From 852a64b4937a47cd3b754aa9753af5535bf241c7 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 16 Jan 2020 00:28:49 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478 - https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534988 --- package-lock.json | 109 ++++++++++++++++++++++++++++------------------ package.json | 2 +- 2 files changed, 67 insertions(+), 44 deletions(-) diff --git a/package-lock.json b/package-lock.json index 062b4f0..e03900e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,7 +16,8 @@ "amdefine": { "version": "1.0.1", "resolved": "http://npm-repo.devops.mhealth.tech/amdefine/-/amdefine-1.0.1.tgz", - "integrity": "sha1-SlKCrBZHKek2Gbz9OtFR+BfOkfU=" + "integrity": "sha1-SlKCrBZHKek2Gbz9OtFR+BfOkfU=", + "dev": true }, "ansi-gray": { "version": "0.1.1", @@ -122,12 +123,6 @@ "integrity": "sha1-WWZ/QfrdTyDMvCu5a41Pf3jsA2c=", "dev": true }, - "async": { - "version": "0.2.10", - "resolved": "http://npm-repo.devops.mhealth.tech/async/-/async-0.2.10.tgz", - "integrity": "sha1-trvgsGdLnXGXCMo43owjfLUmw9E=", - "optional": true - }, "async-done": { "version": "0.4.0", "resolved": "http://npm-repo.devops.mhealth.tech/async-done/-/async-done-0.4.0.tgz", @@ -1041,13 +1036,10 @@ "for-in": "^1.0.1" } }, - "forEachAsync": { - "version": "2.2.1", - "resolved": "http://npm-repo.devops.mhealth.tech/forEachAsync/-/forEachAsync-2.2.1.tgz", - "integrity": "sha1-43I/AJA5EOHrSx2zrVG1xkoxn+w=", - "requires": { - "sequence": "2.x" - } + "foreachasync": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/foreachasync/-/foreachasync-3.0.0.tgz", + "integrity": "sha1-VQKYfchxS+M5IJfzLgBxyd7gfPY=" }, "form-data": { "version": "1.0.0-rc4", @@ -1777,12 +1769,21 @@ } }, "handlebars": { - "version": "2.0.0", - "resolved": "http://npm-repo.devops.mhealth.tech/handlebars/-/handlebars-2.0.0.tgz", - "integrity": "sha1-bp1/hRSjRn+l6fgswVjs/B1ax28=", + "version": "4.5.3", + "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.5.3.tgz", + "integrity": "sha512-3yPecJoJHK/4c6aZhSvxOyG4vJKDshV36VHp0iVCDVh7o9w2vwi3NSnL2MMPj3YdduqaBcu7cGbggJQM0br9xA==", "requires": { - "optimist": "~0.3", - "uglify-js": "~2.3" + "neo-async": "^2.6.0", + "optimist": "^0.6.1", + "source-map": "^0.6.1", + "uglify-js": "^3.1.4" + }, + "dependencies": { + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + } } }, "has-ansi": { @@ -1842,12 +1843,12 @@ } }, "hbs": { - "version": "2.9.0", - "resolved": "http://npm-repo.devops.mhealth.tech/hbs/-/hbs-2.9.0.tgz", - "integrity": "sha1-pizhHUgmlYPgMDuQ/OkJxzHagIs=", + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/hbs/-/hbs-4.1.0.tgz", + "integrity": "sha512-YDrUBtLpwRl0H5uyCGLE2LGtGJl51VvJFBj/D+Cqyr6XMopCvwXA0ynRpd87u6aVIYCeGYZHESfZzPHbNMkOPA==", "requires": { - "handlebars": "2.0.0", - "walk": "2.2.1" + "handlebars": "4.5.3", + "walk": "2.3.14" } }, "he": { @@ -2903,6 +2904,11 @@ "resolved": "http://npm-repo.devops.mhealth.tech/negotiator/-/negotiator-0.6.2.tgz", "integrity": "sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw==" }, + "neo-async": { + "version": "2.6.1", + "resolved": "https://registry.npmjs.org/neo-async/-/neo-async-2.6.1.tgz", + "integrity": "sha512-iyam8fBuCUpWeKPGpaNMetEocMt364qkCsfL9JuhjXX6dRnguRVOfk2GZaDpPjcOKiiXCPINZC1GczQ7iTq3Zw==" + }, "next-tick": { "version": "0.2.2", "resolved": "http://npm-repo.devops.mhealth.tech/next-tick/-/next-tick-0.2.2.tgz", @@ -3021,11 +3027,19 @@ } }, "optimist": { - "version": "0.3.7", - "resolved": "http://npm-repo.devops.mhealth.tech/optimist/-/optimist-0.3.7.tgz", - "integrity": "sha1-yQlBrVnkJzMokjB00s8ufLxuwNk=", + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.6.1.tgz", + "integrity": "sha1-2j6nRob6IaGaERwybpDrFaAZZoY=", "requires": { + "minimist": "~0.0.1", "wordwrap": "~0.0.2" + }, + "dependencies": { + "minimist": { + "version": "0.0.10", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.10.tgz", + "integrity": "sha1-3j+YVD2/lggr5IrRoMfNqDYwHc8=" + } } }, "orchestrator": { @@ -3457,11 +3471,6 @@ } } }, - "sequence": { - "version": "2.2.1", - "resolved": "http://npm-repo.devops.mhealth.tech/sequence/-/sequence-2.2.1.tgz", - "integrity": "sha1-f1YXiV1ENRwKBH52RGdpBJChawM=" - }, "sequencify": { "version": "0.0.7", "resolved": "http://npm-repo.devops.mhealth.tech/sequencify/-/sequencify-0.0.7.tgz", @@ -3642,6 +3651,7 @@ "version": "0.1.43", "resolved": "http://npm-repo.devops.mhealth.tech/source-map/-/source-map-0.1.43.tgz", "integrity": "sha1-wkvBRspRfBRx9drL4lcbK3+eM0Y=", + "dev": true, "requires": { "amdefine": ">=0.0.4" } @@ -4070,14 +4080,27 @@ } }, "uglify-js": { - "version": "2.3.6", - "resolved": "http://npm-repo.devops.mhealth.tech/uglify-js/-/uglify-js-2.3.6.tgz", - "integrity": "sha1-+gmEdwtCi3qbKoBY9GNV0U/vIRo=", + "version": "3.7.5", + "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.7.5.tgz", + "integrity": "sha512-GFZ3EXRptKGvb/C1Sq6nO1iI7AGcjyqmIyOw0DrD0675e+NNbGO72xmMM2iEBdFbxaTLo70NbjM/Wy54uZIlsg==", "optional": true, "requires": { - "async": "~0.2.6", - "optimist": "~0.3.5", - "source-map": "~0.1.7" + "commander": "~2.20.3", + "source-map": "~0.6.1" + }, + "dependencies": { + "commander": { + "version": "2.20.3", + "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz", + "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==", + "optional": true + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "optional": true + } } }, "unc-path-regex": { @@ -4326,11 +4349,11 @@ } }, "walk": { - "version": "2.2.1", - "resolved": "http://npm-repo.devops.mhealth.tech/walk/-/walk-2.2.1.tgz", - "integrity": "sha1-WtofjknkfUt0Rdi+ei4eYxq0MBY=", + "version": "2.3.14", + "resolved": "https://registry.npmjs.org/walk/-/walk-2.3.14.tgz", + "integrity": "sha512-5skcWAUmySj6hkBdH6B6+3ddMjVQYH5Qy9QGbPmN8kVmLteXk+yVXg+yfk1nbX30EYakahLrr8iPcCxJQSCBeg==", "requires": { - "forEachAsync": "~2.2" + "foreachasync": "^3.0.0" } }, "websocket-driver": { @@ -4367,7 +4390,7 @@ }, "wordwrap": { "version": "0.0.3", - "resolved": "http://npm-repo.devops.mhealth.tech/wordwrap/-/wordwrap-0.0.3.tgz", + "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.3.tgz", "integrity": "sha1-o9XabNXAvAAI03I0u68b7WMFkQc=" }, "wrappy": { diff --git a/package.json b/package.json index 62a271a..c6736d0 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ "cors": "^2.4.2", "express": "^4.9.7", "fecha": "^2.3.3", - "hbs": "^2.7.0", + "hbs": "^4.1.0", "lodash": "^2.4.1" }, "devDependencies": {