", - "integrity": "sha512-jVvES7i5ovdO7N+NjgncA326xYKjhqeAnnvIgRnY7ROLCfFqEDLwP0Sxp/30SHG0AXQV1048T5yinOFyvwGFzg==", - "requires": { - "async": "^2.1.5", - "ejs": "^2.5.6", - "node-forge": "^0.7.0", - "xmldom": "~0.1.15", - "xpath": "0.0.27" + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-1.3.0.tgz", + "integrity": "sha512-3P8C4egMMxSR1BmsRM+fG16a3WzOuUEQKS2U4c3AZ5v7OseIfdUeVkD8dwxIhuLryFZSRWUL5OP6oqkgU7hguA==", + "requires": { + "@xmldom/xmldom": "^0.7.0", + "escape-html": "^1.0.3", + "node-forge": "^0.10.0", + "xpath": "0.0.32" }, "dependencies": { - "async": { - "version": "2.6.3", - "resolved": "https://registry.npmjs.org/async/-/async-2.6.3.tgz", - "integrity": "sha512-zflvls11DCy+dQWzTW2dzuilv8Z5X/pjfmZOWba6TNIVDm+2UDaJmXSOXlasHKfNBs8oo3M0aT50fDEWfKZjXg==", - "requires": { - "lodash": "^4.17.14" - } - }, - "lodash": { - "version": "4.17.15", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" + "escape-html": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", + "integrity": "sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg=" } } }, @@ -17166,14 +17171,9 @@ "integrity": "sha1-1QH5ezvbQDr4757MIFcxh6rawOk=" }, "xpath": { - "version": "0.0.27", - "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.27.tgz", - "integrity": "sha512-fg03WRxtkCV6ohClePNAECYsmpKKTv5L8y/X3Dn1hQrec3POx2jHZ/0P2qQ6HvsrU1BmeqXcof3NGGueG6LxwQ==" - }, - "xpath.js": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/xpath.js/-/xpath.js-1.1.0.tgz", - "integrity": "sha512-jg+qkfS4K8E7965sqaUl8mRngXiKb3WZGfONgE18pr03FUQiuSV6G+Ej4tS55B+rIQSFEIw3phdVAQ4pPqNWfQ==" + "version": "0.0.32", + "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.32.tgz", + "integrity": "sha512-rxMJhSIoiO8vXcWvSifKqhvV96GjiD5wYb8/QHdoRyQvraTpp4IEv944nhGausZZ3u7dhQXteZuZbaqfpB7uYw==" }, "xregexp": { "version": "2.0.0", diff --git a/package.json b/package.json index 6cc75717d..93f6f77fa 100644 --- a/package.json +++ b/package.json @@ -59,7 +59,7 @@ "passport-google-oauth": "0.2.0", "passport-linkedin": "0.1.3", "passport-local": "1.0.0", - "passport-saml": "^0.31.0", + "passport-saml": "^1.3.2", "passport-twitter": "1.0.3", "pdfjs-dist": "^1.10.97", "request": "2.82.0",