From 7e9ccc0fe08dd4ef4591d374ef5ec4349b7867d1 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 10 Apr 2019 22:16:16 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SEQUELIZE-174147 --- package-lock.json | 219 ++++++++++++++++++++++++++-------------------- package.json | 2 +- 2 files changed, 124 insertions(+), 97 deletions(-) diff --git a/package-lock.json b/package-lock.json index e9a8fdf..9e5658d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5,9 +5,14 @@ "requires": true, "dependencies": { "@types/geojson": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/@types/geojson/-/geojson-1.0.2.tgz", - "integrity": "sha1-sC0QqwKOKSisWSoFGqpJgaGUHQM=" + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/@types/geojson/-/geojson-1.0.6.tgz", + "integrity": "sha512-Xqg/lIZMrUd0VRmSRbCAewtwGZiAk3mEUDvV4op1tGl+LvyPcb/MIOSxTl9z+9+J+R4/vpjiCAT4xeKzH9ji1w==" + }, + "@types/node": { + "version": "11.13.4", + "resolved": "https://registry.npmjs.org/@types/node/-/node-11.13.4.tgz", + "integrity": "sha512-+rabAZZ3Yn7tF/XPGHupKIL5EcAbrLxnTr/hgQICxbeuAfWtT0UZSfULE+ndusckBItcv4o6ZeOJplQikVcLvQ==" }, "abbrev": { "version": "1.1.0", @@ -391,17 +396,17 @@ "repeat-element": "1.1.2" } }, - "browser_fingerprint": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/browser_fingerprint/-/browser_fingerprint-0.1.0.tgz", - "integrity": "sha1-lnp3+hgFnhzihpSBb+NmSIPE0Gk=" - }, "browser-stdout": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/browser-stdout/-/browser-stdout-1.3.0.tgz", "integrity": "sha1-81HTKWnTL6XXpVZxVCY9korjvR8=", "dev": true }, + "browser_fingerprint": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/browser_fingerprint/-/browser_fingerprint-0.1.0.tgz", + "integrity": "sha1-lnp3+hgFnhzihpSBb+NmSIPE0Gk=" + }, "buffer-shims": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/buffer-shims/-/buffer-shims-1.0.0.tgz", @@ -515,6 +520,15 @@ "resolved": "https://registry.npmjs.org/clone-stats/-/clone-stats-0.0.1.tgz", "integrity": "sha1-uI+UqCzzi4eR1YBG6kAprYjKmdE=" }, + "cls-bluebird": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/cls-bluebird/-/cls-bluebird-2.1.0.tgz", + "integrity": "sha1-N+8eCAqP+1XC9BZPU28ZGeeWiu4=", + "requires": { + "is-bluebird": "^1.0.2", + "shimmer": "^1.1.0" + } + }, "cluster-key-slot": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/cluster-key-slot/-/cluster-key-slot-1.0.8.tgz", @@ -648,15 +662,6 @@ "connected": "0.0.2" } }, - "cross-env": { - "version": "3.2.4", - "resolved": "https://registry.npmjs.org/cross-env/-/cross-env-3.2.4.tgz", - "integrity": "sha1-ngWF8neGTtQhznVvgamA/w1piro=", - "requires": { - "cross-spawn": "5.1.0", - "is-windows": "1.0.1" - } - }, "cross-spawn": { "version": "5.1.0", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-5.1.0.tgz", @@ -824,9 +829,9 @@ "integrity": "sha512-Ak/DUA1K1wMpamAfz3BYXHdeN6Bmbw6CC48QCMbn8DL8idfxEGIdVNjCwpkdTcT34uRY16/+faA6RzwXh9t6mw==" }, "depd": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.0.tgz", - "integrity": "sha1-4b2Cxqq2ztlluXuIsX7T5SjKGMM=" + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", + "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=" }, "deprecated": { "version": "0.0.1", @@ -914,9 +919,9 @@ } }, "dottie": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/dottie/-/dottie-1.1.1.tgz", - "integrity": "sha1-RcKj9IvWUo7u0memmoSOqspvqmo=" + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/dottie/-/dottie-2.0.1.tgz", + "integrity": "sha512-ch5OQgvGDK2u8pSZeSYAQaV/lczImd7pMJ7BcEPXmnFVjy4yJIzP6CsODJUTH8mg1tyH1Z2abOiuJO3DjZ/GBw==" }, "double-ended-queue": { "version": "2.1.0-0", @@ -2423,6 +2428,11 @@ "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=" }, + "is-bluebird": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-bluebird/-/is-bluebird-1.0.2.tgz", + "integrity": "sha1-CWQ5Bg9KpBGr7hkUOoTWpVNG1uI=" + }, "is-buffer": { "version": "1.1.5", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.5.tgz", @@ -2640,11 +2650,6 @@ "resolved": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", "integrity": "sha1-Sw2hRCEE0bM2NA6AeX6GXPOffXI=" }, - "is-windows": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.1.tgz", - "integrity": "sha1-MQ23D3QtJZoWo2kgK1GvhCMzENk=" - }, "isarray": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", @@ -3255,11 +3260,11 @@ "integrity": "sha1-w2GT3Tzhwu7SrbfIAtu8d6gbHA8=" }, "moment-timezone": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/moment-timezone/-/moment-timezone-0.5.13.tgz", - "integrity": "sha1-mc5cfYJyYusPH3AgRBd/YHRde5A=", + "version": "0.5.23", + "resolved": "https://registry.npmjs.org/moment-timezone/-/moment-timezone-0.5.23.tgz", + "integrity": "sha512-WHFH85DkCfiNMDX5D3X7hpNH3/PUhjTGcD0U1SgfBGZxJ3qUmJh5FdvaFjcClxOvB3rzdfj4oRffbI38jEnC1w==", "requires": { - "moment": "2.18.1" + "moment": ">= 2.9.0" } }, "ms": { @@ -4225,13 +4230,22 @@ } }, "retry-as-promised": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/retry-as-promised/-/retry-as-promised-2.2.0.tgz", - "integrity": "sha1-sEY9f9PPWy/tZFAKtui4pJxbjmw=", + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/retry-as-promised/-/retry-as-promised-2.3.2.tgz", + "integrity": "sha1-zZdO5P2bX+A8vzGHHuSCIcB3N7c=", "requires": { - "bluebird": "3.5.0", - "cross-env": "3.2.4", - "debug": "2.6.8" + "bluebird": "^3.4.6", + "debug": "^2.6.9" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + } + } } }, "rimraf": { @@ -4302,37 +4316,46 @@ "integrity": "sha1-myzl094C0XxgEq0yaqa00M9U+U8=" }, "sequelize": { - "version": "3.30.4", - "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-3.30.4.tgz", - "integrity": "sha1-vaLfHjGFSwmeQUmhEen8Clyh0aQ=", - "requires": { - "bluebird": "3.5.0", - "depd": "1.1.0", - "dottie": "1.1.1", - "generic-pool": "2.4.2", + "version": "4.12.0", + "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-4.12.0.tgz", + "integrity": "sha512-/w14ikVXJWQWGL48WZca1V3qKZxWuCNv6LN/bsblPErzERhmEJO1L/B0ksqqVE3/fZHB3lQJjcpTrUzTrCL9rQ==", + "requires": { + "bluebird": "^3.4.6", + "cls-bluebird": "^2.0.1", + "debug": "^3.0.0", + "depd": "^1.1.0", + "dottie": "^2.0.0", + "generic-pool": "^3.1.8", "inflection": "1.12.0", - "lodash": "4.12.0", - "moment": "2.18.1", - "moment-timezone": "0.5.13", - "retry-as-promised": "2.2.0", - "semver": "5.3.0", - "shimmer": "1.1.0", - "terraformer-wkt-parser": "1.1.2", - "toposort-class": "1.0.1", - "uuid": "3.1.0", - "validator": "5.7.0", - "wkx": "0.2.0" + "lodash": "^4.17.1", + "moment": "^2.13.0", + "moment-timezone": "^0.5.4", + "retry-as-promised": "^2.3.1", + "semver": "^5.0.1", + "terraformer-wkt-parser": "^1.1.2", + "toposort-class": "^1.0.1", + "uuid": "^3.0.0", + "validator": "^8.0.0", + "wkx": "^0.4.1" }, "dependencies": { + "debug": { + "version": "3.2.6", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz", + "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==", + "requires": { + "ms": "^2.1.1" + } + }, "generic-pool": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/generic-pool/-/generic-pool-2.4.2.tgz", - "integrity": "sha1-iGvFvwvrfblugby7oHiBjeWmJoM=" + "version": "3.7.1", + "resolved": "https://registry.npmjs.org/generic-pool/-/generic-pool-3.7.1.tgz", + "integrity": "sha512-ug6DAZoNgWm6q5KhPFA+hzXfBLFQu5sTXxPpv44DmE0A2g+CiHoq9LTVdkXpZMkYVMoGw83F6W+WT0h0MFMK/w==" }, - "lodash": { - "version": "4.12.0", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.12.0.tgz", - "integrity": "sha1-K9bcRqBA9Z5obJcu0h2T3FkFMlg=" + "ms": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz", + "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg==" } } }, @@ -4405,9 +4428,9 @@ } }, "shimmer": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/shimmer/-/shimmer-1.1.0.tgz", - "integrity": "sha1-l9c3cTf/u6tCVSLkKf4KqJpIizU=" + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/shimmer/-/shimmer-1.2.1.tgz", + "integrity": "sha512-sQTKC1Re/rM6XyFM6fIAGHRPVGvyXfgzIDvzoq608vM+jeyVD0Tu1E6Np0Kc2zAIFWIj963V2800iF/9LPieQw==" }, "should": { "version": "11.2.1", @@ -4603,21 +4626,6 @@ "resolved": "https://registry.npmjs.org/stream-consume/-/stream-consume-0.1.0.tgz", "integrity": "sha1-pB6tGm1ggc63n2WwYZAbbY89HQ8=" }, - "string_decoder": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz", - "integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==", - "requires": { - "safe-buffer": "5.1.1" - }, - "dependencies": { - "safe-buffer": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz", - "integrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg==" - } - } - }, "string-extended": { "version": "0.0.8", "resolved": "https://registry.npmjs.org/string-extended/-/string-extended-0.0.8.tgz", @@ -4639,6 +4647,21 @@ "strip-ansi": "3.0.1" } }, + "string_decoder": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz", + "integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==", + "requires": { + "safe-buffer": "5.1.1" + }, + "dependencies": { + "safe-buffer": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz", + "integrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg==" + } + } + }, "stringstream": { "version": "0.0.5", "resolved": "https://registry.npmjs.org/stringstream/-/stringstream-0.0.5.tgz", @@ -4804,19 +4827,20 @@ } }, "terraformer": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/terraformer/-/terraformer-1.0.8.tgz", - "integrity": "sha1-UeCtiXRvzyFh3G9lqnDkI3fItZM=", + "version": "1.0.9", + "resolved": "https://registry.npmjs.org/terraformer/-/terraformer-1.0.9.tgz", + "integrity": "sha512-YlmQ1fsMWTkKGDGibCRWgmLzrpDRUr63Q025LJ/taYQ6j1Yb8q9McKF7NBi6ACAyUXO6F/bl9w6v4MY307y5Ag==", "requires": { - "@types/geojson": "1.0.2" + "@types/geojson": "^1.0.0" } }, "terraformer-wkt-parser": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/terraformer-wkt-parser/-/terraformer-wkt-parser-1.1.2.tgz", - "integrity": "sha1-M2oMj8gglKWv+DKI9prt7NNpvww=", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/terraformer-wkt-parser/-/terraformer-wkt-parser-1.2.0.tgz", + "integrity": "sha512-QU3iA54St5lF8Za1jg1oj4NYc8sn5tCZ08aNSWDeGzrsaV48eZk1iAVWasxhNspYBoCqdHuoot1pUTUrE1AJ4w==", "requires": { - "terraformer": "1.0.8" + "@types/geojson": "^1.0.0", + "terraformer": "~1.0.5" } }, "text-hex": { @@ -5009,9 +5033,9 @@ } }, "validator": { - "version": "5.7.0", - "resolved": "https://registry.npmjs.org/validator/-/validator-5.7.0.tgz", - "integrity": "sha1-eoelgUa2laxIYHEUHAxJ1n2gXlw=" + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/validator/-/validator-8.2.0.tgz", + "integrity": "sha512-Yw5wW34fSv5spzTXNkokD6S6/Oq92d8q/t14TqsS3fAiA1RYnxSFSIZ+CY3n6PGGRCq5HhJTSepQvFUS2QUDxA==" }, "vary": { "version": "1.1.1", @@ -5171,9 +5195,12 @@ } }, "wkx": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/wkx/-/wkx-0.2.0.tgz", - "integrity": "sha1-dsJPFqzQzY+TzTSqMx4PeWElboQ=" + "version": "0.4.6", + "resolved": "https://registry.npmjs.org/wkx/-/wkx-0.4.6.tgz", + "integrity": "sha512-LHxXlzRCYQXA9ZHgs8r7Gafh0gVOE8o3QmudM1PIkOdkXXjW7Thcl+gb2P2dRuKgW8cqkitCRZkkjtmWzpHi7A==", + "requires": { + "@types/node": "*" + } }, "wordwrap": { "version": "0.0.3", diff --git a/package.json b/package.json index a03dfcc..a78a3b8 100644 --- a/package.json +++ b/package.json @@ -33,7 +33,7 @@ "qs": "^6.4.0", "request": "^2.81.0", "sanitize-html": "^1.14.1", - "sequelize": "^3.30.4", + "sequelize": "^4.12.0", "sequelize-cli": "^2.8.0", "ws": "^3.1.0" },