From 211aee982910f4be374b9fa58f7a05bfd109a66a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 6 Dec 2024 01:19:41 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6671926 --- package-lock.json | 37 ++++++++++++++++++++----------------- package.json | 2 +- 2 files changed, 21 insertions(+), 18 deletions(-) diff --git a/package-lock.json b/package-lock.json index 7ef4fba..1cf801a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -11,7 +11,7 @@ "dependencies": { "@contentstack/cli-command": "^1.2.17", "@contentstack/cli-utilities": "^1.6.2", - "@contentstack/management": "^1.16.0", + "@contentstack/management": "^1.18.4", "cli-table3": "^0.6.0", "cli-ux": "^6.0.9", "inquirer": "^8.2.4", @@ -745,15 +745,15 @@ } }, "node_modules/@contentstack/management": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/@contentstack/management/-/management-1.16.1.tgz", - "integrity": "sha512-O2Elkp+SzAC9S4gjYejyLTpCECGaYfmSRVM+b4Y6F6M/NJWN1AuG4qat1NGYFc9XZaRwBJpadetBWwRB5XMrAg==", + "version": "1.18.4", + "resolved": "https://registry.npmjs.org/@contentstack/management/-/management-1.18.4.tgz", + "integrity": "sha512-EfdshNUq0s20qKdLa4NlB/nPdl5TnEObQ6jOdSfCpJr1g+4120Rv+YTuCbFRK05dYwcpg0WE6YIhaF5indhzVQ==", + "license": "MIT", "dependencies": { - "@slack/bolt": "^3.17.1", - "axios": "^1.6.8", - "form-data": "^3.0.1", + "axios": "^1.7.8", + "form-data": "^3.0.2", "lodash": "^4.17.21", - "qs": "^6.12.0" + "qs": "^6.13.1" }, "engines": { "node": ">=8.0.0" @@ -3843,9 +3843,10 @@ } }, "node_modules/axios": { - "version": "1.7.2", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.2.tgz", - "integrity": "sha512-2A8QhOMrbomlDuiLeK9XibIBzuHeRcqqNOHp0Cyp5EoJ1IFDh+XZH3A6BkXtv0K4gFGCI0Y4BM7B1wOEi0Rmgw==", + "version": "1.7.9", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.9.tgz", + "integrity": "sha512-LhLcE7Hbiryz8oMDdDptSrWowmB4Bl6RCt6sIJKpRB4XtVf0iEgewX3au/pJqm+Py1kCASkb/FFKjxQaLtxJvw==", + "license": "MIT", "dependencies": { "follow-redirects": "^1.15.6", "form-data": "^4.0.0", @@ -7613,9 +7614,10 @@ } }, "node_modules/form-data": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-3.0.1.tgz", - "integrity": "sha512-RHkBKtLWUVwd7SqRIvCZMEvAMoGUp0XU+seQiZejj0COz3RI3hWP4sCv3gZWWLjJTd7rGwcsF5eKZGii0r/hbg==", + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-3.0.2.tgz", + "integrity": "sha512-sJe+TQb2vIaIyO783qN6BlMYWMw3WBOHA1Ay2qxsnjuafEOQFJ2JakedOQirT6D5XPRxDvS7AHYyem9fTpb4LQ==", + "license": "MIT", "dependencies": { "asynckit": "^0.4.0", "combined-stream": "^1.0.8", @@ -13128,9 +13130,10 @@ ] }, "node_modules/qs": { - "version": "6.12.1", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.12.1.tgz", - "integrity": "sha512-zWmv4RSuB9r2mYQw3zxQuHWeU+42aKi1wWig/j4ele4ygELZ7PEO6MM7rim9oAQH2A5MWfsAVf/jPvTPgCbvUQ==", + "version": "6.13.1", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.1.tgz", + "integrity": "sha512-EJPeIn0CYrGu+hli1xilKAPXODtJ12T0sP63Ijx2/khC2JtuaN3JyNIpvmnkmaEtha9ocbG4A4cMcr+TvqvwQg==", + "license": "BSD-3-Clause", "dependencies": { "side-channel": "^1.0.6" }, diff --git a/package.json b/package.json index 2066afe..401ff3f 100644 --- a/package.json +++ b/package.json @@ -63,7 +63,7 @@ "dependencies": { "@contentstack/cli-command": "^1.2.17", "@contentstack/cli-utilities": "^1.6.2", - "@contentstack/management": "^1.16.0", + "@contentstack/management": "^1.18.4", "cli-table3": "^0.6.0", "cli-ux": "^6.0.9", "inquirer": "^8.2.4",