From eae07580ee17b5728dab63a60da7b66c6b7c48f1 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 1 Oct 2023 14:14:17 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-POSTCSS-5926692 --- package.json | 2 +- yarn.lock | 181 +++++++++++++++++++++++++++------------------------ 2 files changed, 97 insertions(+), 86 deletions(-) diff --git a/package.json b/package.json index 3f3e0ba5..a935ebc8 100644 --- a/package.json +++ b/package.json @@ -59,7 +59,7 @@ "metascraper-title": "^5.35.0", "metascraper-url": "^5.35.0", "moment": "^2.29.4", - "postcss": "^8.4.27", + "postcss": "^8.4.31", "prismjs": "^1.29.0", "prop-types": "^15.8.1", "react": "^18.2.0", diff --git a/yarn.lock b/yarn.lock index 72f1e46e..6e0bae46 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2,7 +2,7 @@ # Manual changes might be lost - proceed with caution! __metadata: - version: 8 + version: 6 cacheKey: 10c0 "@aashutoshrathi/word-wrap@npm:^1.2.3": @@ -9145,9 +9145,9 @@ __metadata: languageName: node linkType: hard -"fsevents@patch:fsevents@npm%3A~2.3.2#optional!builtin": +"fsevents@patch:fsevents@npm%3A~2.3.2#~builtin": version: 2.3.3 - resolution: "fsevents@patch:fsevents@npm%3A2.3.3#optional!builtin::version=2.3.3&hash=df0bf1" + resolution: "fsevents@patch:fsevents@npm%3A2.3.3#~builtin::version=2.3.3&hash=df0bf1" dependencies: node-gyp: "npm:latest" conditions: os=darwin @@ -10371,81 +10371,81 @@ __metadata: version: 0.0.0-use.local resolution: "gopals-over-full-stack-v2@workspace:." dependencies: - "@babel/core": "npm:^7.22.10" - "@babel/eslint-parser": "npm:^7.22.10" - "@babel/eslint-plugin": "npm:^7.22.10" - "@babel/plugin-syntax-flow": "npm:^7.22.5" - "@babel/plugin-transform-flow-strip-types": "npm:^7.22.5" - "@babel/plugin-transform-react-jsx": "npm:^7.22.5" - "@mdx-js/react": "npm:^2.3.0" - "@types/eslint": "npm:^8.44.2" - babel-preset-gatsby-package: "npm:^3.11.0" - bluebird: "npm:^3.7.2" - eslint: "npm:^8.46.0" - eslint-config-airbnb: "npm:^19.0.4" - eslint-config-google: "npm:^0.14.0" - eslint-config-prettier: "npm:^9.0.0" - eslint-plugin-babel: "npm:^5.3.1" - eslint-plugin-filenames: "npm:^1.3.2" - eslint-plugin-flowtype: "npm:^8.0.3" - eslint-plugin-import: "npm:^2.28.0" - eslint-plugin-jsx-a11y: "npm:^6.7.1" - eslint-plugin-prettier: "npm:^5.0.0" - eslint-plugin-react: "npm:^7.33.1" - eslint-plugin-react-hooks: "npm:^4.6.0" - eslint-plugin-simple-import-sort: "npm:^10.0.0" - firebase: "npm:^10.1.0" - gatsby: "npm:^5.11.0" - gatsby-plugin-catch-links: "npm:^5.11.0" - gatsby-plugin-cname: "npm:^1.0.0" - gatsby-plugin-google-fonts: "npm:^1.0.1" - gatsby-plugin-google-gtag: "npm:^5.11.0" - gatsby-plugin-image: "npm:^3.11.0" - gatsby-plugin-mailchimp: "npm:^5.2.2" - gatsby-plugin-manifest: "npm:^5.11.0" - gatsby-plugin-mdx: "npm:^5.12.0" - gatsby-plugin-offline: "npm:^6.11.0" - gatsby-plugin-react-helmet: "npm:^6.11.0" - gatsby-plugin-sass: "npm:^6.11.0" - gatsby-plugin-sharp: "npm:^5.11.0" - gatsby-remark-autolink-headers: "npm:^6.11.0" - gatsby-remark-code-titles: "npm:^1.1.0" - gatsby-remark-copy-linked-files: "npm:^6.11.0" - gatsby-remark-embed-gist: "npm:^1.2.1" - gatsby-remark-embed-markdown: "npm:^0.0.4" - gatsby-remark-embed-video: "npm:^3.2.1" - gatsby-remark-images: "npm:^7.11.0" - gatsby-remark-katex: "npm:^7.11.0" - gatsby-remark-link-beautify: "npm:^2.2.5" - gatsby-remark-prismjs: "npm:^7.11.0" - gatsby-remark-smartypants: "npm:^6.11.0" - gatsby-source-filesystem: "npm:^5.11.0" - gatsby-transformer-asciidoc: "npm:^4.11.0" - gatsby-transformer-sharp: "npm:^5.11.0" - gh-pages: "npm:^6.0.0" - gist-syntax-themes: "npm:^1.1.0" - katex: "npm:^0.16.8" - lodash: "npm:^4.17.21" - lost: "npm:^9.0.1" - lru-cache: "npm:^10.0.1" - metascraper-description: "npm:^5.35.0" - metascraper-image: "npm:^5.35.0" - metascraper-title: "npm:^5.35.0" - metascraper-url: "npm:^5.35.0" - moment: "npm:^2.29.4" - postcss: "npm:^8.4.27" - postcss-pxtorem: "npm:^6.0.0" - prettier: "npm:^3.0.1" - prismjs: "npm:^1.29.0" - prop-types: "npm:^15.8.1" - react: "npm:^18.2.0" - react-disqus-comments: "npm:^1.4.0" - react-dom: "npm:^18.2.0" - react-helmet: "npm:^6.1.0" - react-toastify: "npm:^9.1.3" - sass: "npm:^1.64.2" - sharp: "npm:^0.32.4" - styled-components: "npm:^6.0.7" + "@babel/core": ^7.22.10 + "@babel/eslint-parser": ^7.22.10 + "@babel/eslint-plugin": ^7.22.10 + "@babel/plugin-syntax-flow": ^7.22.5 + "@babel/plugin-transform-flow-strip-types": ^7.22.5 + "@babel/plugin-transform-react-jsx": ^7.22.5 + "@mdx-js/react": ^2.3.0 + "@types/eslint": ^8.44.2 + babel-preset-gatsby-package: ^3.11.0 + bluebird: ^3.7.2 + eslint: ^8.46.0 + eslint-config-airbnb: ^19.0.4 + eslint-config-google: ^0.14.0 + eslint-config-prettier: ^9.0.0 + eslint-plugin-babel: ^5.3.1 + eslint-plugin-filenames: ^1.3.2 + eslint-plugin-flowtype: ^8.0.3 + eslint-plugin-import: ^2.28.0 + eslint-plugin-jsx-a11y: ^6.7.1 + eslint-plugin-prettier: ^5.0.0 + eslint-plugin-react: ^7.33.1 + eslint-plugin-react-hooks: ^4.6.0 + eslint-plugin-simple-import-sort: ^10.0.0 + firebase: ^10.1.0 + gatsby: ^5.11.0 + gatsby-plugin-catch-links: ^5.11.0 + gatsby-plugin-cname: ^1.0.0 + gatsby-plugin-google-fonts: ^1.0.1 + gatsby-plugin-google-gtag: ^5.11.0 + gatsby-plugin-image: ^3.11.0 + gatsby-plugin-mailchimp: ^5.2.2 + gatsby-plugin-manifest: ^5.11.0 + gatsby-plugin-mdx: ^5.12.0 + gatsby-plugin-offline: ^6.11.0 + gatsby-plugin-react-helmet: ^6.11.0 + gatsby-plugin-sass: ^6.11.0 + gatsby-plugin-sharp: ^5.11.0 + gatsby-remark-autolink-headers: ^6.11.0 + gatsby-remark-code-titles: ^1.1.0 + gatsby-remark-copy-linked-files: ^6.11.0 + gatsby-remark-embed-gist: ^1.2.1 + gatsby-remark-embed-markdown: ^0.0.4 + gatsby-remark-embed-video: ^3.2.1 + gatsby-remark-images: ^7.11.0 + gatsby-remark-katex: ^7.11.0 + gatsby-remark-link-beautify: ^2.2.5 + gatsby-remark-prismjs: ^7.11.0 + gatsby-remark-smartypants: ^6.11.0 + gatsby-source-filesystem: ^5.11.0 + gatsby-transformer-asciidoc: ^4.11.0 + gatsby-transformer-sharp: ^5.11.0 + gh-pages: ^6.0.0 + gist-syntax-themes: ^1.1.0 + katex: ^0.16.8 + lodash: ^4.17.21 + lost: ^9.0.1 + lru-cache: ^10.0.1 + metascraper-description: ^5.35.0 + metascraper-image: ^5.35.0 + metascraper-title: ^5.35.0 + metascraper-url: ^5.35.0 + moment: ^2.29.4 + postcss: ^8.4.31 + postcss-pxtorem: ^6.0.0 + prettier: ^3.0.1 + prismjs: ^1.29.0 + prop-types: ^15.8.1 + react: ^18.2.0 + react-disqus-comments: ^1.4.0 + react-dom: ^18.2.0 + react-helmet: ^6.1.0 + react-toastify: ^9.1.3 + sass: ^1.64.2 + sharp: ^0.32.4 + styled-components: ^6.0.7 languageName: unknown linkType: soft @@ -15443,7 +15443,7 @@ __metadata: languageName: node linkType: hard -"postcss@npm:^8.2.15, postcss@npm:^8.2.9, postcss@npm:^8.4.23, postcss@npm:^8.4.24, postcss@npm:^8.4.27": +"postcss@npm:^8.2.15, postcss@npm:^8.2.9, postcss@npm:^8.4.23, postcss@npm:^8.4.24": version: 8.4.28 resolution: "postcss@npm:8.4.28" dependencies: @@ -15454,6 +15454,17 @@ __metadata: languageName: node linkType: hard +"postcss@npm:^8.4.31": + version: 8.4.31 + resolution: "postcss@npm:8.4.31" + dependencies: + nanoid: ^3.3.6 + picocolors: ^1.0.0 + source-map-js: ^1.0.2 + checksum: 8/1d8611341b073143ad90486fcdfeab49edd243377b1f51834dc4f6d028e82ce5190e4f11bb2633276864503654fb7cab28e67abdc0fbf9d1f88cad4a0ff0beea + languageName: node + linkType: hard + "prebuild-install@npm:^7.1.1": version: 7.1.1 resolution: "prebuild-install@npm:7.1.1" @@ -16514,29 +16525,29 @@ __metadata: languageName: node linkType: hard -"resolve@patch:resolve@npm%3A^1.10.0#optional!builtin, resolve@patch:resolve@npm%3A^1.14.2#optional!builtin, resolve@patch:resolve@npm%3A^1.19.0#optional!builtin, resolve@patch:resolve@npm%3A^1.22.4#optional!builtin": +"resolve@patch:resolve@npm%3A^1.10.0#~builtin, resolve@patch:resolve@npm%3A^1.14.2#~builtin, resolve@patch:resolve@npm%3A^1.19.0#~builtin, resolve@patch:resolve@npm%3A^1.22.4#~builtin": version: 1.22.4 - resolution: "resolve@patch:resolve@npm%3A1.22.4#optional!builtin::version=1.22.4&hash=c3c19d" + resolution: "resolve@patch:resolve@npm%3A1.22.4#~builtin::version=1.22.4&hash=c3c19d" dependencies: is-core-module: "npm:^2.13.0" path-parse: "npm:^1.0.7" supports-preserve-symlinks-flag: "npm:^1.0.0" bin: resolve: bin/resolve - checksum: 60ca179599acf8b1bb17b850280a7081781b457d235d48197dc893b82d75741f191c5fe2d93e5729292234d0b0d88e9add273df4b9e04755eeed4fd7d23f1c79 + checksum: 8/c45f2545fdc4d21883861b032789e20aa67a2f2692f68da320cc84d5724cd02f2923766c5354b3210897e88f1a7b3d6d2c7c22faeead8eed7078e4c783a444bc languageName: node linkType: hard -"resolve@patch:resolve@npm%3A^2.0.0-next.4#optional!builtin": +"resolve@patch:resolve@npm%3A^2.0.0-next.4#~builtin": version: 2.0.0-next.4 - resolution: "resolve@patch:resolve@npm%3A2.0.0-next.4#optional!builtin::version=2.0.0-next.4&hash=c3c19d" + resolution: "resolve@patch:resolve@npm%3A2.0.0-next.4#~builtin::version=2.0.0-next.4&hash=c3c19d" dependencies: is-core-module: "npm:^2.9.0" path-parse: "npm:^1.0.7" supports-preserve-symlinks-flag: "npm:^1.0.0" bin: resolve: bin/resolve - checksum: ed2bb51d616b9cd30fe85cf49f7a2240094d9fa01a221d361918462be81f683d1855b7f192391d2ab5325245b42464ca59690db5bd5dad0a326fc0de5974dd10 + checksum: 8/4bf9f4f8a458607af90518ff73c67a4bc1a38b5a23fef2bb0ccbd45e8be89820a1639b637b0ba377eb2be9eedfb1739a84cde24fe4cd670c8207d8fea922b011 languageName: node linkType: hard