fix: Updated jsonwebtoken in all packages (#8282) Thanks @jlloyd-widen !

* updated jsonwebtoken in all packages

* fix linting error, address other CVE

* address tsc failure

* reverted the jsdom change in playground

* fixed yarn lock file

* added the jsdom update back in

packages/cubejs-api-gateway/package.json

@@ -39,7 +39,7 @@
     "http-proxy-middleware": "^3.0.0",
     "inflection": "^1.12.0",
     "joi": "^17.8.3",
-    "jsonwebtoken": "^8.3.0",
+    "jsonwebtoken": "^9.0.2",
     "jwk-to-pem": "^2.0.4",
     "moment": "^2.24.0",
     "moment-timezone": "^0.5.27",
@@ -52,7 +52,7 @@
     "@cubejs-backend/linter": "^0.35.0",
     "@types/express": "^4.17.9",
     "@types/jest": "^27",
-    "@types/jsonwebtoken": "^8.5.0",
+    "@types/jsonwebtoken": "^9.0.2",
     "@types/jwk-to-pem": "^2.0.0",
     "@types/mysql": "^2.15.19",
     "@types/node-fetch": "^2.5.8",

packages/cubejs-backend-cloud/package.json

@@ -36,7 +36,7 @@
     "chokidar": "^3.5.1",
     "env-var": "^6.3.0",
     "fs-extra": "^9.1.0",
-    "jsonwebtoken": "^8.5.1",
+    "jsonwebtoken": "^9.0.2",
     "request": "^2.88.2",
     "request-promise": "^4.2.5"
   },

packages/cubejs-cli/package.json

@@ -39,7 +39,7 @@
     "cross-spawn": "^7.0.1",
     "fs-extra": "^8.1.0",
     "inquirer": "^7.1.0",
-    "jsonwebtoken": "^8.5.1",
+    "jsonwebtoken": "^9.0.2",
     "request": "^2.88.2",
     "request-promise": "^4.2.5",
     "semver": "^7.3.2",
@@ -57,7 +57,7 @@
     "@types/fs-extra": "^9.0.2",
     "@types/inquirer": "^7.3.1",
     "@types/jest": "^27",
-    "@types/jsonwebtoken": "^8.5.0",
+    "@types/jsonwebtoken": "^9.0.2",
     "@types/node": "^14",
     "@types/request-promise": "^4.1.46",
     "@types/semver": "^7.3.4",

packages/cubejs-client-vue/package.json

@@ -33,6 +33,7 @@
     "ramda": "^0.27.2"
   },
   "devDependencies": {
+    "@babel/plugin-proposal-optional-chaining": "^7.21.0",
     "@vue/babel-preset-app": "^5",
     "@vue/cli-plugin-babel": "^5",
     "@vue/cli-plugin-eslint": "^5",

packages/cubejs-playground/package.json

@@ -79,7 +79,7 @@
     "eslint-plugin-react": "^7.20.0",
     "fs-extra": "^8.1.0",
     "graphql": "^15.8.0",
-    "jsdom": "^16.7.0",
+    "jsdom": "^24.0.0",
     "prismjs": "^1.25.0",
     "react": "^17.0.1",
     "react-dom": "^17.0.1",

packages/cubejs-server-core/package.json

@@ -42,7 +42,7 @@
     "fs-extra": "^8.1.0",
     "is-docker": "^2.1.1",
     "joi": "^17.8.3",
-    "jsonwebtoken": "^8.4.0",
+    "jsonwebtoken": "^9.0.2",
     "lodash.clonedeep": "^4.5.0",
     "lru-cache": "^5.1.1",
     "moment": "^2.29.1",
@@ -64,7 +64,7 @@
     "@types/express": "^4.17.9",
     "@types/fs-extra": "^9.0.8",
     "@types/jest": "^27",
-    "@types/jsonwebtoken": "^8.5.0",
+    "@types/jsonwebtoken": "^9.0.2",
     "@types/lru-cache": "^5.1.0",
     "@types/node": "^16",
     "@types/node-fetch": "^2.5.7",

packages/cubejs-server/package.json

@@ -55,7 +55,7 @@
     "codesandbox-import-utils": "^2.1.12",
     "cors": "^2.8.4",
     "express": "^4.17.1",
-    "jsonwebtoken": "^8.4.0",
+    "jsonwebtoken": "^9.0.2",
     "semver": "^7.3.2",
     "source-map-support": "^0.5.19",
     "ws": "^7.1.2"

packages/cubejs-testing-drivers/package.json

@@ -70,7 +70,7 @@
     "dotenv": "^16.0.3",
     "fs-extra": "^11.1.1",
     "jest": "^27",
-    "jsonwebtoken": "^8.5.1",
+    "jsonwebtoken": "^9.0.2",
     "pg": "^8.7.3",
     "ramda": "^0.28.0",
     "testcontainers": "^10.10.4",

packages/cubejs-testing/package.json

@@ -122,7 +122,7 @@
     "eslint-plugin-cypress": "^2.12.1",
     "globby": "^11.0.4",
     "jest": "^27",
-    "jsonwebtoken": "^8.5.1",
+    "jsonwebtoken": "^9.0.2",
     "jwt-decode": "^3.1.2",
     "pg": "^8.7.3",
     "typescript": "~5.2.2",

packages/cubejs-testing/src/birdbox.ts

@@ -363,7 +363,7 @@ export async function startBirdBoxFromContainer(
     proxyServer.on('error', async (err, req, res: any) => {
       process.stderr.write(`[Proxy Server] error: ${err}\n`);
 
-      if (!res.headersSent) {
+      if ('headersSent' in res && !res.headersSent) {
         res.writeHead(500, { 'content-type': 'application/json' });
       }