Skip to content

Commit 478c014

Browse files
snyk-botsnyk-bot
committed
fix: auth-service/package.json & auth-service/yarn.lock to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-15252993 - https://snyk.io/vuln/SNYK-JS-LODASH-15053838
1 parent 1562da5 commit 478c014

2 files changed

Lines changed: 73 additions & 37 deletions

File tree

auth-service/package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -24,13 +24,13 @@
2424
},
2525
"dependencies": {
2626
"@hapi/joi": "^17.1.1",
27-
"@nestjs/common": "^8.0.7",
27+
"@nestjs/common": "^9.0.0",
2828
"@nestjs/config": "^0.6.2",
2929
"@nestjs/core": "^7.6.17",
3030
"@nestjs/jwt": "^10.0.0",
3131
"@nestjs/passport": "^7.1.5",
3232
"@nestjs/platform-express": "^7.6.17",
33-
"@nestjs/swagger": "^4.8.1",
33+
"@nestjs/swagger": "^11.2.6",
3434
"@nestjs/typeorm": "^7.1.5",
3535
"@types/passport-local": "^1.0.33",
3636
"mysql": "^2.18.1",

auth-service/yarn.lock

Lines changed: 71 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -529,6 +529,16 @@
529529
"@types/yargs" "^15.0.0"
530530
chalk "^3.0.0"
531531

532+
"@lukeed/csprng@^1.0.0":
533+
version "1.1.0"
534+
resolved "https://registry.yarnpkg.com/@lukeed/csprng/-/csprng-1.1.0.tgz#1e3e4bd05c1cc7a0b2ddbd8a03f39f6e4b5e6cfe"
535+
integrity sha512-Z7C/xXCiGWsg0KuKsHTKJxbWhpI3Vs5GwLfOean7MGyVFGqdRgBbAjOCh6u4bbjPc/8MJ2pZmK/0DLdCbivLDA==
536+
537+
"@microsoft/tsdoc@0.16.0":
538+
version "0.16.0"
539+
resolved "https://registry.yarnpkg.com/@microsoft/tsdoc/-/tsdoc-0.16.0.tgz#2249090633e04063176863a050c8f0808d2b6d2b"
540+
integrity sha512-xgAyonlVVS+q7Vc7qLW0UrJU7rSFcETRWsqdXZtjzRU8dF+6CkozTK4V4y1LwOX7j8r/vHphjDeMeGI4tNGeGA==
541+
532542
"@nestjs/cli@^7.0.0":
533543
version "7.1.2"
534544
resolved "https://registry.yarnpkg.com/@nestjs/cli/-/cli-7.1.2.tgz#8ba65dfa679a97283cfbd5ed90b40a8bc950968a"
@@ -557,15 +567,14 @@
557567
webpack "4.42.1"
558568
webpack-node-externals "1.7.2"
559569

560-
"@nestjs/common@^8.0.7":
561-
version "8.0.7"
562-
resolved "https://registry.yarnpkg.com/@nestjs/common/-/common-8.0.7.tgz#b77d904d22c6d7dd7424b306c5ff4946f183cbcb"
563-
integrity sha512-p9dF6rFE8SYIUphzTCtQ2FoE1NVsAnX5jOPsmRvP0DlleKSfE/SizzkM6YmVUM98yyOvlGuHGV1X0NoSP3azCg==
570+
"@nestjs/common@^9.0.0":
571+
version "9.4.3"
572+
resolved "https://registry.yarnpkg.com/@nestjs/common/-/common-9.4.3.tgz#f907c5315b4273f7675864a05c4dda7056632b87"
573+
integrity sha512-Gd6D4IaYj01o14Bwv81ukidn4w3bPHCblMUq+SmUmWLyosK+XQmInCS09SbDDZyL8jy86PngtBLTdhJ2bXSUig==
564574
dependencies:
565-
axios "0.21.4"
575+
uid "2.0.2"
566576
iterare "1.2.1"
567-
tslib "2.3.1"
568-
uuid "8.3.2"
577+
tslib "2.5.3"
569578

570579
"@nestjs/config@^0.6.2":
571580
version "0.6.3"
@@ -600,10 +609,10 @@
600609
"@types/jsonwebtoken" "9.0.2"
601610
jsonwebtoken "9.0.0"
602611

603-
"@nestjs/mapped-types@0.4.1":
604-
version "0.4.1"
605-
resolved "https://registry.yarnpkg.com/@nestjs/mapped-types/-/mapped-types-0.4.1.tgz#e7fe038f0bdda7b8f858fa79ca8516b8f9069b1a"
606-
integrity sha512-JXrw2LMangSU3vnaXWXVX47GRG1FbbNh4aVBbidDjxT3zlghsoNQY6qyWtT001MCl8lJGo8I6i6+DurBRRxl/Q==
612+
"@nestjs/mapped-types@2.1.0":
613+
version "2.1.0"
614+
resolved "https://registry.yarnpkg.com/@nestjs/mapped-types/-/mapped-types-2.1.0.tgz#b9b536b7c3571567aa1d0223db8baa1a51505a19"
615+
integrity sha512-W+n+rM69XsFdwORF11UqJahn4J3xi4g/ZEOlJNL6KoW5ygWSmBB2p0S2BZ4FQeS/NDH72e6xIcu35SfJnE8bXw==
607616

608617
"@nestjs/passport@^7.1.5":
609618
version "7.1.5"
@@ -630,14 +639,17 @@
630639
"@angular-devkit/schematics" "9.0.6"
631640
fs-extra "8.1.0"
632641

633-
"@nestjs/swagger@^4.8.1":
634-
version "4.8.2"
635-
resolved "https://registry.yarnpkg.com/@nestjs/swagger/-/swagger-4.8.2.tgz#0a0b3ca1b25146e797ca77addd9fa97f82406c1c"
636-
integrity sha512-RSUwcVxrzXF7/b/IZ5lXnYHJ6jIGS9wWRTJKIt1kIaCNWT+0wRfTlAyhQkzs2g35/PTXJEcdIwwY7mBO/bwHzw==
642+
"@nestjs/swagger@^11.2.6":
643+
version "11.2.6"
644+
resolved "https://registry.yarnpkg.com/@nestjs/swagger/-/swagger-11.2.6.tgz#c9f2689a932bd431f5e7f8c29e6a57309f4c92bc"
645+
integrity sha512-oiXOxMQqDFyv1AKAqFzSo6JPvMEs4uA36Eyz/s2aloZLxUjcLfUMELSLSNQunr61xCPTpwEOShfmO7NIufKXdA==
637646
dependencies:
638-
"@nestjs/mapped-types" "0.4.1"
639-
lodash "4.17.21"
640-
path-to-regexp "3.2.0"
647+
"@microsoft/tsdoc" "0.16.0"
648+
"@nestjs/mapped-types" "2.1.0"
649+
js-yaml "4.1.1"
650+
lodash "4.17.23"
651+
path-to-regexp "8.3.0"
652+
swagger-ui-dist "5.31.0"
641653

642654
"@nestjs/testing@^7.0.0":
643655
version "7.0.8"
@@ -663,6 +675,11 @@
663675
consola "^2.15.0"
664676
node-fetch "^2.6.1"
665677

678+
"@scarf/scarf@=1.4.0":
679+
version "1.4.0"
680+
resolved "https://registry.yarnpkg.com/@scarf/scarf/-/scarf-1.4.0.tgz#3bbb984085dbd6d982494538b523be1ce6562972"
681+
integrity sha512-xxeapPiUXdZAE3che6f3xogoJPeZgig6omHEy1rIY5WVsB3H2BHNnZH+gHG6x91SCWyQCzWGsuL2Hh3ClO5/qQ==
682+
666683
"@schematics/schematics@0.901.0":
667684
version "0.901.0"
668685
resolved "https://registry.yarnpkg.com/@schematics/schematics/-/schematics-0.901.0.tgz#2d14b913501315f3ab52c98ee919226ee75195f7"
@@ -1447,13 +1464,6 @@ aws4@^1.8.0:
14471464
resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.9.1.tgz#7e33d8f7d449b3f673cd72deb9abdc552dbe528e"
14481465
integrity sha512-wMHVg2EOHaMRxbzgFJ9gtjOOCrI80OHLG14rxi28XwOW8ux6IiEbRCGGGqCtdAIg4FQCbW20k9RsT4y3gJlFug==
14491466

1450-
axios@0.21.4:
1451-
version "0.21.4"
1452-
resolved "https://registry.yarnpkg.com/axios/-/axios-0.21.4.tgz#c67b90dc0568e5c1cf2b0b858c43ba28e2eda575"
1453-
integrity sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==
1454-
dependencies:
1455-
follow-redirects "^1.14.0"
1456-
14571467
babel-code-frame@^6.22.0:
14581468
version "6.26.0"
14591469
resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.26.0.tgz#63fd43f7dc1e3bb7ce35947db8fe369a3f58c74b"
@@ -3090,11 +3100,6 @@ flush-write-stream@^1.0.0:
30903100
inherits "^2.0.3"
30913101
readable-stream "^2.3.6"
30923102

3093-
follow-redirects@^1.14.0:
3094-
version "1.14.4"
3095-
resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.14.4.tgz#838fdf48a8bbdd79e52ee51fb1c94e3ed98b9379"
3096-
integrity sha512-zwGkiSXC1MUJG/qmeIFH2HBJx9u0V46QGUe3YR1fXG8bXQxq7fLj0RjLZQ5nubr9qNJUZrH+xUcwXEoXNpfS+g==
3097-
30983103
for-in@^1.0.2:
30993104
version "1.0.2"
31003105
resolved "https://registry.yarnpkg.com/for-in/-/for-in-1.0.2.tgz#81068d295a8142ec0ac726c6e2200c30fb6d5e80"
@@ -4228,6 +4233,13 @@ js-tokens@^4.0.0:
42284233
resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499"
42294234
integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==
42304235

4236+
js-yaml@4.1.1:
4237+
version "4.1.1"
4238+
resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.1.tgz#854c292467705b699476e1a2decc0c8a3458806b"
4239+
integrity sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==
4240+
dependencies:
4241+
argparse "^2.0.1"
4242+
42314243
js-yaml@^3.13.1:
42324244
version "3.13.1"
42334245
resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.13.1.tgz#aff151b30bfdfa8e49e05da22e7415e9dfa37847"
@@ -4487,7 +4499,12 @@ lodash.toarray@^4.4.0:
44874499
resolved "https://registry.yarnpkg.com/lodash.toarray/-/lodash.toarray-4.4.0.tgz#24c4bfcd6b2fba38bfd0594db1179d8e9b656561"
44884500
integrity sha1-JMS/zWsvuji/0FlNsRedjptlZWE=
44894501

4490-
lodash@4.17.21, lodash@^4.17.13, lodash@^4.17.14, lodash@^4.17.15, lodash@^4.17.21:
4502+
lodash@4.17.23:
4503+
version "4.17.23"
4504+
resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.23.tgz#f113b0378386103be4f6893388c73d0bde7f2c5a"
4505+
integrity sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==
4506+
4507+
lodash@^4.17.13, lodash@^4.17.14, lodash@^4.17.15, lodash@^4.17.21:
44914508
version "4.17.21"
44924509
resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c"
44934510
integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==
@@ -5346,6 +5363,11 @@ path-to-regexp@3.2.0:
53465363
resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-3.2.0.tgz#fa7877ecbc495c601907562222453c43cc204a5f"
53475364
integrity sha512-jczvQbCUS7XmS7o+y1aEO9OBVFeZBQ1MDSEqmO7xSoPgOPoowY/SxLpZ6Vh97/8qHZOteiCKb7gkG9gA2ZUxJA==
53485365

5366+
path-to-regexp@8.3.0:
5367+
version "8.3.0"
5368+
resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-8.3.0.tgz#aa818a6981f99321003a08987d3cec9c3474cd1f"
5369+
integrity sha512-7jdwVIRtsP8MYpdXSwOS0YdD0Du+qOoF/AEPIt88PcCFrZCzx41oxku1jD88hZBwbNUIEfpqvuhjFaMAqMTWnA==
5370+
53495371
path-type@^2.0.0:
53505372
version "2.0.0"
53515373
resolved "https://registry.yarnpkg.com/path-type/-/path-type-2.0.0.tgz#f012ccb8415b7096fc2daa1054c3d72389594c73"
@@ -6495,6 +6517,13 @@ supports-hyperlinks@^2.0.0:
64956517
has-flag "^4.0.0"
64966518
supports-color "^7.0.0"
64976519

6520+
swagger-ui-dist@5.31.0:
6521+
version "5.31.0"
6522+
resolved "https://registry.yarnpkg.com/swagger-ui-dist/-/swagger-ui-dist-5.31.0.tgz#a2529f844c83b7e85c2caaf2c64a8277dd71db98"
6523+
integrity sha512-zSUTIck02fSga6rc0RZP3b7J7wgHXwLea8ZjgLA3Vgnb8QeOl3Wou2/j5QkzSGeoz6HusP/coYuJl33aQxQZpg==
6524+
dependencies:
6525+
"@scarf/scarf" "=1.4.0"
6526+
64986527
swagger-ui-dist@^3.18.1:
64996528
version "3.25.0"
65006529
resolved "https://registry.yarnpkg.com/swagger-ui-dist/-/swagger-ui-dist-3.25.0.tgz#90279cdcc56e591fcfbe7b5240a9d653b989336d"
@@ -6772,10 +6801,10 @@ tslib@2.2.0:
67726801
resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.2.0.tgz#fb2c475977e35e241311ede2693cee1ec6698f5c"
67736802
integrity sha512-gS9GVHRU+RGn5KQM2rllAlR3dU6m7AcpJKdtH8gFvQiC4Otgk98XnmMU+nZenHt/+VhnBPWwgrJsyrdcw6i23w==
67746803

6775-
tslib@2.3.1:
6776-
version "2.3.1"
6777-
resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.3.1.tgz#e8a335add5ceae51aa261d32a490158ef042ef01"
6778-
integrity sha512-77EbyPPpMz+FRFRuAFlWMtmgUWGe9UOG2Z25NqCwiIjRhOf5iKGuzSe5P2w1laq+FkRy4p+PCuVkJSGkzTEKVw==
6804+
tslib@2.5.3:
6805+
version "2.5.3"
6806+
resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.5.3.tgz#24944ba2d990940e6e982c4bea147aba80209913"
6807+
integrity sha512-mSxlJJwl3BMEQCUNnxXBU9jP4JBktcEGhURcPR6VQVlnP0FdDEsIaz0C35dXNGLyRfrATNofF0F5p2KPxQgB+w==
67796808

67806809
tslib@^2.1.0:
67816810
version "2.1.0"
@@ -6876,6 +6905,13 @@ typescript@^3.6.4, typescript@^3.7.4:
68766905
resolved "https://registry.yarnpkg.com/typescript/-/typescript-3.8.3.tgz#409eb8544ea0335711205869ec458ab109ee1061"
68776906
integrity sha512-MYlEfn5VrLNsgudQTVJeNaQFUAI7DkhnOjdpAp4T+ku1TfQClewlbSuTVHiA+8skNBgaf02TL/kLOvig4y3G8w==
68786907

6908+
uid@2.0.2:
6909+
version "2.0.2"
6910+
resolved "https://registry.yarnpkg.com/uid/-/uid-2.0.2.tgz#4b5782abf0f2feeefc00fa88006b2b3b7af3e3b9"
6911+
integrity sha512-u3xV3X7uzvi5b1MncmZo3i2Aw222Zk1keqLA1YkHldREkAhAqi65wuPfe7lHx8H/Wzy+8CE7S7uS3jekIM5s8g==
6912+
dependencies:
6913+
"@lukeed/csprng" "^1.0.0"
6914+
68796915
union-value@^1.0.0:
68806916
version "1.0.1"
68816917
resolved "https://registry.yarnpkg.com/union-value/-/union-value-1.0.1.tgz#0b6fe7b835aecda61c6ea4d4f02c14221e109847"

0 commit comments

Comments
 (0)