From 5b72869f728d30563bdcbffb5b53d379e4927f80 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 27 Jul 2024 08:54:02 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-7444580 --- package-lock.json | 48 +++++++++++++++++++++-------------------------- package.json | 2 +- 2 files changed, 22 insertions(+), 28 deletions(-) diff --git a/package-lock.json b/package-lock.json index ffc4d7f274b..0c7a8d69f6c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15,7 +15,7 @@ "angular": "1.8.3", "angular-sanitize": "1.8.3", "backbone": "1.5.0", - "bootstrap": "4.6.2", + "bootstrap": "^5.0.0", "bootswatch": "4.6.2", "chart.js": "4.4.0", "chartjs-adapter-date-fns": "3.0.0", @@ -1583,6 +1583,17 @@ "node": ">=14" } }, + "node_modules/@popperjs/core": { + "version": "2.11.8", + "resolved": "https://registry.npmjs.org/@popperjs/core/-/core-2.11.8.tgz", + "integrity": "sha512-P1st0aksCrn9sGZhp8GMYwBnQsbvAWsZAX44oXNNvLHGqAOcoVxmjZiohstwQ7SqKnbR47akdNi+uleWD8+g6A==", + "license": "MIT", + "peer": true, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/popperjs" + } + }, "node_modules/@sinclair/typebox": { "version": "0.27.8", "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", @@ -2938,22 +2949,16 @@ } }, "node_modules/bootstrap": { - "version": "4.6.2", - "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-4.6.2.tgz", - "integrity": "sha512-51Bbp/Uxr9aTuy6ca/8FbFloBUJZLHwnhTcnjIeRn2suQWsWzcuJhGjKDB5eppVte/8oCdOL3VuwxvZDUggwGQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/twbs" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/bootstrap" - } - ], + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-5.0.0.tgz", + "integrity": "sha512-tmhPET9B9qCl8dCofvHeiIhi49iBt0EehmIsziZib65k1erBW1rHhj2s/2JsuQh5Pq+xz2E9bEbzp9B7xHG+VA==", + "license": "MIT", + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/bootstrap" + }, "peerDependencies": { - "jquery": "1.9.1 - 3", - "popper.js": "^1.16.1" + "@popperjs/core": "^2.9.2" } }, "node_modules/bootswatch": { @@ -11074,17 +11079,6 @@ "node": ">=0.10.0" } }, - "node_modules/popper.js": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/popper.js/-/popper.js-1.16.1.tgz", - "integrity": "sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ==", - "deprecated": "You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1", - "peer": true, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/popperjs" - } - }, "node_modules/posix-character-classes": { "version": "0.1.1", "resolved": "https://registry.npmjs.org/posix-character-classes/-/posix-character-classes-0.1.1.tgz", diff --git a/package.json b/package.json index 778119a3bc2..e033c7e46eb 100644 --- a/package.json +++ b/package.json @@ -72,7 +72,7 @@ "angular": "1.8.3", "angular-sanitize": "1.8.3", "backbone": "1.5.0", - "bootstrap": "4.6.2", + "bootstrap": "5.0.0", "bootswatch": "4.6.2", "chart.js": "4.4.0", "chartjs-adapter-date-fns": "3.0.0",