From bbcc03e1154540810133f0c040990de9e0cd90c3 Mon Sep 17 00:00:00 2001 From: Antonio Maranhao Date: Mon, 12 Aug 2024 09:35:26 -0400 Subject: [PATCH 1/2] Address CVE on axios package --- package-lock.json | 40 ++++++++-------------------------------- 1 file changed, 8 insertions(+), 32 deletions(-) diff --git a/package-lock.json b/package-lock.json index da511539f..278fb043f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5153,11 +5153,11 @@ } }, "node_modules/axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", + "version": "1.7.3", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.3.tgz", + "integrity": "sha512-Ar7ND9pU99eJ9GpoGQKhKf58GpUOgnzuaB7ueNQ5BMi0p+LZ5oaEnfF999fAArcTIBwXTCHAmGcHOZJaWPq9Nw==", "dependencies": { - "follow-redirects": "^1.15.0", + "follow-redirects": "^1.15.6", "form-data": "^4.0.0", "proxy-from-env": "^1.1.0" } @@ -6091,17 +6091,6 @@ "node": ">=18" } }, - "node_modules/chromedriver/node_modules/axios": { - "version": "1.6.1", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.1.tgz", - "integrity": "sha512-vfBmhDpKafglh0EldBEbVuoe7DyAavGSLWhuSm5ZSEKQnHhBf0xAAwybbNH1IkrJNGnS/VG4I5yxig1pCEXE4g==", - "dev": true, - "dependencies": { - "follow-redirects": "^1.15.0", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } - }, "node_modules/ci-info": { "version": "3.3.0", "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.3.0.tgz", @@ -22948,11 +22937,11 @@ "dev": true }, "axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", + "version": "1.7.3", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.3.tgz", + "integrity": "sha512-Ar7ND9pU99eJ9GpoGQKhKf58GpUOgnzuaB7ueNQ5BMi0p+LZ5oaEnfF999fAArcTIBwXTCHAmGcHOZJaWPq9Nw==", "requires": { - "follow-redirects": "^1.15.0", + "follow-redirects": "^1.15.6", "form-data": "^4.0.0", "proxy-from-env": "^1.1.0" } @@ -23627,19 +23616,6 @@ "https-proxy-agent": "^5.0.1", "proxy-from-env": "^1.1.0", "tcp-port-used": "^1.0.2" - }, - "dependencies": { - "axios": { - "version": "1.6.1", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.1.tgz", - "integrity": "sha512-vfBmhDpKafglh0EldBEbVuoe7DyAavGSLWhuSm5ZSEKQnHhBf0xAAwybbNH1IkrJNGnS/VG4I5yxig1pCEXE4g==", - "dev": true, - "requires": { - "follow-redirects": "^1.15.0", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } - } } }, "ci-info": { From 57a9c4b7d5a28d712c84ce9384e389e9cfdeab64 Mon Sep 17 00:00:00 2001 From: Antonio Maranhao Date: Mon, 12 Aug 2024 11:43:23 -0400 Subject: [PATCH 2/2] Switch to Docker Compose v2 --- package.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package.json b/package.json index 019e3921c..7d95752fc 100644 --- a/package.json +++ b/package.json @@ -128,11 +128,11 @@ "preversion": "node version-check.js && grunt release", "test-before-publish": "npm run preversion && npm install . -g", "create:animaldb": "node ./bin/create-animal-db", - "docker:couchdb-up": "docker-compose -f ./docker/couchdb.yml up -d couchdb", + "docker:couchdb-up": "docker compose -f ./docker/couchdb.yml up -d couchdb", "docker:reset": "npm run docker:down && npm run docker:up", "docker:logs": "docker logs couchdb", - "docker:up": "docker-compose -f ./docker/couchdb.yml up -d", - "docker:down": "docker-compose -f ./docker/couchdb.yml down", + "docker:up": "docker compose -f ./docker/couchdb.yml up -d", + "docker:down": "docker compose -f ./docker/couchdb.yml down", "remove-test-dbs": "node ./bin/remove-test-dbs.js" }, "repository": {