From aad411a5f5a5704dd53ca364f5995276a8fd1a39 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 12 Sep 2020 03:22:24 +0000 Subject: [PATCH] fix: backend/package.json & backend/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NODEFETCH-674311 --- backend/package-lock.json | 40 +++++++++++++++++++-------------------- backend/package.json | 2 +- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/backend/package-lock.json b/backend/package-lock.json index de825d1..ddd6b82 100644 --- a/backend/package-lock.json +++ b/backend/package-lock.json @@ -1058,9 +1058,9 @@ "integrity": "sha1-4wOogrNCzD7oylE6eZmXNNqzriw=" }, "core-js": { - "version": "2.6.5", - "resolved": "https://registry.npmjs.org/core-js/-/core-js-2.6.5.tgz", - "integrity": "sha512-klh/kDpwX8hryYL14M9w/xei6vrv6sE8gTHDG7/T/+SEovB/G4ejwcfE/CBzO6Edsu+OETZMZ3wcX/EjUkrl5A==" + "version": "2.6.11", + "resolved": "https://registry.npmjs.org/core-js/-/core-js-2.6.11.tgz", + "integrity": "sha512-5wjnpaT/3dV+XB4borEsnAYQchn00XSgTAWKDkEqv+K8KevjbzmofK6hfJ9TZIlpj2N0xQpazy7PiRQiWHqzWg==" }, "core-util-is": { "version": "1.0.2", @@ -3802,6 +3802,11 @@ } } }, + "steem-uri": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/steem-uri/-/steem-uri-0.1.1.tgz", + "integrity": "sha512-pHe33AlDLlf2jC8hfrEthVj8Zq/DcFg490ID16KK0o7tr02mToeXTpEFGV5dnM2ASeAr3MAOxCJvEFDrCFuZbQ==" + }, "steem-wise-core": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/steem-wise-core/-/steem-wise-core-4.0.0.tgz", @@ -3827,32 +3832,27 @@ } }, "steemconnect": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/steemconnect/-/steemconnect-2.0.1.tgz", - "integrity": "sha512-ympGGVICdTKCWzfUV8/2WTNao/zfsM1J131sbsgSJFr4fu1Ombo5gdNaF6PxOKlcFe3A+ZkkqUJjiBXTqlFuig==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/steemconnect/-/steemconnect-3.0.0.tgz", + "integrity": "sha512-QrKYYJ/EGJ6Rta+pX9SBR+34Na9HXmhPvUQ1wh9Ds6v0MYnvTBuCn8f2SYzNWjQ7nPnKqV+kirAdDVVtXoJCtQ==", "requires": { "babel-runtime": "^6.26.0", - "cross-fetch": "^2.2.2" + "cross-fetch": "^3.0.1", + "steem-uri": "^0.1.1" }, "dependencies": { "cross-fetch": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-2.2.3.tgz", - "integrity": "sha512-PrWWNH3yL2NYIb/7WF/5vFG3DCQiXDOVf8k3ijatbrtnwNuhMWLC7YF7uqf53tbTFDzHIUD8oITw4Bxt8ST3Nw==", + "version": "3.0.6", + "resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.0.6.tgz", + "integrity": "sha512-KBPUbqgFjzWlVcURG+Svp9TlhA5uliYtiNx/0r8nv0pdypeQCRJ9IaSIc3q/x3q8t3F75cHuwxVql1HFGHCNJQ==", "requires": { - "node-fetch": "2.1.2", - "whatwg-fetch": "2.0.4" + "node-fetch": "2.6.1" } }, "node-fetch": { - "version": "2.1.2", - "resolved": "http://registry.npmjs.org/node-fetch/-/node-fetch-2.1.2.tgz", - "integrity": "sha1-q4hOjn5X44qUR1POxwb3iNF2i7U=" - }, - "whatwg-fetch": { - "version": "2.0.4", - "resolved": "http://registry.npmjs.org/whatwg-fetch/-/whatwg-fetch-2.0.4.tgz", - "integrity": "sha512-dcQ1GWpOD/eEQ97k66aiEVpNnapVj90/+R+SXTPYGHpYBBypfKJEQjLrvMZ7YXbKm21gXd4NcuxUTjiv1YtLng==" + "version": "2.6.1", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.1.tgz", + "integrity": "sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw==" } } }, diff --git a/backend/package.json b/backend/package.json index 0158dee..878cfb6 100644 --- a/backend/package.json +++ b/backend/package.json @@ -37,7 +37,7 @@ "socket.io": "^2.1.1", "socket.io-redis": "^5.2.0", "steem-wise-core": "^4.0.0", - "steemconnect": "^2.0.1", + "steemconnect": "^3.0.0", "universe-log": "^1.4.2", "uuid": "^3.3.2" },