From d5c3818432576c80535763e55bf41350c3e48bee Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 5 Jan 2024 14:26:00 +0000 Subject: [PATCH] fix: demo/react-app/package.json & demo/react-app/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6144788 --- demo/react-app/package-lock.json | 266 ++++++++++++++++++++++++------- demo/react-app/package.json | 4 +- 2 files changed, 213 insertions(+), 57 deletions(-) diff --git a/demo/react-app/package-lock.json b/demo/react-app/package-lock.json index dd6473a49..62e5ee787 100644 --- a/demo/react-app/package-lock.json +++ b/demo/react-app/package-lock.json @@ -9,8 +9,8 @@ "version": "0.1.0", "dependencies": { "@solana/web3.js": "^1.87.3", - "@taquito/signer": "^13.0.1", - "@taquito/taquito": "^13.0.1", + "@taquito/signer": "^14.0.0", + "@taquito/taquito": "^14.2.0", "@taquito/utils": "^13.0.1", "@tezos-core-tools/crypto-utils": "^0.0.7", "@web3auth/base": "file:../../packages/base", @@ -4113,74 +4113,218 @@ "url": "https://github.com/sponsors/gregberge" } }, + "node_modules/@taquito/core": { + "version": "17.5.1", + "resolved": "https://registry.npmjs.org/@taquito/core/-/core-17.5.1.tgz", + "integrity": "sha512-VGbSCB2zR0OIK5wTQmQaJbTRDjBNL1gROpBAtqsWx9Znl0aNqBlwY8bxpVkmdf3T5oSt2QXsB6cTxquh4CstFg==", + "dependencies": { + "json-stringify-safe": "^5.0.1" + }, + "engines": { + "node": ">=18" + } + }, "node_modules/@taquito/http-utils": { - "version": "13.0.1", - "resolved": "https://registry.npmjs.org/@taquito/http-utils/-/http-utils-13.0.1.tgz", - "integrity": "sha512-eHzd0HSL3qX6bOOSaQClm+0XmpbSNcJP69uzaBJwfXo7ntQR1bUfGLn6+1Hgsk/lJ0JxakD2PDA4aaeajHvyPw==", + "version": "17.5.1", + "resolved": "https://registry.npmjs.org/@taquito/http-utils/-/http-utils-17.5.1.tgz", + "integrity": "sha512-vJkoJc5E7W9dR+mxrqAKO+Ygx1urPU++PoQkXZ85gasQDWfWWNy+cwCDDLzI03nxL0fgHBmr4BdBGwe1n+1ekw==", "dependencies": { - "axios": "^0.26.0" + "@taquito/core": "^17.5.1", + "node-fetch": "^2.7.0" }, "engines": { - "node": ">=6.0.0" + "node": ">=18" } }, "node_modules/@taquito/local-forging": { - "version": "13.0.1", - "resolved": "https://registry.npmjs.org/@taquito/local-forging/-/local-forging-13.0.1.tgz", - "integrity": "sha512-2n1ryUzHBIOHiQYRO7ELQaurjoNhJ3KUUcX0dAnFs3xVxUBugHgDPot+T+1rNZDdLVhTS6mmK796xrWDGnO6xw==", + "version": "17.5.1", + "resolved": "https://registry.npmjs.org/@taquito/local-forging/-/local-forging-17.5.1.tgz", + "integrity": "sha512-zaZGzbMRtA+H8bFreDKOVOYU88rzz/REmRgi2tyegeA/LvhqVpTmBjkyXe7qdJFeH4VUznzzaxmRz6TU4yfyvA==", "dependencies": { - "@taquito/utils": "^13.0.1", - "bignumber.js": "^9.0.2" + "@taquito/core": "^17.5.1", + "@taquito/utils": "^17.5.1", + "bignumber.js": "^9.1.2" }, "engines": { - "node": ">=6.0.0" + "node": ">=18" + } + }, + "node_modules/@taquito/local-forging/node_modules/@taquito/utils": { + "version": "17.5.1", + "resolved": "https://registry.npmjs.org/@taquito/utils/-/utils-17.5.1.tgz", + "integrity": "sha512-b1Jos2xFfc6F06ScMWTZCY80EYKJF25MQvxQRjygGM5YALzvVqSaCoXkH5k95Omi4bngoObLFvhtNVOgPb+WRw==", + "dependencies": { + "@stablelib/blake2b": "^1.0.1", + "@stablelib/ed25519": "^1.0.3", + "@taquito/core": "^17.5.1", + "@types/bs58check": "^2.1.0", + "bignumber.js": "^9.1.2", + "blakejs": "^1.2.1", + "bs58check": "^3.0.1", + "buffer": "^6.0.3", + "elliptic": "^6.5.4", + "typedarray-to-buffer": "^4.0.0" + }, + "engines": { + "node": ">=18" + } + }, + "node_modules/@taquito/local-forging/node_modules/base-x": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/base-x/-/base-x-4.0.0.tgz", + "integrity": "sha512-FuwxlW4H5kh37X/oW59pwTzzTKRzfrrQwhmyspRM7swOEZcHtDZSCt45U6oKgtuFE+WYPblePMVIPR4RZrh/hw==" + }, + "node_modules/@taquito/local-forging/node_modules/bs58": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/bs58/-/bs58-5.0.0.tgz", + "integrity": "sha512-r+ihvQJvahgYT50JD05dyJNKlmmSlMoOGwn1lCcEzanPglg7TxYjioQUYehQ9mAR/+hOSd2jRc/Z2y5UxBymvQ==", + "dependencies": { + "base-x": "^4.0.0" + } + }, + "node_modules/@taquito/local-forging/node_modules/bs58check": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/bs58check/-/bs58check-3.0.1.tgz", + "integrity": "sha512-hjuuJvoWEybo7Hn/0xOrczQKKEKD63WguEjlhLExYs2wUBcebDC1jDNK17eEAD2lYfw82d5ASC1d7K3SWszjaQ==", + "dependencies": { + "@noble/hashes": "^1.2.0", + "bs58": "^5.0.0" } }, "node_modules/@taquito/michel-codec": { - "version": "13.0.1", - "resolved": "https://registry.npmjs.org/@taquito/michel-codec/-/michel-codec-13.0.1.tgz", - "integrity": "sha512-A9MxhDMdTTK31ty5Ke2wg4wkt7F/Y++tD8wq9YIFJzxt+MkpWX5b2i1f7yHXPsK/81YiGAi/LDamLtLCekY1LA==", + "version": "17.5.1", + "resolved": "https://registry.npmjs.org/@taquito/michel-codec/-/michel-codec-17.5.1.tgz", + "integrity": "sha512-blouBl1jSph1fFvH13NkLsY2EduOXcZ0JcFeLUqbUL6ATCHh4YY6NArVKlVAn2BStCiwn4bnEM/Zbb5es8C8xQ==", + "dependencies": { + "@taquito/core": "^17.5.1" + }, "engines": { - "node": ">=6.0.0" + "node": ">=18" } }, "node_modules/@taquito/michelson-encoder": { - "version": "13.0.1", - "resolved": "https://registry.npmjs.org/@taquito/michelson-encoder/-/michelson-encoder-13.0.1.tgz", - "integrity": "sha512-U80vswMHlEDQUjvARZScIKrSZkIjxdYtDLvHu4oRZ9wTqTXSlj+t64G5QmZwTEJRQkbzfhsOOr6vL40ztL0tzw==", - "dependencies": { - "@taquito/rpc": "^13.0.1", - "@taquito/utils": "^13.0.1", - "bignumber.js": "^9.0.2", + "version": "17.5.1", + "resolved": "https://registry.npmjs.org/@taquito/michelson-encoder/-/michelson-encoder-17.5.1.tgz", + "integrity": "sha512-Q9X76UG/0X76rotSOPSSBnj1Eq8gqg5opZDKzcZHeCzmxqlcT2T7S1l/e/jOFq2aCBjO/Nrv40owShxWkjF+cw==", + "dependencies": { + "@taquito/core": "^17.5.1", + "@taquito/rpc": "^17.5.1", + "@taquito/utils": "^17.5.1", + "bignumber.js": "^9.1.2", "fast-json-stable-stringify": "^2.1.0" }, "engines": { - "node": ">=6.0.0" + "node": ">=18" + } + }, + "node_modules/@taquito/michelson-encoder/node_modules/@taquito/utils": { + "version": "17.5.1", + "resolved": "https://registry.npmjs.org/@taquito/utils/-/utils-17.5.1.tgz", + "integrity": "sha512-b1Jos2xFfc6F06ScMWTZCY80EYKJF25MQvxQRjygGM5YALzvVqSaCoXkH5k95Omi4bngoObLFvhtNVOgPb+WRw==", + "dependencies": { + "@stablelib/blake2b": "^1.0.1", + "@stablelib/ed25519": "^1.0.3", + "@taquito/core": "^17.5.1", + "@types/bs58check": "^2.1.0", + "bignumber.js": "^9.1.2", + "blakejs": "^1.2.1", + "bs58check": "^3.0.1", + "buffer": "^6.0.3", + "elliptic": "^6.5.4", + "typedarray-to-buffer": "^4.0.0" + }, + "engines": { + "node": ">=18" + } + }, + "node_modules/@taquito/michelson-encoder/node_modules/base-x": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/base-x/-/base-x-4.0.0.tgz", + "integrity": "sha512-FuwxlW4H5kh37X/oW59pwTzzTKRzfrrQwhmyspRM7swOEZcHtDZSCt45U6oKgtuFE+WYPblePMVIPR4RZrh/hw==" + }, + "node_modules/@taquito/michelson-encoder/node_modules/bs58": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/bs58/-/bs58-5.0.0.tgz", + "integrity": "sha512-r+ihvQJvahgYT50JD05dyJNKlmmSlMoOGwn1lCcEzanPglg7TxYjioQUYehQ9mAR/+hOSd2jRc/Z2y5UxBymvQ==", + "dependencies": { + "base-x": "^4.0.0" + } + }, + "node_modules/@taquito/michelson-encoder/node_modules/bs58check": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/bs58check/-/bs58check-3.0.1.tgz", + "integrity": "sha512-hjuuJvoWEybo7Hn/0xOrczQKKEKD63WguEjlhLExYs2wUBcebDC1jDNK17eEAD2lYfw82d5ASC1d7K3SWszjaQ==", + "dependencies": { + "@noble/hashes": "^1.2.0", + "bs58": "^5.0.0" } }, "node_modules/@taquito/rpc": { - "version": "13.0.1", - "resolved": "https://registry.npmjs.org/@taquito/rpc/-/rpc-13.0.1.tgz", - "integrity": "sha512-f2Z0qzHB1ERLU5kewmXh3rAD84qIYthSjmAo04sWFbuaMgGW1HxMJKJ/EtL4s4VgoDUwahSwfATmVzmKg57BSw==", + "version": "17.5.1", + "resolved": "https://registry.npmjs.org/@taquito/rpc/-/rpc-17.5.1.tgz", + "integrity": "sha512-bQe5tnFmjo4loeT4pU/ziZy9O3ahdztDrYxcBgy5O74Q0Sf3+h4x6YUVLIzoFL6UxVLU6cJZCiv4nZ/dkt9SoQ==", "dependencies": { - "@taquito/http-utils": "^13.0.1", - "@taquito/utils": "^13.0.1", - "bignumber.js": "^9.0.2" + "@taquito/core": "^17.5.1", + "@taquito/http-utils": "^17.5.1", + "@taquito/utils": "^17.5.1", + "bignumber.js": "^9.1.2" }, "engines": { - "node": ">=6.0.0" + "node": ">=18" + } + }, + "node_modules/@taquito/rpc/node_modules/@taquito/utils": { + "version": "17.5.1", + "resolved": "https://registry.npmjs.org/@taquito/utils/-/utils-17.5.1.tgz", + "integrity": "sha512-b1Jos2xFfc6F06ScMWTZCY80EYKJF25MQvxQRjygGM5YALzvVqSaCoXkH5k95Omi4bngoObLFvhtNVOgPb+WRw==", + "dependencies": { + "@stablelib/blake2b": "^1.0.1", + "@stablelib/ed25519": "^1.0.3", + "@taquito/core": "^17.5.1", + "@types/bs58check": "^2.1.0", + "bignumber.js": "^9.1.2", + "blakejs": "^1.2.1", + "bs58check": "^3.0.1", + "buffer": "^6.0.3", + "elliptic": "^6.5.4", + "typedarray-to-buffer": "^4.0.0" + }, + "engines": { + "node": ">=18" + } + }, + "node_modules/@taquito/rpc/node_modules/base-x": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/base-x/-/base-x-4.0.0.tgz", + "integrity": "sha512-FuwxlW4H5kh37X/oW59pwTzzTKRzfrrQwhmyspRM7swOEZcHtDZSCt45U6oKgtuFE+WYPblePMVIPR4RZrh/hw==" + }, + "node_modules/@taquito/rpc/node_modules/bs58": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/bs58/-/bs58-5.0.0.tgz", + "integrity": "sha512-r+ihvQJvahgYT50JD05dyJNKlmmSlMoOGwn1lCcEzanPglg7TxYjioQUYehQ9mAR/+hOSd2jRc/Z2y5UxBymvQ==", + "dependencies": { + "base-x": "^4.0.0" + } + }, + "node_modules/@taquito/rpc/node_modules/bs58check": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/bs58check/-/bs58check-3.0.1.tgz", + "integrity": "sha512-hjuuJvoWEybo7Hn/0xOrczQKKEKD63WguEjlhLExYs2wUBcebDC1jDNK17eEAD2lYfw82d5ASC1d7K3SWszjaQ==", + "dependencies": { + "@noble/hashes": "^1.2.0", + "bs58": "^5.0.0" } }, "node_modules/@taquito/signer": { - "version": "13.0.1", - "resolved": "https://registry.npmjs.org/@taquito/signer/-/signer-13.0.1.tgz", - "integrity": "sha512-3C7DTC5u6jqA83kUGghEDEDJtwCNNmw0KIF+u6EdQ55YRxLDf8XBp8/voG3i+0HvU3MPqfg0CIvCUHbr8MO0Og==", + "version": "14.0.0", + "resolved": "https://registry.npmjs.org/@taquito/signer/-/signer-14.0.0.tgz", + "integrity": "sha512-vDqp/quzAsOiVikUt5MYUKhHI3S9qlasazyXs99xK9qpGLotbx6aseKcfb/dkaTo4/eoMzP4XzTVdnk0AqcCkw==", "dependencies": { "@stablelib/blake2b": "^1.0.1", "@stablelib/ed25519": "^1.0.2", "@stablelib/nacl": "^1.0.3", - "@taquito/taquito": "^13.0.1", - "@taquito/utils": "^13.0.1", + "@taquito/taquito": "^14.0.0", + "@taquito/utils": "^14.0.0", "elliptic": "^6.5.4", "pbkdf2": "^3.1.2", "typedarray-to-buffer": "^4.0.0" @@ -4189,19 +4333,38 @@ "node": ">=6.0.0" } }, + "node_modules/@taquito/signer/node_modules/@taquito/utils": { + "version": "14.2.0", + "resolved": "https://registry.npmjs.org/@taquito/utils/-/utils-14.2.0.tgz", + "integrity": "sha512-nuqYdkiRPrca2/ztSPokuhvizlOqCzNHM/fX3mIXl8TWO4JiGr0hhPKeJ1Vk9NCG/Qd1A3iQqNP5PQlDAhe/mw==", + "dependencies": { + "@stablelib/blake2b": "^1.0.1", + "@stablelib/ed25519": "^1.0.3", + "@types/bs58check": "^2.1.0", + "bignumber.js": "^9.1.0", + "blakejs": "^1.2.1", + "bs58check": "^2.1.2", + "buffer": "^6.0.3", + "elliptic": "^6.5.4", + "typedarray-to-buffer": "^4.0.0" + }, + "engines": { + "node": ">=6.0.0" + } + }, "node_modules/@taquito/taquito": { - "version": "13.0.1", - "resolved": "https://registry.npmjs.org/@taquito/taquito/-/taquito-13.0.1.tgz", - "integrity": "sha512-xNtcwKsOCHSkURO9G2VhKSeI9q0qh5/OkVuYe6KM0Fo40FthXNqq205I/FTJzu5E1Q73J7cFqA7FHqUrv276gw==", + "version": "14.2.0", + "resolved": "https://registry.npmjs.org/@taquito/taquito/-/taquito-14.2.0.tgz", + "integrity": "sha512-JrAUtANIVr02TFI6N87Xnn+KfgDT8hTA6IBeRhGfQnZH8nL1LG6/6q7uHZTw6D4ddfnMvxjgA/916cxAFcskFA==", "hasInstallScript": true, "dependencies": { - "@taquito/http-utils": "^13.0.1", - "@taquito/local-forging": "^13.0.1", - "@taquito/michel-codec": "^13.0.1", - "@taquito/michelson-encoder": "^13.0.1", - "@taquito/rpc": "^13.0.1", - "@taquito/utils": "^13.0.1", - "bignumber.js": "^9.0.2", + "@taquito/http-utils": "*", + "@taquito/local-forging": "*", + "@taquito/michel-codec": "*", + "@taquito/michelson-encoder": "*", + "@taquito/rpc": "*", + "@taquito/utils": "*", + "bignumber.js": "^9.1.0", "rxjs": "^6.6.3" }, "engines": { @@ -5683,14 +5846,6 @@ "node": ">=4" } }, - "node_modules/axios": { - "version": "0.26.1", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.26.1.tgz", - "integrity": "sha512-fPwcX4EvnSHuInCMItEhAGnaSEXRBjtzh9fOtsE6E1G6p7vl7edEeZe11QHf18+6+9gR5PbKV/sGKNaD8YaMeA==", - "dependencies": { - "follow-redirects": "^1.14.8" - } - }, "node_modules/axobject-query": { "version": "3.2.1", "resolved": "https://registry.npmjs.org/axobject-query/-/axobject-query-3.2.1.tgz", @@ -9204,6 +9359,7 @@ "version": "1.15.2", "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz", "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==", + "dev": true, "funding": [ { "type": "individual", diff --git a/demo/react-app/package.json b/demo/react-app/package.json index 18c60e3cc..d64760655 100644 --- a/demo/react-app/package.json +++ b/demo/react-app/package.json @@ -4,8 +4,8 @@ "private": true, "dependencies": { "@solana/web3.js": "^1.87.3", - "@taquito/signer": "^13.0.1", - "@taquito/taquito": "^13.0.1", + "@taquito/signer": "^14.0.0", + "@taquito/taquito": "^14.2.0", "@taquito/utils": "^13.0.1", "@tezos-core-tools/crypto-utils": "^0.0.7", "@web3auth/base": "file:../../packages/base",