diff --git a/package.json b/package.json
index c8b786ad8..438121b4f 100644
--- a/package.json
+++ b/package.json
@@ -49,6 +49,8 @@
"resolutions": {
"selenium-webdriver": "4.10.0",
"glob-parent": "^5.1.2",
- "debug": "^4.3.4"
+ "debug": "^4.3.4",
+ "ejs": "^3.1.10",
+ "express": "^4.19.2"
}
}
diff --git a/public/apps/configuration/panels/audit-logging/audit-logging.tsx b/public/apps/configuration/panels/audit-logging/audit-logging.tsx
index 338a7d7a5..344400a4b 100644
--- a/public/apps/configuration/panels/audit-logging/audit-logging.tsx
+++ b/public/apps/configuration/panels/audit-logging/audit-logging.tsx
@@ -260,7 +260,7 @@ export function AuditLogging(props: AuditLoggingProps) {
/>
- Audit Logging
+ Audit logging
diff --git a/public/apps/configuration/panels/audit-logging/test/__snapshots__/audit-logging.test.tsx.snap b/public/apps/configuration/panels/audit-logging/test/__snapshots__/audit-logging.test.tsx.snap
index e44012a64..c93f11948 100644
--- a/public/apps/configuration/panels/audit-logging/test/__snapshots__/audit-logging.test.tsx.snap
+++ b/public/apps/configuration/panels/audit-logging/test/__snapshots__/audit-logging.test.tsx.snap
@@ -260,9 +260,9 @@ exports[`Audit logs render when AuditLoggingSettings.enabled is true 1`] = `
-
- Audit Logging
-
+
+ Audit logging
+
@@ -670,9 +670,9 @@ exports[`Audit logs should load access error component 1`] = `
-
- Audit Logging
-
+
+ Audit logging
+
diff --git a/public/apps/configuration/panels/user-list.tsx b/public/apps/configuration/panels/user-list.tsx
index 4e838fe5b..6b605af3a 100644
--- a/public/apps/configuration/panels/user-list.tsx
+++ b/public/apps/configuration/panels/user-list.tsx
@@ -256,7 +256,7 @@ export function UserList(props: AppDependencies) {
href={buildHashUrl(ResourceType.users, Action.create)}
data-test-subj="create-user"
>
- Create user account
+ Create internal user
diff --git a/public/apps/login/login-page.tsx b/public/apps/login/login-page.tsx
index f8bf6e5f4..66915dd9f 100644
--- a/public/apps/login/login-page.tsx
+++ b/public/apps/login/login-page.tsx
@@ -17,7 +17,6 @@ import React, { useState } from 'react';
import {
EuiText,
EuiFieldText,
- EuiIcon,
EuiSpacer,
EuiButton,
EuiImage,
@@ -194,7 +193,7 @@ export function LoginPage(props: LoginPageDeps) {
data-test-subj="user-name"
aria-label="username_input"
placeholder="Username"
- prepend={}
+ icon="user"
onChange={(e) => setUsername(e.target.value)}
value={username}
isInvalid={usernameValidationFailed}
diff --git a/public/apps/login/test/__snapshots__/login-page.test.tsx.snap b/public/apps/login/test/__snapshots__/login-page.test.tsx.snap
index 0fb0cb0a8..e75489902 100644
--- a/public/apps/login/test/__snapshots__/login-page.test.tsx.snap
+++ b/public/apps/login/test/__snapshots__/login-page.test.tsx.snap
@@ -44,14 +44,10 @@ exports[`Login page renders renders with config value for multiauth 1`] = `
- }
value=""
/>
@@ -195,14 +191,10 @@ exports[`Login page renders renders with config value for multiauth with anonymo
- }
value=""
/>
@@ -364,14 +356,10 @@ exports[`Login page renders renders with config value with anonymous auth enable
- }
value=""
/>
@@ -483,14 +471,10 @@ exports[`Login page renders renders with config value with anonymous auth enable
- }
value=""
/>
@@ -602,14 +586,10 @@ exports[`Login page renders renders with config value: string 1`] = `
- }
value=""
/>
@@ -703,14 +683,10 @@ exports[`Login page renders renders with config value: string array 1`] = `
- }
value=""
/>
@@ -804,14 +780,10 @@ exports[`Login page renders renders with default value: string 1`] = `
- }
value=""
/>
@@ -905,14 +877,10 @@ exports[`Login page renders renders with default value: string array 1`] = `
- }
value=""
/>
diff --git a/release-notes/opensearch-security-dashboards-plugin.release-notes-2.15.0.0.md b/release-notes/opensearch-security-dashboards-plugin.release-notes-2.15.0.0.md
new file mode 100644
index 000000000..c61d1013a
--- /dev/null
+++ b/release-notes/opensearch-security-dashboards-plugin.release-notes-2.15.0.0.md
@@ -0,0 +1,18 @@
+## Version 2.15.0 Release Notes
+
+Compatible with OpenSearch and OpenSearch Dashboards version 2.15.0
+
+### Enhancements
+* Remove tenant tab when disabled via yaml ([#1960](https://github.com/opensearch-project/security-dashboards-plugin/pull/1960))
+* Always show security screen and shows error page when trying to access forbidden data-source ([#1964](https://github.com/opensearch-project/security-dashboards-plugin/pull/1964))
+* Provide ability to view password ([#1980](https://github.com/opensearch-project/security-dashboards-plugin/pull/1980))
+* Make login screen input feels consistent ([#1993](https://github.com/opensearch-project/security-dashboards-plugin/pull/1993))
+
+### Bug Fixes
+* Fix bugs where pages were stuck in error state ([#1944](https://github.com/opensearch-project/security-dashboards-plugin/pull/1944))
+* Fix issue when using OpenID Authentication with serverBasePath ([#1899](https://github.com/opensearch-project/security-dashboards-plugin/pull/1899))
+* Fixes issue with expiryTime of OIDC cookie that causes refreshToken workflow to be skipped ([#1990](https://github.com/opensearch-project/security-dashboards-plugin/pull/1990))
+
+### Maintenance
+* Updating security reachout email ([#1948](https://github.com/opensearch-project/security-dashboards-plugin/pull/1948))
+* Bump ejs and express versions to address CVEs ([#1988](https://github.com/opensearch-project/security-dashboards-plugin/pull/1988))
diff --git a/server/auth/types/openid/openid_auth.test.ts b/server/auth/types/openid/openid_auth.test.ts
index c8cc839e7..58ed56547 100644
--- a/server/auth/types/openid/openid_auth.test.ts
+++ b/server/auth/types/openid/openid_auth.test.ts
@@ -37,6 +37,12 @@ interface Logger {
fatal(message: string): void;
}
+const mockClient = { post: jest.fn() };
+
+jest.mock('@hapi/wreck', () => ({
+ defaults: jest.fn(() => mockClient),
+}));
+
describe('test OpenId authHeaderValue', () => {
let router: IRouter;
let core: CoreSetup;
@@ -208,7 +214,7 @@ describe('test OpenId authHeaderValue', () => {
expect(wreckHttpsOptions.passphrase).toBeUndefined();
});
- test('Ensure expiryTime is being used to test validity of cookie', async () => {
+ test('Ensure accessToken expiryTime is being used to test validity of cookie', async () => {
const realDateNow = Date.now.bind(global.Date);
const dateNowStub = jest.fn(() => 0);
global.Date.now = dateNowStub;
@@ -229,22 +235,84 @@ describe('test OpenId authHeaderValue', () => {
const testCookie: SecuritySessionCookie = {
credentials: {
authHeaderValue: 'Bearer eyToken',
- expiry_time: -1,
+ expiryTime: 200,
},
- expiryTime: 2000,
+ expiryTime: 10000,
username: 'admin',
authType: 'openid',
};
+ // Credentials are valid because 0 < 200
expect(await openIdAuthentication.isValidCookie(testCookie, {})).toBe(true);
global.Date.now = realDateNow;
});
+ test('Ensure refreshToken workflow is called if current time is after access token expiry, but before session expiry', async () => {
+ const realDateNow = Date.now.bind(global.Date);
+ const dateNowStub = jest.fn(() => 300);
+ global.Date.now = dateNowStub;
+ const oidcConfig: unknown = {
+ openid: {
+ header: 'authorization',
+ scope: [],
+ extra_storage: {
+ cookie_prefix: 'testcookie',
+ additional_cookies: 0,
+ },
+ },
+ };
+
+ const openIdAuthentication = new OpenIdAuthentication(
+ oidcConfig as SecurityPluginConfigType,
+ sessionStorageFactory,
+ router,
+ esClient,
+ core,
+ logger
+ );
+ const testCookie: SecuritySessionCookie = {
+ credentials: {
+ authHeaderValue: 'Bearer eyToken',
+ expiryTime: 200,
+ refresh_token: 'refreshToken',
+ },
+ expiryTime: 10000,
+ username: 'admin',
+ authType: 'openid',
+ };
+
+ const mockRequestPayload = JSON.stringify({
+ grant_type: 'refresh_token',
+ client_id: 'clientId',
+ client_secret: 'clientSecret',
+ refresh_token: 'refreshToken',
+ });
+ const mockResponsePayload = JSON.stringify({
+ id_token: '.eyJleHAiOiIwLjUifQ.', // Translates to {"exp":"0.5"}
+ access_token: 'accessToken',
+ refresh_token: 'refreshToken',
+ });
+ mockClient.post.mockResolvedValue({
+ res: { statusCode: 200 },
+ payload: mockResponsePayload,
+ });
+
+ expect(await openIdAuthentication.isValidCookie(testCookie, {})).toBe(true);
+ expect(mockClient.post).toBeCalledTimes(1);
+ global.Date.now = realDateNow;
+ });
+
test('getKeepAliveExpiry', () => {
+ const realDateNow = Date.now.bind(global.Date);
+ const dateNowStub = jest.fn(() => 300);
+ global.Date.now = dateNowStub;
const oidcConfig: unknown = {
openid: {
scope: [],
},
+ session: {
+ ttl: 3600,
+ },
};
const openIdAuthentication = new OpenIdAuthentication(
@@ -262,6 +330,7 @@ describe('test OpenId authHeaderValue', () => {
expiryTime: 1000,
};
- expect(openIdAuthentication.getKeepAliveExpiry(testCookie, {})).toBe(1000);
+ expect(openIdAuthentication.getKeepAliveExpiry(testCookie, {})).toBe(3900);
+ global.Date.now = realDateNow;
});
});
diff --git a/server/auth/types/openid/openid_auth.ts b/server/auth/types/openid/openid_auth.ts
index b67e174c8..3292b68e1 100644
--- a/server/auth/types/openid/openid_auth.ts
+++ b/server/auth/types/openid/openid_auth.ts
@@ -250,12 +250,11 @@ export class OpenIdAuthentication extends AuthenticationType {
};
}
- // OIDC expiry time is set by the IDP and refreshed via refreshTokens
getKeepAliveExpiry(
cookie: SecuritySessionCookie,
request: OpenSearchDashboardsRequest
): number {
- return cookie.expiryTime!;
+ return Date.now() + this.config.session.ttl;
}
// TODO: Add token expiration check here
@@ -272,7 +271,7 @@ export class OpenIdAuthentication extends AuthenticationType {
return false;
}
- if (cookie.expiryTime > Date.now()) {
+ if (cookie.credentials.expiryTime > Date.now()) {
return true;
}
@@ -296,8 +295,8 @@ export class OpenIdAuthentication extends AuthenticationType {
cookie.credentials = {
authHeaderValueExtra: true,
refresh_token: refreshTokenResponse.refreshToken,
+ expiryTime: getExpirationDate(refreshTokenResponse),
};
- cookie.expiryTime = getExpirationDate(refreshTokenResponse);
setExtraAuthStorage(
request,
diff --git a/server/auth/types/openid/routes.ts b/server/auth/types/openid/routes.ts
index 51ac1a85d..8634f09e2 100644
--- a/server/auth/types/openid/routes.ts
+++ b/server/auth/types/openid/routes.ts
@@ -195,9 +195,10 @@ export class OpenIdAuthRoutes {
username: user.username,
credentials: {
authHeaderValueExtra: true,
+ expiryTime: getExpirationDate(tokenResponse),
},
authType: AuthType.OPEN_ID,
- expiryTime: getExpirationDate(tokenResponse),
+ expiryTime: Date.now() + this.config.session.ttl,
};
if (this.config.openid?.refresh_tokens && tokenResponse.refreshToken) {
Object.assign(sessionStorage.credentials, {
diff --git a/yarn.lock b/yarn.lock
index 56cd2a0fa..20a357290 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -638,7 +638,7 @@ async-each@^1.0.1:
resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.6.tgz#52f1d9403818c179b7561e11a5d1b77eb2160e77"
integrity sha512-c646jH1avxr+aVpndVMeAfYw7wAa6idufrlN3LPA4PmKS0QEGp6PIC9nwz0WQkkvBGAMEki3pFdtxaF39J9vvg==
-async@^3.2.0:
+async@^3.2.0, async@^3.2.3:
version "3.2.5"
resolved "https://registry.yarnpkg.com/async/-/async-3.2.5.tgz#ebd52a8fdaf7a2289a24df399f8d8485c8a46b66"
integrity sha512-baNZyqaaLhyLVKm/DlvdW051MSgO6b8eVfIezl9E5PqWxFgzLm/wQntEW4zOytVburDEr0JlALEpdOFwvErLsg==
@@ -762,13 +762,13 @@ bn.js@^5.0.0, bn.js@^5.2.1:
resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-5.2.1.tgz#0bc527a6a0d18d0aa8d5b0538ce4a77dccfa7b70"
integrity sha512-eXRvHzWyYPBuB4NBy0cmYQjGitUrtqwbvlzP3G6VFnNRbsZQIxQ10PbKKHt8gZ/HW/D/747aDl+QkDqg3KQLMQ==
-body-parser@1.20.1:
- version "1.20.1"
- resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.1.tgz#b1812a8912c195cd371a3ee5e66faa2338a5c668"
- integrity sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==
+body-parser@1.20.2:
+ version "1.20.2"
+ resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.2.tgz#6feb0e21c4724d06de7ff38da36dad4f57a747fd"
+ integrity sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==
dependencies:
bytes "3.1.2"
- content-type "~1.0.4"
+ content-type "~1.0.5"
debug "2.6.9"
depd "2.0.0"
destroy "1.2.0"
@@ -776,7 +776,7 @@ body-parser@1.20.1:
iconv-lite "0.4.24"
on-finished "2.4.1"
qs "6.11.0"
- raw-body "2.5.1"
+ raw-body "2.5.2"
type-is "~1.6.18"
unpipe "1.0.0"
@@ -804,6 +804,13 @@ brace-expansion@^1.1.7:
balanced-match "^1.0.0"
concat-map "0.0.1"
+brace-expansion@^2.0.1:
+ version "2.0.1"
+ resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-2.0.1.tgz#1edc459e0f0c548486ecf9fc99f2221364b9a0ae"
+ integrity sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==
+ dependencies:
+ balanced-match "^1.0.0"
+
braces@^2.3.1, braces@^2.3.2:
version "2.3.2"
resolved "https://registry.yarnpkg.com/braces/-/braces-2.3.2.tgz#5979fd3f14cd531565e5fa2df1abfff1dfaee729"
@@ -995,7 +1002,7 @@ caseless@~0.12.0:
resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.12.0.tgz#1b681c21ff84033c826543090689420d187151dc"
integrity sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==
-chalk@^4.0.0, chalk@^4.1.0, chalk@^4.1.2:
+chalk@^4.0.0, chalk@^4.0.2, chalk@^4.1.0, chalk@^4.1.2:
version "4.1.2"
resolved "https://registry.yarnpkg.com/chalk/-/chalk-4.1.2.tgz#aac4e2b7734a740867aeb16bf02aad556a1e7a01"
integrity sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==
@@ -1221,7 +1228,7 @@ content-disposition@0.5.4:
dependencies:
safe-buffer "5.2.1"
-content-type@~1.0.4:
+content-type@~1.0.4, content-type@~1.0.5:
version "1.0.5"
resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.5.tgz#8b773162656d1d1086784c8f23a54ce6d73d7918"
integrity sha512-nTjqfcBFEipKdXCv4YDQWCfmcLZKm81ldF0pAopTvyrFGVbcR6P/VAAd5G7N+0tTr8QqiU0tFadD6FK4NtJwOA==
@@ -1236,10 +1243,10 @@ cookie@0.4.2:
resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.4.2.tgz#0e41f24de5ecf317947c82fc789e06a884824432"
integrity sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==
-cookie@0.5.0:
- version "0.5.0"
- resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.5.0.tgz#d1f5d71adec6558c58f389987c366aa47e994f8b"
- integrity sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==
+cookie@0.6.0:
+ version "0.6.0"
+ resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.6.0.tgz#2798b04b071b0ecbff0dbb62a505a8efa4e19051"
+ integrity sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==
copy-concurrently@^1.0.0:
version "1.0.5"
@@ -1539,10 +1546,12 @@ ee-first@1.1.1:
resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d"
integrity sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==
-ejs@2.5.5:
- version "2.5.5"
- resolved "https://registry.yarnpkg.com/ejs/-/ejs-2.5.5.tgz#6ef4e954ea7dcf54f66aad2fe7aa421932d9ed77"
- integrity sha512-SVMZ8TKYCxHL6gb7f9QVpvnMPxZpdrT65IH6awbFex+bVAWtEYW0LoRbiViOJn6t1v/J0tVrl9fx6XOuJ5fjTA==
+ejs@2.5.5, ejs@^3.1.10:
+ version "3.1.10"
+ resolved "https://registry.yarnpkg.com/ejs/-/ejs-3.1.10.tgz#69ab8358b14e896f80cc39e62087b88500c3ac3b"
+ integrity sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==
+ dependencies:
+ jake "^10.8.5"
elliptic@^6.5.3, elliptic@^6.5.4:
version "6.5.4"
@@ -1838,17 +1847,17 @@ express-session@^1.17.1:
safe-buffer "5.2.1"
uid-safe "~2.1.5"
-express@^4.17.1:
- version "4.18.2"
- resolved "https://registry.yarnpkg.com/express/-/express-4.18.2.tgz#3fabe08296e930c796c19e3c516979386ba9fd59"
- integrity sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==
+express@^4.17.1, express@^4.19.2:
+ version "4.19.2"
+ resolved "https://registry.yarnpkg.com/express/-/express-4.19.2.tgz#e25437827a3aa7f2a827bc8171bbbb664a356465"
+ integrity sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==
dependencies:
accepts "~1.3.8"
array-flatten "1.1.1"
- body-parser "1.20.1"
+ body-parser "1.20.2"
content-disposition "0.5.4"
content-type "~1.0.4"
- cookie "0.5.0"
+ cookie "0.6.0"
cookie-signature "1.0.6"
debug "2.6.9"
depd "2.0.0"
@@ -1964,6 +1973,13 @@ file-uri-to-path@1.0.0:
resolved "https://registry.yarnpkg.com/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz#553a7b8446ff6f684359c445f1e37a05dacc33dd"
integrity sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==
+filelist@^1.0.4:
+ version "1.0.4"
+ resolved "https://registry.yarnpkg.com/filelist/-/filelist-1.0.4.tgz#f78978a1e944775ff9e62e744424f215e58352b5"
+ integrity sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==
+ dependencies:
+ minimatch "^5.0.1"
+
fill-range@^4.0.0:
version "4.0.0"
resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-4.0.0.tgz#d544811d428f98eb06a63dc402d2403c328c38f7"
@@ -2811,6 +2827,16 @@ isstream@~0.1.2:
resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a"
integrity sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==
+jake@^10.8.5:
+ version "10.9.1"
+ resolved "https://registry.yarnpkg.com/jake/-/jake-10.9.1.tgz#8dc96b7fcc41cb19aa502af506da4e1d56f5e62b"
+ integrity sha512-61btcOHNnLnsOdtLgA5efqQWjnSi/vow5HbI7HMdKKWqvrKR1bLK3BPlJn9gcSaP2ewuamUSMB5XEy76KUIS2w==
+ dependencies:
+ async "^3.2.3"
+ chalk "^4.0.2"
+ filelist "^1.0.4"
+ minimatch "^3.1.2"
+
jose@^5.2.4:
version "5.2.4"
resolved "https://registry.yarnpkg.com/jose/-/jose-5.2.4.tgz#c0d296caeeed0b8444a8b8c3b68403d61aa4ed72"
@@ -3167,13 +3193,20 @@ minimalistic-crypto-utils@^1.0.1:
resolved "https://registry.yarnpkg.com/minimalistic-crypto-utils/-/minimalistic-crypto-utils-1.0.1.tgz#f6c00c1c0b082246e5c4d99dfb8c7c083b2b582a"
integrity sha512-JIYlbt6g8i5jKfJ3xz7rF0LXmv2TkDxBLUkiBeZ7bAx4GnnNMr8xFpGnOxn6GhTEHx3SjRrZEoU+j04prX1ktg==
-minimatch@^3.1.1:
+minimatch@^3.1.1, minimatch@^3.1.2:
version "3.1.2"
resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.2.tgz#19cd194bfd3e428f049a70817c038d89ab4be35b"
integrity sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==
dependencies:
brace-expansion "^1.1.7"
+minimatch@^5.0.1:
+ version "5.1.6"
+ resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-5.1.6.tgz#1cfcb8cf5522ea69952cd2af95ae09477f122a96"
+ integrity sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==
+ dependencies:
+ brace-expansion "^2.0.1"
+
minimist@^1.2.5, minimist@^1.2.6, minimist@^1.2.8:
version "1.2.8"
resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.8.tgz#c1a464e7693302e082a075cee0c057741ac4772c"
@@ -3803,10 +3836,10 @@ raw-body@2.4.3:
iconv-lite "0.4.24"
unpipe "1.0.0"
-raw-body@2.5.1:
- version "2.5.1"
- resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.5.1.tgz#fe1b1628b181b700215e5fd42389f98b71392857"
- integrity sha512-qqJBtEyVgS0ZmPGdCFPWJ3FreoqvG4MVQln/kCgF7Olq95IbOp0/BWyMwbdtn4VTvkM8Y7khCQ2Xgk/tcrCXig==
+raw-body@2.5.2:
+ version "2.5.2"
+ resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.5.2.tgz#99febd83b90e08975087e8f1f9419a149366b68a"
+ integrity sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==
dependencies:
bytes "3.1.2"
http-errors "2.0.0"