From a3f3b5acb4cbada14230c9d0e2e0611ecc46a96d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 25 Apr 2023 18:19:44 +0000 Subject: [PATCH] fix: node_modules/eslint-plugin-import/node_modules/debug/package.json & node_modules/eslint-plugin-import/node_modules/debug/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AJV-584908 - https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908 - https://snyk.io/vuln/SNYK-JS-ENGINEIO-1056749 - https://snyk.io/vuln/SNYK-JS-ENGINEIO-3136336 - https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905 - https://snyk.io/vuln/SNYK-JS-HAWK-2808852 - https://snyk.io/vuln/SNYK-JS-JSYAML-173999 - https://snyk.io/vuln/SNYK-JS-JSYAML-174129 - https://snyk.io/vuln/SNYK-JS-KARMA-2395349 - https://snyk.io/vuln/SNYK-JS-KARMA-2396325 - https://snyk.io/vuln/SNYK-JS-LODASH-1018905 - https://snyk.io/vuln/SNYK-JS-LODASH-1040724 - https://snyk.io/vuln/SNYK-JS-LODASH-450202 - https://snyk.io/vuln/SNYK-JS-LODASH-567746 - https://snyk.io/vuln/SNYK-JS-LODASH-608086 - https://snyk.io/vuln/SNYK-JS-LODASH-73638 - https://snyk.io/vuln/SNYK-JS-LODASH-73639 - https://snyk.io/vuln/SNYK-JS-LOG4JS-2348757 - https://snyk.io/vuln/SNYK-JS-MINIMATCH-1019388 - https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818 - https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795 - https://snyk.io/vuln/SNYK-JS-MINIMIST-559764 - https://snyk.io/vuln/SNYK-JS-MOCHA-2863123 - https://snyk.io/vuln/SNYK-JS-MOCHA-561476 - https://snyk.io/vuln/SNYK-JS-SHELLJS-2332187 - https://snyk.io/vuln/SNYK-JS-SHELLQUOTE-1766506 - https://snyk.io/vuln/SNYK-JS-SOCKETIO-1024859 - https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-1056752 - https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-3091012 - https://snyk.io/vuln/SNYK-JS-WS-1296835 - https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1082936 - https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1255647 - https://snyk.io/vuln/npm:braces:20180219 - https://snyk.io/vuln/npm:diff:20180305 - https://snyk.io/vuln/npm:eslint:20180222 - https://snyk.io/vuln/npm:growl:20160721 - https://snyk.io/vuln/npm:hoek:20180212 - https://snyk.io/vuln/npm:lodash:20180130 - https://snyk.io/vuln/npm:minimatch:20160620 - https://snyk.io/vuln/npm:shell-quote:20160621 - https://snyk.io/vuln/npm:tunnel-agent:20170305 - https://snyk.io/vuln/npm:ws:20171108 The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/npm:debug:20170905 - https://snyk.io/vuln/npm:ms:20170412 --- .../node_modules/debug/.snyk | 41 +++++++++++++++++++ .../node_modules/debug/package.json | 22 ++++++---- 2 files changed, 55 insertions(+), 8 deletions(-) create mode 100644 node_modules/eslint-plugin-import/node_modules/debug/.snyk diff --git a/node_modules/eslint-plugin-import/node_modules/debug/.snyk b/node_modules/eslint-plugin-import/node_modules/debug/.snyk new file mode 100644 index 0000000000..3e02ed049c --- /dev/null +++ b/node_modules/eslint-plugin-import/node_modules/debug/.snyk @@ -0,0 +1,41 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.25.0 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + 'npm:debug:20170905': + - karma > socket.io > debug: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > engine.io > debug: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > socket.io-adapter > debug: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > socket.io-client > debug: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > socket.io-client > engine.io-client > debug: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > socket.io-parser > debug: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > socket.io-adapter > socket.io-parser > debug: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > socket.io-client > socket.io-parser > debug: + patched: '2023-04-25T18:19:39.092Z' + - mocha > debug: + patched: '2023-04-25T18:19:39.092Z' + 'npm:ms:20170412': + - karma > socket.io > debug > ms: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > engine.io > debug > ms: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > socket.io-adapter > debug > ms: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > socket.io-client > debug > ms: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > socket.io-client > engine.io-client > debug > ms: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > socket.io-parser > debug > ms: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > socket.io-adapter > socket.io-parser > debug > ms: + patched: '2023-04-25T18:19:39.092Z' + - karma > socket.io > socket.io-client > socket.io-parser > debug > ms: + patched: '2023-04-25T18:19:39.092Z' diff --git a/node_modules/eslint-plugin-import/node_modules/debug/package.json b/node_modules/eslint-plugin-import/node_modules/debug/package.json index 0b1b9df8b4..7b22fe2d66 100644 --- a/node_modules/eslint-plugin-import/node_modules/debug/package.json +++ b/node_modules/eslint-plugin-import/node_modules/debug/package.json @@ -18,21 +18,22 @@ ], "license": "MIT", "dependencies": { - "ms": "2.0.0" + "ms": "2.0.0", + "@snyk/protect": "latest" }, "devDependencies": { - "browserify": "9.0.3", + "browserify": "12.0.0", "chai": "^3.5.0", "concurrently": "^3.1.0", - "coveralls": "^2.11.15", - "eslint": "^3.12.1", + "coveralls": "^3.0.0", + "eslint": "^8.0.0", "istanbul": "^0.4.5", - "karma": "^1.3.0", + "karma": "^6.3.16", "karma-chai": "^0.1.0", - "karma-mocha": "^1.3.0", + "karma-mocha": "^2.0.0", "karma-phantomjs-launcher": "^1.0.2", "karma-sinon": "^1.0.5", - "mocha": "^3.2.0", + "mocha": "^10.1.0", "mocha-lcov-reporter": "^1.2.0", "rimraf": "^2.5.4", "sinon": "^1.17.6", @@ -45,5 +46,10 @@ "debug/index.js": "browser.js", "debug/debug.js": "debug.js" } - } + }, + "scripts": { + "prepublish": "npm run snyk-protect", + "snyk-protect": "snyk-protect" + }, + "snyk": true } \ No newline at end of file