From 6b40cb03c0593e2d89c25086854e328903f2112e Mon Sep 17 00:00:00 2001 From: CyberFlame Date: Thu, 23 Jan 2025 10:38:19 +0000 Subject: [PATCH] fix security issues Signed-off-by: CyberFlame --- package.json | 30 ++++++++-------- pnpm-lock.yaml | 98 +++++++++++++++++++++++++------------------------- src/server.ts | 2 +- 3 files changed, 65 insertions(+), 65 deletions(-) diff --git a/package.json b/package.json index b790182..f07af69 100644 --- a/package.json +++ b/package.json @@ -22,26 +22,26 @@ "dependencies": { "@types/cheerio": "^0.22.35", "cheerio": "1.0.0", - "discord-api-types": "^0.37.103", + "discord-api-types": "^0.37.117", "discord-interactions": "^4.1.0", - "hono": "^4.6.7" + "hono": "^4.6.18" }, "devDependencies": { - "@cloudflare/workers-types": "^4.20241022.0", - "@types/chai": "^5.0.0", - "@types/mocha": "^10.0.9", + "@cloudflare/workers-types": "^4.20250121.0", + "@types/chai": "^5.0.1", + "@types/mocha": "^10.0.10", "@types/sinon": "^17.0.3", - "c8": "^10.1.2", + "c8": "^10.1.3", "chai": "^5.1.2", - "dotenv": "^16.4.5", - "eslint": "^9.13.0", - "eslint-config-prettier": "^10.0.0", - "eslint-plugin-prettier": "^5.2.1", - "mocha": "^11.0.1", - "pnpm": "^9.12.2", - "prettier": "^3.3.3", + "dotenv": "^16.4.7", + "eslint": "^9.18.0", + "eslint-config-prettier": "^10.0.1", + "eslint-plugin-prettier": "^5.2.3", + "mocha": "^11.1.0", + "pnpm": "^9.15.4", + "prettier": "^3.4.2", "sinon": "^19.0.2", - "typescript": "^5.6.3", - "wrangler": "^3.83.0" + "typescript": "^5.7.3", + "wrangler": "^3.105.0" } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 680864b..9575c54 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -15,68 +15,68 @@ importers: specifier: 1.0.0 version: 1.0.0 discord-api-types: - specifier: ^0.37.103 + specifier: ^0.37.117 version: 0.37.117 discord-interactions: specifier: ^4.1.0 version: 4.1.0 hono: - specifier: ^4.6.7 + specifier: ^4.6.18 version: 4.6.18 devDependencies: '@cloudflare/workers-types': - specifier: ^4.20241022.0 + specifier: ^4.20250121.0 version: 4.20250121.0 '@types/chai': - specifier: ^5.0.0 + specifier: ^5.0.1 version: 5.0.1 '@types/mocha': - specifier: ^10.0.9 + specifier: ^10.0.10 version: 10.0.10 '@types/sinon': specifier: ^17.0.3 version: 17.0.3 c8: - specifier: ^10.1.2 + specifier: ^10.1.3 version: 10.1.3 chai: specifier: ^5.1.2 version: 5.1.2 dotenv: - specifier: ^16.4.5 + specifier: ^16.4.7 version: 16.4.7 eslint: - specifier: ^9.13.0 + specifier: ^9.18.0 version: 9.18.0 eslint-config-prettier: - specifier: ^10.0.0 + specifier: ^10.0.1 version: 10.0.1(eslint@9.18.0) eslint-plugin-prettier: - specifier: ^5.2.1 + specifier: ^5.2.3 version: 5.2.3(eslint-config-prettier@10.0.1(eslint@9.18.0))(eslint@9.18.0)(prettier@3.4.2) mocha: - specifier: ^11.0.1 + specifier: ^11.1.0 version: 11.1.0 pnpm: - specifier: ^9.12.2 + specifier: ^9.15.4 version: 9.15.4 prettier: - specifier: ^3.3.3 + specifier: ^3.4.2 version: 3.4.2 sinon: specifier: ^19.0.2 version: 19.0.2 typescript: - specifier: ^5.6.3 + specifier: ^5.7.3 version: 5.7.3 wrangler: - specifier: ^3.83.0 + specifier: ^3.105.0 version: 3.105.0(@cloudflare/workers-types@4.20250121.0) packages: - '@bcoe/v8-coverage@1.0.1': - resolution: {integrity: sha512-W+a0/JpU28AqH4IKtwUPcEUnUyXMDLALcn5/JLczGGT9fHE2sIby/xP/oQnx3nxkForzgzPy201RAKcB4xPAFQ==} + '@bcoe/v8-coverage@1.0.2': + resolution: {integrity: sha512-6zABk/ECA/QYSCQ1NGiVwwbQerUCZ+TQbp64Q3AgmfNvurHH0j8TtXa1qbShXA6qqkpAj4V5W8pP6mLe1mcMqA==} engines: {node: '>=18'} '@cloudflare/kv-asset-handler@0.3.4': @@ -352,8 +352,8 @@ packages: '@sinonjs/commons@3.0.1': resolution: {integrity: sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==} - '@sinonjs/fake-timers@13.0.4': - resolution: {integrity: sha512-wpUq+QiKxrWk7U2pdvNSY9fNX62/k+7eEdlQMO0A3rU8tQ+vvzY/WzBhMz+GbQlATXZlXWYQqFWNFcn1SVvThA==} + '@sinonjs/fake-timers@13.0.5': + resolution: {integrity: sha512-36/hTbH2uaWuGVERyC6da9YwGWnzUZXuPro/F2LfsdOsLnCojz/iSH8MxUt/FD2S5XBSVPhmArFUXcpCQ2Hkiw==} '@sinonjs/samsam@8.0.2': resolution: {integrity: sha512-v46t/fwnhejRSFTGqbpn9u+LQ9xJDse10gNnPgAcxgdoCDMXj/G2asWAC/8Qs+BAZDicX+MNZouXT1A7c83kVw==} @@ -382,8 +382,8 @@ packages: '@types/mocha@10.0.10': resolution: {integrity: sha512-xPyYSz1cMPnJQhl0CLMH68j3gprKZaTjG3s5Vi+fDgx+uhG9NOXwbVt52eFS8ECyXhyKcjDLCBEqBExKuiZb7Q==} - '@types/node@22.8.1': - resolution: {integrity: sha512-k6Gi8Yyo8EtrNtkHXutUu2corfDf9su95VYVP10aGYMMROM6SAItZi0w1XszA6RtWTHSVp5OeFof37w0IEqCQg==} + '@types/node@22.10.9': + resolution: {integrity: sha512-Ir6hwgsKyNESl/gLOcEz3krR4CBGgliDqBQ2ma4wIhEx0w+xnoeTq3tdrNw15kU3SxogDjOgv9sqdtLW8mIHaw==} '@types/sinon@17.0.3': resolution: {integrity: sha512-j3uovdn8ewky9kRBG19bOwaZbexJu/XjtkHyjvUgt4xfPFz18dcORIMqnYh66Fx3Powhcr85NT5+er3+oViapw==} @@ -598,8 +598,8 @@ packages: resolution: {integrity: sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w==} engines: {node: '>= 4'} - domutils@3.1.0: - resolution: {integrity: sha512-H78uMmQtI2AhgDJjWeQmHwJJ2bLPD3GMmO7Zja/ZZh84wkm+4ut+IUnUdRa8uCGX88DiVx1j6FRe1XfxEgjEZA==} + domutils@3.2.2: + resolution: {integrity: sha512-6kZKyUajlDuqlHKVX1w7gyslj9MPIXzIFiz/rGu35uC1wMi+kMhQwGhl4lt9unC9Vb9INnY9Z3/ZA3+FhASLaw==} dotenv@16.4.7: resolution: {integrity: sha512-47qPchRCykZC03FhkYAhrvwU4xDBFIj1QPqaarj6mdM/hgUzfPHcpkHJOn3mJAufFeeAxAzeGsr5X0M4k6fLZQ==} @@ -984,8 +984,8 @@ packages: parse5-parser-stream@7.1.2: resolution: {integrity: sha512-JyeQc9iwFLn5TbvvqACIF/VXG6abODeB3Fwmv/TGdLk2LfbWkaySGY72at4+Ty7EkPZj854u4CrICqNk2qIbow==} - parse5@7.2.0: - resolution: {integrity: sha512-ZkDsAOcxsUMZ4Lz5fVciOehNcJ+Gb8gTzcA4yl3wnc273BAybYWrQ+Ks/OjCjSEpjvQkDSeZbybK9qj2VHHdGA==} + parse5@7.2.1: + resolution: {integrity: sha512-BuBYQYlv1ckiPdQi/ohiivi9Sagc9JG+Ozs0r7b/0iK3sKmrb0b9FdWdBbOdx6hBCM/F9Ir82ofnBhtZOjCRPQ==} path-exists@4.0.0: resolution: {integrity: sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==} @@ -1180,15 +1180,15 @@ packages: ufo@1.5.4: resolution: {integrity: sha512-UsUk3byDzKd04EyoZ7U4DOlxQaD14JUKQl6/P7wiX4FNvUfm3XL246n9W5AmqwW5RSFJ27NAuM0iLscAOYUiGQ==} - undici-types@6.19.8: - resolution: {integrity: sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==} + undici-types@6.20.0: + resolution: {integrity: sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==} undici@5.28.5: resolution: {integrity: sha512-zICwjrDrcrUE0pyyJc1I2QzBkLM8FINsgOrt6WjA+BgajVq9Nxu2PbFFXUrAggLfDXlZGZBVZYw7WNV5KiBiBA==} engines: {node: '>=14.0'} - undici@6.20.1: - resolution: {integrity: sha512-AjQF1QsmqfJys+LXfGTNum+qw4S88CojRInG/6t31W/1fk6G59s92bnAvGz5Cmur+kQv2SURXEvvudLmbrE8QA==} + undici@6.21.1: + resolution: {integrity: sha512-q/1rj5D0/zayJB2FraXdaWxbhWiNKDvu8naDT2dl1yTlvJp4BLtOcp2a5BvgGNQpYYJzau7tf1WgKv3b+7mqpQ==} engines: {node: '>=18.17'} unenv@2.0.0-rc.0: @@ -1284,7 +1284,7 @@ packages: snapshots: - '@bcoe/v8-coverage@1.0.1': {} + '@bcoe/v8-coverage@1.0.2': {} '@cloudflare/kv-asset-handler@0.3.4': dependencies: @@ -1478,7 +1478,7 @@ snapshots: dependencies: type-detect: 4.0.8 - '@sinonjs/fake-timers@13.0.4': + '@sinonjs/fake-timers@13.0.5': dependencies: '@sinonjs/commons': 3.0.1 @@ -1496,7 +1496,7 @@ snapshots: '@types/cheerio@0.22.35': dependencies: - '@types/node': 22.8.1 + '@types/node': 22.10.9 '@types/deep-eql@4.0.2': {} @@ -1508,9 +1508,9 @@ snapshots: '@types/mocha@10.0.10': {} - '@types/node@22.8.1': + '@types/node@22.10.9': dependencies: - undici-types: 6.19.8 + undici-types: 6.20.0 '@types/sinon@17.0.3': dependencies: @@ -1585,7 +1585,7 @@ snapshots: c8@10.1.3: dependencies: - '@bcoe/v8-coverage': 1.0.1 + '@bcoe/v8-coverage': 1.0.2 '@istanbuljs/schema': 0.1.3 find-up: 5.0.0 foreground-child: 3.3.0 @@ -1630,20 +1630,20 @@ snapshots: css-what: 6.1.0 domelementtype: 2.3.0 domhandler: 5.0.3 - domutils: 3.1.0 + domutils: 3.2.2 cheerio@1.0.0: dependencies: cheerio-select: 2.1.0 dom-serializer: 2.0.0 domhandler: 5.0.3 - domutils: 3.1.0 + domutils: 3.2.2 encoding-sniffer: 0.2.0 htmlparser2: 9.1.0 - parse5: 7.2.0 + parse5: 7.2.1 parse5-htmlparser2-tree-adapter: 7.1.0 parse5-parser-stream: 7.1.2 - undici: 6.20.1 + undici: 6.21.1 whatwg-mimetype: 4.0.0 chokidar@3.6.0: @@ -1689,7 +1689,7 @@ snapshots: boolbase: 1.0.0 css-what: 6.1.0 domhandler: 5.0.3 - domutils: 3.1.0 + domutils: 3.2.2 nth-check: 2.1.1 css-what@6.1.0: {} @@ -1730,7 +1730,7 @@ snapshots: dependencies: domelementtype: 2.3.0 - domutils@3.1.0: + domutils@3.2.2: dependencies: dom-serializer: 2.0.0 domelementtype: 2.3.0 @@ -1941,7 +1941,7 @@ snapshots: dependencies: domelementtype: 2.3.0 domhandler: 5.0.3 - domutils: 3.1.0 + domutils: 3.2.2 entities: 4.5.0 iconv-lite@0.6.3: @@ -2116,7 +2116,7 @@ snapshots: nise@6.1.1: dependencies: '@sinonjs/commons': 3.0.1 - '@sinonjs/fake-timers': 13.0.4 + '@sinonjs/fake-timers': 13.0.5 '@sinonjs/text-encoding': 0.7.3 just-extend: 6.2.0 path-to-regexp: 8.2.0 @@ -2155,13 +2155,13 @@ snapshots: parse5-htmlparser2-tree-adapter@7.1.0: dependencies: domhandler: 5.0.3 - parse5: 7.2.0 + parse5: 7.2.1 parse5-parser-stream@7.1.2: dependencies: - parse5: 7.2.0 + parse5: 7.2.1 - parse5@7.2.0: + parse5@7.2.1: dependencies: entities: 4.5.0 @@ -2253,7 +2253,7 @@ snapshots: sinon@19.0.2: dependencies: '@sinonjs/commons': 3.0.1 - '@sinonjs/fake-timers': 13.0.4 + '@sinonjs/fake-timers': 13.0.5 '@sinonjs/samsam': 8.0.2 diff: 7.0.0 nise: 6.1.1 @@ -2329,13 +2329,13 @@ snapshots: ufo@1.5.4: {} - undici-types@6.19.8: {} + undici-types@6.20.0: {} undici@5.28.5: dependencies: '@fastify/busboy': 2.1.1 - undici@6.20.1: {} + undici@6.21.1: {} unenv@2.0.0-rc.0: dependencies: diff --git a/src/server.ts b/src/server.ts index 8595f0f..33aa4c4 100644 --- a/src/server.ts +++ b/src/server.ts @@ -250,7 +250,7 @@ router.post('/webhooks', async (c) => { switch (interaction["type"]) { case 0: - return new Response(null, { status: 204 }) + return new Response(null, { status: 204 }); case 1: switch (interaction["event"]["type"]) {