From f873dc1bd683322ea1096c8f9c1eaafeee0704c0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 23 Nov 2022 10:20:18 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-FASTIFY-3136527 --- package-lock.json | 72 +++++++++++++++++++++++++---------------------- package.json | 2 +- 2 files changed, 40 insertions(+), 34 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3adee89..c7c6839 100644 --- a/package-lock.json +++ b/package-lock.json @@ -37,6 +37,11 @@ "ajv": "^6.12.6" } }, + "@fastify/error": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@fastify/error/-/error-2.0.0.tgz", + "integrity": "sha512-wI3fpfDT0t7p8E6dA2eTECzzOd+bZsZCJ2Hcv+Onn2b7ZwK3RwD27uW2QDaMtQhAfWQQP+WNK7nKf0twLsBf9w==" + }, "@humanwhocodes/config-array": { "version": "0.9.2", "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.9.2.tgz", @@ -165,7 +170,7 @@ "archy": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/archy/-/archy-1.0.0.tgz", - "integrity": "sha1-+cjBN1fMHde8N5rHeyxipcKGjEA=" + "integrity": "sha512-Xg+9RwCg/0p32teKdGMPTPnVXKD0w3DfHnFTficozsAgsvq2XenPJq/MYpzzQ/v8zrOyJn6Ds39VA4JIDwFfqw==" }, "argparse": { "version": "2.0.1", @@ -233,9 +238,9 @@ "integrity": "sha512-kNOjDqAh7px0XWNI+4QbzoiR/nTkHAWNud2uvnJquD1/x5a7EQZMJT0AczqK0Qn67oY/TTQ1LbUKajZpp3I9tQ==" }, "avvio": { - "version": "7.2.2", - "resolved": "https://registry.npmjs.org/avvio/-/avvio-7.2.2.tgz", - "integrity": "sha512-XW2CMCmZaCmCCsIaJaLKxAzPwF37fXi1KGxNOvedOpeisLdmxZnblGc3hpHWYnlP+KOUxZsazh43WXNHgXpbqw==", + "version": "7.2.5", + "resolved": "https://registry.npmjs.org/avvio/-/avvio-7.2.5.tgz", + "integrity": "sha512-AOhBxyLVdpOad3TujtC9kL/9r3HnTkxwQ5ggOsYrvvZP1cCFvzHWJd5XxZDFuTn+IN8vkKSG5SEJrd27vCSbeA==", "requires": { "archy": "^1.0.0", "debug": "^4.0.0", @@ -460,10 +465,15 @@ "xdg-basedir": "^4.0.0" } }, + "content-type": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.4.tgz", + "integrity": "sha512-hIP3EEPs8tB9AT1L+NUqtwOAps4mk2Zob89MWXMHjHWg9milF/j4osnnQLXBCBFBk/tvIG/tUc9mOUJiPBhPXA==" + }, "cookie": { - "version": "0.4.2", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", - "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==" + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.5.0.tgz", + "integrity": "sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==" }, "cross-spawn": { "version": "7.0.3", @@ -816,9 +826,9 @@ "dev": true }, "fast-redact": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/fast-redact/-/fast-redact-3.1.1.tgz", - "integrity": "sha512-odVmjC8x8jNeMZ3C+rPMESzXVSEU8tSWSHv9HFxP2mm89G/1WwqhrerJDQm9Zus8X6aoRgQDThKqptdNA6bt+A==" + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/fast-redact/-/fast-redact-3.1.2.tgz", + "integrity": "sha512-+0em+Iya9fKGfEQGcd62Yv6onjBmmhV1uh86XVfOU8VwAe6kaFdQCWI9s0/Nnugx5Vd9tdbZ7e6gE2tR9dzXdw==" }, "fast-safe-stringify": { "version": "2.1.1", @@ -826,15 +836,16 @@ "integrity": "sha512-W+KJc2dmILlPplD/H4K9l9LcAHAfPtP6BY84uVLXQ6Evcz9Lcg33Y2z1IVblT6xdY54PXYVHEv+0Wpq8Io6zkA==" }, "fastify": { - "version": "3.27.1", - "resolved": "https://registry.npmjs.org/fastify/-/fastify-3.27.1.tgz", - "integrity": "sha512-GLn3ow5BGqg/m+ztXvztp8Xp7SuH99vAm4zfbN7407Qzi4mB055SG/lWH/gYolz5Oq2K8LtUpZqt1Ccf/YkVmA==", + "version": "3.29.4", + "resolved": "https://registry.npmjs.org/fastify/-/fastify-3.29.4.tgz", + "integrity": "sha512-BEyKidZQvscNaiF1BLh+YLE7AzHH03NexhPzrwZP6KBQ+jG2czdgq72X+RFB5rK9hbqdaafVb5yiWN+hCvHfYg==", "requires": { "@fastify/ajv-compiler": "^1.0.0", + "@fastify/error": "^2.0.0", "abstract-logging": "^2.0.0", "avvio": "^7.1.2", + "content-type": "^1.0.4", "fast-json-stringify": "^2.5.2", - "fastify-error": "^0.3.0", "find-my-way": "^4.5.0", "flatstr": "^1.0.12", "light-my-request": "^4.2.0", @@ -844,7 +855,7 @@ "rfdc": "^1.1.4", "secure-json-parse": "^2.0.0", "semver": "^7.3.2", - "tiny-lru": "^7.0.0" + "tiny-lru": "^8.0.1" } }, "fastify-env": { @@ -856,11 +867,6 @@ "fastify-plugin": "^3.0.0" } }, - "fastify-error": { - "version": "0.3.1", - "resolved": "https://registry.npmjs.org/fastify-error/-/fastify-error-0.3.1.tgz", - "integrity": "sha512-oCfpcsDndgnDVgiI7bwFKAun2dO+4h84vBlkWsWnz/OUK9Reff5UFoFl241xTiLeHWX/vU9zkDVXqYUxjOwHcQ==" - }, "fastify-mongodb": { "version": "4.1.1", "resolved": "https://registry.npmjs.org/fastify-mongodb/-/fastify-mongodb-4.1.1.tgz", @@ -1270,20 +1276,20 @@ } }, "light-my-request": { - "version": "4.8.0", - "resolved": "https://registry.npmjs.org/light-my-request/-/light-my-request-4.8.0.tgz", - "integrity": "sha512-C2XESrTRsZnI59NSQigOsS6IuTxpj8OhSBvZS9fhgBMsamBsAuWN1s4hj/nCi8EeZcyAA6xbROhsZy7wKdfckg==", + "version": "4.12.0", + "resolved": "https://registry.npmjs.org/light-my-request/-/light-my-request-4.12.0.tgz", + "integrity": "sha512-0y+9VIfJEsPVzK5ArSIJ8Dkxp8QMP7/aCuxCUtG/tr9a2NoOf/snATE/OUc05XUplJCEnRh6gTkH7xh9POt1DQ==", "requires": { "ajv": "^8.1.0", - "cookie": "^0.4.0", + "cookie": "^0.5.0", "process-warning": "^1.0.0", "set-cookie-parser": "^2.4.1" }, "dependencies": { "ajv": { - "version": "8.10.0", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.10.0.tgz", - "integrity": "sha512-bzqAEZOjkrUMl2afH8dknrq5KEk2SrwdBROR+vH1EKVQTqaUbJVPdc/gEdggTMM0Se+s+Ja4ju4TlNcStKl2Hw==", + "version": "8.11.2", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.11.2.tgz", + "integrity": "sha512-E4bfmKAhGiSTvMfL1Myyycaub+cUEU2/IvpylXkUu7CHBkBj1f/ikdzbD7YQ6FKUbixDxeYvB/xY4fvyroDlQg==", "requires": { "fast-deep-equal": "^3.1.1", "json-schema-traverse": "^1.0.0", @@ -1827,9 +1833,9 @@ "integrity": "sha512-TcZvGMMy9vodEFSse30lWinkj+JgOBvPn8wRItpQRSayhc+4ssDs335uklkfvQQJgL/WvmHLVj4Ycv2s7QCQMg==" }, "set-cookie-parser": { - "version": "2.4.8", - "resolved": "https://registry.npmjs.org/set-cookie-parser/-/set-cookie-parser-2.4.8.tgz", - "integrity": "sha512-edRH8mBKEWNVIVMKejNnuJxleqYE/ZSdcT8/Nem9/mmosx12pctd80s2Oy00KNZzrogMZS5mauK2/ymL1bvlvg==" + "version": "2.5.1", + "resolved": "https://registry.npmjs.org/set-cookie-parser/-/set-cookie-parser-2.5.1.tgz", + "integrity": "sha512-1jeBGaKNGdEq4FgIrORu/N570dwoPYio8lSoYLWmX7sQ//0JY08Xh9o5pBcgmHQ/MbsYp/aZnOe1s1lIsbLprQ==" }, "shebang-command": { "version": "2.0.0", @@ -1934,9 +1940,9 @@ "dev": true }, "tiny-lru": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/tiny-lru/-/tiny-lru-7.0.6.tgz", - "integrity": "sha512-zNYO0Kvgn5rXzWpL0y3RS09sMK67eGaQj9805jlK9G6pSadfriTczzLHFXa/xcW4mIRfmlB9HyQ/+SgL0V1uow==" + "version": "8.0.2", + "resolved": "https://registry.npmjs.org/tiny-lru/-/tiny-lru-8.0.2.tgz", + "integrity": "sha512-ApGvZ6vVvTNdsmt676grvCkUCGwzG9IqXma5Z07xJgiC5L7akUMof5U8G2JTI9Rz/ovtVhJBlY6mNhEvtjzOIg==" }, "to-readable-stream": { "version": "1.0.0", diff --git a/package.json b/package.json index eb0c87a..b8b0986 100644 --- a/package.json +++ b/package.json @@ -23,7 +23,7 @@ }, "homepage": "https://github.com/spinsage/fastify-js-mongo-starter-rest#readme", "dependencies": { - "fastify": "^3.27.1", + "fastify": "^3.29.4", "fastify-env": "^2.1.1", "fastify-mongodb": "^4.1.1", "pino-pretty": "^7.5.1",