From da09e5ff8fa9a1d2e495ac1c8ab2afd4ba48526c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 29 Jul 2021 07:42:49 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-APOLLOCLIENT-1085706 --- package-lock.json | 150 +++++++++++++++++++++++++++------------------- package.json | 2 +- 2 files changed, 90 insertions(+), 62 deletions(-) diff --git a/package-lock.json b/package-lock.json index a9aef4e..7d36f2b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,7 +9,7 @@ "version": "5.0.0", "license": "MIT", "dependencies": { - "@apollo/client": "3.3.19", + "@apollo/client": "^3.4.0", "@material-ui/core": "4.11.4", "@material-ui/icons": "4.11.2", "@sentry/browser": "6.5.1", @@ -49,23 +49,22 @@ } }, "node_modules/@apollo/client": { - "version": "3.3.19", - "resolved": "https://registry.npmjs.org/@apollo/client/-/client-3.3.19.tgz", - "integrity": "sha512-vzljWLPP0GwocfBhUopzDCUwsiaNTtii1eu8qDybAXqwj4/ZhnIM46c6dNQmnVcJpAIFRIsNCOxM4OlMDySJug==", + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/@apollo/client/-/client-3.4.0.tgz", + "integrity": "sha512-ASGw+L1KYLm3Syl5lJKFB6nLEuthBUcvSYhI6p4g4hi+kMli6+UarMONuIYmTBUec2KcQCfs4uwi3bd0xWQ8zg==", "dependencies": { "@graphql-typed-document-node/core": "^3.0.0", - "@types/zen-observable": "^0.8.0", "@wry/context": "^0.6.0", - "@wry/equality": "^0.4.0", - "fast-json-stable-stringify": "^2.0.0", - "graphql-tag": "^2.12.0", + "@wry/equality": "^0.5.0", + "@wry/trie": "^0.3.0", + "graphql-tag": "^2.12.3", "hoist-non-react-statics": "^3.3.2", - "optimism": "^0.16.0", + "optimism": "^0.16.1", "prop-types": "^15.7.2", - "symbol-observable": "^2.0.0", - "ts-invariant": "^0.7.0", - "tslib": "^1.10.0", - "zen-observable": "^0.8.14" + "symbol-observable": "^4.0.0", + "ts-invariant": "^0.9.0", + "tslib": "^2.3.0", + "zen-observable-ts": "^1.1.0" }, "peerDependencies": { "graphql": "^14.0.0 || ^15.0.0", @@ -81,6 +80,20 @@ } } }, + "node_modules/@apollo/client/node_modules/tslib": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.3.0.tgz", + "integrity": "sha512-N82ooyxVNm6h1riLCoyS9e3fuJ3AMG2zIZs2Gd1ATcSFjSA23Q0fzjjZeh0jbJvWVDZ0cJT8yaNNaaXHzueNjg==" + }, + "node_modules/@apollo/client/node_modules/zen-observable-ts": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/zen-observable-ts/-/zen-observable-ts-1.1.0.tgz", + "integrity": "sha512-1h4zlLSqI2cRLPJUHJFL8bCWHhkpuXkF+dbGkRaWjgDIG26DmzyshUMrdV/rL3UnR+mhaX4fRq8LPouq0MYYIA==", + "dependencies": { + "@types/zen-observable": "0.8.3", + "zen-observable": "0.8.15" + } + }, "node_modules/@aws-amplify/analytics": { "version": "3.3.11", "resolved": "https://registry.npmjs.org/@aws-amplify/analytics/-/analytics-3.3.11.tgz", @@ -10301,9 +10314,9 @@ "integrity": "sha512-37RSHht+gzzgYeobbG+KWryeAW8J33Nhr69cjTqSYymXVZEN9NbRYWoYlRtDhHKPVT1FyNKwaTPC1NynKZpzRA==" }, "node_modules/@types/zen-observable": { - "version": "0.8.2", - "resolved": "https://registry.npmjs.org/@types/zen-observable/-/zen-observable-0.8.2.tgz", - "integrity": "sha512-HrCIVMLjE1MOozVoD86622S7aunluLb2PJdPfb3nYiEtohm8mIB/vyv0Fd37AdeMFrTUQXEunw78YloMA3Qilg==" + "version": "0.8.3", + "resolved": "https://registry.npmjs.org/@types/zen-observable/-/zen-observable-0.8.3.tgz", + "integrity": "sha512-fbF6oTd4sGGy0xjHPKAt+eS2CrxJ3+6gQ3FGcBoIJR2TLAyCkCyI8JqZNy+FeON0AhVgNJoUumVoZQjBFUqHkw==" }, "node_modules/@typescript-eslint/eslint-plugin": { "version": "4.20.0", @@ -10723,9 +10736,9 @@ "integrity": "sha512-gS9GVHRU+RGn5KQM2rllAlR3dU6m7AcpJKdtH8gFvQiC4Otgk98XnmMU+nZenHt/+VhnBPWwgrJsyrdcw6i23w==" }, "node_modules/@wry/equality": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/@wry/equality/-/equality-0.4.0.tgz", - "integrity": "sha512-DxN/uawWfhRbgYE55zVCPOoe+jvsQ4m7PT1Wlxjyb/LCCLuU1UsucV2BbCxFAX8bjcSueFBbB5Qfj1Zfe8e7Fw==", + "version": "0.5.1", + "resolved": "https://registry.npmjs.org/@wry/equality/-/equality-0.5.1.tgz", + "integrity": "sha512-FZKbdpbcVcbDxQrKcaBClNsQaMg9nof1RKM7mReJe5DKUzM5u8S7T+PqwNqvib5O2j2xxF1R4p5O3+b6baTrbw==", "dependencies": { "tslib": "^2.1.0" }, @@ -10734,9 +10747,9 @@ } }, "node_modules/@wry/equality/node_modules/tslib": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.1.0.tgz", - "integrity": "sha512-hcVC3wYEziELGGmEEXue7D75zbwIIVUMWAVbHItGPx0ziyXxrOMQx4rQEVEV45Ut/1IotuEvwqPopzIOkDMf0A==" + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.3.0.tgz", + "integrity": "sha512-N82ooyxVNm6h1riLCoyS9e3fuJ3AMG2zIZs2Gd1ATcSFjSA23Q0fzjjZeh0jbJvWVDZ0cJT8yaNNaaXHzueNjg==" }, "node_modules/@wry/trie": { "version": "0.3.0", @@ -29782,9 +29795,9 @@ } }, "node_modules/symbol-observable": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-2.0.3.tgz", - "integrity": "sha512-sQV7phh2WCYAn81oAkakC5qjq2Ml0g8ozqz03wOGnx9dDlG1de6yrF+0RAzSJD8fPUow3PTSMf2SAbOGxb93BA==", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-4.0.0.tgz", + "integrity": "sha512-b19dMThMV4HVFynSAM1++gBHAbk2Tc/osgLIBZMKsyqh34jb2e8Os7T6ZW/Bt3pJFdBTd2JwAnAAEQV7rSNvcQ==", "engines": { "node": ">=0.10" } @@ -30359,9 +30372,9 @@ "dev": true }, "node_modules/ts-invariant": { - "version": "0.7.3", - "resolved": "https://registry.npmjs.org/ts-invariant/-/ts-invariant-0.7.3.tgz", - "integrity": "sha512-UWDDeovyUTIMWj+45g5nhnl+8oo+GhxL5leTaHn5c8FkQWfh8v66gccLd2/YzVmV5hoQUjCEjhrXnQqVDJdvKA==", + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/ts-invariant/-/ts-invariant-0.9.0.tgz", + "integrity": "sha512-+JqhKqywk+ue5JjAC6eTWe57mOIxYXypMUkBDStkAzvnlfkDJ1KGyeMuNRMwOt6GXzHSC1UT9JecowpZDmgXqA==", "dependencies": { "tslib": "^2.1.0" }, @@ -30370,9 +30383,9 @@ } }, "node_modules/ts-invariant/node_modules/tslib": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.1.0.tgz", - "integrity": "sha512-hcVC3wYEziELGGmEEXue7D75zbwIIVUMWAVbHItGPx0ziyXxrOMQx4rQEVEV45Ut/1IotuEvwqPopzIOkDMf0A==" + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.3.0.tgz", + "integrity": "sha512-N82ooyxVNm6h1riLCoyS9e3fuJ3AMG2zIZs2Gd1ATcSFjSA23Q0fzjjZeh0jbJvWVDZ0cJT8yaNNaaXHzueNjg==" }, "node_modules/ts-jest": { "version": "26.5.6", @@ -33238,23 +33251,38 @@ }, "dependencies": { "@apollo/client": { - "version": "3.3.19", - "resolved": "https://registry.npmjs.org/@apollo/client/-/client-3.3.19.tgz", - "integrity": "sha512-vzljWLPP0GwocfBhUopzDCUwsiaNTtii1eu8qDybAXqwj4/ZhnIM46c6dNQmnVcJpAIFRIsNCOxM4OlMDySJug==", + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/@apollo/client/-/client-3.4.0.tgz", + "integrity": "sha512-ASGw+L1KYLm3Syl5lJKFB6nLEuthBUcvSYhI6p4g4hi+kMli6+UarMONuIYmTBUec2KcQCfs4uwi3bd0xWQ8zg==", "requires": { "@graphql-typed-document-node/core": "^3.0.0", - "@types/zen-observable": "^0.8.0", "@wry/context": "^0.6.0", - "@wry/equality": "^0.4.0", - "fast-json-stable-stringify": "^2.0.0", - "graphql-tag": "^2.12.0", + "@wry/equality": "^0.5.0", + "@wry/trie": "^0.3.0", + "graphql-tag": "^2.12.3", "hoist-non-react-statics": "^3.3.2", - "optimism": "^0.16.0", + "optimism": "^0.16.1", "prop-types": "^15.7.2", - "symbol-observable": "^2.0.0", - "ts-invariant": "^0.7.0", - "tslib": "^1.10.0", - "zen-observable": "^0.8.14" + "symbol-observable": "^4.0.0", + "ts-invariant": "^0.9.0", + "tslib": "^2.3.0", + "zen-observable-ts": "^1.1.0" + }, + "dependencies": { + "tslib": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.3.0.tgz", + "integrity": "sha512-N82ooyxVNm6h1riLCoyS9e3fuJ3AMG2zIZs2Gd1ATcSFjSA23Q0fzjjZeh0jbJvWVDZ0cJT8yaNNaaXHzueNjg==" + }, + "zen-observable-ts": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/zen-observable-ts/-/zen-observable-ts-1.1.0.tgz", + "integrity": "sha512-1h4zlLSqI2cRLPJUHJFL8bCWHhkpuXkF+dbGkRaWjgDIG26DmzyshUMrdV/rL3UnR+mhaX4fRq8LPouq0MYYIA==", + "requires": { + "@types/zen-observable": "0.8.3", + "zen-observable": "0.8.15" + } + } } }, "@aws-amplify/analytics": { @@ -42758,9 +42786,9 @@ "integrity": "sha512-37RSHht+gzzgYeobbG+KWryeAW8J33Nhr69cjTqSYymXVZEN9NbRYWoYlRtDhHKPVT1FyNKwaTPC1NynKZpzRA==" }, "@types/zen-observable": { - "version": "0.8.2", - "resolved": "https://registry.npmjs.org/@types/zen-observable/-/zen-observable-0.8.2.tgz", - "integrity": "sha512-HrCIVMLjE1MOozVoD86622S7aunluLb2PJdPfb3nYiEtohm8mIB/vyv0Fd37AdeMFrTUQXEunw78YloMA3Qilg==" + "version": "0.8.3", + "resolved": "https://registry.npmjs.org/@types/zen-observable/-/zen-observable-0.8.3.tgz", + "integrity": "sha512-fbF6oTd4sGGy0xjHPKAt+eS2CrxJ3+6gQ3FGcBoIJR2TLAyCkCyI8JqZNy+FeON0AhVgNJoUumVoZQjBFUqHkw==" }, "@typescript-eslint/eslint-plugin": { "version": "4.20.0", @@ -43087,17 +43115,17 @@ } }, "@wry/equality": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/@wry/equality/-/equality-0.4.0.tgz", - "integrity": "sha512-DxN/uawWfhRbgYE55zVCPOoe+jvsQ4m7PT1Wlxjyb/LCCLuU1UsucV2BbCxFAX8bjcSueFBbB5Qfj1Zfe8e7Fw==", + "version": "0.5.1", + "resolved": "https://registry.npmjs.org/@wry/equality/-/equality-0.5.1.tgz", + "integrity": "sha512-FZKbdpbcVcbDxQrKcaBClNsQaMg9nof1RKM7mReJe5DKUzM5u8S7T+PqwNqvib5O2j2xxF1R4p5O3+b6baTrbw==", "requires": { "tslib": "^2.1.0" }, "dependencies": { "tslib": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.1.0.tgz", - "integrity": "sha512-hcVC3wYEziELGGmEEXue7D75zbwIIVUMWAVbHItGPx0ziyXxrOMQx4rQEVEV45Ut/1IotuEvwqPopzIOkDMf0A==" + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.3.0.tgz", + "integrity": "sha512-N82ooyxVNm6h1riLCoyS9e3fuJ3AMG2zIZs2Gd1ATcSFjSA23Q0fzjjZeh0jbJvWVDZ0cJT8yaNNaaXHzueNjg==" } } }, @@ -58491,9 +58519,9 @@ } }, "symbol-observable": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-2.0.3.tgz", - "integrity": "sha512-sQV7phh2WCYAn81oAkakC5qjq2Ml0g8ozqz03wOGnx9dDlG1de6yrF+0RAzSJD8fPUow3PTSMf2SAbOGxb93BA==" + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-4.0.0.tgz", + "integrity": "sha512-b19dMThMV4HVFynSAM1++gBHAbk2Tc/osgLIBZMKsyqh34jb2e8Os7T6ZW/Bt3pJFdBTd2JwAnAAEQV7rSNvcQ==" }, "symbol-tree": { "version": "3.2.4", @@ -58936,17 +58964,17 @@ "dev": true }, "ts-invariant": { - "version": "0.7.3", - "resolved": "https://registry.npmjs.org/ts-invariant/-/ts-invariant-0.7.3.tgz", - "integrity": "sha512-UWDDeovyUTIMWj+45g5nhnl+8oo+GhxL5leTaHn5c8FkQWfh8v66gccLd2/YzVmV5hoQUjCEjhrXnQqVDJdvKA==", + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/ts-invariant/-/ts-invariant-0.9.0.tgz", + "integrity": "sha512-+JqhKqywk+ue5JjAC6eTWe57mOIxYXypMUkBDStkAzvnlfkDJ1KGyeMuNRMwOt6GXzHSC1UT9JecowpZDmgXqA==", "requires": { "tslib": "^2.1.0" }, "dependencies": { "tslib": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.1.0.tgz", - "integrity": "sha512-hcVC3wYEziELGGmEEXue7D75zbwIIVUMWAVbHItGPx0ziyXxrOMQx4rQEVEV45Ut/1IotuEvwqPopzIOkDMf0A==" + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.3.0.tgz", + "integrity": "sha512-N82ooyxVNm6h1riLCoyS9e3fuJ3AMG2zIZs2Gd1ATcSFjSA23Q0fzjjZeh0jbJvWVDZ0cJT8yaNNaaXHzueNjg==" } } }, diff --git a/package.json b/package.json index 56aaa5a..400b3c5 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ "url": "https://github.com/ausgaben/web" }, "dependencies": { - "@apollo/client": "3.3.19", + "@apollo/client": "3.4.0", "@material-ui/core": "4.11.4", "@material-ui/icons": "4.11.2", "@sentry/browser": "6.5.1",