From b54fd1a06f0e7edb579231bbc8bc1db9f5be6989 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 24 Jan 2022 16:06:55 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118 --- package.json | 8 ++-- yarn.lock | 130 +++++++++++++++++++++++++++++++++++++++------------ 2 files changed, 105 insertions(+), 33 deletions(-) diff --git a/package.json b/package.json index f275368..ba92b69 100644 --- a/package.json +++ b/package.json @@ -193,12 +193,12 @@ "history": "^4.6.3", "loaders.css": "^0.1.2", "moment": "^2.18.1", - "react": "^15.6.1", + "react": "^16.5.0", "react-datepicker": "^0.47.0", - "react-dom": "^15.6.1", - "react-hot-loader": "3.0.0-beta.6", + "react-dom": "^16.5.0", + "react-hot-loader": "3.0.0", "react-html-parser": "^1.0.3", - "react-loaders": "^2.5.0", + "react-loaders": "^2.6.0", "react-redux": "^5.0.5", "react-router": "^4.1.1", "react-router-dom": "^4.1.1", diff --git a/yarn.lock b/yarn.lock index 01a2488..9dc4c00 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1840,6 +1840,11 @@ classnames@^2.2.3, classnames@^2.2.5: version "2.2.5" resolved "https://registry.yarnpkg.com/classnames/-/classnames-2.2.5.tgz#fb3801d453467649ef3603c7d61a02bd129bde6d" +classnames@^2.2.4: + version "2.3.1" + resolved "https://registry.yarnpkg.com/classnames/-/classnames-2.3.1.tgz#dfcfa3891e306ec1dad105d0e88f4417b8535e8e" + integrity sha512-OlQdbZ7gLfGarSqxesMesDa5uz7KFbID8Kpq/SxIoNGDqY8lSYs0D+hhtBXhcdB3rcbXArFr7vlHheLk1voeNA== + clean-css@4.1.x: version "4.1.3" resolved "https://registry.yarnpkg.com/clean-css/-/clean-css-4.1.3.tgz#07cfe8980edb20d455ddc23aadcf1e04c6e509ce" @@ -2191,7 +2196,7 @@ create-react-class@^15.5.3: loose-envify "^1.3.1" object-assign "^4.1.1" -create-react-class@^15.5.x, create-react-class@^15.6.0: +create-react-class@^15.5.x: version "15.6.0" resolved "https://registry.yarnpkg.com/create-react-class/-/create-react-class-15.6.0.tgz#ab448497c26566e1e29413e883207d57cfe7bed4" dependencies: @@ -5042,6 +5047,11 @@ js-tokens@^3.0.0: version "3.0.1" resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.1.tgz#08e9f132484a2c45a30907e9dc4d5567b7f114d7" +"js-tokens@^3.0.0 || ^4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499" + integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ== + js-yaml@^3.4.3, js-yaml@^3.5.1, js-yaml@^3.7.0, js-yaml@^3.8.4: version "3.8.4" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.8.4.tgz#520b4564f86573ba96662af85a8cafa7b4b5a6f6" @@ -5545,6 +5555,13 @@ loose-envify@^1.0.0, loose-envify@^1.1.0, loose-envify@^1.2.0, loose-envify@^1.3 dependencies: js-tokens "^3.0.0" +loose-envify@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.4.0.tgz#71ee51fa7be4caec1a63839f7e682d8132d30caf" + integrity sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q== + dependencies: + js-tokens "^3.0.0 || ^4.0.0" + loud-rejection@^1.0.0: version "1.6.0" resolved "https://registry.yarnpkg.com/loud-rejection/-/loud-rejection-1.6.0.tgz#5b46f80147edee578870f086d04821cf998e551f" @@ -6857,6 +6874,15 @@ prop-types@^15.5.10, prop-types@^15.5.4, prop-types@^15.5.8: fbjs "^0.8.9" loose-envify "^1.3.1" +prop-types@^15.6.0, prop-types@^15.6.2: + version "15.8.1" + resolved "https://registry.yarnpkg.com/prop-types/-/prop-types-15.8.1.tgz#67d87bf1a694f48435cf332c24af10214a3140b5" + integrity sha512-oj87CgZICdulUohogVAR7AjlC0327U4el4L6eAvOqCeudMDVU0NThNaV+b9Df4dXgSP1gXMTnPdhfe/2qDH5cg== + dependencies: + loose-envify "^1.4.0" + object-assign "^4.1.1" + react-is "^16.13.1" + proxy-addr@~1.1.4: version "1.1.4" resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-1.1.4.tgz#27e545f6960a44a627d9b44467e35c1b6b4ce2f3" @@ -6974,29 +7000,32 @@ react-deep-force-update@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/react-deep-force-update/-/react-deep-force-update-1.0.1.tgz#f911b5be1d2a6fe387507dd6e9a767aa2924b4c7" -react-deep-force-update@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/react-deep-force-update/-/react-deep-force-update-2.0.1.tgz#4f7f6c12c3e7de42f345992a3c518236fa1ecad3" +react-deep-force-update@^2.1.1: + version "2.1.3" + resolved "https://registry.yarnpkg.com/react-deep-force-update/-/react-deep-force-update-2.1.3.tgz#740612322e617bcced38f61794a4af75dc3d98e7" + integrity sha512-lqD4eHKVuB65RyO/hGbEST53E2/GPbcIPcFYyeW/p4vNngtH4G7jnKGlU6u1OqrFo0uNfIvwuBOg98IbLHlNEA== -react-dom@^15.6.1: - version "15.6.1" - resolved "https://registry.yarnpkg.com/react-dom/-/react-dom-15.6.1.tgz#2cb0ed4191038e53c209eb3a79a23e2a4cf99470" +react-dom@^16.5.0: + version "16.14.0" + resolved "https://registry.yarnpkg.com/react-dom/-/react-dom-16.14.0.tgz#7ad838ec29a777fb3c75c3a190f661cf92ab8b89" + integrity sha512-1gCeQXDLoIqMgqD3IO2Ah9bnf0w9kzhwN5q4FGnHZ67hBm9yePzB5JJAIQCc8x3pFnNlwFq4RidZggNAAkzWWw== dependencies: - fbjs "^0.8.9" loose-envify "^1.1.0" - object-assign "^4.1.0" - prop-types "^15.5.10" + object-assign "^4.1.1" + prop-types "^15.6.2" + scheduler "^0.19.1" -react-hot-loader@3.0.0-beta.6: - version "3.0.0-beta.6" - resolved "https://registry.yarnpkg.com/react-hot-loader/-/react-hot-loader-3.0.0-beta.6.tgz#463fac0bfc8b63a8385258af20c91636abce75f4" +react-hot-loader@3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/react-hot-loader/-/react-hot-loader-3.0.0.tgz#6e28da9d459da8085f5ee8bdd775046ba4b5cd0b" + integrity sha512-5CWQPoaZ7lQ2GXzBv2A+6RH7iJxc4drxx/EPUIpRR0jP9tDsZb/6eBOAJL2OjONYsODRWhECLgmbvupvQHqY7g== dependencies: babel-template "^6.7.0" global "^4.3.0" - react-deep-force-update "^2.0.1" + react-deep-force-update "^2.1.1" react-proxy "^3.0.0-alpha.0" - redbox-react "^1.2.5" - source-map "^0.4.4" + redbox-react "^1.3.6" + source-map "^0.6.1" react-html-parser@^1.0.3: version "1.0.3" @@ -7004,13 +7033,25 @@ react-html-parser@^1.0.3: dependencies: htmlparser2 "^3.9.0" -react-loaders@^2.5.0: - version "2.5.0" - resolved "https://registry.yarnpkg.com/react-loaders/-/react-loaders-2.5.0.tgz#fb23e9545995a403f8214e893037549aae5088c8" +react-input-autosize@^2.1.2: + version "2.2.2" + resolved "https://registry.yarnpkg.com/react-input-autosize/-/react-input-autosize-2.2.2.tgz#fcaa7020568ec206bc04be36f4eb68e647c4d8c2" + integrity sha512-jQJgYCA3S0j+cuOwzuCd1OjmBmnZLdqQdiLKRYrsMMzbjUrVDS5RvJUDwJqA7sKuksDuzFtm6hZGKFu7Mjk5aw== dependencies: - classnames "^2.2.3" prop-types "^15.5.8" - react "^15.4.2" + +react-is@^16.13.1: + version "16.13.1" + resolved "https://registry.yarnpkg.com/react-is/-/react-is-16.13.1.tgz#789729a4dc36de2999dc156dd6c1d9c18cea56a4" + integrity sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ== + +react-loaders@^2.6.0: + version "2.6.1" + resolved "https://registry.yarnpkg.com/react-loaders/-/react-loaders-2.6.1.tgz#2867b27eef7400fcf0da64f3197f30bc37d5cd5d" + integrity sha512-cOqIYpUrSg77w2XDh/8bglSnaqAqUldAp62TsS4E96U6kQiduXo/8rvCDspO4oFVWNoBUa8cINYeG6N2Qi6SNQ== + dependencies: + classnames "^2.2.3" + prop-types "^15.6.0" react-onclickoutside@^5.11.1: version "5.11.1" @@ -7072,6 +7113,15 @@ react-router@^4.1.1: prop-types "^15.5.4" warning "^3.0.0" +react-select@^1.0.0-rc.5: + version "1.3.0" + resolved "https://registry.yarnpkg.com/react-select/-/react-select-1.3.0.tgz#1828ad5bf7f3e42a835c7e2d8cb13b5c20714876" + integrity sha512-g/QAU1HZrzSfxkwMAo/wzi6/ezdWye302RGZevsATec07hI/iSxcpB1hejFIp7V63DJ8mwuign6KmB3VjdlinQ== + dependencies: + classnames "^2.2.4" + prop-types "^15.5.8" + react-input-autosize "^2.1.2" + react-test-renderer@^15.6.1: version "15.6.1" resolved "https://registry.yarnpkg.com/react-test-renderer/-/react-test-renderer-15.6.1.tgz#026f4a5bb5552661fd2cc4bbcd0d4bc8a35ebf7e" @@ -7090,15 +7140,14 @@ react-transform-hmr@^1.0.3: global "^4.3.0" react-proxy "^1.1.7" -react@^15.4.2, react@^15.6.1: - version "15.6.1" - resolved "https://registry.yarnpkg.com/react/-/react-15.6.1.tgz#baa8434ec6780bde997cdc380b79cd33b96393df" +react@^16.5.0: + version "16.14.0" + resolved "https://registry.yarnpkg.com/react/-/react-16.14.0.tgz#94d776ddd0aaa37da3eda8fc5b6b18a4c9a3114d" + integrity sha512-0X2CImDkJGApiAlcf0ODKIneSwBPhqJawOa5wCtKbu7ZECrmS26NvtSILynQ66cgkT/RJ4LidJOc3bUESwmU8g== dependencies: - create-react-class "^15.6.0" - fbjs "^0.8.9" loose-envify "^1.1.0" - object-assign "^4.1.0" - prop-types "^15.5.10" + object-assign "^4.1.1" + prop-types "^15.6.2" read-file-stdin@^0.2.1: version "0.2.1" @@ -7189,7 +7238,7 @@ rechoir@^0.6.2: dependencies: resolve "^1.1.6" -redbox-react@^1.2.2, redbox-react@^1.2.5: +redbox-react@^1.2.2: version "1.4.1" resolved "https://registry.yarnpkg.com/redbox-react/-/redbox-react-1.4.1.tgz#90552c45374e2003b9665ee5470b60d4bb74a5ba" dependencies: @@ -7198,6 +7247,16 @@ redbox-react@^1.2.2, redbox-react@^1.2.5: prop-types "^15.5.4" sourcemapped-stacktrace "^1.1.6" +redbox-react@^1.3.6: + version "1.6.0" + resolved "https://registry.yarnpkg.com/redbox-react/-/redbox-react-1.6.0.tgz#e753ac02595bc1bf695b3935889a4f5b1b5a21a1" + integrity sha512-mLjM5eYR41yOp5YKHpd3syFeGq6B4Wj5vZr64nbLvTZW5ZLff4LYk7VE4ITpVxkZpCY6OZuqh0HiP3A3uEaCpg== + dependencies: + error-stack-parser "^1.3.6" + object-assign "^4.0.1" + prop-types "^15.5.4" + sourcemapped-stacktrace "^1.1.6" + redent@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/redent/-/redent-1.0.0.tgz#cf916ab1fd5f1f16dfb20822dd6ec7f730c2afde" @@ -7552,6 +7611,14 @@ sax@^1.2.1, sax@~1.2.1: version "1.2.2" resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.2.tgz#fd8631a23bc7826bef5d871bdb87378c95647828" +scheduler@^0.19.1: + version "0.19.1" + resolved "https://registry.yarnpkg.com/scheduler/-/scheduler-0.19.1.tgz#4f3e2ed2c1a7d65681f4c854fa8c5a1ccb40f196" + integrity sha512-n/zwRWRYSUj0/3g/otKDRPMh6qv2SYMWNq85IEa8iZyAv8od9zDYpGSnpBEjNgcMNq6Scbu5KfIPxNF72R/2EA== + dependencies: + loose-envify "^1.1.0" + object-assign "^4.1.1" + schema-utils@^0.3.0: version "0.3.0" resolved "https://registry.yarnpkg.com/schema-utils/-/schema-utils-0.3.0.tgz#f5877222ce3e931edae039f17eb3716e7137f8cf" @@ -7795,6 +7862,11 @@ source-map@^0.4.2, source-map@^0.4.4: dependencies: amdefine ">=0.0.4" +source-map@^0.6.1: + version "0.6.1" + resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.6.1.tgz#74722af32e9614e9c287a8d0bbde48b5e2f1a263" + integrity sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g== + source-map@~0.2.0: version "0.2.0" resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.2.0.tgz#dab73fbcfc2ba819b4de03bd6f6eaa48164b3f9d"