Skip to content

Commit a3fb540

Browse files
arnaudbesnierarnaudbesnier
authored
fix(security): patch path-to-regexp dependency vulnerabilities (#1121)
1 parent 2ba6225 commit a3fb540

File tree

1 file changed

+61
-39
lines changed

1 file changed

+61
-39
lines changed

yarn.lock

Lines changed: 61 additions & 39 deletions
Original file line numberDiff line numberDiff line change
@@ -3425,10 +3425,10 @@ bluebird@^2.4.2:
34253425
resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-2.11.0.tgz#534b9033c022c9579c56ba3b3e5a5caafbb650e1"
34263426
integrity sha1-U0uQM8AiyVecVro7Plpcqvu2UOE=
34273427

3428-
[email protected].2:
3429-
version "1.20.2"
3430-
resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.2.tgz#6feb0e21c4724d06de7ff38da36dad4f57a747fd"
3431-
integrity sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==
3428+
[email protected].3:
3429+
version "1.20.3"
3430+
resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.3.tgz#1953431221c6fb5cd63c4b36d53fab0928e548c6"
3431+
integrity sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==
34323432
dependencies:
34333433
bytes "3.1.2"
34343434
content-type "~1.0.5"
@@ -3438,7 +3438,7 @@ [email protected]:
34383438
http-errors "2.0.0"
34393439
iconv-lite "0.4.24"
34403440
on-finished "2.4.1"
3441-
qs "6.11.0"
3441+
qs "6.13.0"
34423442
raw-body "2.5.2"
34433443
type-is "~1.6.18"
34443444
unpipe "1.0.0"
@@ -4522,6 +4522,11 @@ encodeurl@~1.0.2:
45224522
resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59"
45234523
integrity sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w==
45244524

4525+
encodeurl@~2.0.0:
4526+
version "2.0.0"
4527+
resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-2.0.0.tgz#7b8ea898077d7e409d3ac45474ea38eaf0857a58"
4528+
integrity sha512-Q0n9HRi4m6JuGIV1eFlmvJB7ZEVxu93IrMyiMsGC0lrMJMWzRgx6WGquyfQgZVb31vhGgXnfmPNNXmxnOkRBrg==
4529+
45254530
encoding@^0.1.13:
45264531
version "0.1.13"
45274532
resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.13.tgz#56574afdd791f54a8e9b2785c0582a2d26210fa9"
@@ -4969,36 +4974,36 @@ express-unless@^2.1.3:
49694974
integrity sha512-wj4tLMyCVYuIIKHGt0FhCtIViBcwzWejX0EjNxveAa6dG+0XBCQhMbx+PnkLkFCxLC69qoFrxds4pIyL88inaQ==
49704975

49714976
express@^4.18.2:
4972-
version "4.19.2"
4973-
resolved "https://registry.yarnpkg.com/express/-/express-4.19.2.tgz#e25437827a3aa7f2a827bc8171bbbb664a356465"
4974-
integrity sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==
4977+
version "4.21.0"
4978+
resolved "https://registry.yarnpkg.com/express/-/express-4.21.0.tgz#d57cb706d49623d4ac27833f1cbc466b668eb915"
4979+
integrity sha512-VqcNGcj/Id5ZT1LZ/cfihi3ttTn+NJmkli2eZADigjq29qTlWi/hAQ43t/VLPq8+UX06FCEx3ByOYet6ZFblng==
49754980
dependencies:
49764981
accepts "~1.3.8"
49774982
array-flatten "1.1.1"
4978-
body-parser "1.20.2"
4983+
body-parser "1.20.3"
49794984
content-disposition "0.5.4"
49804985
content-type "~1.0.4"
49814986
cookie "0.6.0"
49824987
cookie-signature "1.0.6"
49834988
debug "2.6.9"
49844989
depd "2.0.0"
4985-
encodeurl "~1.0.2"
4990+
encodeurl "~2.0.0"
49864991
escape-html "~1.0.3"
49874992
etag "~1.8.1"
4988-
finalhandler "1.2.0"
4993+
finalhandler "1.3.1"
49894994
fresh "0.5.2"
49904995
http-errors "2.0.0"
4991-
merge-descriptors "1.0.1"
4996+
merge-descriptors "1.0.3"
49924997
methods "~1.1.2"
49934998
on-finished "2.4.1"
49944999
parseurl "~1.3.3"
4995-
path-to-regexp "0.1.7"
5000+
path-to-regexp "0.1.10"
49965001
proxy-addr "~2.0.7"
4997-
qs "6.11.0"
5002+
qs "6.13.0"
49985003
range-parser "~1.2.1"
49995004
safe-buffer "5.2.1"
5000-
send "0.18.0"
5001-
serve-static "1.15.0"
5005+
send "0.19.0"
5006+
serve-static "1.16.2"
50025007
setprototypeof "1.2.0"
50035008
statuses "2.0.1"
50045009
type-is "~1.6.18"
@@ -5107,13 +5112,13 @@ fill-range@^7.1.1:
51075112
dependencies:
51085113
to-regex-range "^5.0.1"
51095114

5110-
finalhandler@1.2.0:
5111-
version "1.2.0"
5112-
resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-1.2.0.tgz#7d23fe5731b207b4640e4fcd00aec1f9207a7b32"
5113-
integrity sha512-5uXcUVftlQMFnWC9qu/svkWv3GTd2PfUhK/3PLkYNAe7FbqJMt3515HaxE6eRL74GdsriiwujiawdaB1BpEISg==
5115+
finalhandler@1.3.1:
5116+
version "1.3.1"
5117+
resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-1.3.1.tgz#0c575f1d1d324ddd1da35ad7ece3df7d19088019"
5118+
integrity sha512-6BN9trH7bp3qvnrRyzsBz+g3lZxTNZTbVO2EV1CS0WIcDbawYVdYvGflME/9QP0h0pYlCDBCTjYa9nZzMDpyxQ==
51145119
dependencies:
51155120
debug "2.6.9"
5116-
encodeurl "~1.0.2"
5121+
encodeurl "~2.0.0"
51175122
escape-html "~1.0.3"
51185123
on-finished "2.4.1"
51195124
parseurl "~1.3.3"
@@ -7527,10 +7532,10 @@ meow@^8.0.0:
75277532
type-fest "^0.18.0"
75287533
yargs-parser "^20.2.3"
75297534

7530-
[email protected].1:
7531-
version "1.0.1"
7532-
resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.1.tgz#b00aaa556dd8b44568150ec9d1b953f3f90cbb61"
7533-
integrity sha512-cCi6g3/Zr1iqQi6ySbseM1Xvooa98N0w31jzUYrXPX2xqObmFGHJ0tQ5u74H3mVh7wLouTseZyYIq39g8cNp1w==
7535+
[email protected].3:
7536+
version "1.0.3"
7537+
resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.3.tgz#d80319a65f3c7935351e5cfdac8f9318504dbed5"
7538+
integrity sha512-gaNvAS7TZ897/rVaZ0nMtAyxNyi/pdbjbAwUpFQpN70GqnVfOiXpeUUMKRBmzXaSQ8DdTX4/0ms62r2K+hE6mQ==
75347539

75357540
merge-stream@^2.0.0:
75367541
version "2.0.0"
@@ -8587,10 +8592,10 @@ path-parse@^1.0.7:
85878592
resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
85888593
integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
85898594

8590-
[email protected].7:
8591-
version "0.1.7"
8592-
resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c"
8593-
integrity sha512-5DFkuoqlv1uYQKxy8omFBeJPQcdoE07Kv2sferDCrAq1ohOU+MSDswDIbnx3YAM60qIOnYa53wBhXW0EbMonrQ==
8595+
[email protected].10:
8596+
version "0.1.10"
8597+
resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.10.tgz#67e9108c5c0551b9e5326064387de4763c4d5f8b"
8598+
integrity sha512-7lf7qcQidTku0Gu3YDPc8DJ1q7OOucfa/BSsIwjuh56VU7katFvuM8hULfkwB3Fns/rsVF7PwPKVw1sl5KQS9w==
85948599

85958600
path-type@^2.0.0:
85968601
version "2.0.0"
@@ -8877,6 +8882,13 @@ [email protected], qs@^6.11.0:
88778882
dependencies:
88788883
side-channel "^1.0.4"
88798884

8885+
[email protected]:
8886+
version "6.13.0"
8887+
resolved "https://registry.yarnpkg.com/qs/-/qs-6.13.0.tgz#6ca3bd58439f7e245655798997787b0d88a51906"
8888+
integrity sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==
8889+
dependencies:
8890+
side-channel "^1.0.6"
8891+
88808892
queue-microtask@^1.2.2:
88818893
version "1.2.3"
88828894
resolved "https://registry.yarnpkg.com/queue-microtask/-/queue-microtask-1.2.3.tgz#4929228bbc724dfac43e0efb058caf7b6cfb6243"
@@ -9473,10 +9485,10 @@ semver@^7.5.3, semver@^7.5.4:
94739485
resolved "https://registry.yarnpkg.com/semver/-/semver-7.6.2.tgz#1e3b34759f896e8f14d6134732ce798aeb0c6e13"
94749486
integrity sha512-FNAIBWCx9qcRhoHcgcJ0gvU7SN1lYU2ZXuSfl04bSC5OpvDHFyJCjdNHomPXxjQlCBU67YW64PzY7/VIEH7F2w==
94759487

9476-
send@0.18.0:
9477-
version "0.18.0"
9478-
resolved "https://registry.yarnpkg.com/send/-/send-0.18.0.tgz#670167cc654b05f5aa4a767f9113bb371bc706be"
9479-
integrity sha512-qqWzuOjSFOuqPjFe4NOsMLafToQQwBSOEpS+FwEt3A2V3vKubTquT3vmLTQpFgMXp8AlFWFuP1qKaJZOtPpVXg==
9488+
send@0.19.0:
9489+
version "0.19.0"
9490+
resolved "https://registry.yarnpkg.com/send/-/send-0.19.0.tgz#bbc5a388c8ea6c048967049dbeac0e4a3f09d7f8"
9491+
integrity sha512-dW41u5VfLXu8SJh5bwRmyYUbAoSB3c9uQh6L8h/KtsFREPWpbX1lrljJo186Jc4nmci/sGUZ9a0a0J2zgfq2hw==
94809492
dependencies:
94819493
debug "2.6.9"
94829494
depd "2.0.0"
@@ -9534,15 +9546,15 @@ [email protected]:
95349546
validator "^13.7.0"
95359547
wkx "^0.5.0"
95369548

9537-
serve-static@1.15.0:
9538-
version "1.15.0"
9539-
resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.15.0.tgz#faaef08cffe0a1a62f60cad0c4e513cff0ac9540"
9540-
integrity sha512-XGuRDNjXUijsUL0vl6nSD7cwURuzEgglbOaFuZM9g3kwDXOWVTck0jLzjPzGD+TazWbboZYu52/9/XPdUgne9g==
9549+
serve-static@1.16.2:
9550+
version "1.16.2"
9551+
resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.16.2.tgz#b6a5343da47f6bdd2673848bf45754941e803296"
9552+
integrity sha512-VqpjJZKadQB/PEbEwvFdO43Ax5dFBZ2UECszz8bQ7pi7wt//PWe1P6MN7eCnjsatYtBT6EuiClbjSWP2WrIoTw==
95419553
dependencies:
9542-
encodeurl "~1.0.2"
9554+
encodeurl "~2.0.0"
95439555
escape-html "~1.0.3"
95449556
parseurl "~1.3.3"
9545-
send "0.18.0"
9557+
send "0.19.0"
95469558

95479559
set-blocking@^2.0.0:
95489560
version "2.0.0"
@@ -9631,6 +9643,16 @@ side-channel@^1.0.4:
96319643
get-intrinsic "^1.0.2"
96329644
object-inspect "^1.9.0"
96339645

9646+
side-channel@^1.0.6:
9647+
version "1.0.6"
9648+
resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.0.6.tgz#abd25fb7cd24baf45466406b1096b7831c9215f2"
9649+
integrity sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==
9650+
dependencies:
9651+
call-bind "^1.0.7"
9652+
es-errors "^1.3.0"
9653+
get-intrinsic "^1.2.4"
9654+
object-inspect "^1.13.1"
9655+
96349656
signal-exit@^3.0.2, signal-exit@^3.0.3, signal-exit@^3.0.7:
96359657
version "3.0.7"
96369658
resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.7.tgz#a9a1767f8af84155114eaabd73f99273c8f59ad9"

0 commit comments

Comments
 (0)