chore(deps): lock file maintenance (#140)

Co-authored-by: my-renovate[bot] <105243867+my-renovate[bot]@users.noreply.github.com>
ruzickap · Mar 27, 2024 · d4ed2cd · d4ed2cd
1 parent 269803a
commit d4ed2cd
Show file tree

Hide file tree

Showing 2 changed files with 696 additions and 499 deletions.
diff --git a/.trivyignore.yaml b/.trivyignore.yaml
@@ -1,17 +1,15 @@
 vulnerabilities:
-  # │ glob-parent   │ CVE-2020-28469 │ HIGH     │ fixed    │ 3.1.0             │ 5.1.2               │ Regular expression denial of service                        │
+  # │ glob-parent            │ CVE-2020-28469 │ HIGH     │ fixed  │ 3.1.0             │ 5.1.2               │ Regular expression denial of service                        │
   - id: CVE-2020-28469
-  # │ json5         │ CVE-2022-46175 │ HIGH     │ fixed    │ 0.5.1             │ 2.2.2, 1.0.2        │ json5: Prototype Pollution in JSON5 via Parse Method        │
+  # │ json5                  │ CVE-2022-46175 │ HIGH     │ fixed  │ 0.5.1             │ 2.2.2, 1.0.2        │ json5: Prototype Pollution in JSON5 via Parse Method        │
   - id: CVE-2022-46175
-  # │ loader-utils  │ CVE-2022-37601 │ CRITICAL │ fixed    │ 0.2.17            │ 2.0.3, 1.4.1        │ loader-utils: prototype pollution in function parseQuery in │
+  # │ loader-utils           │ CVE-2022-37601 │ CRITICAL │ fixed  │ 0.2.17            │ 2.0.3, 1.4.1        │ loader-utils: prototype pollution in function parseQuery in │
   - id: CVE-2022-37601
-  # │ node-forge    │ CVE-2022-24771 │ HIGH     │ fixed    │ 0.10.0            │ 1.3.0               │ node-forge: Signature verification leniency in checking     │
+  # │ node-forge             │ CVE-2022-24771 │ HIGH     │ fixed  │ 0.10.0            │ 1.3.0               │ node-forge: Signature verification leniency in checking     │
   - id: CVE-2022-24771
-  # │ node-forge    │ CVE-2022-24772 │ HIGH     │ fixed    │ 0.10.0            │ 1.3.0               │ node-forge: Signature verification failing to check tailing │
+  # │ node-forge             │ CVE-2022-24772 │ HIGH     │ fixed  │ 0.10.0            │ 1.3.0               │ node-forge: Signature verification failing to check tailing │
   - id: CVE-2022-24772
-  # │ nth-check     │ CVE-2021-3803  │ HIGH     │ fixed    │ 1.0.2             │ 2.0.1               │ inefficient regular expression complexity                   │
+  # │ nth-check              │ CVE-2021-3803  │ HIGH     │ fixed  │ 1.0.2             │ 2.0.1               │ inefficient regular expression complexity                   │
   - id: CVE-2021-3803
-  # | ip            │ CVE-2023-42282 │ HIGH     │ affected │ 1.1.8             │                     │ An issue in NPM IP Package v.1.1.8 and before allows an     │
-  - id: CVE-2023-42282
-  # │ normalize-url │ CVE-2021-33502 │ HIGH     │ fixed    │ 4.5.0             │ 4.5.1, 5.3.1, 6.0.1 │ ReDoS for data URLs                                         │
-  - id: CVE-2021-33502
+  # │ webpack-dev-middleware │ CVE-2024-29180 │ HIGH     │ fixed  │ 3.7.3             │ 7.1.0, 6.1.2, 5.3.4 │ webpack-dev-middleware: lack of URL validation may lead to  │
+  - id: CVE-2024-29180