From 66e2dea6bdee578291a83f24698577b238b448ab Mon Sep 17 00:00:00 2001 From: dlpzx Date: Tue, 24 Sep 2024 08:55:11 +0200 Subject: [PATCH] Upgrade rollup to non-vulnerable version 2.79.1 -> 3.29.5 --- frontend/package-lock.json | 10 ++++++---- frontend/package.json | 6 ++++-- frontend/yarn.lock | 8 ++++---- 3 files changed, 14 insertions(+), 10 deletions(-) diff --git a/frontend/package-lock.json b/frontend/package-lock.json index 220b6410c..b25a528f7 100644 --- a/frontend/package-lock.json +++ b/frontend/package-lock.json @@ -30451,14 +30451,16 @@ } }, "node_modules/rollup": { - "version": "2.79.1", - "resolved": "https://registry.npmjs.org/rollup/-/rollup-2.79.1.tgz", - "integrity": "sha512-uKxbd0IhMZOhjAiD5oAFp7BqvkA4Dv47qpOCtaNvng4HBwdbWtdOh8f5nZNuk2rp51PMGk3bzfWu5oayNEuYnw==", + "version": "3.29.5", + "resolved": "https://registry.npmjs.org/rollup/-/rollup-3.29.5.tgz", + "integrity": "sha512-GVsDdsbJzzy4S/v3dqWPJ7EfvZJfCHiDqe80IyrF59LYuP+e6U1LJoUqeuqRbwAWoMNoXivMNeNAOf5E22VA1w==", + "license": "MIT", "bin": { "rollup": "dist/bin/rollup" }, "engines": { - "node": ">=10.0.0" + "node": ">=14.18.0", + "npm": ">=8.0.0" }, "optionalDependencies": { "fsevents": "~2.3.2" diff --git a/frontend/package.json b/frontend/package.json index 89a4e6e08..887716522 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -99,7 +99,8 @@ "fast-xml-parser": "4.4.1", "path-to-regexp": "0.1.10", "body-parser": "^1.20.3", - "send": "0.19.0" + "send": "0.19.0", + "rollup": "3.29.5" }, "resolutions": { "react-redux": "^7.2.6", @@ -118,7 +119,8 @@ "fast-xml-parser": "4.4.1", "path-to-regexp": "0.1.10", "body-parser": "^1.20.3", - "send": "0.19.0" + "send": "0.19.0", + "rollup": "3.29.5" }, "devDependencies": { "env-cmd": "^10.1.0", diff --git a/frontend/yarn.lock b/frontend/yarn.lock index 33674f343..e21471454 100644 --- a/frontend/yarn.lock +++ b/frontend/yarn.lock @@ -13295,10 +13295,10 @@ rollup-plugin-terser@^7.0.0: serialize-javascript "^4.0.0" terser "^5.0.0" -"rollup@^1.20.0 || ^2.0.0", rollup@^1.20.0||^2.0.0, rollup@^2.0.0, rollup@^2.43.1: - version "2.79.1" - resolved "https://registry.npmjs.org/rollup/-/rollup-2.79.1.tgz" - integrity sha512-uKxbd0IhMZOhjAiD5oAFp7BqvkA4Dv47qpOCtaNvng4HBwdbWtdOh8f5nZNuk2rp51PMGk3bzfWu5oayNEuYnw== +rollup@3.29.5: + version "3.29.5" + resolved "https://registry.npmjs.org/rollup/-/rollup-3.29.5.tgz" + integrity sha512-GVsDdsbJzzy4S/v3dqWPJ7EfvZJfCHiDqe80IyrF59LYuP+e6U1LJoUqeuqRbwAWoMNoXivMNeNAOf5E22VA1w== optionalDependencies: fsevents "~2.3.2"