From d494f3cb48ba99ba107fc4b9e512ad0f158f589a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 11 Jan 2025 07:06:34 +0000 Subject: [PATCH] fix: deployment/frontend/package.json & deployment/frontend/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-8602067 - https://snyk.io/vuln/SNYK-JS-NANOID-8492085 --- deployment/frontend/package-lock.json | 201 +++++++++++++++----------- deployment/frontend/package.json | 4 +- 2 files changed, 118 insertions(+), 87 deletions(-) diff --git a/deployment/frontend/package-lock.json b/deployment/frontend/package-lock.json index fc4c338c4..133be86ab 100644 --- a/deployment/frontend/package-lock.json +++ b/deployment/frontend/package-lock.json @@ -58,7 +58,7 @@ "@types/mdx": "^2.0.13", "@types/nprogress": "^0.2.3", "@uppy/aws-s3": "^3.4.0", - "@uppy/core": "^3.6.1", + "@uppy/core": "^4.3.2", "@uppy/react": "^3.1.4", "@vizzuality/layer-manager": "^5.0.3", "@xstate/react": "^3.2.2", @@ -83,7 +83,7 @@ "mapbox-gl-draw-rectangle-mode": "^1.0.4", "math.gl": "^3.4.2", "moment": "^2.29.2", - "next": "^13.5.7", + "next": "^13.5.8", "next-auth": "^4.24.5", "next-seo": "^6.1.0", "next-sitemap": "^4.2.3", @@ -2460,9 +2460,10 @@ } }, "node_modules/@next/env": { - "version": "13.5.7", - "resolved": "https://registry.npmjs.org/@next/env/-/env-13.5.7.tgz", - "integrity": "sha512-uVuRqoj28Ys/AI/5gVEgRAISd0KWI0HRjOO1CTpNgmX3ZsHb5mdn14Y59yk0IxizXdo7ZjsI2S7qbWnO+GNBcA==" + "version": "13.5.8", + "resolved": "https://registry.npmjs.org/@next/env/-/env-13.5.8.tgz", + "integrity": "sha512-YmiG58BqyZ2FjrF2+5uZExL2BrLr8RTQzLXNDJ8pJr0O+rPlOeDPXp1p1/4OrR3avDidzZo3D8QO2cuDv1KCkw==", + "license": "MIT" }, "node_modules/@next/eslint-plugin-next": { "version": "13.5.7", @@ -2494,12 +2495,13 @@ } }, "node_modules/@next/swc-darwin-arm64": { - "version": "13.5.7", - "resolved": "https://registry.npmjs.org/@next/swc-darwin-arm64/-/swc-darwin-arm64-13.5.7.tgz", - "integrity": "sha512-7SxmxMex45FvKtRoP18eftrDCMyL6WQVYJSEE/s7A1AW/fCkznxjEShKet2iVVzf89gWp8HbXGaL4hCaseux6g==", + "version": "13.5.8", + "resolved": "https://registry.npmjs.org/@next/swc-darwin-arm64/-/swc-darwin-arm64-13.5.8.tgz", + "integrity": "sha512-HkFw3QPeIy9bImWVTbsvzfEWQkuzBEQTK/L7ORMg+9sXNN0vNR5Gz/chD4/VbozTHyA38lWTrMBfLoWVpD+2IA==", "cpu": [ "arm64" ], + "license": "MIT", "optional": true, "os": [ "darwin" @@ -2509,12 +2511,13 @@ } }, "node_modules/@next/swc-darwin-x64": { - "version": "13.5.7", - "resolved": "https://registry.npmjs.org/@next/swc-darwin-x64/-/swc-darwin-x64-13.5.7.tgz", - "integrity": "sha512-6iENvgyIkGFLFszBL4b1VfEogKC3TDPEB6/P/lgxmgXVXIV09Q4or1MVn+U/tYyYmm7oHMZ3oxGpHAyJ80nA6g==", + "version": "13.5.8", + "resolved": "https://registry.npmjs.org/@next/swc-darwin-x64/-/swc-darwin-x64-13.5.8.tgz", + "integrity": "sha512-TpRTH5FyH4qGw0MCq6UE3yQGWtwhdDCwSE0wWcYwDWC5cpx3mGKVmAVKwDNbrpk0U5bl0tEzgxp5X4UPHWA81A==", "cpu": [ "x64" ], + "license": "MIT", "optional": true, "os": [ "darwin" @@ -2524,12 +2527,13 @@ } }, "node_modules/@next/swc-linux-arm64-gnu": { - "version": "13.5.7", - "resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-gnu/-/swc-linux-arm64-gnu-13.5.7.tgz", - "integrity": "sha512-P42jDX56wu9zEdVI+Xv4zyTeXB3DpqgE1Gb4bWrc0s2RIiDYr6uKBprnOs1hCGIwfVyByxyTw5Va66QCdFFNUg==", + "version": "13.5.8", + "resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-gnu/-/swc-linux-arm64-gnu-13.5.8.tgz", + "integrity": "sha512-KUPKuu4EZCCTU5M61YLpuL2fKMWQRijJLtBk2Hph8FJUx6RsNRDwS0MVlJqAr2IwjJwrNxYm5QAdQ1LuRbrZMw==", "cpu": [ "arm64" ], + "license": "MIT", "optional": true, "os": [ "linux" @@ -2539,12 +2543,13 @@ } }, "node_modules/@next/swc-linux-arm64-musl": { - "version": "13.5.7", - "resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-musl/-/swc-linux-arm64-musl-13.5.7.tgz", - "integrity": "sha512-A06vkj+8X+tLRzSja5REm/nqVOCzR+x5Wkw325Q/BQRyRXWGCoNbQ6A+BR5M86TodigrRfI3lUZEKZKe3QJ9Bg==", + "version": "13.5.8", + "resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-musl/-/swc-linux-arm64-musl-13.5.8.tgz", + "integrity": "sha512-hLyaBgXynyuVgqLwzcwF6loc0XuEz9zuK8XbzX5uslj3aqiw38l+qL1IJNLzHmkDX0nfVuBfIRV6QPsm0sCXnQ==", "cpu": [ "arm64" ], + "license": "MIT", "optional": true, "os": [ "linux" @@ -2554,12 +2559,13 @@ } }, "node_modules/@next/swc-linux-x64-gnu": { - "version": "13.5.7", - "resolved": "https://registry.npmjs.org/@next/swc-linux-x64-gnu/-/swc-linux-x64-gnu-13.5.7.tgz", - "integrity": "sha512-UdHm7AlxIbdRdMsK32cH0EOX4OmzAZ4Xm+UVlS0YdvwLkI3pb7AoBEoVMG5H0Wj6Wpz6GNkrFguHTRLymTy6kw==", + "version": "13.5.8", + "resolved": "https://registry.npmjs.org/@next/swc-linux-x64-gnu/-/swc-linux-x64-gnu-13.5.8.tgz", + "integrity": "sha512-IhxeEpi+U85GU9p6bVSAFMwuCNRdpmHueM8Z9DRft8f70Rvt3Q9tNFJxqLxAbiGoNOR7TuLNjAw2wJucHfMw3g==", "cpu": [ "x64" ], + "license": "MIT", "optional": true, "os": [ "linux" @@ -2569,12 +2575,13 @@ } }, "node_modules/@next/swc-linux-x64-musl": { - "version": "13.5.7", - "resolved": "https://registry.npmjs.org/@next/swc-linux-x64-musl/-/swc-linux-x64-musl-13.5.7.tgz", - "integrity": "sha512-c50Y8xBKU16ZGj038H6C13iedRglxvdQHD/1BOtes56gwUrIRDX2Nkzn3mYtpz3Wzax0gfAF9C0Nqljt93IxvA==", + "version": "13.5.8", + "resolved": "https://registry.npmjs.org/@next/swc-linux-x64-musl/-/swc-linux-x64-musl-13.5.8.tgz", + "integrity": "sha512-NQICDU7X/tcAVkTEfvpkq5Z1EViodDj3m18wiyJ5wpzOFf4LH7vFjLBVCWNcf3/sfqv/yfD8jshqrffOPtZitg==", "cpu": [ "x64" ], + "license": "MIT", "optional": true, "os": [ "linux" @@ -2584,12 +2591,13 @@ } }, "node_modules/@next/swc-win32-arm64-msvc": { - "version": "13.5.7", - "resolved": "https://registry.npmjs.org/@next/swc-win32-arm64-msvc/-/swc-win32-arm64-msvc-13.5.7.tgz", - "integrity": "sha512-NcUx8cmkA+JEp34WNYcKW6kW2c0JBhzJXIbw+9vKkt9m/zVJ+KfizlqmoKf04uZBtzFN6aqE2Fyv2MOd021WIA==", + "version": "13.5.8", + "resolved": "https://registry.npmjs.org/@next/swc-win32-arm64-msvc/-/swc-win32-arm64-msvc-13.5.8.tgz", + "integrity": "sha512-ndLIuFI/26CrhG+pqGkW+yPV/xuIijgaZbzPhujlDaUGczizzXgnI78iuisdPdGoMHLlQ9pRkFUeMGzENdyEHg==", "cpu": [ "arm64" ], + "license": "MIT", "optional": true, "os": [ "win32" @@ -2599,12 +2607,13 @@ } }, "node_modules/@next/swc-win32-ia32-msvc": { - "version": "13.5.7", - "resolved": "https://registry.npmjs.org/@next/swc-win32-ia32-msvc/-/swc-win32-ia32-msvc-13.5.7.tgz", - "integrity": "sha512-wXp+/3NVcuyJDED6gJiLXs5dqHaWO7moAB6aBtjlKZvsxBDxpcyjsfRbtHPeYtaT20zCkmPs69H0K25lrVZmlA==", + "version": "13.5.8", + "resolved": "https://registry.npmjs.org/@next/swc-win32-ia32-msvc/-/swc-win32-ia32-msvc-13.5.8.tgz", + "integrity": "sha512-9HUxSP76n8VbEtwZVNZDMY32Y4fm53ORaiopQkGQ4q54okYa5T8szhVkLTFKu4gaA/KJcJGvCC5dDIaqfSta1w==", "cpu": [ "ia32" ], + "license": "MIT", "optional": true, "os": [ "win32" @@ -2614,12 +2623,13 @@ } }, "node_modules/@next/swc-win32-x64-msvc": { - "version": "13.5.7", - "resolved": "https://registry.npmjs.org/@next/swc-win32-x64-msvc/-/swc-win32-x64-msvc-13.5.7.tgz", - "integrity": "sha512-PLyD3Dl6jTTkLG8AoqhPGd5pXtSs8wbqIhWPQt3yEMfnYld/dGYuF2YPs3YHaVFrijCIF9pXY3+QOyvP23Zn7g==", + "version": "13.5.8", + "resolved": "https://registry.npmjs.org/@next/swc-win32-x64-msvc/-/swc-win32-x64-msvc-13.5.8.tgz", + "integrity": "sha512-WFisiehrLrkX/nv6Vg7CUT6tdrhO6Nv0mLh5zuYQ5GLD4OnaOHkBt9iRkOziMy7ny+qF+V7023+loZIV/R9j8A==", "cpu": [ "x64" ], + "license": "MIT", "optional": true, "os": [ "win32" @@ -7739,7 +7749,8 @@ "node_modules/@types/retry": { "version": "0.12.2", "resolved": "https://registry.npmjs.org/@types/retry/-/retry-0.12.2.tgz", - "integrity": "sha512-XISRgDJ2Tc5q4TRqvgJtzsRkFYNJzZrhTdtMoGVBttwzzQJkPnS3WWTFc7kuDRoPtPakl+T+OfdEUjYJj7Jbow==" + "integrity": "sha512-XISRgDJ2Tc5q4TRqvgJtzsRkFYNJzZrhTdtMoGVBttwzzQJkPnS3WWTFc7kuDRoPtPakl+T+OfdEUjYJj7Jbow==", + "license": "MIT" }, "node_modules/@types/semver": { "version": "7.5.8", @@ -8005,11 +8016,12 @@ "@uppy/core": "^3.9.1" } }, - "node_modules/@uppy/aws-s3-multipart": { + "node_modules/@uppy/aws-s3/node_modules/@uppy/aws-s3-multipart": { "version": "3.12.0", "resolved": "https://registry.npmjs.org/@uppy/aws-s3-multipart/-/aws-s3-multipart-3.12.0.tgz", "integrity": "sha512-l6/TlRjde/mP4LMFWdJIRBEUUceYXtAiNAHukfyzM3VbY3/+YrEJTAchsa4DrqAiyToJJu6b+xxvL2H46cDs3Q==", "deprecated": "Use @uppy/aws-s3 instead.", + "license": "MIT", "dependencies": { "@uppy/companion-client": "^3.8.1", "@uppy/utils": "^5.9.0" @@ -8018,6 +8030,33 @@ "@uppy/core": "^3.12.0" } }, + "node_modules/@uppy/aws-s3/node_modules/@uppy/companion-client": { + "version": "3.8.2", + "resolved": "https://registry.npmjs.org/@uppy/companion-client/-/companion-client-3.8.2.tgz", + "integrity": "sha512-WLjZ0Y6Fe7lzwU1YPvvQ/YqooejcgIZkT2TC39xr+QQ7Y1FwJECsyUdlKwgi1ee8TNpjoCrj3Q1Hjel/+p0VhA==", + "license": "MIT", + "dependencies": { + "@uppy/utils": "^5.9.0", + "namespace-emitter": "^2.0.1", + "p-retry": "^6.1.0" + }, + "peerDependencies": { + "@uppy/core": "^3.13.1" + } + }, + "node_modules/@uppy/aws-s3/node_modules/@uppy/xhr-upload": { + "version": "3.6.8", + "resolved": "https://registry.npmjs.org/@uppy/xhr-upload/-/xhr-upload-3.6.8.tgz", + "integrity": "sha512-zr3OHrIdo08jmCqTYKS0C7o3E0XQpjtZI40wmB6VvXYzu4x/aZankG9QqKxLiY0n8KbZ9aCIvO8loxBGoL7Kaw==", + "license": "MIT", + "dependencies": { + "@uppy/companion-client": "^3.8.1", + "@uppy/utils": "^5.9.0" + }, + "peerDependencies": { + "@uppy/core": "^3.13.0" + } + }, "node_modules/@uppy/aws-s3/node_modules/nanoid": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-4.0.2.tgz", @@ -8035,49 +8074,48 @@ "node": "^14 || ^16 || >=18" } }, - "node_modules/@uppy/companion-client": { - "version": "3.8.2", - "resolved": "https://registry.npmjs.org/@uppy/companion-client/-/companion-client-3.8.2.tgz", - "integrity": "sha512-WLjZ0Y6Fe7lzwU1YPvvQ/YqooejcgIZkT2TC39xr+QQ7Y1FwJECsyUdlKwgi1ee8TNpjoCrj3Q1Hjel/+p0VhA==", - "dependencies": { - "@uppy/utils": "^5.9.0", - "namespace-emitter": "^2.0.1", - "p-retry": "^6.1.0" - }, - "peerDependencies": { - "@uppy/core": "^3.13.1" - } - }, "node_modules/@uppy/core": { - "version": "3.13.1", - "resolved": "https://registry.npmjs.org/@uppy/core/-/core-3.13.1.tgz", - "integrity": "sha512-iQGAUO4ziQRpfv7kix6tO6JOWqjI0K4vt8AynvHWzDPZxYSba3zd6RojGNPsYWSR7Xv+dRXYx+GU8oTiK1FRUA==", + "version": "4.3.2", + "resolved": "https://registry.npmjs.org/@uppy/core/-/core-4.3.2.tgz", + "integrity": "sha512-c4WzS56WpAAjyl7mKi4B+DQQWmHDhZOI0jAzUlsF32xSO1TdNxJIGIFjTHcEJPxnrBOtV83m1vu2A+cehXFFRw==", + "license": "MIT", "dependencies": { "@transloadit/prettier-bytes": "^0.3.4", - "@uppy/store-default": "^3.2.2", - "@uppy/utils": "^5.9.0", + "@uppy/store-default": "^4.1.2", + "@uppy/utils": "^6.0.6", "lodash": "^4.17.21", "mime-match": "^1.0.2", "namespace-emitter": "^2.0.1", - "nanoid": "^4.0.0", + "nanoid": "^5.0.9", + "preact": "^10.5.13" + } + }, + "node_modules/@uppy/core/node_modules/@uppy/utils": { + "version": "6.1.1", + "resolved": "https://registry.npmjs.org/@uppy/utils/-/utils-6.1.1.tgz", + "integrity": "sha512-60guVvz+TXvN1gEgbTjDAfleo6HeTGE02/9T+tycv7hVqIkzLbYsJBgVFhVY/Y2fBW0fOX/lzKc1kN4YZQtvpA==", + "license": "MIT", + "dependencies": { + "lodash": "^4.17.21", "preact": "^10.5.13" } }, "node_modules/@uppy/core/node_modules/nanoid": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-4.0.2.tgz", - "integrity": "sha512-7ZtY5KTCNheRGfEFxnedV5zFiORN1+Y1N6zvPTnHQd8ENUvfaDBeuJDZb2bN/oXwXxu3qkTXDzy57W5vAmDTBw==", + "version": "5.0.9", + "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-5.0.9.tgz", + "integrity": "sha512-Aooyr6MXU6HpvvWXKoVoXwKMs/KyVakWwg7xQfv5/S/RIgJMy0Ifa45H9qqYy7pTCszrHzP21Uk4PZq2HpEM8Q==", "funding": [ { "type": "github", "url": "https://github.com/sponsors/ai" } ], + "license": "MIT", "bin": { "nanoid": "bin/nanoid.js" }, "engines": { - "node": "^14 || ^16 || >=18" + "node": "^18 || >=20" } }, "node_modules/@uppy/react": { @@ -8116,9 +8154,10 @@ } }, "node_modules/@uppy/store-default": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/@uppy/store-default/-/store-default-3.2.2.tgz", - "integrity": "sha512-OiSgT++Jj4nLK0N9WTeod3UNjCH81OXE5BcMJCd9oWzl2d0xPNq2T/E9Y6O72XVd+6Y7+tf5vZlPElutfMB3KQ==" + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/@uppy/store-default/-/store-default-4.2.0.tgz", + "integrity": "sha512-PieFVa8yTvRHIqsNKfpO/yaJw5Ae/hT7uT58ryw7gvCBY5bHrNWxH5N0XFe8PFHMpLpLn8v3UXGx9ib9QkB6+Q==", + "license": "MIT" }, "node_modules/@uppy/utils": { "version": "5.9.0", @@ -8129,18 +8168,6 @@ "preact": "^10.5.13" } }, - "node_modules/@uppy/xhr-upload": { - "version": "3.6.8", - "resolved": "https://registry.npmjs.org/@uppy/xhr-upload/-/xhr-upload-3.6.8.tgz", - "integrity": "sha512-zr3OHrIdo08jmCqTYKS0C7o3E0XQpjtZI40wmB6VvXYzu4x/aZankG9QqKxLiY0n8KbZ9aCIvO8loxBGoL7Kaw==", - "dependencies": { - "@uppy/companion-client": "^3.8.1", - "@uppy/utils": "^5.9.0" - }, - "peerDependencies": { - "@uppy/core": "^3.13.0" - } - }, "node_modules/@vitest/expect": { "version": "1.6.0", "resolved": "https://registry.npmjs.org/@vitest/expect/-/expect-1.6.0.tgz", @@ -13823,6 +13850,7 @@ "version": "1.1.0", "resolved": "https://registry.npmjs.org/is-network-error/-/is-network-error-1.1.0.tgz", "integrity": "sha512-tUdRRAnhT+OtCZR/LxZelH/C7QtjtFrTu5tXCA8pl55eTUElUHT+GPYV8MBMBvea/j+NxQqVt3LbWMRir7Gx9g==", + "license": "MIT", "engines": { "node": ">=16" }, @@ -15934,11 +15962,12 @@ "peer": true }, "node_modules/next": { - "version": "13.5.7", - "resolved": "https://registry.npmjs.org/next/-/next-13.5.7.tgz", - "integrity": "sha512-W7KIRTE+hPcgGdq89P3mQLDX3m7pJ6nxSyC+YxYaUExE+cS4UledB+Ntk98tKoyhsv6fjb2TRAnD7VDvoqmeFg==", + "version": "13.5.8", + "resolved": "https://registry.npmjs.org/next/-/next-13.5.8.tgz", + "integrity": "sha512-VlR7FaXpSibCs7ujOqStaDFTGSdX/NvWgLDcd47oiHUe8i63ZtNkX9intgcYAu/MxpaeEGinHaMB5mwxuzglKw==", + "license": "MIT", "dependencies": { - "@next/env": "13.5.7", + "@next/env": "13.5.8", "@swc/helpers": "0.5.2", "busboy": "1.6.0", "caniuse-lite": "^1.0.30001406", @@ -15953,15 +15982,15 @@ "node": ">=16.14.0" }, "optionalDependencies": { - "@next/swc-darwin-arm64": "13.5.7", - "@next/swc-darwin-x64": "13.5.7", - "@next/swc-linux-arm64-gnu": "13.5.7", - "@next/swc-linux-arm64-musl": "13.5.7", - "@next/swc-linux-x64-gnu": "13.5.7", - "@next/swc-linux-x64-musl": "13.5.7", - "@next/swc-win32-arm64-msvc": "13.5.7", - "@next/swc-win32-ia32-msvc": "13.5.7", - "@next/swc-win32-x64-msvc": "13.5.7" + "@next/swc-darwin-arm64": "13.5.8", + "@next/swc-darwin-x64": "13.5.8", + "@next/swc-linux-arm64-gnu": "13.5.8", + "@next/swc-linux-arm64-musl": "13.5.8", + "@next/swc-linux-x64-gnu": "13.5.8", + "@next/swc-linux-x64-musl": "13.5.8", + "@next/swc-win32-arm64-msvc": "13.5.8", + "@next/swc-win32-ia32-msvc": "13.5.8", + "@next/swc-win32-x64-msvc": "13.5.8" }, "peerDependencies": { "@opentelemetry/api": "^1.1.0", @@ -16886,6 +16915,7 @@ "version": "6.2.1", "resolved": "https://registry.npmjs.org/p-retry/-/p-retry-6.2.1.tgz", "integrity": "sha512-hEt02O4hUct5wtwg4H4KcWgDdm+l1bOaEy/hWzd8xtXB9BqxTWBBhb+2ImAtH4Cv4rPjV76xN3Zumqk3k3AhhQ==", + "license": "MIT", "dependencies": { "@types/retry": "0.12.2", "is-network-error": "^1.0.0", @@ -19112,6 +19142,7 @@ "version": "0.13.1", "resolved": "https://registry.npmjs.org/retry/-/retry-0.13.1.tgz", "integrity": "sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg==", + "license": "MIT", "engines": { "node": ">= 4" } diff --git a/deployment/frontend/package.json b/deployment/frontend/package.json index 15b52326b..32d45677b 100644 --- a/deployment/frontend/package.json +++ b/deployment/frontend/package.json @@ -62,7 +62,7 @@ "@types/mdx": "^2.0.13", "@types/nprogress": "^0.2.3", "@uppy/aws-s3": "^3.4.0", - "@uppy/core": "^3.6.1", + "@uppy/core": "^4.3.2", "@uppy/react": "^3.1.4", "@vizzuality/layer-manager": "^5.0.3", "@xstate/react": "^3.2.2", @@ -87,7 +87,7 @@ "mapbox-gl-draw-rectangle-mode": "^1.0.4", "math.gl": "^3.4.2", "moment": "^2.29.2", - "next": "^13.5.7", + "next": "^13.5.8", "next-auth": "^4.24.5", "next-seo": "^6.1.0", "next-sitemap": "^4.2.3",