From 61331117298d7ba114c0dfd89166149e9119d710 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 22 Aug 2021 22:39:37 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PACRESOLVER-1564857 --- package-lock.json | 138 +++++++++++++++++++++++++++------------------- package.json | 2 +- 2 files changed, 81 insertions(+), 59 deletions(-) diff --git a/package-lock.json b/package-lock.json index 470481fd..d2b41335 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5,7 +5,8 @@ "requires": true, "packages": { "": { - "version": "8.2.0", + "name": "kubernetes-external-secrets", + "version": "8.3.0", "license": "MIT", "dependencies": { "@alicloud/kms20160120": "^1.1.0", @@ -24,7 +25,7 @@ "node-vault": "^0.9.18", "pino": "^6.4.1", "prom-client": "^12.0.0", - "proxy-agent": "^4.0.1" + "proxy-agent": "^5.0.0" }, "devDependencies": { "chai": "4.2.0", @@ -3787,13 +3788,14 @@ } }, "node_modules/degenerator": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/degenerator/-/degenerator-2.2.0.tgz", - "integrity": "sha512-aiQcQowF01RxFI4ZLFMpzyotbQonhNpBao6dkI8JPk5a+hmSjR5ErHp2CQySmQe8os3VBqLCIh87nDBgZXvsmg==", + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/degenerator/-/degenerator-3.0.1.tgz", + "integrity": "sha512-LFsIFEeLPlKvAKXu7j3ssIG6RT0TbI7/GhsqrI0DnHASEQjXQ0LUSYcjJteGgRGmZbl1TnMSxpNQIAiJ7Du5TQ==", "dependencies": { "ast-types": "^0.13.2", "escodegen": "^1.8.1", - "esprima": "^4.0.0" + "esprima": "^4.0.0", + "vm2": "^3.9.3" }, "engines": { "node": ">= 6" @@ -9233,9 +9235,9 @@ } }, "node_modules/pac-proxy-agent": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/pac-proxy-agent/-/pac-proxy-agent-4.1.0.tgz", - "integrity": "sha512-ejNgYm2HTXSIYX9eFlkvqFp8hyJ374uDf0Zq5YUAifiSh1D6fo+iBivQZirGvVv8dCYUsLhmLBRhlAYvBKI5+Q==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/pac-proxy-agent/-/pac-proxy-agent-5.0.0.tgz", + "integrity": "sha512-CcFG3ZtnxO8McDigozwE3AqAw15zDvGH+OjXO4kzf7IkEKkQ4gxQ+3sdF50WmhQ4P/bVusXcqNE2S3XrNURwzQ==", "dependencies": { "@tootallnate/once": "1", "agent-base": "6", @@ -9243,25 +9245,25 @@ "get-uri": "3", "http-proxy-agent": "^4.0.1", "https-proxy-agent": "5", - "pac-resolver": "^4.1.0", + "pac-resolver": "^5.0.0", "raw-body": "^2.2.0", "socks-proxy-agent": "5" }, "engines": { - "node": ">= 6" + "node": ">= 8" } }, "node_modules/pac-resolver": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pac-resolver/-/pac-resolver-4.2.0.tgz", - "integrity": "sha512-rPACZdUyuxT5Io/gFKUeeZFfE5T7ve7cAkE5TUZRRfuKP0u5Hocwe48X7ZEm6mYB+bTB0Qf+xlVlA/RM/i6RCQ==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/pac-resolver/-/pac-resolver-5.0.0.tgz", + "integrity": "sha512-H+/A6KitiHNNW+bxBKREk2MCGSxljfqRX76NjummWEYIat7ldVXRU3dhRIE3iXZ0nvGBk6smv3nntxKkzRL8NA==", "dependencies": { - "degenerator": "^2.2.0", + "degenerator": "^3.0.1", "ip": "^1.1.5", "netmask": "^2.0.1" }, "engines": { - "node": ">= 6" + "node": ">= 8" } }, "node_modules/package-hash": { @@ -9716,21 +9718,21 @@ } }, "node_modules/proxy-agent": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/proxy-agent/-/proxy-agent-4.0.1.tgz", - "integrity": "sha512-ODnQnW2jc/FUVwHHuaZEfN5otg/fMbvMxz9nMSUQfJ9JU7q2SZvSULSsjLloVgJOiv9yhc8GlNMKc4GkFmcVEA==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/proxy-agent/-/proxy-agent-5.0.0.tgz", + "integrity": "sha512-gkH7BkvLVkSfX9Dk27W6TyNOWWZWRilRfk1XxGNWOYJ2TuedAv1yFpCaU9QSBmBe716XOTNpYNOzhysyw8xn7g==", "dependencies": { "agent-base": "^6.0.0", "debug": "4", "http-proxy-agent": "^4.0.0", "https-proxy-agent": "^5.0.0", "lru-cache": "^5.1.1", - "pac-proxy-agent": "^4.1.0", + "pac-proxy-agent": "^5.0.0", "proxy-from-env": "^1.0.0", "socks-proxy-agent": "^5.0.0" }, "engines": { - "node": ">=6" + "node": ">= 8" } }, "node_modules/proxy-agent/node_modules/lru-cache": { @@ -10695,9 +10697,9 @@ } }, "node_modules/smart-buffer": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.1.0.tgz", - "integrity": "sha512-iVICrxOzCynf/SNaBQCw34eM9jROU/s5rzIhpOvzhzuYHfJR/DhZfDkXiZSgKXfgv26HT3Yni3AV/DGw0cGnnw==", + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", "engines": { "node": ">= 6.0.0", "npm": ">= 3.0.0" @@ -10826,9 +10828,9 @@ "optional": true }, "node_modules/socks": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.6.0.tgz", - "integrity": "sha512-mNmr9owlinMplev0Wd7UHFlqI4ofnBnNzFuzrm63PPaHgbkqCFe4T5LzwKmtQ/f2tX0NTpcdVLyD/FHxFBstYw==", + "version": "2.6.1", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.6.1.tgz", + "integrity": "sha512-kLQ9N5ucj8uIcxrDwjm0Jsqk06xdpBjGNQtpXy4Q8/QY2k+fY7nZH8CARy+hkbG+SGAovmzzuauCpBlb8FrnBA==", "dependencies": { "ip": "^1.1.5", "smart-buffer": "^4.1.0" @@ -10839,11 +10841,11 @@ } }, "node_modules/socks-proxy-agent": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-5.0.0.tgz", - "integrity": "sha512-lEpa1zsWCChxiynk+lCycKuC502RxDWLKJZoIhnxrWNjLSDGYRFflHA1/228VkRcnv9TIb8w98derGbpKxJRgA==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-5.0.1.tgz", + "integrity": "sha512-vZdmnjb9a2Tz6WEQVIurybSwElwPxMZaIc7PzqbJTrezcKNznv6giT7J7tZDZ1BojVaa1jvO/UiUdhDVB0ACoQ==", "dependencies": { - "agent-base": "6", + "agent-base": "^6.0.2", "debug": "4", "socks": "^2.3.3" }, @@ -12306,6 +12308,17 @@ "extsprintf": "^1.2.0" } }, + "node_modules/vm2": { + "version": "3.9.3", + "resolved": "https://registry.npmjs.org/vm2/-/vm2-3.9.3.tgz", + "integrity": "sha512-smLS+18RjXYMl9joyJxMNI9l4w7biW8ilSDaVRvFBDwOH8P0BK1ognFQTpg0wyQ6wIKLTblHJvROW692L/E53Q==", + "bin": { + "vm2": "bin/vm2" + }, + "engines": { + "node": ">=6.0" + } + }, "node_modules/which": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", @@ -12585,7 +12598,10 @@ "node_modules/xregexp": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/xregexp/-/xregexp-2.0.0.tgz", - "integrity": "sha1-UqY+VsoLhKfzpfPWGHLxJq16WUM=" + "integrity": "sha1-UqY+VsoLhKfzpfPWGHLxJq16WUM=", + "engines": { + "node": "*" + } }, "node_modules/xtend": { "version": "4.0.2", @@ -15848,13 +15864,14 @@ } }, "degenerator": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/degenerator/-/degenerator-2.2.0.tgz", - "integrity": "sha512-aiQcQowF01RxFI4ZLFMpzyotbQonhNpBao6dkI8JPk5a+hmSjR5ErHp2CQySmQe8os3VBqLCIh87nDBgZXvsmg==", + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/degenerator/-/degenerator-3.0.1.tgz", + "integrity": "sha512-LFsIFEeLPlKvAKXu7j3ssIG6RT0TbI7/GhsqrI0DnHASEQjXQ0LUSYcjJteGgRGmZbl1TnMSxpNQIAiJ7Du5TQ==", "requires": { "ast-types": "^0.13.2", "escodegen": "^1.8.1", - "esprima": "^4.0.0" + "esprima": "^4.0.0", + "vm2": "^3.9.3" } }, "delayed-stream": { @@ -20037,9 +20054,9 @@ "dev": true }, "pac-proxy-agent": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/pac-proxy-agent/-/pac-proxy-agent-4.1.0.tgz", - "integrity": "sha512-ejNgYm2HTXSIYX9eFlkvqFp8hyJ374uDf0Zq5YUAifiSh1D6fo+iBivQZirGvVv8dCYUsLhmLBRhlAYvBKI5+Q==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/pac-proxy-agent/-/pac-proxy-agent-5.0.0.tgz", + "integrity": "sha512-CcFG3ZtnxO8McDigozwE3AqAw15zDvGH+OjXO4kzf7IkEKkQ4gxQ+3sdF50WmhQ4P/bVusXcqNE2S3XrNURwzQ==", "requires": { "@tootallnate/once": "1", "agent-base": "6", @@ -20047,17 +20064,17 @@ "get-uri": "3", "http-proxy-agent": "^4.0.1", "https-proxy-agent": "5", - "pac-resolver": "^4.1.0", + "pac-resolver": "^5.0.0", "raw-body": "^2.2.0", "socks-proxy-agent": "5" } }, "pac-resolver": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pac-resolver/-/pac-resolver-4.2.0.tgz", - "integrity": "sha512-rPACZdUyuxT5Io/gFKUeeZFfE5T7ve7cAkE5TUZRRfuKP0u5Hocwe48X7ZEm6mYB+bTB0Qf+xlVlA/RM/i6RCQ==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/pac-resolver/-/pac-resolver-5.0.0.tgz", + "integrity": "sha512-H+/A6KitiHNNW+bxBKREk2MCGSxljfqRX76NjummWEYIat7ldVXRU3dhRIE3iXZ0nvGBk6smv3nntxKkzRL8NA==", "requires": { - "degenerator": "^2.2.0", + "degenerator": "^3.0.1", "ip": "^1.1.5", "netmask": "^2.0.1" } @@ -20407,16 +20424,16 @@ } }, "proxy-agent": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/proxy-agent/-/proxy-agent-4.0.1.tgz", - "integrity": "sha512-ODnQnW2jc/FUVwHHuaZEfN5otg/fMbvMxz9nMSUQfJ9JU7q2SZvSULSsjLloVgJOiv9yhc8GlNMKc4GkFmcVEA==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/proxy-agent/-/proxy-agent-5.0.0.tgz", + "integrity": "sha512-gkH7BkvLVkSfX9Dk27W6TyNOWWZWRilRfk1XxGNWOYJ2TuedAv1yFpCaU9QSBmBe716XOTNpYNOzhysyw8xn7g==", "requires": { "agent-base": "^6.0.0", "debug": "4", "http-proxy-agent": "^4.0.0", "https-proxy-agent": "^5.0.0", "lru-cache": "^5.1.1", - "pac-proxy-agent": "^4.1.0", + "pac-proxy-agent": "^5.0.0", "proxy-from-env": "^1.0.0", "socks-proxy-agent": "^5.0.0" }, @@ -21178,9 +21195,9 @@ } }, "smart-buffer": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.1.0.tgz", - "integrity": "sha512-iVICrxOzCynf/SNaBQCw34eM9jROU/s5rzIhpOvzhzuYHfJR/DhZfDkXiZSgKXfgv26HT3Yni3AV/DGw0cGnnw==" + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==" }, "snapdragon": { "version": "0.8.2", @@ -21287,20 +21304,20 @@ } }, "socks": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.6.0.tgz", - "integrity": "sha512-mNmr9owlinMplev0Wd7UHFlqI4ofnBnNzFuzrm63PPaHgbkqCFe4T5LzwKmtQ/f2tX0NTpcdVLyD/FHxFBstYw==", + "version": "2.6.1", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.6.1.tgz", + "integrity": "sha512-kLQ9N5ucj8uIcxrDwjm0Jsqk06xdpBjGNQtpXy4Q8/QY2k+fY7nZH8CARy+hkbG+SGAovmzzuauCpBlb8FrnBA==", "requires": { "ip": "^1.1.5", "smart-buffer": "^4.1.0" } }, "socks-proxy-agent": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-5.0.0.tgz", - "integrity": "sha512-lEpa1zsWCChxiynk+lCycKuC502RxDWLKJZoIhnxrWNjLSDGYRFflHA1/228VkRcnv9TIb8w98derGbpKxJRgA==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-5.0.1.tgz", + "integrity": "sha512-vZdmnjb9a2Tz6WEQVIurybSwElwPxMZaIc7PzqbJTrezcKNznv6giT7J7tZDZ1BojVaa1jvO/UiUdhDVB0ACoQ==", "requires": { - "agent-base": "6", + "agent-base": "^6.0.2", "debug": "4", "socks": "^2.3.3" } @@ -22464,6 +22481,11 @@ "extsprintf": "^1.2.0" } }, + "vm2": { + "version": "3.9.3", + "resolved": "https://registry.npmjs.org/vm2/-/vm2-3.9.3.tgz", + "integrity": "sha512-smLS+18RjXYMl9joyJxMNI9l4w7biW8ilSDaVRvFBDwOH8P0BK1ognFQTpg0wyQ6wIKLTblHJvROW692L/E53Q==" + }, "which": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", diff --git a/package.json b/package.json index 8bf122cb..7876cee6 100644 --- a/package.json +++ b/package.json @@ -47,7 +47,7 @@ "node-vault": "^0.9.18", "pino": "^6.4.1", "prom-client": "^12.0.0", - "proxy-agent": "^4.0.1" + "proxy-agent": "^5.0.0" }, "devDependencies": { "chai": "4.2.0",