From dd88655f2f616300d5a8c96c3d9ee068332dfcba Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 23 Dec 2022 07:29:32 +0000 Subject: [PATCH] fix: tests/package.json & tests/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180020 - https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180022 - https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180024 - https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180026 --- tests/package-lock.json | 276 ++++++++++++++++++---------------------- tests/package.json | 2 +- 2 files changed, 125 insertions(+), 153 deletions(-) diff --git a/tests/package-lock.json b/tests/package-lock.json index 9693aca42d..5ddde47f70 100644 --- a/tests/package-lock.json +++ b/tests/package-lock.json @@ -4,6 +4,70 @@ "lockfileVersion": 1, "requires": true, "dependencies": { + "@firebase/app": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/@firebase/app/-/app-0.1.0.tgz", + "integrity": "sha512-TcoJgQv8dmVwa3G83hHCrs+krMkULFAMQ10DlpjPVklBfOMuiMwsa2nOyYQLeCbxwrnIfJaMd+Ab4TKkr5fGSA==", + "requires": { + "@firebase/util": "^0.1.0" + } + }, + "@firebase/auth": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/@firebase/auth/-/auth-0.1.0.tgz", + "integrity": "sha512-Smvun1FUIiE4Ss5sZO4MsJ/RKgqI54jQKw9p7/TTu40hOYsa0hXNbFg0VRywtLus5/YJVxhPvFK32ndgTbPTYg==" + }, + "@firebase/database": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/@firebase/database/-/database-0.1.0.tgz", + "integrity": "sha512-oJCHHOaSeH8zPULycbd9SteRFSi8ILQhySLobkUvBZ70jJFE5DQ7mJhoe3WxR8813Cv3OauTIB1Ws2IRV855Ng==", + "requires": { + "@firebase/util": "^0.1.0", + "faye-websocket": "0.9.3" + } + }, + "@firebase/firestore": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/@firebase/firestore/-/firestore-0.1.0.tgz", + "integrity": "sha512-fq+ux9/eeLWM286/FAg89jPmDFGeVXHjes8dj1L8SpjUCrEcQpFrQv+7YXgfJN5e13N7el0k4vw16zIX54KG9w==", + "requires": { + "@firebase/webchannel-wrapper": "^0.2.2" + } + }, + "@firebase/messaging": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/@firebase/messaging/-/messaging-0.1.0.tgz", + "integrity": "sha512-4Os6GqG+Ojn4b+pWqK++pVDNssBVKigh89zyaUzKbQ8ccehzr7TyqUWNaXMJLwrArPAniNLrFSRFsGgrH7F64Q==", + "requires": { + "@firebase/util": "^0.1.0" + } + }, + "@firebase/polyfill": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/@firebase/polyfill/-/polyfill-0.1.0.tgz", + "integrity": "sha512-S1i7lGEnefWXrkVzo/v91Y+sGOH0uBJdmk3EQez60zVywiJZFN6B0NBrBTEzoi3YteG8wdKOLIbNImtiyQskrg==", + "requires": { + "promise-polyfill": "^6.0.2" + } + }, + "@firebase/storage": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/@firebase/storage/-/storage-0.1.0.tgz", + "integrity": "sha512-j07FSjZNjPMiYFIFcMxjqAUV1QyXJnDrh7lhVUpZfJcq40B1OOieYbUiJVEmTajq0GOgTMLUmLk5aT/AFbCf4g==" + }, + "@firebase/util": { + "version": "0.1.11", + "resolved": "https://registry.npmjs.org/@firebase/util/-/util-0.1.11.tgz", + "integrity": "sha512-xUMugOJBSKVKOjrKJIVeIr4Z/6iDxSuOlOJRdz0xsOBJ9+lZVxGZs0U4oZmszWhQER1zzR+EQWIYFYePt6/QMQ==", + "requires": { + "tslib": "1.9.0" + } + }, + "@firebase/webchannel-wrapper": { + "version": "0.2.41", + "resolved": "https://registry.npmjs.org/@firebase/webchannel-wrapper/-/webchannel-wrapper-0.2.41.tgz", + "integrity": "sha512-XcdMT5PSZHiuf7LJIhzKIe+RyYa25S3LHRRvLnZc6iFjwXkrSDJ8J/HWO6VT8d2ZTbawp3VcLEjRF/VN8glCrA==" + }, "abab": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/abab/-/abab-1.0.4.tgz", @@ -2635,6 +2699,11 @@ } } }, + "dom-storage": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/dom-storage/-/dom-storage-2.1.0.tgz", + "integrity": "sha512-g6RpyWXzl0RR6OTElHKBl7nwnK87GUyZMYC7JWsB/IA73vpqK2K6LT39x4VepLxlSsWBFrPVLnsSR5Jyty0+2Q==" + }, "dom-walk": { "version": "0.1.1", "resolved": "https://registry.npmjs.org/dom-walk/-/dom-walk-0.1.1.tgz", @@ -3443,6 +3512,14 @@ "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", "dev": true }, + "faye-websocket": { + "version": "0.9.3", + "resolved": "https://registry.npmjs.org/faye-websocket/-/faye-websocket-0.9.3.tgz", + "integrity": "sha512-1nXODEWzxGS1MpN3PU1cKWwK49z+6Lyg3XNzv0GMXkyceLLEpdGMdWjZIimBhuBJ6iSXrX/30YHQ+B0YyMiHKQ==", + "requires": { + "websocket-driver": ">=0.5.1" + } + }, "fb-watchman": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.0.tgz", @@ -3573,159 +3650,19 @@ } }, "firebase": { - "version": "3.9.0", - "resolved": "https://registry.npmjs.org/firebase/-/firebase-3.9.0.tgz", - "integrity": "sha1-xCN/UPWO6yUIGxg51svxdfj37Zs=", + "version": "4.5.1", + "resolved": "https://registry.npmjs.org/firebase/-/firebase-4.5.1.tgz", + "integrity": "sha512-+2piYuGx+16PsXZ80VO25guhAqzY8+s0rxBXr3fEBvFDXyqqPMgCFNfogvlhMTURtIw8qOoi9ugsLrS0VrP6cw==", "requires": { - "dom-storage": "2.0.2", - "faye-websocket": "0.9.3", - "jsonwebtoken": "7.4.0", - "promise-polyfill": "6.0.2", - "xmlhttprequest": "1.8.0" - }, - "dependencies": { - "base64url": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/base64url/-/base64url-2.0.0.tgz", - "integrity": "sha1-6sFuA+oUOO/5Qj1puqNiYu0fcLs=" - }, - "buffer-equal-constant-time": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", - "integrity": "sha1-+OcRMvf/5uAaXJaXpMbz5I1cyBk=" - }, - "dom-storage": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/dom-storage/-/dom-storage-2.0.2.tgz", - "integrity": "sha1-7RfL9oq9EOCu+BgnE+KXxeS1ALA=" - }, - "ecdsa-sig-formatter": { - "version": "1.0.9", - "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.9.tgz", - "integrity": "sha1-S8kmJ07Dtau1AW5+HWCSGsJisqE=", - "requires": { - "base64url": "2.0.0", - "safe-buffer": "5.0.1" - } - }, - "faye-websocket": { - "version": "0.9.3", - "resolved": "https://registry.npmjs.org/faye-websocket/-/faye-websocket-0.9.3.tgz", - "integrity": "sha1-SCpQWw3wrmJrlphm0710DNuWLoM=", - "requires": { - "websocket-driver": "0.6.5" - } - }, - "hoek": { - "version": "2.16.3", - "resolved": "https://registry.npmjs.org/hoek/-/hoek-2.16.3.tgz", - "integrity": "sha1-ILt0A9POo5jpHcRxCo/xuCdKJe0=" - }, - "isemail": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/isemail/-/isemail-1.2.0.tgz", - "integrity": "sha1-vgPfjMPineTSxd9lASY/H6RZXpo=" - }, - "joi": { - "version": "6.10.1", - "resolved": "https://registry.npmjs.org/joi/-/joi-6.10.1.tgz", - "integrity": "sha1-TVDDGAeRIgAP5fFq8f+OGRe3fgY=", - "requires": { - "hoek": "2.16.3", - "isemail": "1.2.0", - "moment": "2.18.1", - "topo": "1.1.0" - } - }, - "jsonwebtoken": { - "version": "7.4.0", - "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-7.4.0.tgz", - "integrity": "sha1-UVvyu6Bw7GFbrZf9LpRQJ+tHaUY=", - "requires": { - "joi": "6.10.1", - "jws": "3.1.4", - "lodash.once": "4.1.1", - "ms": "0.7.3", - "xtend": "4.0.1" - } - }, - "jwa": { - "version": "1.1.5", - "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.1.5.tgz", - "integrity": "sha1-oFUs4CIHQs1S4VN3SjKQXDDnVuU=", - "requires": { - "base64url": "2.0.0", - "buffer-equal-constant-time": "1.0.1", - "ecdsa-sig-formatter": "1.0.9", - "safe-buffer": "5.0.1" - } - }, - "jws": { - "version": "3.1.4", - "resolved": "https://registry.npmjs.org/jws/-/jws-3.1.4.tgz", - "integrity": "sha1-+ei5M46KhHJ31kRLFGT2GIDgUKI=", - "requires": { - "base64url": "2.0.0", - "jwa": "1.1.5", - "safe-buffer": "5.0.1" - } - }, - "lodash.once": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz", - "integrity": "sha1-DdOXEhPHxW34gJd9UEyI+0cal6w=" - }, - "moment": { - "version": "2.18.1", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.18.1.tgz", - "integrity": "sha1-w2GT3Tzhwu7SrbfIAtu8d6gbHA8=" - }, - "ms": { - "version": "0.7.3", - "resolved": "https://registry.npmjs.org/ms/-/ms-0.7.3.tgz", - "integrity": "sha1-cIFVpeROM/X9D8U+gdDUCpG+H/8=" - }, - "promise-polyfill": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/promise-polyfill/-/promise-polyfill-6.0.2.tgz", - "integrity": "sha1-2chtPcTcLfkBboiUbe/Wm0m0EWI=" - }, - "safe-buffer": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.0.1.tgz", - "integrity": "sha1-0mPKVGls2KMGtcplUekt5XkY++c=" - }, - "topo": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/topo/-/topo-1.1.0.tgz", - "integrity": "sha1-6ddRYV0buH3IZdsYL6HKCl71NtU=", - "requires": { - "hoek": "2.16.3" - } - }, - "websocket-driver": { - "version": "0.6.5", - "resolved": "https://registry.npmjs.org/websocket-driver/-/websocket-driver-0.6.5.tgz", - "integrity": "sha1-XLJVbOuF9Dc8bYI4qmkchFThOjY=", - "requires": { - "websocket-extensions": "0.1.1" - } - }, - "websocket-extensions": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/websocket-extensions/-/websocket-extensions-0.1.1.tgz", - "integrity": "sha1-domUmcGEtu91Q3fC27DNbLVdKec=" - }, - "xmlhttprequest": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/xmlhttprequest/-/xmlhttprequest-1.8.0.tgz", - "integrity": "sha1-Z/4HXFwk/vOfnWX197f+dRcZaPw=" - }, - "xtend": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.1.tgz", - "integrity": "sha1-pcbVMr5lbiPbgg77lDofBJmNY68=" - } + "@firebase/app": "0.1.0", + "@firebase/auth": "0.1.0", + "@firebase/database": "0.1.0", + "@firebase/firestore": "0.1.0", + "@firebase/messaging": "0.1.0", + "@firebase/polyfill": "0.1.0", + "@firebase/storage": "0.1.0", + "dom-storage": "^2.0.2", + "xmlhttprequest": "^1.8.0" } }, "flat-cache": { @@ -4112,6 +4049,11 @@ "statuses": "1.3.1" } }, + "http-parser-js": { + "version": "0.5.8", + "resolved": "https://registry.npmjs.org/http-parser-js/-/http-parser-js-0.5.8.tgz", + "integrity": "sha512-SGeBX54F94Wgu5RH3X5jsDtf4eHyRogWX1XGT3b4HuW3tQPM4AaBzoUji/4AAJNXCEOWZ5O0DgZmJw1947gD5Q==" + }, "http-signature": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", @@ -6408,6 +6350,11 @@ "asap": "2.0.6" } }, + "promise-polyfill": { + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/promise-polyfill/-/promise-polyfill-6.1.0.tgz", + "integrity": "sha512-g0LWaH0gFsxovsU7R5LrrhHhWAWiHRnh1GPrhXnPgYsDkIqjRYUYSZEsej/wtleDrz5xVSIDbeKfidztp2XHFQ==" + }, "promised-io": { "version": "0.3.5", "resolved": "https://registry.npmjs.org/promised-io/-/promised-io-0.3.5.tgz", @@ -7992,6 +7939,11 @@ "integrity": "sha1-OTvnMKlEb9Hq1tpZoBQwjzbCics=", "dev": true }, + "tslib": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.9.0.tgz", + "integrity": "sha512-f/qGG2tUkrISBlQZEjEqoZ3B2+npJjIf04H1wuAv9iA8i04Icp+61KRXxFdha22670NJopsZCIjhC3SnjPRKrQ==" + }, "tsscmp": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/tsscmp/-/tsscmp-1.0.5.tgz", @@ -8204,6 +8156,21 @@ "integrity": "sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg==", "dev": true }, + "websocket-driver": { + "version": "0.7.4", + "resolved": "https://registry.npmjs.org/websocket-driver/-/websocket-driver-0.7.4.tgz", + "integrity": "sha512-b17KeDIQVjvb0ssuSDF2cYXSg2iztliJ4B9WdsuB6J952qCPKmnVq4DyW5motImXHDC1cBT/1UezrJVsKw5zjg==", + "requires": { + "http-parser-js": ">=0.5.1", + "safe-buffer": ">=5.1.0", + "websocket-extensions": ">=0.1.1" + } + }, + "websocket-extensions": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/websocket-extensions/-/websocket-extensions-0.1.4.tgz", + "integrity": "sha512-OqedPIGOfsDlo31UNwYbCFMSaO9m9G/0faIHj5/dZFDMFqPTcx6UwqyOy3COEaEOg/9VsGIpdqn62W5KhoKSpg==" + }, "whatwg-encoding": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-1.0.1.tgz", @@ -8434,6 +8401,11 @@ "resolved": "https://registry.npmjs.org/xmldom/-/xmldom-0.1.27.tgz", "integrity": "sha1-1QH5ezvbQDr4757MIFcxh6rawOk=" }, + "xmlhttprequest": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/xmlhttprequest/-/xmlhttprequest-1.8.0.tgz", + "integrity": "sha512-58Im/U0mlVBLM38NdZjHyhuMtCqa61469k2YP/AaPbvCoV9aQGUpbJBj1QRm2ytRiVQBD/fsw7L2bJGDVQswBA==" + }, "xpipe": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/xpipe/-/xpipe-1.0.5.tgz", diff --git a/tests/package.json b/tests/package.json index 6563ef31ed..e813b4dca5 100644 --- a/tests/package.json +++ b/tests/package.json @@ -28,7 +28,7 @@ "bows": "^1.6.0", "cuid": "^1.3.8", "deeps": "^1.4.4", - "firebase": "^3.7.0", + "firebase": "^4.5.1", "js-beautify": "^1.6.11", "lodash.groupby": "^4.6.0", "lodash.some": "^4.6.0",