From b94e087a81a2294a13e8a0cb6371304b5367a839 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 27 Dec 2023 17:07:30 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6124857 --- package-lock.json | 163 +++++++++++++++++++++++++++------------------- package.json | 2 +- 2 files changed, 97 insertions(+), 68 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9b61e9e..b00251d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.1", "license": "GPL-3.0", "dependencies": { - "@govtechsg/oa-verify": "^8.1.0", + "@govtechsg/oa-verify": "^8.2.2", "@govtechsg/open-attestation": "^6.5.1", "debug": "^4.3.1", "node-fetch": "^2.6.1", @@ -2744,11 +2744,11 @@ } }, "node_modules/@govtechsg/dnsprove": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/@govtechsg/dnsprove/-/dnsprove-2.6.0.tgz", - "integrity": "sha512-ccCTWGF8A6b7vmIfzHLUnA26Pf1jCuUneALPFyL/yujCVmwXecicaNBuL2IbTgB3/8Sg9rBVx2bLEQ/znRmdQQ==", + "version": "2.6.2", + "resolved": "https://registry.npmjs.org/@govtechsg/dnsprove/-/dnsprove-2.6.2.tgz", + "integrity": "sha512-BVqvHAvUg863a7F29oT1TVYAWsXHztlaxAlRmRunStbsmPYaw9CNasE7PUDxfJ8V8fL5J1smqJ6SCdxBmAG0+w==", "dependencies": { - "axios": "^0.21.1", + "axios": "^1.6.1", "debug": "^4.3.1", "runtypes": "^6.3.0" } @@ -2789,15 +2789,15 @@ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, "node_modules/@govtechsg/oa-verify": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@govtechsg/oa-verify/-/oa-verify-8.1.0.tgz", - "integrity": "sha512-thRrRUr3XIODrGaKW+LOQikKAd5a4bkIH7rAe76VstF1j+PL62tCAXDvFFCGgJJOBTeSlkXQCANmzbZW81TrCg==", + "version": "8.2.2", + "resolved": "https://registry.npmjs.org/@govtechsg/oa-verify/-/oa-verify-8.2.2.tgz", + "integrity": "sha512-046//QC/oTfIXFSOCgEXZiEPr8sBZzslxDkh3H2WWaPNbePXDUuI8ohdjdGB7ThcYmh2AGN7CPhrxo/5EWUCmA==", "dependencies": { - "@govtechsg/dnsprove": "^2.6.0", + "@govtechsg/dnsprove": "^2.6.1", "@govtechsg/document-store": "^2.2.3", "@govtechsg/open-attestation": "^6.2.0", - "@govtechsg/token-registry": "^4.1.2", - "axios": "^0.21.4", + "@govtechsg/token-registry": "^4.1.7", + "axios": "^1.6.0", "debug": "^4.3.1", "did-resolver": "^3.1.0", "ethers": "^5.1.4", @@ -2862,9 +2862,9 @@ } }, "node_modules/@govtechsg/token-registry": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@govtechsg/token-registry/-/token-registry-4.1.6.tgz", - "integrity": "sha512-35kMwNoNsKE+KRJ0oFJkiwyfEAd871oTCC2IMeYuD1Rwg+IV5njkobQJCihLzuSZJaCeqQUXEQwO0m8I4keQPQ==", + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/@govtechsg/token-registry/-/token-registry-4.3.0.tgz", + "integrity": "sha512-KW73mZAz2EoC0gjt9xnu1MJYBuE/ohP18HWXPv/ZRTweaJa7QHrq8PQ9u97UMjvdFz14k7sPAC9ZlNRNaSst3A==", "dependencies": { "@typechain/ethers-v5": "~10.0.0" }, @@ -2913,9 +2913,9 @@ } }, "node_modules/@govtechsg/token-registry/node_modules/typechain": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/typechain/-/typechain-8.2.0.tgz", - "integrity": "sha512-tZqhqjxJ9xAS/Lh32jccTjMkpx7sTdUVVHAy5Bf0TIer5QFNYXotiX74oCvoVYjyxUKDK3MXHtMFzMyD3kE+jg==", + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/typechain/-/typechain-8.3.2.tgz", + "integrity": "sha512-x/sQYr5w9K7yv3es7jo4KTX05CLxOf7TRWwoHlrjRh8H82G64g+k7VuWPJlgMo6qrjfCulOdfBjiaDtmhFYD/Q==", "peer": true, "dependencies": { "@types/prettier": "^2.1.1", @@ -2937,9 +2937,9 @@ } }, "node_modules/@govtechsg/token-registry/node_modules/typescript": { - "version": "5.1.3", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.1.3.tgz", - "integrity": "sha512-XH627E9vkeqhlZFQuL+UsyAXEnibT0kWR2FWONlr4sTjvxyJYnyefgrkyECLzM5NenmKzRAy2rR/OlYLA1HkZw==", + "version": "5.3.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.3.3.tgz", + "integrity": "sha512-pXWcraxM0uxAS+tN0AG/BF2TyqmHO014Z070UsJ+pFvYuRSq8KH8DmWpnbXe0pEPDHXZV3FcAbJkijJ5oNEnWw==", "peer": true, "bin": { "tsc": "bin/tsc", @@ -5282,8 +5282,7 @@ "node_modules/asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", - "dev": true + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" }, "node_modules/at-least-node": { "version": "1.0.0", @@ -5322,11 +5321,26 @@ "dev": true }, "node_modules/axios": { - "version": "0.21.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", - "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==", + "version": "1.6.3", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.3.tgz", + "integrity": "sha512-fWyNdeawGam70jXSVlKl+SUNVcL6j6W79CuSIPfi6HnDUmSCH6gyUys/HrqHeA/wU0Az41rRgean494d0Jb+ww==", + "dependencies": { + "follow-redirects": "^1.15.0", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" + } + }, + "node_modules/axios/node_modules/form-data": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", + "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", "dependencies": { - "follow-redirects": "^1.14.0" + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" + }, + "engines": { + "node": ">= 6" } }, "node_modules/babel-eslint": { @@ -6443,7 +6457,6 @@ "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dev": true, "dependencies": { "delayed-stream": "~1.0.0" }, @@ -7775,7 +7788,6 @@ "version": "1.0.0", "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", - "dev": true, "engines": { "node": ">=0.4.0" } @@ -9993,9 +10005,9 @@ } }, "node_modules/follow-redirects": { - "version": "1.15.2", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz", - "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==", + "version": "1.15.3", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.3.tgz", + "integrity": "sha512-1VzOtuEM8pC9SFU1E+8KfTjZyMztRsgEfwQl44z8A25uy13jSzTj6dyK2Df52iV0vgHCfBwLhDWevLn95w5v6Q==", "funding": [ { "type": "individual", @@ -15740,7 +15752,6 @@ "version": "1.44.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz", "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==", - "dev": true, "engines": { "node": ">= 0.6" } @@ -15749,7 +15760,6 @@ "version": "2.1.27", "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz", "integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==", - "dev": true, "dependencies": { "mime-db": "1.44.0" }, @@ -20216,6 +20226,11 @@ "integrity": "sha512-IgjKyaUSjsROSO8/D49Ab7hP8mJgTYcqApOqdPhLoPxAplXmkp+zRvsrSQjFn5by0rhm4VH0GAUELIPpx7B1yg==", "dev": true }, + "node_modules/proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, "node_modules/psl": { "version": "1.8.0", "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", @@ -26631,11 +26646,11 @@ } }, "@govtechsg/dnsprove": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/@govtechsg/dnsprove/-/dnsprove-2.6.0.tgz", - "integrity": "sha512-ccCTWGF8A6b7vmIfzHLUnA26Pf1jCuUneALPFyL/yujCVmwXecicaNBuL2IbTgB3/8Sg9rBVx2bLEQ/znRmdQQ==", + "version": "2.6.2", + "resolved": "https://registry.npmjs.org/@govtechsg/dnsprove/-/dnsprove-2.6.2.tgz", + "integrity": "sha512-BVqvHAvUg863a7F29oT1TVYAWsXHztlaxAlRmRunStbsmPYaw9CNasE7PUDxfJ8V8fL5J1smqJ6SCdxBmAG0+w==", "requires": { - "axios": "^0.21.1", + "axios": "^1.6.1", "debug": "^4.3.1", "runtypes": "^6.3.0" } @@ -26672,15 +26687,15 @@ } }, "@govtechsg/oa-verify": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@govtechsg/oa-verify/-/oa-verify-8.1.0.tgz", - "integrity": "sha512-thRrRUr3XIODrGaKW+LOQikKAd5a4bkIH7rAe76VstF1j+PL62tCAXDvFFCGgJJOBTeSlkXQCANmzbZW81TrCg==", + "version": "8.2.2", + "resolved": "https://registry.npmjs.org/@govtechsg/oa-verify/-/oa-verify-8.2.2.tgz", + "integrity": "sha512-046//QC/oTfIXFSOCgEXZiEPr8sBZzslxDkh3H2WWaPNbePXDUuI8ohdjdGB7ThcYmh2AGN7CPhrxo/5EWUCmA==", "requires": { - "@govtechsg/dnsprove": "^2.6.0", + "@govtechsg/dnsprove": "^2.6.1", "@govtechsg/document-store": "^2.2.3", "@govtechsg/open-attestation": "^6.2.0", - "@govtechsg/token-registry": "^4.1.2", - "axios": "^0.21.4", + "@govtechsg/token-registry": "^4.1.7", + "axios": "^1.6.0", "debug": "^4.3.1", "did-resolver": "^3.1.0", "ethers": "^5.1.4", @@ -26739,9 +26754,9 @@ } }, "@govtechsg/token-registry": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@govtechsg/token-registry/-/token-registry-4.1.6.tgz", - "integrity": "sha512-35kMwNoNsKE+KRJ0oFJkiwyfEAd871oTCC2IMeYuD1Rwg+IV5njkobQJCihLzuSZJaCeqQUXEQwO0m8I4keQPQ==", + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/@govtechsg/token-registry/-/token-registry-4.3.0.tgz", + "integrity": "sha512-KW73mZAz2EoC0gjt9xnu1MJYBuE/ohP18HWXPv/ZRTweaJa7QHrq8PQ9u97UMjvdFz14k7sPAC9ZlNRNaSst3A==", "requires": { "@typechain/ethers-v5": "~10.0.0" }, @@ -26776,9 +26791,9 @@ } }, "typechain": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/typechain/-/typechain-8.2.0.tgz", - "integrity": "sha512-tZqhqjxJ9xAS/Lh32jccTjMkpx7sTdUVVHAy5Bf0TIer5QFNYXotiX74oCvoVYjyxUKDK3MXHtMFzMyD3kE+jg==", + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/typechain/-/typechain-8.3.2.tgz", + "integrity": "sha512-x/sQYr5w9K7yv3es7jo4KTX05CLxOf7TRWwoHlrjRh8H82G64g+k7VuWPJlgMo6qrjfCulOdfBjiaDtmhFYD/Q==", "peer": true, "requires": { "@types/prettier": "^2.1.1", @@ -26794,9 +26809,9 @@ } }, "typescript": { - "version": "5.1.3", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.1.3.tgz", - "integrity": "sha512-XH627E9vkeqhlZFQuL+UsyAXEnibT0kWR2FWONlr4sTjvxyJYnyefgrkyECLzM5NenmKzRAy2rR/OlYLA1HkZw==", + "version": "5.3.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.3.3.tgz", + "integrity": "sha512-pXWcraxM0uxAS+tN0AG/BF2TyqmHO014Z070UsJ+pFvYuRSq8KH8DmWpnbXe0pEPDHXZV3FcAbJkijJ5oNEnWw==", "peer": true }, "universalify": { @@ -28756,8 +28771,7 @@ "asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", - "dev": true + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" }, "at-least-node": { "version": "1.0.0", @@ -28784,11 +28798,25 @@ "dev": true }, "axios": { - "version": "0.21.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", - "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==", + "version": "1.6.3", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.3.tgz", + "integrity": "sha512-fWyNdeawGam70jXSVlKl+SUNVcL6j6W79CuSIPfi6HnDUmSCH6gyUys/HrqHeA/wU0Az41rRgean494d0Jb+ww==", "requires": { - "follow-redirects": "^1.14.0" + "follow-redirects": "^1.15.0", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" + }, + "dependencies": { + "form-data": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", + "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", + "requires": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" + } + } } }, "babel-eslint": { @@ -29736,7 +29764,6 @@ "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dev": true, "requires": { "delayed-stream": "~1.0.0" } @@ -30811,8 +30838,7 @@ "delayed-stream": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", - "dev": true + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" }, "deprecation": { "version": "2.3.1", @@ -32597,9 +32623,9 @@ } }, "follow-redirects": { - "version": "1.15.2", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz", - "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==" + "version": "1.15.3", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.3.tgz", + "integrity": "sha512-1VzOtuEM8pC9SFU1E+8KfTjZyMztRsgEfwQl44z8A25uy13jSzTj6dyK2Df52iV0vgHCfBwLhDWevLn95w5v6Q==" }, "for-in": { "version": "1.0.2", @@ -37250,14 +37276,12 @@ "mime-db": { "version": "1.44.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz", - "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==", - "dev": true + "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==" }, "mime-types": { "version": "2.1.27", "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz", "integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==", - "dev": true, "requires": { "mime-db": "1.44.0" } @@ -40587,6 +40611,11 @@ "integrity": "sha512-IgjKyaUSjsROSO8/D49Ab7hP8mJgTYcqApOqdPhLoPxAplXmkp+zRvsrSQjFn5by0rhm4VH0GAUELIPpx7B1yg==", "dev": true }, + "proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, "psl": { "version": "1.8.0", "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", diff --git a/package.json b/package.json index ddecb5f..af35236 100644 --- a/package.json +++ b/package.json @@ -33,7 +33,7 @@ }, "types": "dist/ts/src", "dependencies": { - "@govtechsg/oa-verify": "^8.1.0", + "@govtechsg/oa-verify": "^8.2.2", "@govtechsg/open-attestation": "^6.5.1", "debug": "^4.3.1", "node-fetch": "^2.6.1",