From d6572de3292caa3c13967e08bc6290d587a130d6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 30 Jul 2024 17:58:37 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-7573289 --- package-lock.json | 39 ++++++++++----------------------------- package.json | 2 +- 2 files changed, 11 insertions(+), 30 deletions(-) diff --git a/package-lock.json b/package-lock.json index ad8f605141f15..db8e83d6bd079 100644 --- a/package-lock.json +++ b/package-lock.json @@ -88,7 +88,7 @@ "vuedraggable": "^2.24.3", "vuex": "^3.6.2", "vuex-router-sync": "^5.0.0", - "webdav": "^5.0.0" + "webdav": "^5.2.0" }, "devDependencies": { "@babel/node": "^7.20.7", @@ -23579,14 +23579,15 @@ } }, "node_modules/webdav": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/webdav/-/webdav-5.1.0.tgz", - "integrity": "sha512-66OP2/PkVe3tkVy5wO/XsGebKuWhn2ebywA7a11ViHNls8Y6pgop6hU9j7god+GbZv/zVQeTs9w3ZS7JhHhE7g==", + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/webdav/-/webdav-5.2.0.tgz", + "integrity": "sha512-Xhh5KB7KUrsQYQf60CXIagFhAJQ1+AkmjNA9V7XW/CeOSpHE5ugbzRDRrj2v1q5ElsnCyHglF5CUWUG9ytvFhw==", + "license": "MIT", "dependencies": { "@buttercup/fetch": "^0.1.1", "base-64": "^1.0.0", "byte-length": "^1.0.2", - "fast-xml-parser": "^3.19.0", + "fast-xml-parser": "^4.2.4", "he": "^1.2.0", "hot-patcher": "^2.0.0", "layerr": "^0.1.2", @@ -23608,20 +23609,6 @@ "balanced-match": "^1.0.0" } }, - "node_modules/webdav/node_modules/fast-xml-parser": { - "version": "3.21.1", - "license": "MIT", - "dependencies": { - "strnum": "^1.0.4" - }, - "bin": { - "xml2js": "cli.js" - }, - "funding": { - "type": "paypal", - "url": "https://paypal.me/naturalintelligence" - } - }, "node_modules/webdav/node_modules/minimatch": { "version": "5.1.6", "license": "ISC", @@ -39668,14 +39655,14 @@ "optional": true }, "webdav": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/webdav/-/webdav-5.1.0.tgz", - "integrity": "sha512-66OP2/PkVe3tkVy5wO/XsGebKuWhn2ebywA7a11ViHNls8Y6pgop6hU9j7god+GbZv/zVQeTs9w3ZS7JhHhE7g==", + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/webdav/-/webdav-5.2.0.tgz", + "integrity": "sha512-Xhh5KB7KUrsQYQf60CXIagFhAJQ1+AkmjNA9V7XW/CeOSpHE5ugbzRDRrj2v1q5ElsnCyHglF5CUWUG9ytvFhw==", "requires": { "@buttercup/fetch": "^0.1.1", "base-64": "^1.0.0", "byte-length": "^1.0.2", - "fast-xml-parser": "^3.19.0", + "fast-xml-parser": "^4.2.4", "he": "^1.2.0", "hot-patcher": "^2.0.0", "layerr": "^0.1.2", @@ -39693,12 +39680,6 @@ "balanced-match": "^1.0.0" } }, - "fast-xml-parser": { - "version": "3.21.1", - "requires": { - "strnum": "^1.0.4" - } - }, "minimatch": { "version": "5.1.6", "requires": { diff --git a/package.json b/package.json index 6f771a0f097b0..5d706c89ee51b 100644 --- a/package.json +++ b/package.json @@ -113,7 +113,7 @@ "vuedraggable": "^2.24.3", "vuex": "^3.6.2", "vuex-router-sync": "^5.0.0", - "webdav": "^5.0.0" + "webdav": "^5.2.0" }, "devDependencies": { "@babel/node": "^7.20.7",