From c3193166e1a5785d7004bb465ea77cc9d89f93cb Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 3 Jan 2019 02:38:07 +0000 Subject: [PATCH] fix: server/package.json & server/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/npm:extend:20180424 --- server/package-lock.json | 115 ++++++++++++++++++++++++--------------- 1 file changed, 70 insertions(+), 45 deletions(-) diff --git a/server/package-lock.json b/server/package-lock.json index 3318d7f..267f902 100644 --- a/server/package-lock.json +++ b/server/package-lock.json @@ -81,6 +81,7 @@ "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz", "integrity": "sha1-DNkKVhCT810KmSVsIrcGlDP60Rc=", "dev": true, + "optional": true, "requires": { "kind-of": "3.2.2", "longest": "1.0.1", @@ -2719,6 +2720,7 @@ "version": "0.0.9", "bundled": true, "dev": true, + "optional": true, "requires": { "inherits": "2.0.3" } @@ -2743,7 +2745,8 @@ "buffer-shims": { "version": "1.0.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "caseless": { "version": "0.12.0", @@ -2760,12 +2763,14 @@ "code-point-at": { "version": "1.1.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "combined-stream": { "version": "1.0.5", "bundled": true, "dev": true, + "optional": true, "requires": { "delayed-stream": "1.0.0" } @@ -2778,17 +2783,20 @@ "console-control-strings": { "version": "1.1.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "core-util-is": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "cryptiles": { "version": "2.0.5", "bundled": true, "dev": true, + "optional": true, "requires": { "boom": "2.10.1" } @@ -2828,7 +2836,8 @@ "delayed-stream": { "version": "1.0.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "delegates": { "version": "1.0.0", @@ -2860,7 +2869,8 @@ "extsprintf": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "forever-agent": { "version": "0.6.1", @@ -2983,6 +2993,7 @@ "version": "3.1.3", "bundled": true, "dev": true, + "optional": true, "requires": { "boom": "2.10.1", "cryptiles": "2.0.5", @@ -3030,6 +3041,7 @@ "version": "1.0.0", "bundled": true, "dev": true, + "optional": true, "requires": { "number-is-nan": "1.0.1" } @@ -3043,7 +3055,8 @@ "isarray": { "version": "1.0.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "isstream": { "version": "0.1.2", @@ -3116,12 +3129,14 @@ "mime-db": { "version": "1.27.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "mime-types": { "version": "2.1.15", "bundled": true, "dev": true, + "optional": true, "requires": { "mime-db": "1.27.0" } @@ -3197,7 +3212,8 @@ "number-is-nan": { "version": "1.0.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "oauth-sign": { "version": "0.8.2", @@ -3255,7 +3271,8 @@ "process-nextick-args": { "version": "1.0.7", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "punycode": { "version": "1.4.1", @@ -3293,6 +3310,7 @@ "version": "2.2.9", "bundled": true, "dev": true, + "optional": true, "requires": { "buffer-shims": "1.0.0", "core-util-is": "1.0.2", @@ -3344,7 +3362,8 @@ "safe-buffer": { "version": "5.0.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "semver": { "version": "5.3.0", @@ -3368,6 +3387,7 @@ "version": "1.0.9", "bundled": true, "dev": true, + "optional": true, "requires": { "hoek": "2.16.3" } @@ -3401,6 +3421,7 @@ "version": "1.0.2", "bundled": true, "dev": true, + "optional": true, "requires": { "code-point-at": "1.1.0", "is-fullwidth-code-point": "1.0.0", @@ -3411,6 +3432,7 @@ "version": "1.0.1", "bundled": true, "dev": true, + "optional": true, "requires": { "safe-buffer": "5.0.1" } @@ -3439,6 +3461,7 @@ "version": "2.2.1", "bundled": true, "dev": true, + "optional": true, "requires": { "block-stream": "0.0.9", "fstream": "1.0.11", @@ -3494,7 +3517,8 @@ "util-deprecate": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "uuid": { "version": "3.0.1", @@ -4760,9 +4784,9 @@ } }, "lodash": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.0.0.tgz", - "integrity": "sha1-msQ4RMWV4o0wEIt7pYNwM5WSLfw=" + "version": "4.17.11", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz", + "integrity": "sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg==" }, "lodash.cond": { "version": "4.5.2", @@ -4809,7 +4833,8 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz", "integrity": "sha1-MKCy2jj3N3DoKUoNIuZiXtd9AJc=", - "dev": true + "dev": true, + "optional": true }, "loose-envify": { "version": "1.3.1", @@ -5122,10 +5147,10 @@ "resolved": "https://registry.npmjs.org/opentok/-/opentok-2.6.1.tgz", "integrity": "sha512-HjVuezT64ZE7sJTHkWbqnT5PjelwagOLVEbATRzv0q2d9HuNHAAa6Q5I+zTqMzICV66+Z+a2UhLlIeSkWRg3XA==", "requires": { - "jsonwebtoken": "7.4.3", - "lodash": "4.17.5", - "opentok-token": "1.1.0", - "request": "2.83.0" + "jsonwebtoken": "^7.4.1", + "lodash": "^4.14.2", + "opentok-token": "^1.1.0", + "request": "^2.72.0" }, "dependencies": { "jsonwebtoken": { @@ -5133,17 +5158,12 @@ "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-7.4.3.tgz", "integrity": "sha1-d/UCHeBYtgWheD+hKD6ZgS5kVjg=", "requires": { - "joi": "6.10.1", - "jws": "3.1.4", - "lodash.once": "4.1.1", - "ms": "2.0.0", - "xtend": "4.0.1" + "joi": "^6.10.1", + "jws": "^3.1.4", + "lodash.once": "^4.0.0", + "ms": "^2.0.0", + "xtend": "^4.0.1" } - }, - "lodash": { - "version": "4.17.5", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.5.tgz", - "integrity": "sha512-svL3uiZf1RwhH+cWrfZn3A4+U58wbP0tGVTLQPbjplZxZ8ROD9VLuNgsRniTlLe7OlSqR79RUehXgpBW/s0IQw==" } } }, @@ -5152,14 +5172,14 @@ "resolved": "https://registry.npmjs.org/opentok-token/-/opentok-token-1.1.0.tgz", "integrity": "sha1-8BdOSV5q9LJVos/+nDTUgCPokq8=", "requires": { - "lodash": "3.10.1", - "nonce": "1.0.4", - "unix-timestamp": "0.1.2" + "lodash": "^3.2.0", + "nonce": "^1.0.3", + "unix-timestamp": "^0.1.2" }, "dependencies": { "lodash": { "version": "3.10.1", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-3.10.1.tgz", + "resolved": "http://registry.npmjs.org/lodash/-/lodash-3.10.1.tgz", "integrity": "sha1-W/Rejkm6QYnhfUgnid/RW9FAt7Y=" } } @@ -5532,9 +5552,9 @@ "resolved": "https://registry.npmjs.org/q/-/q-2.0.3.tgz", "integrity": "sha1-dbjbAlWhpa+C9Yw/Oqoe/sfQ0TQ=", "requires": { - "asap": "2.0.6", - "pop-iterate": "1.0.1", - "weak-map": "1.0.5" + "asap": "^2.0.0", + "pop-iterate": "^1.0.1", + "weak-map": "^1.0.5" } }, "qs": { @@ -6401,11 +6421,11 @@ "integrity": "sha512-sbI91XITI3AQdKTHcMJ5q4bPWPPQvE+QWZ3C7ZQzT7dnVO1k9T2WaswuIiGtK7uG21jfLetV+BT9ZrGMmTSC7w==", "requires": { "deprecate": "1.0.0", - "jsonwebtoken": "7.4.3", + "jsonwebtoken": "^7.4.1", "lodash": "4.0.0", "moment": "2.18.1", - "q": "2.0.3", - "request": "2.83.0", + "q": "2.0.x", + "request": "2.83.x", "rootpath": "0.1.2", "scmp": "0.0.3", "xmlbuilder": "9.0.1" @@ -6416,13 +6436,18 @@ "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-7.4.3.tgz", "integrity": "sha1-d/UCHeBYtgWheD+hKD6ZgS5kVjg=", "requires": { - "joi": "6.10.1", - "jws": "3.1.4", - "lodash.once": "4.1.1", - "ms": "2.0.0", - "xtend": "4.0.1" + "joi": "^6.10.1", + "jws": "^3.1.4", + "lodash.once": "^4.0.0", + "ms": "^2.0.0", + "xtend": "^4.0.1" } }, + "lodash": { + "version": "4.0.0", + "resolved": "http://registry.npmjs.org/lodash/-/lodash-4.0.0.tgz", + "integrity": "sha1-msQ4RMWV4o0wEIt7pYNwM5WSLfw=" + }, "moment": { "version": "2.18.1", "resolved": "https://registry.npmjs.org/moment/-/moment-2.18.1.tgz",