From 159a935d8ddf588c01bcc0598754e06b96f97772 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 16 Feb 2025 07:59:19 +0000 Subject: [PATCH] fix: data-service/package.json & data-service/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 --- data-service/package-lock.json | 220 +++++++++++---------------------- data-service/package.json | 2 +- 2 files changed, 71 insertions(+), 151 deletions(-) diff --git a/data-service/package-lock.json b/data-service/package-lock.json index b6c6e652..131bad91 100644 --- a/data-service/package-lock.json +++ b/data-service/package-lock.json @@ -1,5 +1,5 @@ { - "name": "cloudboost-server", + "name": "cloudboost", "version": "1.1.0", "lockfileVersion": 1, "requires": true, @@ -61,6 +61,21 @@ } } }, + "@babel/runtime": { + "version": "7.26.9", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.26.9.tgz", + "integrity": "sha512-aA63XwOkcl4xxQa3HjPMqOP6LiK0ZDv3mUPYEFXkpHbaFjtGggE1A61FjFzJnB+p7/oy2gA8E+rcBNl/zC1tMg==", + "requires": { + "regenerator-runtime": "^0.14.0" + }, + "dependencies": { + "regenerator-runtime": { + "version": "0.14.1", + "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.14.1.tgz", + "integrity": "sha512-dYnhHh0nJoMfnkZs6GmmhFknAGRrLznOu5nc9ML+EJxGvrx6H7teuevqVqCuPcPK//3eDrrjQhehXVx9cnkGdw==" + } + } + }, "@snyk/cli-interface": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/@snyk/cli-interface/-/cli-interface-2.3.0.tgz", @@ -290,12 +305,6 @@ "resolved": "https://registry.npmjs.org/@yarnpkg/lockfile/-/lockfile-1.1.0.tgz", "integrity": "sha512-GpSwvyXOcOOlV70vbnzjj4fW5xW/FdUF6nQEt1ENy7m4ZCczi1+/buVUPAqmGfqznsORNFzUMjctTIp8a9tuCQ==" }, - "Base64": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/Base64/-/Base64-0.2.1.tgz", - "integrity": "sha1-ujpCMHCOGGcFBl5mur3Uw1z2ACg=", - "dev": true - }, "abab": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/abab/-/abab-1.0.4.tgz", @@ -644,15 +653,6 @@ "integrity": "sha1-odl8yvy8JiXMcPrc6zalDFiwGlM=", "dev": true }, - "array.prototype.find": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/array.prototype.find/-/array.prototype.find-2.0.4.tgz", - "integrity": "sha1-VWpcU2LAhkgyPdrrnenRS8GGTJA=", - "requires": { - "define-properties": "^1.1.2", - "es-abstract": "^1.7.0" - } - }, "arraybuffer.slice": { "version": "0.0.7", "resolved": "https://registry.npmjs.org/arraybuffer.slice/-/arraybuffer.slice-0.0.7.tgz", @@ -1477,6 +1477,12 @@ } } }, + "Base64": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/Base64/-/Base64-0.2.1.tgz", + "integrity": "sha1-ujpCMHCOGGcFBl5mur3Uw1z2ACg=", + "dev": true + }, "base64-arraybuffer": { "version": "0.1.5", "resolved": "https://registry.npmjs.org/base64-arraybuffer/-/base64-arraybuffer-0.1.5.tgz", @@ -1722,11 +1728,6 @@ "repeat-element": "^1.1.2" } }, - "brorand": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/brorand/-/brorand-1.1.0.tgz", - "integrity": "sha1-EsJe/kCkXjwyPrhnWgoM5XsiNx8=" - }, "browser-stdout": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/browser-stdout/-/browser-stdout-1.3.1.tgz", @@ -1771,19 +1772,6 @@ "resolved": "https://registry.npmjs.org/buffer-alloc-unsafe/-/buffer-alloc-unsafe-1.1.0.tgz", "integrity": "sha512-TEM2iMIEQdJ2yjPJoSIsldnleVaAk1oW3DBVUykyOLsEsFmEc9kn+SFFPz+gl54KQNxlDnAwCXosOS9Okx2xAg==" }, - "buffer-compare": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/buffer-compare/-/buffer-compare-0.0.1.tgz", - "integrity": "sha1-j2oSxg6lNjLgto6nHhluOb1haXo=" - }, - "buffer-compare-shim": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/buffer-compare-shim/-/buffer-compare-shim-1.0.0.tgz", - "integrity": "sha1-csDFk99PO1sY127T9yrqP7sgHGg=", - "requires": { - "buffer-compare": "0.0.1" - } - }, "buffer-crc32": { "version": "0.2.13", "resolved": "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.13.tgz", @@ -1800,14 +1788,6 @@ "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", "integrity": "sha1-+OcRMvf/5uAaXJaXpMbz5I1cyBk=" }, - "buffer-equals-polyfill": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/buffer-equals-polyfill/-/buffer-equals-polyfill-1.0.0.tgz", - "integrity": "sha1-WrCCXHxbjF6tvcx/rp7ACWJef+s=", - "requires": { - "buffer-compare": "^0.0.1" - } - }, "buffer-fill": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/buffer-fill/-/buffer-fill-1.0.0.tgz", @@ -2253,9 +2233,9 @@ "resolved": "https://registry.npmjs.org/codepage/-/codepage-1.3.8.tgz", "integrity": "sha1-Ty5dfAl13ij4hJgFjcta/KtqX3E=", "requires": { - "commander": "^2.20.0", - "concat-stream": "^2.0.0", - "voc": "^1.1.0" + "commander": "", + "concat-stream": "", + "voc": "" }, "dependencies": { "concat-stream": { @@ -2705,15 +2685,6 @@ "printj": "~1.1.0" } }, - "create-ecdh": { - "version": "4.0.3", - "resolved": "https://registry.npmjs.org/create-ecdh/-/create-ecdh-4.0.3.tgz", - "integrity": "sha512-GbEHQPMOswGpKXM9kCWVrremUcBmjteUaQ01T9rkKCPDXfUHX0IoP9LpHYo2NPFampa4e+/pFDc3jQdxrxQLaw==", - "requires": { - "bn.js": "^4.1.0", - "elliptic": "^6.0.0" - } - }, "create-error-class": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/create-error-class/-/create-error-class-3.0.2.tgz", @@ -3496,20 +3467,6 @@ "resolved": "https://registry.npmjs.org/ejs/-/ejs-2.6.1.tgz", "integrity": "sha512-0xy4A/twfrRCnkhfk8ErDi5DqdAsAqeGxht4xkCUrsvhhbQNs7E+4jV0CN7+NKIY0aHE72+XvqtBIXzD31ZbXQ==" }, - "elliptic": { - "version": "6.4.1", - "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.4.1.tgz", - "integrity": "sha512-BsXLz5sqX8OHcsh7CqBMztyXARmGQ3LWPtGjJi6DiJHq5C/qvi9P3OqgswKSDftbu8+IoI/QDTAm2fFnQ9SZSQ==", - "requires": { - "bn.js": "^4.4.0", - "brorand": "^1.0.1", - "hash.js": "^1.0.0", - "hmac-drbg": "^1.0.0", - "inherits": "^2.0.1", - "minimalistic-assert": "^1.0.0", - "minimalistic-crypto-utils": "^1.0.0" - } - }, "email-validator": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/email-validator/-/email-validator-2.0.4.tgz", @@ -5431,24 +5388,24 @@ "dev": true, "optional": true }, - "string-width": { - "version": "1.0.2", + "string_decoder": { + "version": "1.1.1", "bundled": true, "dev": true, "optional": true, "requires": { - "code-point-at": "^1.0.0", - "is-fullwidth-code-point": "^1.0.0", - "strip-ansi": "^3.0.0" + "safe-buffer": "~5.1.0" } }, - "string_decoder": { - "version": "1.1.1", + "string-width": { + "version": "1.0.2", "bundled": true, "dev": true, "optional": true, "requires": { - "safe-buffer": "~5.1.0" + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" } }, "strip-ansi": { @@ -6798,15 +6755,6 @@ } } }, - "hash.js": { - "version": "1.1.7", - "resolved": "https://registry.npmjs.org/hash.js/-/hash.js-1.1.7.tgz", - "integrity": "sha512-taOaskGt4z4SOANNseOviYDvjEJinIkRgmp7LbKP2YTTmVxWBl87s/uzK9r+44BclBSp2X7K1hqeNfz9JbBeXA==", - "requires": { - "inherits": "^2.0.3", - "minimalistic-assert": "^1.0.1" - } - }, "hasha": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/hasha/-/hasha-2.2.0.tgz", @@ -6833,16 +6781,6 @@ "integrity": "sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==", "dev": true }, - "hmac-drbg": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/hmac-drbg/-/hmac-drbg-1.0.1.tgz", - "integrity": "sha1-0nRXAQJabHdabFRXk+1QL8DGSaE=", - "requires": { - "hash.js": "^1.0.3", - "minimalistic-assert": "^1.0.0", - "minimalistic-crypto-utils": "^1.0.1" - } - }, "hoek": { "version": "2.16.3", "resolved": "https://registry.npmjs.org/hoek/-/hoek-2.16.3.tgz", @@ -6905,6 +6843,14 @@ } } }, + "http_ece": { + "version": "0.5.2", + "resolved": "https://registry.npmjs.org/http_ece/-/http_ece-0.5.2.tgz", + "integrity": "sha1-VlTX7J2Za3Sc4AonbhjVS22PkF8=", + "requires": { + "urlsafe-base64": "~1.0.0" + } + }, "http-browserify": { "version": "1.7.0", "resolved": "https://registry.npmjs.org/http-browserify/-/http-browserify-1.7.0.tgz", @@ -6998,14 +6944,6 @@ "sshpk": "^1.7.0" } }, - "http_ece": { - "version": "0.5.2", - "resolved": "https://registry.npmjs.org/http_ece/-/http_ece-0.5.2.tgz", - "integrity": "sha1-VlTX7J2Za3Sc4AonbhjVS22PkF8=", - "requires": { - "urlsafe-base64": "~1.0.0" - } - }, "httpntlm": { "version": "1.6.1", "resolved": "https://registry.npmjs.org/httpntlm/-/httpntlm-1.6.1.tgz", @@ -7939,7 +7877,7 @@ "resolved": "https://registry.npmjs.org/json2xlsx/-/json2xlsx-0.1.6.tgz", "integrity": "sha1-yC3cSNN9xVUVRTHGumwiLvSpLYU=", "requires": { - "xlsx": "^0.14.2" + "xlsx": "" }, "dependencies": { "codepage": { @@ -8240,11 +8178,6 @@ "object-assign": "^4.0.1" } }, - "localStorage": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/localStorage/-/localStorage-1.0.4.tgz", - "integrity": "sha512-r35zrihcDiX+dqWlJSeIwS9nrF95OQTgqMFm3FB2D/+XgdmZtcutZOb7t0xXkhOEM8a9kpuu7cc28g1g36I5DQ==" - }, "localforage": { "version": "1.7.3", "resolved": "https://registry.npmjs.org/localforage/-/localforage-1.7.3.tgz", @@ -8253,6 +8186,11 @@ "lie": "3.1.1" } }, + "localStorage": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/localStorage/-/localStorage-1.0.4.tgz", + "integrity": "sha512-r35zrihcDiX+dqWlJSeIwS9nrF95OQTgqMFm3FB2D/+XgdmZtcutZOb7t0xXkhOEM8a9kpuu7cc28g1g36I5DQ==" + }, "locate-path": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-2.0.0.tgz", @@ -9146,11 +9084,6 @@ "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz", "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==" }, - "minimalistic-crypto-utils": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/minimalistic-crypto-utils/-/minimalistic-crypto-utils-1.0.1.tgz", - "integrity": "sha1-9sAMHAsIIkblxNmd+4x8CDsrWCo=" - }, "minimatch": { "version": "3.0.4", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", @@ -14270,6 +14203,15 @@ "when": "^3.7.7" } }, + "require_optional": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/require_optional/-/require_optional-1.0.1.tgz", + "integrity": "sha512-qhM/y57enGWHAe3v/NcwML6a3/vfESLe/sGM2dII+gEO0BpKRUkWZow/tyloNqJyN6kXSl3RyyM8Ll5D/sJP8g==", + "requires": { + "resolve-from": "^2.0.0", + "semver": "^5.1.0" + } + }, "require-directory": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", @@ -14300,15 +14242,6 @@ } } }, - "require_optional": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/require_optional/-/require_optional-1.0.1.tgz", - "integrity": "sha512-qhM/y57enGWHAe3v/NcwML6a3/vfESLe/sGM2dII+gEO0BpKRUkWZow/tyloNqJyN6kXSl3RyyM8Ll5D/sJP8g==", - "requires": { - "resolve-from": "^2.0.0", - "semver": "^5.1.0" - } - }, "requires-port": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/requires-port/-/requires-port-1.0.0.tgz", @@ -16027,7 +15960,7 @@ "requires": { "colors": "0.6.2", "frac": "0.3.1", - "voc": "^1.1.0" + "voc": "" } }, "sshpk": { @@ -16140,6 +16073,11 @@ "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-0.1.2.tgz", "integrity": "sha1-gIudDlb8Jz2Am6VzOOkpkZoanxo=" }, + "string_decoder": { + "version": "0.10.31", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz", + "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=" + }, "string-template": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/string-template/-/string-template-1.0.0.tgz", @@ -16179,11 +16117,6 @@ "function-bind": "^1.0.2" } }, - "string_decoder": { - "version": "0.10.31", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz", - "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=" - }, "stringstream": { "version": "0.0.6", "resolved": "https://registry.npmjs.org/stringstream/-/stringstream-0.0.6.tgz", @@ -17314,28 +17247,15 @@ "integrity": "sha1-eWkVhNmGB/UHC9O3CkDmuyLkAes=" }, "web-push": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/web-push/-/web-push-2.2.0.tgz", - "integrity": "sha1-F9bNvIgs9S3cQ8tdkd5Hso9jhXQ=", - "requires": { - "array.prototype.find": "^2.0.0", - "asn1.js": "^4.5.2", - "bluebird": "^3.3.5", - "buffer-compare-shim": "^1.0.0", - "buffer-equals-polyfill": "^1.0.0", - "colors": "^1.1.2", - "create-ecdh": "^4.0.0", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/web-push/-/web-push-3.0.0.tgz", + "integrity": "sha512-IIdwrcFmuxIzO69fz9TX+FzUBo8QD1dgMMT6Yq3pRG5EJFGFoCJK9jXVShpxrlzjPm/A3xhYJmA28wuY4Dv+Tg==", + "requires": { + "asn1.js": "^4.8.1", "http_ece": "^0.5.1", "jws": "^3.1.3", "minimist": "^1.2.0", "urlsafe-base64": "^1.0.0" - }, - "dependencies": { - "colors": { - "version": "1.3.3", - "resolved": "https://registry.npmjs.org/colors/-/colors-1.3.3.tgz", - "integrity": "sha512-mmGt/1pZqYRjMxB1axhTo16/snVZ5krrKkcmMeVKxzECMMXoCgnvTPp10QgHfcbQZw8Dq2jMNG6je4JlWU0gWg==" - } } }, "webidl-conversions": { @@ -18033,11 +17953,11 @@ "resolved": "https://registry.npmjs.org/xlsx/-/xlsx-0.7.12.tgz", "integrity": "sha1-cUSDHY7NScBiFB98SJddGkAJiOQ=", "requires": { - "adler-32": "^1.2.0", + "adler-32": "", "cfb": ">=0.10.0", "codepage": "~1.3.6", - "commander": "^2.20.0", - "crc-32": "^1.2.0", + "commander": "", + "crc-32": "", "jszip": "2.4.0", "ssf": "~0.8.1" } diff --git a/data-service/package.json b/data-service/package.json index 688073ee..ee0c1842 100644 --- a/data-service/package.json +++ b/data-service/package.json @@ -70,7 +70,7 @@ "underscore": "^1.7.0", "url-parse": "^1.4.6", "uuid": "^2.0.1", - "web-push": "^2.2.0", + "web-push": "^3.0.0", "winston": "^1.1.2", "winston-bishop-slack": "^0.2.1", "winston-loggly": "^1.3.1",