fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-DOTPROP-543489
This commit is contained in:
snyk-bot
2020-02-01 06:34:55 +00:00
parent 2d4f8e5b7d
commit f5308c1950
2 changed files with 53 additions and 41 deletions

View File

@ -13,7 +13,7 @@
"jstree": "^3.3.8", "jstree": "^3.3.8",
"opensans-webkit": "^1.0.1", "opensans-webkit": "^1.0.1",
"popper.js": "^1.16.1", "popper.js": "^1.16.1",
"snyk": "^1.289.0", "snyk": "^1.290.1",
"underscore": "^1.9.2", "underscore": "^1.9.2",
"vis": "^4.21.0", "vis": "^4.21.0",
"webpack-merge": "^4.1.4" "webpack-merge": "^4.1.4"

View File

@ -847,6 +847,18 @@
dependencies: dependencies:
lodash "^4.17.13" lodash "^4.17.13"
"@snyk/configstore@3.2.0-rc1", "@snyk/configstore@^3.2.0-rc1":
version "3.2.0-rc1"
resolved "https://registry.yarnpkg.com/@snyk/configstore/-/configstore-3.2.0-rc1.tgz#385c050d11926a26d0335a4b3be9e55f90f6e0ac"
integrity sha512-CV3QggFY8BY3u8PdSSlUGLibqbqCG1zJRmGM2DhnhcxQDRRPTGTP//l7vJphOVsUP1Oe23+UQsj7KRWpRUZiqg==
dependencies:
dot-prop "^5.2.0"
graceful-fs "^4.1.2"
make-dir "^1.0.0"
unique-string "^1.0.0"
write-file-atomic "^2.0.0"
xdg-basedir "^3.0.0"
"@snyk/dep-graph@1.13.1": "@snyk/dep-graph@1.13.1":
version "1.13.1" version "1.13.1"
resolved "https://registry.yarnpkg.com/@snyk/dep-graph/-/dep-graph-1.13.1.tgz#45721f7e21136b62d1cdd99b3319e717d9071dfb" resolved "https://registry.yarnpkg.com/@snyk/dep-graph/-/dep-graph-1.13.1.tgz#45721f7e21136b62d1cdd99b3319e717d9071dfb"
@ -894,6 +906,22 @@
source-map-support "^0.5.7" source-map-support "^0.5.7"
tslib "^1.9.3" tslib "^1.9.3"
"@snyk/update-notifier@^2.5.1-rc1":
version "2.5.1-rc1"
resolved "https://registry.yarnpkg.com/@snyk/update-notifier/-/update-notifier-2.5.1-rc1.tgz#a014669bcd555f71916e06fdba2afe04b1801035"
integrity sha512-cIK+dMUsXBl4K9AKg5EYhdxWts0tAUvyu1WePse+tjzX4E9poME/wojkDrWQl1/SKLlhA559ftiOODmVa1adCg==
dependencies:
"@snyk/configstore" "3.2.0-rc1"
boxen "^1.2.1"
chalk "^2.0.1"
import-lazy "^2.1.0"
is-ci "^1.0.10"
is-installed-globally "^0.1.0"
is-npm "^1.0.0"
latest-version "^3.0.0"
semver-diff "^2.0.0"
xdg-basedir "^3.0.0"
"@types/agent-base@^4.2.0": "@types/agent-base@^4.2.0":
version "4.2.0" version "4.2.0"
resolved "https://registry.yarnpkg.com/@types/agent-base/-/agent-base-4.2.0.tgz#00644e8b395b40e1bf50aaf1d22cabc1200d5051" resolved "https://registry.yarnpkg.com/@types/agent-base/-/agent-base-4.2.0.tgz#00644e8b395b40e1bf50aaf1d22cabc1200d5051"
@ -2160,18 +2188,6 @@ concat-stream@^1.5.0:
readable-stream "^2.2.2" readable-stream "^2.2.2"
typedarray "^0.0.6" typedarray "^0.0.6"
configstore@^3.0.0, configstore@^3.1.2:
version "3.1.2"
resolved "https://registry.yarnpkg.com/configstore/-/configstore-3.1.2.tgz#c6f25defaeef26df12dd33414b001fe81a543f8f"
integrity sha512-vtv5HtGjcYUgFrXc6Kx747B83MRRVS5R1VTEQoXvuP+kMI+if6uywV0nDGoiydJRy4yk7h9od5Og0kxx4zUXmw==
dependencies:
dot-prop "^4.1.0"
graceful-fs "^4.1.2"
make-dir "^1.0.0"
unique-string "^1.0.0"
write-file-atomic "^2.0.0"
xdg-basedir "^3.0.0"
connect-history-api-fallback@^1.6.0: connect-history-api-fallback@^1.6.0:
version "1.6.0" version "1.6.0"
resolved "https://registry.yarnpkg.com/connect-history-api-fallback/-/connect-history-api-fallback-1.6.0.tgz#8b32089359308d111115d81cad3fceab888f97bc" resolved "https://registry.yarnpkg.com/connect-history-api-fallback/-/connect-history-api-fallback-1.6.0.tgz#8b32089359308d111115d81cad3fceab888f97bc"
@ -3050,13 +3066,20 @@ domutils@^1.7.0:
dom-serializer "0" dom-serializer "0"
domelementtype "1" domelementtype "1"
dot-prop@^4.1.0, dot-prop@^4.1.1: dot-prop@^4.1.1:
version "4.2.0" version "4.2.0"
resolved "https://registry.yarnpkg.com/dot-prop/-/dot-prop-4.2.0.tgz#1f19e0c2e1aa0e32797c49799f2837ac6af69c57" resolved "https://registry.yarnpkg.com/dot-prop/-/dot-prop-4.2.0.tgz#1f19e0c2e1aa0e32797c49799f2837ac6af69c57"
integrity sha512-tUMXrxlExSW6U2EXiiKGSBVdYgtV8qlHL+C10TsW4PURY/ic+eaysnSkwB4kA/mBlCyy/IKDJ+Lc3wbWeaXtuQ== integrity sha512-tUMXrxlExSW6U2EXiiKGSBVdYgtV8qlHL+C10TsW4PURY/ic+eaysnSkwB4kA/mBlCyy/IKDJ+Lc3wbWeaXtuQ==
dependencies: dependencies:
is-obj "^1.0.0" is-obj "^1.0.0"
dot-prop@^5.2.0:
version "5.2.0"
resolved "https://registry.yarnpkg.com/dot-prop/-/dot-prop-5.2.0.tgz#c34ecc29556dc45f1f4c22697b6f4904e0cc4fcb"
integrity sha512-uEUyaDKoSQ1M4Oq8l45hSE26SnTxL6snNnqvK/VWx5wJhmff5z0FUVJDKDanor/6w3kzE3i7XZOk+7wC0EXr1A==
dependencies:
is-obj "^2.0.0"
dotnet-deps-parser@4.9.0: dotnet-deps-parser@4.9.0:
version "4.9.0" version "4.9.0"
resolved "https://registry.yarnpkg.com/dotnet-deps-parser/-/dotnet-deps-parser-4.9.0.tgz#d14f9f92ae9a64062cd215c8863d1e77e80236f0" resolved "https://registry.yarnpkg.com/dotnet-deps-parser/-/dotnet-deps-parser-4.9.0.tgz#d14f9f92ae9a64062cd215c8863d1e77e80236f0"
@ -4563,6 +4586,11 @@ is-obj@^1.0.0:
resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-1.0.1.tgz#3e4729ac1f5fde025cd7d83a896dab9f4f67db0f" resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-1.0.1.tgz#3e4729ac1f5fde025cd7d83a896dab9f4f67db0f"
integrity sha1-PkcprB9f3gJc19g6iW2rn09n2w8= integrity sha1-PkcprB9f3gJc19g6iW2rn09n2w8=
is-obj@^2.0.0:
version "2.0.0"
resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-2.0.0.tgz#473fb05d973705e3fd9620545018ca8e22ef4982"
integrity sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==
is-path-cwd@^2.0.0: is-path-cwd@^2.0.0:
version "2.2.0" version "2.2.0"
resolved "https://registry.yarnpkg.com/is-path-cwd/-/is-path-cwd-2.2.0.tgz#67d43b82664a7b5191fd9119127eb300048a9fdb" resolved "https://registry.yarnpkg.com/is-path-cwd/-/is-path-cwd-2.2.0.tgz#67d43b82664a7b5191fd9119127eb300048a9fdb"
@ -7777,10 +7805,10 @@ snyk-policy@1.13.5:
snyk-try-require "^1.3.1" snyk-try-require "^1.3.1"
then-fs "^2.0.0" then-fs "^2.0.0"
snyk-python-plugin@1.16.0: snyk-python-plugin@1.17.0:
version "1.16.0" version "1.17.0"
resolved "https://registry.yarnpkg.com/snyk-python-plugin/-/snyk-python-plugin-1.16.0.tgz#0eae3c085a87b7d91f8097f598571104c01e0f08" resolved "https://registry.yarnpkg.com/snyk-python-plugin/-/snyk-python-plugin-1.17.0.tgz#9bc38ba3c799c3cbef7676a1081f52608690d254"
integrity sha512-IA53xOcy1s881tbIrIXNqIuCNozd4PAVWN8oF0xgRn2NQbq0e7EWt7kFPJbmZodpLCDpXaKKqV2MHbXruFIsrw== integrity sha512-EKdVOUlvhiVpXA5TeW8vyxYVqbITAfT+2AbL2ZRiiUNLP5ae+WiNYaPy7aB5HAS9IKBKih+IH8Ag65Xu1IYSYA==
dependencies: dependencies:
"@snyk/cli-interface" "^2.0.3" "@snyk/cli-interface" "^2.0.3"
tmp "0.0.33" tmp "0.0.33"
@ -7844,22 +7872,23 @@ snyk-try-require@1.3.1, snyk-try-require@^1.1.1, snyk-try-require@^1.3.1:
lru-cache "^4.0.0" lru-cache "^4.0.0"
then-fs "^2.0.0" then-fs "^2.0.0"
snyk@^1.289.0: snyk@^1.290.1:
version "1.289.0" version "1.290.1"
resolved "https://registry.yarnpkg.com/snyk/-/snyk-1.289.0.tgz#591998c2d183e586b499c40ddf97299cdaa71eeb" resolved "https://registry.yarnpkg.com/snyk/-/snyk-1.290.1.tgz#9705761ae03b4a41a2ee9d214c87e72e7d0c258a"
integrity sha512-7xYc2CWwRdFstWWgMeFZNvDoB6LpZLf8b+H5Gdg1NofsRcw5XH456ur9RiAJReT6EqLFPxWMsZw5/vFHdhrQLg== integrity sha512-8fB+b+trI5a6mU5cAKXOU2RG15xxr++4zYxkfNpkFkhbUqkcLsJtXD4H7Pcs6vXcOvoiEafyziPTpYurPFDXBQ==
dependencies: dependencies:
"@snyk/cli-interface" "2.3.0" "@snyk/cli-interface" "2.3.0"
"@snyk/configstore" "^3.2.0-rc1"
"@snyk/dep-graph" "1.13.1" "@snyk/dep-graph" "1.13.1"
"@snyk/gemfile" "1.2.0" "@snyk/gemfile" "1.2.0"
"@snyk/snyk-cocoapods-plugin" "2.0.1" "@snyk/snyk-cocoapods-plugin" "2.0.1"
"@snyk/update-notifier" "^2.5.1-rc1"
"@types/agent-base" "^4.2.0" "@types/agent-base" "^4.2.0"
"@types/restify" "^4.3.6" "@types/restify" "^4.3.6"
abbrev "^1.1.1" abbrev "^1.1.1"
ansi-escapes "3.2.0" ansi-escapes "3.2.0"
chalk "^2.4.2" chalk "^2.4.2"
cli-spinner "0.2.10" cli-spinner "0.2.10"
configstore "^3.1.2"
debug "^3.1.0" debug "^3.1.0"
diff "^4.0.1" diff "^4.0.1"
git-url-parse "11.1.2" git-url-parse "11.1.2"
@ -7882,7 +7911,7 @@ snyk@^1.289.0:
snyk-nuget-plugin "1.16.0" snyk-nuget-plugin "1.16.0"
snyk-php-plugin "1.7.0" snyk-php-plugin "1.7.0"
snyk-policy "1.13.5" snyk-policy "1.13.5"
snyk-python-plugin "1.16.0" snyk-python-plugin "1.17.0"
snyk-resolve "1.0.1" snyk-resolve "1.0.1"
snyk-resolve-deps "4.4.0" snyk-resolve-deps "4.4.0"
snyk-sbt-plugin "2.11.0" snyk-sbt-plugin "2.11.0"
@ -7892,7 +7921,6 @@ snyk@^1.289.0:
strip-ansi "^5.2.0" strip-ansi "^5.2.0"
tempfile "^2.0.0" tempfile "^2.0.0"
then-fs "^2.0.0" then-fs "^2.0.0"
update-notifier "^2.5.0"
uuid "^3.3.2" uuid "^3.3.2"
wrap-ansi "^5.1.0" wrap-ansi "^5.1.0"
@ -8670,22 +8698,6 @@ upath@^1.1.1:
resolved "https://registry.yarnpkg.com/upath/-/upath-1.2.0.tgz#8f66dbcd55a883acdae4408af8b035a5044c1894" resolved "https://registry.yarnpkg.com/upath/-/upath-1.2.0.tgz#8f66dbcd55a883acdae4408af8b035a5044c1894"
integrity sha512-aZwGpamFO61g3OlfT7OQCHqhGnW43ieH9WZeP7QxN/G/jS4jfqUkZxoryvJgVPEcrl5NL/ggHsSmLMHuH64Lhg== integrity sha512-aZwGpamFO61g3OlfT7OQCHqhGnW43ieH9WZeP7QxN/G/jS4jfqUkZxoryvJgVPEcrl5NL/ggHsSmLMHuH64Lhg==
update-notifier@^2.5.0:
version "2.5.0"
resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-2.5.0.tgz#d0744593e13f161e406acb1d9408b72cad08aff6"
integrity sha512-gwMdhgJHGuj/+wHJJs9e6PcCszpxR1b236igrOkUofGhqJuG+amlIKwApH1IW1WWl7ovZxsX49lMBWLxSdm5Dw==
dependencies:
boxen "^1.2.1"
chalk "^2.0.1"
configstore "^3.0.0"
import-lazy "^2.1.0"
is-ci "^1.0.10"
is-installed-globally "^0.1.0"
is-npm "^1.0.0"
latest-version "^3.0.0"
semver-diff "^2.0.0"
xdg-basedir "^3.0.0"
uri-js@^4.2.2: uri-js@^4.2.2:
version "4.2.2" version "4.2.2"
resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.2.2.tgz#94c540e1ff772956e2299507c010aea6c8838eb0" resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.2.2.tgz#94c540e1ff772956e2299507c010aea6c8838eb0"