From 6bf9fc62f40c9c3e9e52e3a8a899f633b9e69351 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 27 Aug 2020 23:12:25 +0000 Subject: [PATCH] fix: server/package.json & server/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-608086 --- server/package-lock.json | 137 ++++++++++++++++++++++++--------------- server/package.json | 2 +- 2 files changed, 86 insertions(+), 53 deletions(-) diff --git a/server/package-lock.json b/server/package-lock.json index 3318d7f..1032b2a 100644 --- a/server/package-lock.json +++ b/server/package-lock.json @@ -81,6 +81,7 @@ "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz", "integrity": "sha1-DNkKVhCT810KmSVsIrcGlDP60Rc=", "dev": true, + "optional": true, "requires": { "kind-of": "3.2.2", "longest": "1.0.1", @@ -2653,7 +2654,8 @@ "ansi-regex": { "version": "2.1.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "aproba": { "version": "1.1.1", @@ -2704,7 +2706,8 @@ "balanced-match": { "version": "0.4.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "bcrypt-pbkdf": { "version": "1.0.1", @@ -2719,6 +2722,7 @@ "version": "0.0.9", "bundled": true, "dev": true, + "optional": true, "requires": { "inherits": "2.0.3" } @@ -2727,6 +2731,7 @@ "version": "2.10.1", "bundled": true, "dev": true, + "optional": true, "requires": { "hoek": "2.16.3" } @@ -2735,6 +2740,7 @@ "version": "1.1.7", "bundled": true, "dev": true, + "optional": true, "requires": { "balanced-match": "0.4.2", "concat-map": "0.0.1" @@ -2743,7 +2749,8 @@ "buffer-shims": { "version": "1.0.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "caseless": { "version": "0.12.0", @@ -2760,12 +2767,14 @@ "code-point-at": { "version": "1.1.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "combined-stream": { "version": "1.0.5", "bundled": true, "dev": true, + "optional": true, "requires": { "delayed-stream": "1.0.0" } @@ -2773,22 +2782,26 @@ "concat-map": { "version": "0.0.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "console-control-strings": { "version": "1.1.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "core-util-is": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "cryptiles": { "version": "2.0.5", "bundled": true, "dev": true, + "optional": true, "requires": { "boom": "2.10.1" } @@ -2828,7 +2841,8 @@ "delayed-stream": { "version": "1.0.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "delegates": { "version": "1.0.0", @@ -2860,7 +2874,8 @@ "extsprintf": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "forever-agent": { "version": "0.6.1", @@ -2882,12 +2897,14 @@ "fs.realpath": { "version": "1.0.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "fstream": { "version": "1.0.11", "bundled": true, "dev": true, + "optional": true, "requires": { "graceful-fs": "4.1.11", "inherits": "2.0.3", @@ -2943,6 +2960,7 @@ "version": "7.1.2", "bundled": true, "dev": true, + "optional": true, "requires": { "fs.realpath": "1.0.0", "inflight": "1.0.6", @@ -2955,7 +2973,8 @@ "graceful-fs": { "version": "4.1.11", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "har-schema": { "version": "1.0.5", @@ -2983,6 +3002,7 @@ "version": "3.1.3", "bundled": true, "dev": true, + "optional": true, "requires": { "boom": "2.10.1", "cryptiles": "2.0.5", @@ -2993,7 +3013,8 @@ "hoek": { "version": "2.16.3", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "http-signature": { "version": "1.1.1", @@ -3010,6 +3031,7 @@ "version": "1.0.6", "bundled": true, "dev": true, + "optional": true, "requires": { "once": "1.4.0", "wrappy": "1.0.2" @@ -3018,7 +3040,8 @@ "inherits": { "version": "2.0.3", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "ini": { "version": "1.3.4", @@ -3030,6 +3053,7 @@ "version": "1.0.0", "bundled": true, "dev": true, + "optional": true, "requires": { "number-is-nan": "1.0.1" } @@ -3043,7 +3067,8 @@ "isarray": { "version": "1.0.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "isstream": { "version": "0.1.2", @@ -3116,12 +3141,14 @@ "mime-db": { "version": "1.27.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "mime-types": { "version": "2.1.15", "bundled": true, "dev": true, + "optional": true, "requires": { "mime-db": "1.27.0" } @@ -3130,6 +3157,7 @@ "version": "3.0.4", "bundled": true, "dev": true, + "optional": true, "requires": { "brace-expansion": "1.1.7" } @@ -3137,12 +3165,14 @@ "minimist": { "version": "0.0.8", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "mkdirp": { "version": "0.5.1", "bundled": true, "dev": true, + "optional": true, "requires": { "minimist": "0.0.8" } @@ -3197,7 +3227,8 @@ "number-is-nan": { "version": "1.0.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "oauth-sign": { "version": "0.8.2", @@ -3215,6 +3246,7 @@ "version": "1.4.0", "bundled": true, "dev": true, + "optional": true, "requires": { "wrappy": "1.0.2" } @@ -3244,7 +3276,8 @@ "path-is-absolute": { "version": "1.0.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "performance-now": { "version": "0.2.0", @@ -3255,7 +3288,8 @@ "process-nextick-args": { "version": "1.0.7", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "punycode": { "version": "1.4.1", @@ -3293,6 +3327,7 @@ "version": "2.2.9", "bundled": true, "dev": true, + "optional": true, "requires": { "buffer-shims": "1.0.0", "core-util-is": "1.0.2", @@ -3337,6 +3372,7 @@ "version": "2.6.1", "bundled": true, "dev": true, + "optional": true, "requires": { "glob": "7.1.2" } @@ -3344,7 +3380,8 @@ "safe-buffer": { "version": "5.0.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "semver": { "version": "5.3.0", @@ -3368,6 +3405,7 @@ "version": "1.0.9", "bundled": true, "dev": true, + "optional": true, "requires": { "hoek": "2.16.3" } @@ -3401,6 +3439,7 @@ "version": "1.0.2", "bundled": true, "dev": true, + "optional": true, "requires": { "code-point-at": "1.1.0", "is-fullwidth-code-point": "1.0.0", @@ -3411,6 +3450,7 @@ "version": "1.0.1", "bundled": true, "dev": true, + "optional": true, "requires": { "safe-buffer": "5.0.1" } @@ -3425,6 +3465,7 @@ "version": "3.0.1", "bundled": true, "dev": true, + "optional": true, "requires": { "ansi-regex": "2.1.1" } @@ -3439,6 +3480,7 @@ "version": "2.2.1", "bundled": true, "dev": true, + "optional": true, "requires": { "block-stream": "0.0.9", "fstream": "1.0.11", @@ -3494,7 +3536,8 @@ "util-deprecate": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "uuid": { "version": "3.0.1", @@ -3523,7 +3566,8 @@ "wrappy": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true } } }, @@ -4760,9 +4804,9 @@ } }, "lodash": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.0.0.tgz", - "integrity": "sha1-msQ4RMWV4o0wEIt7pYNwM5WSLfw=" + "version": "4.17.20", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz", + "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==" }, "lodash.cond": { "version": "4.5.2", @@ -4809,7 +4853,8 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz", "integrity": "sha1-MKCy2jj3N3DoKUoNIuZiXtd9AJc=", - "dev": true + "dev": true, + "optional": true }, "loose-envify": { "version": "1.3.1", @@ -5532,9 +5577,9 @@ "resolved": "https://registry.npmjs.org/q/-/q-2.0.3.tgz", "integrity": "sha1-dbjbAlWhpa+C9Yw/Oqoe/sfQ0TQ=", "requires": { - "asap": "2.0.6", - "pop-iterate": "1.0.1", - "weak-map": "1.0.5" + "asap": "^2.0.0", + "pop-iterate": "^1.0.1", + "weak-map": "^1.0.5" } }, "qs": { @@ -6396,37 +6441,25 @@ "optional": true }, "twilio": { - "version": "3.11.0", - "resolved": "https://registry.npmjs.org/twilio/-/twilio-3.11.0.tgz", - "integrity": "sha512-sbI91XITI3AQdKTHcMJ5q4bPWPPQvE+QWZ3C7ZQzT7dnVO1k9T2WaswuIiGtK7uG21jfLetV+BT9ZrGMmTSC7w==", + "version": "3.16.0", + "resolved": "https://registry.npmjs.org/twilio/-/twilio-3.16.0.tgz", + "integrity": "sha512-bOdhtIChk6AxM+80SM59zfGImnvMnelRu9oe52aglUp/l1a18ouJVZWieWU/70Twnc79SrBuSAGJ0mWMR+FBhQ==", "requires": { "deprecate": "1.0.0", - "jsonwebtoken": "7.4.3", - "lodash": "4.0.0", - "moment": "2.18.1", - "q": "2.0.3", - "request": "2.83.0", + "jsonwebtoken": "^8.1.0", + "lodash": "^4.17.10", + "moment": "2.19.3", + "q": "2.0.x", + "request": "2.83.x", "rootpath": "0.1.2", "scmp": "0.0.3", "xmlbuilder": "9.0.1" }, "dependencies": { - "jsonwebtoken": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-7.4.3.tgz", - "integrity": "sha1-d/UCHeBYtgWheD+hKD6ZgS5kVjg=", - "requires": { - "joi": "6.10.1", - "jws": "3.1.4", - "lodash.once": "4.1.1", - "ms": "2.0.0", - "xtend": "4.0.1" - } - }, "moment": { - "version": "2.18.1", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.18.1.tgz", - "integrity": "sha1-w2GT3Tzhwu7SrbfIAtu8d6gbHA8=" + "version": "2.19.3", + "resolved": "https://registry.npmjs.org/moment/-/moment-2.19.3.tgz", + "integrity": "sha1-vbmdJw1tf9p4zA+6zoVeJ/59pp8=" } } }, diff --git a/server/package.json b/server/package.json index 929314f..2b9ec61 100644 --- a/server/package.json +++ b/server/package.json @@ -16,7 +16,7 @@ "opentok": "^2.6.1", "passport": "0.4.0", "passport-jwt": "^3.0.0", - "twilio": "^3.11.0" + "twilio": "^3.16.0" }, "devDependencies": { "babel-cli": "^6.26.0",