diff --git a/.snyk b/.snyk index c454d52..077fe56 100644 --- a/.snyk +++ b/.snyk @@ -1,5 +1,5 @@ # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. -version: v1.12.0 +version: v1.25.0 ignore: {} # patches apply the minimum changes required to fix a vulnerability patch: @@ -21,9 +21,32 @@ patch: 'npm:debug:20170905': - browser-sync > localtunnel > debug: patched: '2018-08-29T05:56:42.895Z' + - browser-sync > resp-modifier > debug: + patched: '2022-08-24T16:41:40.153Z' + - mongoose-dbref > mongoose > mquery > debug: + patched: '2022-08-24T16:41:40.153Z' + - browser-sync > chokidar > braces > snapdragon > debug: + patched: '2022-08-24T16:41:40.153Z' + - browser-sync > chokidar > anymatch > micromatch > snapdragon > debug: + patched: '2022-08-24T16:41:40.153Z' + - browser-sync > chokidar > anymatch > micromatch > braces > snapdragon > debug: + patched: '2022-08-24T16:41:40.153Z' + - browser-sync > chokidar > anymatch > micromatch > extglob > snapdragon > debug: + patched: '2022-08-24T16:41:40.153Z' + - browser-sync > chokidar > anymatch > micromatch > nanomatch > snapdragon > debug: + patched: '2022-08-24T16:41:40.153Z' + - browser-sync > chokidar > anymatch > micromatch > extglob > expand-brackets > snapdragon > debug: + patched: '2022-08-24T16:41:40.153Z' 'npm:minimatch:20160620': - istanbul-harmony > fileset > minimatch: patched: '2018-08-29T05:56:42.895Z' 'npm:uglify-js:20151024': - istanbul-harmony > handlebars > uglify-js: patched: '2018-08-29T05:56:42.895Z' + SNYK-JS-LODASH-567746: + - browser-sync > easy-extender > lodash: + patched: '2022-08-24T16:41:40.153Z' + - extract-text-webpack-plugin > async > lodash: + patched: '2022-08-24T16:41:40.153Z' + - mongoose-dbref > mongoose > async > lodash: + patched: '2022-08-24T16:41:40.153Z' diff --git a/package.json b/package.json index 2f294dd..d4ccf4a 100644 --- a/package.json +++ b/package.json @@ -13,14 +13,14 @@ "changelog": "conventional-changelog -p angular -i CHANGELOG.md -s", "production": "webpack --config webpack.production.config.js -p & cross-env NODE_ENV=production node app", "test-cov": "node node_modules/istanbul-harmony/lib/cli.js cover ./node_modules/mocha/bin/_mocha -- --timeout 500000 --recursive test/", - "snyk-protect": "snyk protect", + "snyk-protect": "snyk-protect", "prepare": "npm run snyk-protect" }, "dependencies": { "assert": "^2.0.0", "async": "^3.0.1", "body-parser": "~1.19.0", - "browser-sync": "^2.26.3", + "browser-sync": "^2.27.8", "chai": "^4.0.2", "cheerio": "^0.22.0", "chokidar": "^3.0.0", @@ -38,20 +38,20 @@ "express": "~5.0.0-alpha.6", "express-ejs-layouts": "^2.2.0", "express-partials": "^0.3.0", - "express-session": "^1.14.2", + "express-session": "^1.15.6", "extract-text-webpack-plugin": "^3.0.0", "file-loader": "^6.0.0", "formidable": "^1.0.17", "fs": "0.0.2", "http": "0.0.0", "istanbul-harmony": "^0.3.16", - "jquery": "^3.1.1", + "jquery": "^3.5.0", "loadash": "1.0.0", - "lodash": "^4.16.6", + "lodash": "^4.17.21", "mocha": "^7.0.1", "mochawesome": "^6.0.0", - "moment": "^2.15.1", - "mongoose": "5.9.17", + "moment": "^2.29.4", + "mongoose": "6.4.6", "mongoose-dbref": "0.0.4", "morgan": "~1.10.0", "multer": "^1.4.1", @@ -59,7 +59,7 @@ "npm-install-webpack-plugin": "^4.0.4", "paypal-rest-sdk": "^1.7.0", "reload": "^3.0.0", - "resolve-url-loader": "^3.0.0", + "resolve-url-loader": "^3.1.2", "sass-loader": "^8.0.0", "serve-favicon": "~2.5.0", "style-loader": "^1.0.0", @@ -68,13 +68,13 @@ "url-loader": "^4.0.0", "webpack": "^4.25.1", "webpack-dev-middleware": "^3.4.0", - "webpack-hot-middleware": "^2.24.3", - "xls-to-json": "^0.5.0", + "webpack-hot-middleware": "^2.25.1", + "xls-to-json": "^2.1.1", "xls-to-json-lc": "^0.3.3", "xlsx": "^0.16.0", "xlsx-to-json-lc": "^0.5.0", "grunt": "~1.1.0", - "snyk": "^2.0.0" + "@snyk/protect": "latest" }, "devDependencies": { "babel-core": "^6.18.2", @@ -101,7 +101,7 @@ "mocha": "^5.0.1", "mocha-lcov-reporter": "^1.2.0", "mochawesome": "^3.0.2", - "mongoose": "^5.2.14", + "mongoose": "^6.4.6", "nodemon": "^2.0.0", "should": "^13.0.0", "superagent": "^3.5.2",