From d66336ff855c55ae58ac43566c09e48551491ec9 Mon Sep 17 00:00:00 2001 From: Ira Hopkinson Date: Fri, 19 Apr 2024 11:00:01 +1200 Subject: [PATCH] fix `tar` vulnerability (#863) - update `package-lock.json` after `extensions/src/platform-scripture` added - `npm audit fix` --- package-lock.json | 136 +++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 128 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 04565280a7..9e646bb364 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4,6 +4,7 @@ "requires": true, "packages": { "": { + "name": "paranext-core", "hasInstallScript": true, "license": "MIT", "workspaces": [ @@ -412,6 +413,64 @@ "react-dom": ">=18.2.0" } }, + "extensions/src/platform-scripture": { + "version": "0.0.1", + "license": "MIT", + "dependencies": { + "@sillsdev/scripture": "^1.4.3", + "platform-bible-utils": "file:../../../lib/platform-bible-utils" + }, + "devDependencies": { + "@swc/core": "^1.4.11", + "@types/node": "^20.12.2", + "@types/react": "^18.2.73", + "@types/react-dom": "^18.2.23", + "@types/webpack": "^5.28.5", + "@typescript-eslint/eslint-plugin": "^6.21.0", + "@typescript-eslint/parser": "^6.21.0", + "concurrently": "^8.2.2", + "copy-webpack-plugin": "^12.0.2", + "cross-env": "^7.0.3", + "css-loader": "^6.10.0", + "escape-string-regexp": "^5.0.0", + "eslint": "^8.57.0", + "eslint-config-airbnb-base": "^15.0.0", + "eslint-config-erb": "^4.1.0", + "eslint-import-resolver-typescript": "^3.6.1", + "eslint-plugin-compat": "^4.2.0", + "eslint-plugin-import": "^2.29.1", + "eslint-plugin-jest": "^27.9.0", + "eslint-plugin-jsx-a11y": "^6.8.0", + "eslint-plugin-no-null": "^1.0.2", + "eslint-plugin-no-type-assertion": "^1.3.0", + "eslint-plugin-promise": "^6.1.1", + "eslint-plugin-react": "^7.34.1", + "eslint-plugin-react-hooks": "^4.6.0", + "glob": "^10.3.12", + "papi-dts": "file:../../../lib/papi-dts", + "platform-bible-react": "file:../../../lib/platform-bible-react", + "prettier": "^3.2.5", + "prettier-plugin-jsdoc": "^1.3.0", + "sass": "^1.72.0", + "sass-loader": "^14.1.1", + "stylelint": "^16.3.1", + "stylelint-config-recommended": "^14.0.0", + "stylelint-config-sass-guidelines": "^11.1.0", + "swc-loader": "^0.2.6", + "ts-node": "^10.9.2", + "tsconfig-paths": "^4.2.0", + "tsconfig-paths-webpack-plugin": "^4.1.0", + "typescript": "^5.3.3", + "webpack": "^5.91.0", + "webpack-cli": "^5.1.4", + "webpack-merge": "^5.10.0", + "zip-build": "^1.8.0" + }, + "peerDependencies": { + "react": ">=18.2.0", + "react-dom": ">=18.2.0" + } + }, "extensions/src/quick-verse": { "version": "0.0.1", "license": "MIT", @@ -22820,6 +22879,10 @@ "resolved": "lib/platform-bible-utils", "link": true }, + "node_modules/platform-scripture": { + "resolved": "extensions/src/platform-scripture", + "link": true + }, "node_modules/plist": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/plist/-/plist-3.1.0.tgz", @@ -27316,13 +27379,14 @@ } }, "node_modules/tar": { - "version": "6.1.13", + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", + "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", "dev": true, - "license": "ISC", "dependencies": { "chownr": "^2.0.0", "fs-minipass": "^2.0.0", - "minipass": "^4.0.0", + "minipass": "^5.0.0", "minizlib": "^2.1.1", "mkdirp": "^1.0.3", "yallist": "^4.0.0" @@ -27380,9 +27444,10 @@ } }, "node_modules/tar/node_modules/minipass": { - "version": "4.2.4", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", + "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", "dev": true, - "license": "ISC", "engines": { "node": ">=8" } @@ -45846,6 +45911,57 @@ } } }, + "platform-scripture": { + "version": "file:extensions/src/platform-scripture", + "requires": { + "@sillsdev/scripture": "^1.4.3", + "@swc/core": "^1.4.11", + "@types/node": "^20.12.2", + "@types/react": "^18.2.73", + "@types/react-dom": "^18.2.23", + "@types/webpack": "^5.28.5", + "@typescript-eslint/eslint-plugin": "^6.21.0", + "@typescript-eslint/parser": "^6.21.0", + "concurrently": "^8.2.2", + "copy-webpack-plugin": "^12.0.2", + "cross-env": "^7.0.3", + "css-loader": "^6.10.0", + "escape-string-regexp": "^5.0.0", + "eslint": "^8.57.0", + "eslint-config-airbnb-base": "^15.0.0", + "eslint-config-erb": "^4.1.0", + "eslint-import-resolver-typescript": "^3.6.1", + "eslint-plugin-compat": "^4.2.0", + "eslint-plugin-import": "^2.29.1", + "eslint-plugin-jest": "^27.9.0", + "eslint-plugin-jsx-a11y": "^6.8.0", + "eslint-plugin-no-null": "^1.0.2", + "eslint-plugin-no-type-assertion": "^1.3.0", + "eslint-plugin-promise": "^6.1.1", + "eslint-plugin-react": "^7.34.1", + "eslint-plugin-react-hooks": "^4.6.0", + "glob": "^10.3.12", + "papi-dts": "file:../../../lib/papi-dts", + "platform-bible-react": "file:../../../lib/platform-bible-react", + "platform-bible-utils": "file:../../../lib/platform-bible-utils", + "prettier": "^3.2.5", + "prettier-plugin-jsdoc": "^1.3.0", + "sass": "^1.72.0", + "sass-loader": "^14.1.1", + "stylelint": "^16.3.1", + "stylelint-config-recommended": "^14.0.0", + "stylelint-config-sass-guidelines": "^11.1.0", + "swc-loader": "^0.2.6", + "ts-node": "^10.9.2", + "tsconfig-paths": "^4.2.0", + "tsconfig-paths-webpack-plugin": "^4.1.0", + "typescript": "^5.3.3", + "webpack": "^5.91.0", + "webpack-cli": "^5.1.4", + "webpack-merge": "^5.10.0", + "zip-build": "^1.8.0" + } + }, "plist": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/plist/-/plist-3.1.0.tgz", @@ -48987,19 +49103,23 @@ "dev": true }, "tar": { - "version": "6.1.13", + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", + "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", "dev": true, "requires": { "chownr": "^2.0.0", "fs-minipass": "^2.0.0", - "minipass": "^4.0.0", + "minipass": "^5.0.0", "minizlib": "^2.1.1", "mkdirp": "^1.0.3", "yallist": "^4.0.0" }, "dependencies": { "minipass": { - "version": "4.2.4", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", + "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", "dev": true }, "mkdirp": {