From ceffbdc159d27f2c0260d140d890e767c580c5b1 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 8 Sep 2024 08:38:49 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-XMLDOM-3092935 - https://snyk.io/vuln/SNYK-JS-XMLDOM-3042242 - https://snyk.io/vuln/SNYK-JS-XMLDOM-1534562 --- package-lock.json | 217 ++++++++++++++++++++++++++++------------------ package.json | 4 +- 2 files changed, 135 insertions(+), 86 deletions(-) diff --git a/package-lock.json b/package-lock.json index d32e808..3f9cee8 100644 --- a/package-lock.json +++ b/package-lock.json @@ -20,11 +20,11 @@ "sync-request": "^6.1.0", "temp": "^0.9.4", "tslib": "^2.1.0", - "xadesjs": "^2.1.1", + "xadesjs": "^2.4.0", "xml-core": "^1.1.2", "xmldom": "^0.5.0", "xmldom-alpha": "^0.1.28", - "xmldsigjs": "^2.1.3" + "xmldsigjs": "^2.4.0" }, "bin": { "tl-create": "build/cjs/bin/index.js" @@ -595,6 +595,15 @@ "integrity": "sha512-sL/cEvJWAnClXw0wHk85/2L0G6Sj8UB0Ctc1TEMbKSsmpRosqhwj9gWgFRZSrBr2f9tiXISwNhCPmlfqUqyb9Q==", "dev": true }, + "node_modules/@xmldom/xmldom": { + "version": "0.8.10", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.10.tgz", + "integrity": "sha512-2WALfTl4xo2SkGCYRt6rDTFfk9R1czmBvUQy12gK2KuRKIpWEhcbbzy8EZXtz/jkRqHX8bFEc6FC1HjX4TUWYw==", + "license": "MIT", + "engines": { + "node": ">=10.0.0" + } + }, "node_modules/aggregate-error": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz", @@ -690,11 +699,12 @@ "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" }, "node_modules/asn1js": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/asn1js/-/asn1js-2.1.1.tgz", - "integrity": "sha512-t9u0dU0rJN4ML+uxgN6VM2Z4H5jWIYm0w8LsZLzMJaQsgL3IJNbxHgmbWDvJAwspyHpDFuzUaUFh4c05UB4+6g==", + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/asn1js/-/asn1js-2.4.0.tgz", + "integrity": "sha512-PvZC0FMyMut8aOnR2jAEGSkmRtHIUYPe9amUEnGjr9TdnUmsfoOkjrvUkOEU9mzpYBR1HyO9bF+8U1cLTMMHhQ==", + "license": "BSD-3-Clause", "dependencies": { - "pvutils": "latest" + "pvutils": "^1.1.3" }, "engines": { "node": ">=6.0.0" @@ -2552,18 +2562,33 @@ } }, "node_modules/pkijs": { - "version": "2.1.93", - "resolved": "https://registry.npmjs.org/pkijs/-/pkijs-2.1.93.tgz", - "integrity": "sha512-Ot82i9gEuJpmABKiozuZAs/3lfvm8FlY01jVEElM8lxEdLtIW9AJLK4JXx2tAcY7vP009rPuzbT0LG9PmyO72g==", + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/pkijs/-/pkijs-2.4.0.tgz", + "integrity": "sha512-cjJP/mYuGyMrjJ49jI04khId5Oufd3nFTUYBzQTIIVNI7/oAWdwXEfpwTF8HELFV/gz+WGYUBHCe3KHWD8rYvg==", + "license": "BSD-3-Clause", "dependencies": { - "asn1js": "^2.0.26", + "asn1js": "^3.0.3", "bytestreamjs": "^1.0.29", - "pvutils": "^1.0.17" + "pvutils": "^1.1.3" }, "engines": { "node": ">=6.0.0" } }, + "node_modules/pkijs/node_modules/asn1js": { + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/asn1js/-/asn1js-3.0.5.tgz", + "integrity": "sha512-FVnvrKJwpt9LP2lAMl8qZswRNm3T4q9CON+bxldk2iwk3FFpuwhx2FfinyitizWHsVYyaY+y5JzDR0rCMV5yTQ==", + "license": "BSD-3-Clause", + "dependencies": { + "pvtsutils": "^1.3.2", + "pvutils": "^1.1.3", + "tslib": "^2.4.0" + }, + "engines": { + "node": ">=12.0.0" + } + }, "node_modules/process-nextick-args": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", @@ -2590,17 +2615,19 @@ } }, "node_modules/pvtsutils": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/pvtsutils/-/pvtsutils-1.1.2.tgz", - "integrity": "sha512-Yfm9Dsk1zfEpOWCaJaHfqtNXAFWNNHMFSCLN6jTnhuCCBCC2nqge4sAgo7UrkRBoAAYIL8TN/6LlLoNfZD/b5A==", + "version": "1.3.5", + "resolved": "https://registry.npmjs.org/pvtsutils/-/pvtsutils-1.3.5.tgz", + "integrity": "sha512-ARvb14YB9Nm2Xi6nBq1ZX6dAM0FsJnuk+31aUp4TrcZEdKUlSqOqsxJHUPJDNE3qiIp+iUPEIeR6Je/tgV7zsA==", + "license": "MIT", "dependencies": { - "tslib": "^2.1.0" + "tslib": "^2.6.1" } }, "node_modules/pvutils": { - "version": "1.0.17", - "resolved": "https://registry.npmjs.org/pvutils/-/pvutils-1.0.17.tgz", - "integrity": "sha512-wLHYUQxWaXVQvKnwIDWFVKDJku9XDCvyhhxoq8dc5MFdIlRenyPI9eSfEtcvgHgD7FlvCyGAlWgOzRnZD99GZQ==", + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/pvutils/-/pvutils-1.1.3.tgz", + "integrity": "sha512-pMpnA0qRdFp32b1sJl1wOJNxZLQ2cbQx+k6tjNtZ8CpvVhNqEPRgivZ2WOUev2YMajecdH7ctUPDvEe87nariQ==", + "license": "MIT", "engines": { "node": ">=6.0.0" } @@ -3034,9 +3061,10 @@ } }, "node_modules/tslib": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.1.0.tgz", - "integrity": "sha512-hcVC3wYEziELGGmEEXue7D75zbwIIVUMWAVbHItGPx0ziyXxrOMQx4rQEVEV45Ut/1IotuEvwqPopzIOkDMf0A==" + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.7.0.tgz", + "integrity": "sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==", + "license": "0BSD" }, "node_modules/type-fest": { "version": "0.8.1", @@ -3223,21 +3251,23 @@ } }, "node_modules/xadesjs": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/xadesjs/-/xadesjs-2.1.1.tgz", - "integrity": "sha512-zChqo2rHValIVpJBFeRL4sjDQCJqwftYGv5yAKQpkas8se9ylS7eXCXHai2W65mmFaamLYuRrpHnp6XsUVQ79Q==", + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/xadesjs/-/xadesjs-2.4.0.tgz", + "integrity": "sha512-vwtLS1uHwfcUlWO3Rvfz02drvH8h8t7lHHv8HSE/6++l/5T4zbHBbnk5n4bit5mI9PnOf8/B6qvhh+pMJyNs4A==", + "license": "MIT", "dependencies": { - "xml-core": "^1.1.0", - "xmldsigjs": "^2.1.1" + "xml-core": "^1.1.4", + "xmldsigjs": "^2.4.0" } }, "node_modules/xml-core": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/xml-core/-/xml-core-1.1.2.tgz", - "integrity": "sha512-+AKWq+5srt1Kolz20UVVmmBNTZAQioE0DOjBrgybXpzVdtuF00l4lqlGy6YllDe/kwIW/ew0mvfJ/LiLZbAR8A==", + "version": "1.1.5", + "resolved": "https://registry.npmjs.org/xml-core/-/xml-core-1.1.5.tgz", + "integrity": "sha512-6pZbMgvvtSxXSLmWkUPgFi274oljUHCBKm9GS4ySCXhXCODbJwB8e/UHHzbnnm4X1vVWMfXcip2vrLxN6KSbMw==", + "license": "MIT", "dependencies": { - "tslib": "^2.1.0", - "xmldom": "^0.5.0", + "@xmldom/xmldom": "^0.8.2", + "tslib": "^2.4.0", "xpath.js": "^1.1.0" } }, @@ -3258,23 +3288,25 @@ } }, "node_modules/xmldsigjs": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/xmldsigjs/-/xmldsigjs-2.1.3.tgz", - "integrity": "sha512-tK7W+Ps+wvTSFAVuXH4XGkx3TBj1EIpAxannGokH960/BYct6Kf3f00wTirckdlS+ZyTvQo+mTuE8z3EbeWTrg==", + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/xmldsigjs/-/xmldsigjs-2.4.0.tgz", + "integrity": "sha512-Sf2CAR90+DHIt7VpKlAMTfoX9v4RbgvCPViDJf8W1i4aNJSUCGczoUXJAUYfd4coYOjJU+qXFBg1YSpvJUtzSQ==", + "license": "MIT", "dependencies": { - "asn1js": "^2.0.26", - "pkijs": "^2.1.93", - "pvtsutils": "^1.1.1", + "asn1js": "^2.2.0", + "pkijs": "^2.2.2", + "pvtsutils": "^1.2.1", "pvutils": "^1.0.17", - "tslib": "^2.1.0", - "xml-core": "^1.1.0", - "xpath": "^0.0.27" + "tslib": "^2.3.1", + "xml-core": "^1.1.4", + "xpath": "^0.0.32" } }, "node_modules/xpath": { - "version": "0.0.27", - "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.27.tgz", - "integrity": "sha512-fg03WRxtkCV6ohClePNAECYsmpKKTv5L8y/X3Dn1hQrec3POx2jHZ/0P2qQ6HvsrU1BmeqXcof3NGGueG6LxwQ==", + "version": "0.0.32", + "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.32.tgz", + "integrity": "sha512-rxMJhSIoiO8vXcWvSifKqhvV96GjiD5wYb8/QHdoRyQvraTpp4IEv944nhGausZZ3u7dhQXteZuZbaqfpB7uYw==", + "license": "MIT", "engines": { "node": ">=0.6.0" } @@ -3921,6 +3953,11 @@ "integrity": "sha512-sL/cEvJWAnClXw0wHk85/2L0G6Sj8UB0Ctc1TEMbKSsmpRosqhwj9gWgFRZSrBr2f9tiXISwNhCPmlfqUqyb9Q==", "dev": true }, + "@xmldom/xmldom": { + "version": "0.8.10", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.10.tgz", + "integrity": "sha512-2WALfTl4xo2SkGCYRt6rDTFfk9R1czmBvUQy12gK2KuRKIpWEhcbbzy8EZXtz/jkRqHX8bFEc6FC1HjX4TUWYw==" + }, "aggregate-error": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz", @@ -3995,11 +4032,11 @@ "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" }, "asn1js": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/asn1js/-/asn1js-2.1.1.tgz", - "integrity": "sha512-t9u0dU0rJN4ML+uxgN6VM2Z4H5jWIYm0w8LsZLzMJaQsgL3IJNbxHgmbWDvJAwspyHpDFuzUaUFh4c05UB4+6g==", + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/asn1js/-/asn1js-2.4.0.tgz", + "integrity": "sha512-PvZC0FMyMut8aOnR2jAEGSkmRtHIUYPe9amUEnGjr9TdnUmsfoOkjrvUkOEU9mzpYBR1HyO9bF+8U1cLTMMHhQ==", "requires": { - "pvutils": "latest" + "pvutils": "^1.1.3" } }, "asynckit": { @@ -5430,13 +5467,25 @@ } }, "pkijs": { - "version": "2.1.93", - "resolved": "https://registry.npmjs.org/pkijs/-/pkijs-2.1.93.tgz", - "integrity": "sha512-Ot82i9gEuJpmABKiozuZAs/3lfvm8FlY01jVEElM8lxEdLtIW9AJLK4JXx2tAcY7vP009rPuzbT0LG9PmyO72g==", + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/pkijs/-/pkijs-2.4.0.tgz", + "integrity": "sha512-cjJP/mYuGyMrjJ49jI04khId5Oufd3nFTUYBzQTIIVNI7/oAWdwXEfpwTF8HELFV/gz+WGYUBHCe3KHWD8rYvg==", "requires": { - "asn1js": "^2.0.26", + "asn1js": "^3.0.3", "bytestreamjs": "^1.0.29", - "pvutils": "^1.0.17" + "pvutils": "^1.1.3" + }, + "dependencies": { + "asn1js": { + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/asn1js/-/asn1js-3.0.5.tgz", + "integrity": "sha512-FVnvrKJwpt9LP2lAMl8qZswRNm3T4q9CON+bxldk2iwk3FFpuwhx2FfinyitizWHsVYyaY+y5JzDR0rCMV5yTQ==", + "requires": { + "pvtsutils": "^1.3.2", + "pvutils": "^1.1.3", + "tslib": "^2.4.0" + } + } } }, "process-nextick-args": { @@ -5462,17 +5511,17 @@ } }, "pvtsutils": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/pvtsutils/-/pvtsutils-1.1.2.tgz", - "integrity": "sha512-Yfm9Dsk1zfEpOWCaJaHfqtNXAFWNNHMFSCLN6jTnhuCCBCC2nqge4sAgo7UrkRBoAAYIL8TN/6LlLoNfZD/b5A==", + "version": "1.3.5", + "resolved": "https://registry.npmjs.org/pvtsutils/-/pvtsutils-1.3.5.tgz", + "integrity": "sha512-ARvb14YB9Nm2Xi6nBq1ZX6dAM0FsJnuk+31aUp4TrcZEdKUlSqOqsxJHUPJDNE3qiIp+iUPEIeR6Je/tgV7zsA==", "requires": { - "tslib": "^2.1.0" + "tslib": "^2.6.1" } }, "pvutils": { - "version": "1.0.17", - "resolved": "https://registry.npmjs.org/pvutils/-/pvutils-1.0.17.tgz", - "integrity": "sha512-wLHYUQxWaXVQvKnwIDWFVKDJku9XDCvyhhxoq8dc5MFdIlRenyPI9eSfEtcvgHgD7FlvCyGAlWgOzRnZD99GZQ==" + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/pvutils/-/pvutils-1.1.3.tgz", + "integrity": "sha512-pMpnA0qRdFp32b1sJl1wOJNxZLQ2cbQx+k6tjNtZ8CpvVhNqEPRgivZ2WOUev2YMajecdH7ctUPDvEe87nariQ==" }, "qs": { "version": "6.10.1", @@ -5806,9 +5855,9 @@ } }, "tslib": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.1.0.tgz", - "integrity": "sha512-hcVC3wYEziELGGmEEXue7D75zbwIIVUMWAVbHItGPx0ziyXxrOMQx4rQEVEV45Ut/1IotuEvwqPopzIOkDMf0A==" + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.7.0.tgz", + "integrity": "sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==" }, "type-fest": { "version": "0.8.1", @@ -5957,21 +6006,21 @@ } }, "xadesjs": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/xadesjs/-/xadesjs-2.1.1.tgz", - "integrity": "sha512-zChqo2rHValIVpJBFeRL4sjDQCJqwftYGv5yAKQpkas8se9ylS7eXCXHai2W65mmFaamLYuRrpHnp6XsUVQ79Q==", + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/xadesjs/-/xadesjs-2.4.0.tgz", + "integrity": "sha512-vwtLS1uHwfcUlWO3Rvfz02drvH8h8t7lHHv8HSE/6++l/5T4zbHBbnk5n4bit5mI9PnOf8/B6qvhh+pMJyNs4A==", "requires": { - "xml-core": "^1.1.0", - "xmldsigjs": "^2.1.1" + "xml-core": "^1.1.4", + "xmldsigjs": "^2.4.0" } }, "xml-core": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/xml-core/-/xml-core-1.1.2.tgz", - "integrity": "sha512-+AKWq+5srt1Kolz20UVVmmBNTZAQioE0DOjBrgybXpzVdtuF00l4lqlGy6YllDe/kwIW/ew0mvfJ/LiLZbAR8A==", + "version": "1.1.5", + "resolved": "https://registry.npmjs.org/xml-core/-/xml-core-1.1.5.tgz", + "integrity": "sha512-6pZbMgvvtSxXSLmWkUPgFi274oljUHCBKm9GS4ySCXhXCODbJwB8e/UHHzbnnm4X1vVWMfXcip2vrLxN6KSbMw==", "requires": { - "tslib": "^2.1.0", - "xmldom": "^0.5.0", + "@xmldom/xmldom": "^0.8.2", + "tslib": "^2.4.0", "xpath.js": "^1.1.0" } }, @@ -5986,23 +6035,23 @@ "integrity": "sha512-u0hPuPt18K/f4bVck3elfDJr2SZ7oyB2pknGNL3uyCCiJ+z6za+skAv7oEiOcSuU4NYfRfc5SyAsowQa0E5W/g==" }, "xmldsigjs": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/xmldsigjs/-/xmldsigjs-2.1.3.tgz", - "integrity": "sha512-tK7W+Ps+wvTSFAVuXH4XGkx3TBj1EIpAxannGokH960/BYct6Kf3f00wTirckdlS+ZyTvQo+mTuE8z3EbeWTrg==", + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/xmldsigjs/-/xmldsigjs-2.4.0.tgz", + "integrity": "sha512-Sf2CAR90+DHIt7VpKlAMTfoX9v4RbgvCPViDJf8W1i4aNJSUCGczoUXJAUYfd4coYOjJU+qXFBg1YSpvJUtzSQ==", "requires": { - "asn1js": "^2.0.26", - "pkijs": "^2.1.93", - "pvtsutils": "^1.1.1", + "asn1js": "^2.2.0", + "pkijs": "^2.2.2", + "pvtsutils": "^1.2.1", "pvutils": "^1.0.17", - "tslib": "^2.1.0", - "xml-core": "^1.1.0", - "xpath": "^0.0.27" + "tslib": "^2.3.1", + "xml-core": "^1.1.4", + "xpath": "^0.0.32" } }, "xpath": { - "version": "0.0.27", - "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.27.tgz", - "integrity": "sha512-fg03WRxtkCV6ohClePNAECYsmpKKTv5L8y/X3Dn1hQrec3POx2jHZ/0P2qQ6HvsrU1BmeqXcof3NGGueG6LxwQ==" + "version": "0.0.32", + "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.32.tgz", + "integrity": "sha512-rxMJhSIoiO8vXcWvSifKqhvV96GjiD5wYb8/QHdoRyQvraTpp4IEv944nhGausZZ3u7dhQXteZuZbaqfpB7uYw==" }, "xpath.js": { "version": "1.1.0", diff --git a/package.json b/package.json index 717ee92..3bd80a5 100644 --- a/package.json +++ b/package.json @@ -40,11 +40,11 @@ "sync-request": "^6.1.0", "temp": "^0.9.4", "tslib": "^2.1.0", - "xadesjs": "^2.1.1", + "xadesjs": "^2.4.0", "xml-core": "^1.1.2", "xmldom": "^0.5.0", "xmldom-alpha": "^0.1.28", - "xmldsigjs": "^2.1.3" + "xmldsigjs": "^2.4.0" }, "devDependencies": { "@types/asn1js": "^2.0.0",