From ab5dc70908c892fb6f0518cd906253bf3691c866 Mon Sep 17 00:00:00 2001 From: LoneRifle Date: Wed, 19 Oct 2022 17:05:54 +0800 Subject: [PATCH] Dependabot updates (#404) * chore(deps): bump mocha from 10.0.0 to 10.1.0 (#401) Bumps [mocha](https://github.com/mochajs/mocha) from 10.0.0 to 10.1.0. - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/master/CHANGELOG.md) - [Commits](https://github.com/mochajs/mocha/compare/v10.0.0...v10.1.0) --- updated-dependencies: - dependency-name: mocha dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: package.json & package-lock.json to reduce vulnerabilities (#403) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-XMLDOMXMLDOM-3042243 Co-authored-by: snyk-bot Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yuan Ruo Co-authored-by: snyk-bot --- package-lock.json | 30 ++++++++---------------------- package.json | 4 ++-- 2 files changed, 10 insertions(+), 24 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1700584..74c24a5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -748,12 +748,6 @@ } } }, - "@ungap/promise-all-settled": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@ungap/promise-all-settled/-/promise-all-settled-1.1.2.tgz", - "integrity": "sha512-sL/cEvJWAnClXw0wHk85/2L0G6Sj8UB0Ctc1TEMbKSsmpRosqhwj9gWgFRZSrBr2f9tiXISwNhCPmlfqUqyb9Q==", - "dev": true - }, "@xmldom/xmldom": { "version": "0.8.3", "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.3.tgz", @@ -1360,7 +1354,7 @@ "escape-html": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", - "integrity": "sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg=" + "integrity": "sha512-NiSupZ4OeuGwr68lGIeym/ksIZMJodUGOSCZ/FSnTxcrekbvqrgdUxlJOMpijaKZVjAJrWrGs/6Jy8OMuyj9ow==" }, "escape-string-regexp": { "version": "4.0.0", @@ -2753,12 +2747,11 @@ "dev": true }, "mocha": { - "version": "10.0.0", - "resolved": "https://registry.npmjs.org/mocha/-/mocha-10.0.0.tgz", - "integrity": "sha512-0Wl+elVUD43Y0BqPZBzZt8Tnkw9CMUdNYnUsTfOM1vuhJVZL+kiesFYsqwBkEEuEixaiPe5ZQdqDgX2jddhmoA==", + "version": "10.1.0", + "resolved": "https://registry.npmjs.org/mocha/-/mocha-10.1.0.tgz", + "integrity": "sha512-vUF7IYxEoN7XhQpFLxQAEMtE4W91acW4B6En9l97MwE9stL1A9gusXfoHZCLVHDUJ/7V5+lbCM6yMqzo5vNymg==", "dev": true, "requires": { - "@ungap/promise-all-settled": "1.1.2", "ansi-colors": "4.1.1", "browser-stdout": "1.3.1", "chokidar": "3.5.3", @@ -3980,20 +3973,13 @@ } }, "xml-encryption": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-2.0.0.tgz", - "integrity": "sha512-4Av83DdvAgUQQMfi/w8G01aJshbEZP9ewjmZMpS9t3H+OCZBDvyK4GJPnHGfWiXlArnPbYvR58JB9qF2x9Ds+Q==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-3.0.0.tgz", + "integrity": "sha512-Lf5bzosB3o6VPR9xHaomCbLGYbAUcpqP8UnKpnOwYwBbp2qz+L4YSMuaJsKtwoOfzV/xghX6Jlb5AXLEhjVhhw==", "requires": { - "@xmldom/xmldom": "^0.7.0", + "@xmldom/xmldom": "^0.8.3", "escape-html": "^1.0.3", "xpath": "0.0.32" - }, - "dependencies": { - "@xmldom/xmldom": { - "version": "0.7.5", - "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.7.5.tgz", - "integrity": "sha512-V3BIhmY36fXZ1OtVcI9W+FxQqxVLsPKcNjWigIaa81dLC9IolJl5Mt4Cvhmr0flUnjSpTdrbMTSbXqYqV5dT6A==" - } } }, "xml2json-light": { diff --git a/package.json b/package.json index b62195a..78f3bc4 100644 --- a/package.json +++ b/package.json @@ -33,7 +33,7 @@ "jsonwebtoken": "^8.3.0", "lodash": "^4.17.21", "xml-crypto": "^3.0.0", - "xml-encryption": "^2.0.0", + "xml-encryption": "^3.0.0", "xml2json-light": "^1.0.6", "xpath": "0.0.32" }, @@ -53,7 +53,7 @@ "eslint-plugin-node": "11.1.0", "eslint-plugin-promise": "5.2.0", "eslint-plugin-standard": "5.0.0", - "mocha": "10.0.0", + "mocha": "10.1.0", "mustache": "4.2.0", "nyc": "15.1.0", "sinon": "^14.0.1",