From 5ca9c997b770f04e949725990c2206e3df59697d Mon Sep 17 00:00:00 2001 From: Tarun Jain Date: Fri, 24 Feb 2023 15:20:06 +0530 Subject: [PATCH] commit to update vulnerable versions of minimist - Prototype Pollution in minimist --- src/Web/WebSPA/Client/package-lock.json | 42 +++++++++---------------- src/Web/WebSPA/Client/yarn.lock | 19 +++++------ 2 files changed, 21 insertions(+), 40 deletions(-) diff --git a/src/Web/WebSPA/Client/package-lock.json b/src/Web/WebSPA/Client/package-lock.json index 422b69050..4e0f1a697 100644 --- a/src/Web/WebSPA/Client/package-lock.json +++ b/src/Web/WebSPA/Client/package-lock.json @@ -5949,7 +5949,7 @@ "integrity": "sha512-KE8NFMZr3mN2E0HcvCgRtX7DjhiIQrwle+nSVJVC/yqFb9+xznHl2ZcoBp2L9qzkI4t4cBFJ1efXF8Dwi132RA==", "dev": true, "dependencies": { - "minimist": "^1.2.0" + "minimist": "^1.2.6" }, "bin": { "blocking-proxy": "built/lib/bin.js" @@ -7104,7 +7104,7 @@ "inBundle": true, "optional": true, "dependencies": { - "minimist": "^1.2.5" + "minimist": "^1.2.6" }, "bin": { "mkdirp": "bin/cmd.js" @@ -10615,7 +10615,7 @@ "integrity": "sha1-aoaLw4BkXxQf7rBCxvl/zHG1n+Y=", "dev": true, "dependencies": { - "minimist": "1.2.5" + "minimist": "1.2.6" }, "bin": { "gonzales": "bin/gonzales.js" @@ -10624,12 +10624,6 @@ "node": ">=0.6.0" } }, - "node_modules/gonzales-pe-sl/node_modules/minimist": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - }, "node_modules/got": { "version": "12.1.0", "resolved": "https://registry.npmjs.org/got/-/got-12.1.0.tgz", @@ -10697,7 +10691,7 @@ "integrity": "sha512-aAcXm5OAfE/8IXkcZvCepKU3VzW1/39Fb5ZuqMtgI/hT8X2YgoMvBY5dLhq/cpOvw7Lk1nK/UF71aLG/ZnVYRA==", "dev": true, "dependencies": { - "minimist": "^1.2.5", + "minimist": "^1.2.6", "neo-async": "^2.6.0", "source-map": "^0.6.1", "wordwrap": "^1.0.0" @@ -15353,7 +15347,7 @@ "del": "^2.2.0", "glob": "^7.0.3", "ini": "^1.3.4", - "minimist": "^1.2.0", + "minimist": "^1.2.6", "q": "^1.4.1", "request": "^2.87.0", "rimraf": "^2.5.2", @@ -15616,7 +15610,7 @@ "dependencies": { "deep-extend": "^0.6.0", "ini": "~1.3.0", - "minimist": "^1.2.0", + "minimist": "^1.2.6", "strip-json-comments": "~2.0.1" }, "bin": { @@ -18296,7 +18290,7 @@ "buffer-from": "^1.1.0", "diff": "^3.1.0", "make-error": "^1.1.1", - "minimist": "^1.2.0", + "minimist": "^1.2.6", "mkdirp": "^0.5.1", "source-map-support": "^0.5.6", "yn": "^2.0.0" @@ -24062,7 +24056,7 @@ "integrity": "sha512-KE8NFMZr3mN2E0HcvCgRtX7DjhiIQrwle+nSVJVC/yqFb9+xznHl2ZcoBp2L9qzkI4t4cBFJ1efXF8Dwi132RA==", "dev": true, "requires": { - "minimist": "^1.2.0" + "minimist": "^1.2.6" } }, "body-parser": { @@ -24985,7 +24979,7 @@ "dev": true, "optional": true, "requires": { - "minimist": "^1.2.5" + "minimist": "^1.2.6" } } } @@ -27696,15 +27690,7 @@ "integrity": "sha1-aoaLw4BkXxQf7rBCxvl/zHG1n+Y=", "dev": true, "requires": { - "minimist": "1.2.5" - }, - "dependencies": { - "minimist": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - } + "minimist": "1.2.6" } }, "got": { @@ -27758,7 +27744,7 @@ "integrity": "sha512-aAcXm5OAfE/8IXkcZvCepKU3VzW1/39Fb5ZuqMtgI/hT8X2YgoMvBY5dLhq/cpOvw7Lk1nK/UF71aLG/ZnVYRA==", "dev": true, "requires": { - "minimist": "^1.2.5", + "minimist": "^1.2.6", "neo-async": "^2.6.0", "source-map": "^0.6.1", "uglify-js": "^3.1.4", @@ -31276,7 +31262,7 @@ "del": "^2.2.0", "glob": "^7.0.3", "ini": "^1.3.4", - "minimist": "^1.2.0", + "minimist": "^1.2.6", "q": "^1.4.1", "request": "^2.87.0", "rimraf": "^2.5.2", @@ -31474,7 +31460,7 @@ "requires": { "deep-extend": "^0.6.0", "ini": "~1.3.0", - "minimist": "^1.2.0", + "minimist": "^1.2.6", "strip-json-comments": "~2.0.1" }, "dependencies": { @@ -33561,7 +33547,7 @@ "buffer-from": "^1.1.0", "diff": "^3.1.0", "make-error": "^1.1.1", - "minimist": "^1.2.0", + "minimist": "^1.2.6", "mkdirp": "^0.5.1", "source-map-support": "^0.5.6", "yn": "^2.0.0" diff --git a/src/Web/WebSPA/Client/yarn.lock b/src/Web/WebSPA/Client/yarn.lock index 3365d49fc..b6cbaf921 100644 --- a/src/Web/WebSPA/Client/yarn.lock +++ b/src/Web/WebSPA/Client/yarn.lock @@ -2324,7 +2324,7 @@ blocking-proxy@^1.0.0: resolved "https://registry.npmjs.org/blocking-proxy/-/blocking-proxy-1.0.1.tgz" integrity sha512-KE8NFMZr3mN2E0HcvCgRtX7DjhiIQrwle+nSVJVC/yqFb9+xznHl2ZcoBp2L9qzkI4t4cBFJ1efXF8Dwi132RA== dependencies: - minimist "^1.2.0" + minimist "^1.2.6" body-parser@^1.19.0, body-parser@1.20.1: version "1.20.1" @@ -4431,7 +4431,7 @@ gonzales-pe-sl@^4.2.3: resolved "https://registry.npmjs.org/gonzales-pe-sl/-/gonzales-pe-sl-4.2.3.tgz" integrity sha1-aoaLw4BkXxQf7rBCxvl/zHG1n+Y= dependencies: - minimist "1.2.5" + minimist "1.2.6" got@12.1.0: version "12.1.0" @@ -4467,7 +4467,7 @@ handlebars@^4.7.7: resolved "https://registry.npmjs.org/handlebars/-/handlebars-4.7.7.tgz" integrity sha512-aAcXm5OAfE/8IXkcZvCepKU3VzW1/39Fb5ZuqMtgI/hT8X2YgoMvBY5dLhq/cpOvw7Lk1nK/UF71aLG/ZnVYRA== dependencies: - minimist "^1.2.5" + minimist "^1.2.6" neo-async "^2.6.0" source-map "^0.6.1" wordwrap "^1.0.0" @@ -5921,16 +5921,11 @@ minimatch@^6.1.6: dependencies: brace-expansion "^2.0.1" -minimist@^1.2.0, minimist@^1.2.5, minimist@^1.2.6: +minimist@^1.2.6, minimist@1.2.6: version "1.2.6" resolved "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz" integrity sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q== -minimist@1.2.5: - version "1.2.5" - resolved "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz" - integrity sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw== - minipass-collect@^1.0.2: version "1.0.2" resolved "https://registry.npmjs.org/minipass-collect/-/minipass-collect-1.0.2.tgz" @@ -6951,7 +6946,7 @@ rc@^1.0.1, rc@^1.1.6: dependencies: deep-extend "^0.6.0" ini "~1.3.0" - minimist "^1.2.0" + minimist "^1.2.6" strip-json-comments "~2.0.1" read-package-json-fast@^3.0.0: @@ -8296,7 +8291,7 @@ ts-node@~7.0.1: buffer-from "^1.1.0" diff "^3.1.0" make-error "^1.1.1" - minimist "^1.2.0" + minimist "^1.2.6" mkdirp "^0.5.1" source-map-support "^0.5.6" yn "^2.0.0" @@ -8726,7 +8721,7 @@ webdriver-manager@^12.1.7: del "^2.2.0" glob "^7.0.3" ini "^1.3.4" - minimist "^1.2.0" + minimist "^1.2.6" q "^1.4.1" request "^2.87.0" rimraf "^2.5.2"