From 6f1c138fe72c818ce7dcd4903fd2e9b7e8ffdd94 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 7 Apr 2021 01:36:45 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-XMLDOM-1084960 --- package-lock.json | 145 +++++++++++++++++++++++++++++++++++----------- package.json | 2 +- 2 files changed, 111 insertions(+), 36 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9d9ce85382..8ee7832486 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1267,39 +1267,67 @@ } }, "@videojs/http-streaming": { - "version": "1.13.4", - "resolved": "https://registry.npmjs.org/@videojs/http-streaming/-/http-streaming-1.13.4.tgz", - "integrity": "sha512-I/hWi0uiA8aRwB4tfK44FRaWEoOU3uyvjUJW4cNST3TsweuovGGoud7K09WUrlbN4U0EjQvDqNwwXNggNs3niw==", + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/@videojs/http-streaming/-/http-streaming-2.7.0.tgz", + "integrity": "sha512-wg/5vGeBS8LhXDjKbHbpewId5aZ/gyG2dJNCeu4+Ix6AympXSTlztHuRQWTS2Gyx/fQpce1/1gfqdJne9ZIJ8Q==", "requires": { - "aes-decrypter": "3.0.2", - "global": "^4.3.0", - "m3u8-parser": "4.4.0", - "mpd-parser": "0.10.0", - "mux.js": "5.6.1", - "url-toolkit": "^2.1.3", - "video.js": "^6.8.0 || ^7.0.0" + "@babel/runtime": "^7.12.5", + "@videojs/vhs-utils": "^3.0.0", + "aes-decrypter": "3.1.2", + "global": "^4.4.0", + "m3u8-parser": "4.6.0", + "mpd-parser": "0.16.0", + "mux.js": "5.11.0", + "video.js": "^6 || ^7" }, "dependencies": { + "@babel/runtime": { + "version": "7.13.10", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.13.10.tgz", + "integrity": "sha512-4QPkjJq6Ns3V/RgpEahRk+AGfL0eO6RHHtTWoNNr5mO49G6B5+X6d6THgWEAvTrznU5xYpbAlVKRYcsCgh/Akw==", + "requires": { + "regenerator-runtime": "^0.13.4" + } + }, "aes-decrypter": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/aes-decrypter/-/aes-decrypter-3.0.2.tgz", - "integrity": "sha512-SBAfPQpGTbHbAR6qSybPjMio+MYuZwdD/a/ltOq6hj53vK94dphAm88rR3FNaZyEa/x3SobYmdT5f46qUwroLQ==", + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/aes-decrypter/-/aes-decrypter-3.1.2.tgz", + "integrity": "sha512-42nRwfQuPRj9R1zqZBdoxnaAmnIFyDi0MNyTVhjdFOd8fifXKKRfwIHIZ6AMn1or4x5WONzjwRTbTWcsIQ0O4A==", "requires": { - "@babel/runtime": "^7.5.5", - "@videojs/vhs-utils": "^1.0.0", - "global": "^4.3.2", + "@babel/runtime": "^7.12.5", + "@videojs/vhs-utils": "^3.0.0", + "global": "^4.4.0", "pkcs7": "^1.0.4" } }, + "global": { + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/global/-/global-4.4.0.tgz", + "integrity": "sha512-wv/LAoHdRE3BeTGz53FAamhGlPLhlssK45usmGFThIi4XqnBmjKQ16u+RNbP7WvigRZDxUsM0J3gcQ5yicaL0w==", + "requires": { + "min-document": "^2.19.0", + "process": "^0.11.10" + } + }, + "m3u8-parser": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/m3u8-parser/-/m3u8-parser-4.6.0.tgz", + "integrity": "sha512-dKhhpMcPqDM/KzULVrNyDZ/z766peQjwUghDTcl6TE7DQKAt/vm74/IMUAxpO34f6LDpM+OH/dYGQwW1eM4yWw==", + "requires": { + "@babel/runtime": "^7.12.5", + "@videojs/vhs-utils": "^3.0.0", + "global": "^4.4.0" + } + }, "mpd-parser": { - "version": "0.10.0", - "resolved": "https://registry.npmjs.org/mpd-parser/-/mpd-parser-0.10.0.tgz", - "integrity": "sha512-eIqkH/2osPr7tIIjhRmDWqm2wdJ7Q8oPfWvdjealzsLV2D2oNe0a0ae2gyYYs1sw5e5hdssDA2V6Sz8MW+Uvvw==", + "version": "0.16.0", + "resolved": "https://registry.npmjs.org/mpd-parser/-/mpd-parser-0.16.0.tgz", + "integrity": "sha512-/pOFsDbOxXFAla47rYMdIypBZVtsQ9q3OHNuKtW2CJMaCGtNDtUcLS+B2TToYmB20rgi3XIgkyc2EsIvIAS4NA==", "requires": { - "@babel/runtime": "^7.5.5", - "@videojs/vhs-utils": "^1.1.0", - "global": "^4.3.2", - "xmldom": "^0.1.27" + "@babel/runtime": "^7.12.5", + "@videojs/vhs-utils": "^3.0.0", + "global": "^4.4.0", + "xmldom": "^0.5.0" } }, "pkcs7": { @@ -1309,17 +1337,51 @@ "requires": { "@babel/runtime": "^7.5.5" } + }, + "process": { + "version": "0.11.10", + "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz", + "integrity": "sha1-czIwDoQBYb2j5podHZGn1LwW8YI=" } } }, "@videojs/vhs-utils": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@videojs/vhs-utils/-/vhs-utils-1.3.0.tgz", - "integrity": "sha512-oiqXDtHQqDPun7JseWkirUHGrgdYdeF12goUut5z7vwAj4DmUufEPFJ4xK5hYGXGFDyDhk2rSFOR122Ze6qXyQ==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@videojs/vhs-utils/-/vhs-utils-3.0.0.tgz", + "integrity": "sha512-HPgiaVB8/g7DooYFQ20uTinq4eNRHmIXGHHttK/Xwyvn19MfIpg9BfMNr9ywCvgHh0IUGrxt6P8AcmMO4xvxIA==", "requires": { - "@babel/runtime": "^7.5.5", - "global": "^4.3.2", - "url-toolkit": "^2.1.6" + "@babel/runtime": "^7.12.5", + "global": "^4.4.0", + "url-toolkit": "^2.2.1" + }, + "dependencies": { + "@babel/runtime": { + "version": "7.13.10", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.13.10.tgz", + "integrity": "sha512-4QPkjJq6Ns3V/RgpEahRk+AGfL0eO6RHHtTWoNNr5mO49G6B5+X6d6THgWEAvTrznU5xYpbAlVKRYcsCgh/Akw==", + "requires": { + "regenerator-runtime": "^0.13.4" + } + }, + "global": { + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/global/-/global-4.4.0.tgz", + "integrity": "sha512-wv/LAoHdRE3BeTGz53FAamhGlPLhlssK45usmGFThIi4XqnBmjKQ16u+RNbP7WvigRZDxUsM0J3gcQ5yicaL0w==", + "requires": { + "min-document": "^2.19.0", + "process": "^0.11.10" + } + }, + "process": { + "version": "0.11.10", + "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz", + "integrity": "sha1-czIwDoQBYb2j5podHZGn1LwW8YI=" + }, + "url-toolkit": { + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/url-toolkit/-/url-toolkit-2.2.1.tgz", + "integrity": "sha512-8+DzgrtDZYZGhHaAop5WGVghMdCfOLGbhcArsJD0qDll71FXa7EeKxi2hilPIscn2nwMz4PRjML32Sz4JTN0Xw==" + } } }, "@videojs/xhr": { @@ -9696,9 +9758,22 @@ "dev": true }, "mux.js": { - "version": "5.6.1", - "resolved": "https://registry.npmjs.org/mux.js/-/mux.js-5.6.1.tgz", - "integrity": "sha512-iIE3EJURbrPZ9Y4i9ADKTIvxGUcAEBOFhwWUOZGCiKlpXDZrqDgcJLDrOa0PenLhw6WYkOyl18kHFEvwm9JSpg==" + "version": "5.11.0", + "resolved": "https://registry.npmjs.org/mux.js/-/mux.js-5.11.0.tgz", + "integrity": "sha512-Q/iLfohHh5Pp6lW7EFtcxNuaCNJ3Ruywfy46pWLsY+yIxR1kXXImYY1wOhg8jLdBMs1kRaZqsiB4Zncsiw0a2Q==", + "requires": { + "@babel/runtime": "^7.11.2" + }, + "dependencies": { + "@babel/runtime": { + "version": "7.13.10", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.13.10.tgz", + "integrity": "sha512-4QPkjJq6Ns3V/RgpEahRk+AGfL0eO6RHHtTWoNNr5mO49G6B5+X6d6THgWEAvTrznU5xYpbAlVKRYcsCgh/Akw==", + "requires": { + "regenerator-runtime": "^0.13.4" + } + } + } }, "nan": { "version": "2.14.0", @@ -15269,9 +15344,9 @@ "dev": true }, "xmldom": { - "version": "0.1.31", - "resolved": "https://registry.npmjs.org/xmldom/-/xmldom-0.1.31.tgz", - "integrity": "sha512-yS2uJflVQs6n+CyjHoaBmVSqIDevTAWrzMmjG1Gc7h1qQ7uVozNhEPJAwZXWyGQ/Gafo3fCwrcaokezLPupVyQ==" + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/xmldom/-/xmldom-0.5.0.tgz", + "integrity": "sha512-Foaj5FXVzgn7xFzsKeNIde9g6aFBxTPi37iwsno8QvApmtg7KYrr+OPyRHcJF7dud2a5nGRBXK3n0dL62Gf7PA==" }, "xmlhttprequest-ssl": { "version": "1.5.5", diff --git a/package.json b/package.json index e96ffa60db..b252bd2026 100644 --- a/package.json +++ b/package.json @@ -82,7 +82,7 @@ }, "dependencies": { "@babel/runtime": "^7.9.2", - "@videojs/http-streaming": "1.13.4", + "@videojs/http-streaming": "2.7.0", "@videojs/xhr": "2.5.1", "global": "4.3.2", "keycode": "^2.2.0",