From cadaca8e138dac2f0d87bf742e1090b91f9dfa21 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 4 Dec 2024 14:47:49 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-COOKIE-8163060 --- package-lock.json | 94 ++++++++++++++++++++++++++++------------------- package.json | 2 +- 2 files changed, 58 insertions(+), 38 deletions(-) diff --git a/package-lock.json b/package-lock.json index 06fc4d6..d73fb58 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8,7 +8,7 @@ "name": "lingo", "version": "0.1.0", "dependencies": { - "@clerk/nextjs": "^5.6.3", + "@clerk/nextjs": "^5.7.2", "@neondatabase/serverless": "^0.9.4", "@radix-ui/react-avatar": "^1.1.0", "@radix-ui/react-dialog": "^1.1.1", @@ -271,13 +271,14 @@ } }, "node_modules/@clerk/backend": { - "version": "1.13.5", - "resolved": "https://registry.npmjs.org/@clerk/backend/-/backend-1.13.5.tgz", - "integrity": "sha512-1ndtoUwQ7jYAG8tMQhUGq+MlvWpnQdOSlk4j0piGeou0drpD0+8jOoBsjp+io4WjN43NJqLlAV6by+b4Y8aTcw==", + "version": "1.13.9", + "resolved": "https://registry.npmjs.org/@clerk/backend/-/backend-1.13.9.tgz", + "integrity": "sha512-WW5IyCsaKHld1lNKQ+XSifUJ75CJ2EFJMPcx+R04icexE90EQzktwT5jeHr3brN7YVR9+PJREzlePrt7eIF/uw==", + "license": "MIT", "dependencies": { - "@clerk/shared": "2.8.4", - "@clerk/types": "4.23.0", - "cookie": "0.5.0", + "@clerk/shared": "2.9.0", + "@clerk/types": "4.25.0", + "cookie": "0.7.0", "snakecase-keys": "5.4.4", "tslib": "2.4.1" }, @@ -288,15 +289,17 @@ "node_modules/@clerk/backend/node_modules/tslib": { "version": "2.4.1", "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" + "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==", + "license": "0BSD" }, "node_modules/@clerk/clerk-react": { - "version": "5.9.4", - "resolved": "https://registry.npmjs.org/@clerk/clerk-react/-/clerk-react-5.9.4.tgz", - "integrity": "sha512-bcaGccFaOiAaonvbIBNyJgjy1W20Gt4WgHHaFKgh44k+LtauG6LrYotdac1ffXCyVuWHZvVNTA29SuSodkRmAg==", + "version": "5.11.0", + "resolved": "https://registry.npmjs.org/@clerk/clerk-react/-/clerk-react-5.11.0.tgz", + "integrity": "sha512-JPvDxSPMV1Rrnh5k1ULxeemvUW+F5YdVUQAUhPPl/iZ6MHO6vXr5jn66xe0hM+wrw/snGlsrD9ePyy6tK8EDKw==", + "license": "MIT", "dependencies": { - "@clerk/shared": "2.8.4", - "@clerk/types": "4.23.0", + "@clerk/shared": "2.9.0", + "@clerk/types": "4.25.0", "tslib": "2.4.1" }, "engines": { @@ -310,17 +313,19 @@ "node_modules/@clerk/clerk-react/node_modules/tslib": { "version": "2.4.1", "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" + "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==", + "license": "0BSD" }, "node_modules/@clerk/nextjs": { - "version": "5.6.3", - "resolved": "https://registry.npmjs.org/@clerk/nextjs/-/nextjs-5.6.3.tgz", - "integrity": "sha512-yPRKys3eOiFTTFPmzzWx7UxQ/MkQzpJYzBN61qNB6MrbHxI/CBJdo+yEF0kGqbQhYGRVe4k5W9M9fMOqzgEMSA==", - "dependencies": { - "@clerk/backend": "1.13.5", - "@clerk/clerk-react": "5.9.4", - "@clerk/shared": "2.8.4", - "@clerk/types": "4.23.0", + "version": "5.7.2", + "resolved": "https://registry.npmjs.org/@clerk/nextjs/-/nextjs-5.7.2.tgz", + "integrity": "sha512-G2ilYV0RyOrwc6gI6qmKAsML+7YLiVX/VFlkuvh3vk+qJ6ka8RDaoaILcmREEs4AOaQXBHYQCfiCrYMUeEUJFg==", + "license": "MIT", + "dependencies": { + "@clerk/backend": "1.13.9", + "@clerk/clerk-react": "5.11.0", + "@clerk/shared": "2.9.0", + "@clerk/types": "4.25.0", "crypto-js": "4.2.0", "server-only": "0.0.1", "tslib": "2.4.1" @@ -341,12 +346,13 @@ "license": "0BSD" }, "node_modules/@clerk/shared": { - "version": "2.8.4", - "resolved": "https://registry.npmjs.org/@clerk/shared/-/shared-2.8.4.tgz", - "integrity": "sha512-I+V05B/YqEWAaXb+SWb9VFCK6WSjChW01gC9OJxpkvjauNiBtDjFVghodZFg2dxcbwQGQNj6sC1hrf+mcBVBqw==", + "version": "2.9.0", + "resolved": "https://registry.npmjs.org/@clerk/shared/-/shared-2.9.0.tgz", + "integrity": "sha512-DAqxJbmQ3QnQXZepG2InLC7Hdq+4T9/+A/kwtMQtAyQcsZoDwZ1TqVJkrqZ55lJIAkR97HEn3/g+g1ySspdEfA==", "hasInstallScript": true, + "license": "MIT", "dependencies": { - "@clerk/types": "4.23.0", + "@clerk/types": "4.25.0", "glob-to-regexp": "0.4.1", "js-cookie": "3.0.5", "std-env": "^3.7.0", @@ -369,9 +375,10 @@ } }, "node_modules/@clerk/types": { - "version": "4.23.0", - "resolved": "https://registry.npmjs.org/@clerk/types/-/types-4.23.0.tgz", - "integrity": "sha512-xCAPeKXOt/qAEzhlv35sdNYm9ewoveRMUwVEoGsFIDaeF9N1agCNdzKtCMcHjGZFH4ESnopLmEq2n46aRxPFkA==", + "version": "4.25.0", + "resolved": "https://registry.npmjs.org/@clerk/types/-/types-4.25.0.tgz", + "integrity": "sha512-p2IyJ0q5WF1e976L1pS1J6Mb5ducfkUC31DR1EvMjPwJkrlWJdAMCPc+zqRRAePVy/JBVK2gEKbUVtJ6/jrpag==", + "license": "MIT", "dependencies": { "csstype": "3.1.1" }, @@ -382,7 +389,8 @@ "node_modules/@clerk/types/node_modules/csstype": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/csstype/-/csstype-3.1.1.tgz", - "integrity": "sha512-DJR/VvkAvSZW9bTouZue2sSxDwdTN92uHjqeKVm+0dAqdfNykRzQ95tay8aXMBAAPpUiq4Qcug2L7neoRh2Egw==" + "integrity": "sha512-DJR/VvkAvSZW9bTouZue2sSxDwdTN92uHjqeKVm+0dAqdfNykRzQ95tay8aXMBAAPpUiq4Qcug2L7neoRh2Egw==", + "license": "MIT" }, "node_modules/@cspotcode/source-map-support": { "version": "0.8.1", @@ -3134,9 +3142,10 @@ "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==" }, "node_modules/cookie": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.5.0.tgz", - "integrity": "sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==", + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.0.tgz", + "integrity": "sha512-qCf+V4dtlNhSRXGAZatc1TasyFO6GjohcOul807YOb5ik3+kQSnb4d7iajeCL8QHaJ4uZEjCgiCJerKXwdRVlQ==", + "license": "MIT", "engines": { "node": ">= 0.6" } @@ -3490,6 +3499,7 @@ "version": "3.0.4", "resolved": "https://registry.npmjs.org/dot-case/-/dot-case-3.0.4.tgz", "integrity": "sha512-Kv5nKlh6yRrdrGvxeJ2e5y2eRUpkUosIW4A2AS38zwSz27zu7ufDwQPi5Jhs3XAlGNetl3bmnGhQsMtkKJnj3w==", + "license": "MIT", "dependencies": { "no-case": "^3.0.4", "tslib": "^2.0.3" @@ -5487,7 +5497,8 @@ "node_modules/glob-to-regexp": { "version": "0.4.1", "resolved": "https://registry.npmjs.org/glob-to-regexp/-/glob-to-regexp-0.4.1.tgz", - "integrity": "sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==" + "integrity": "sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==", + "license": "BSD-2-Clause" }, "node_modules/glob/node_modules/brace-expansion": { "version": "2.0.1", @@ -6265,6 +6276,7 @@ "version": "3.0.5", "resolved": "https://registry.npmjs.org/js-cookie/-/js-cookie-3.0.5.tgz", "integrity": "sha512-cEiJEAEoIbWfCZYKWhVwFuvPX1gETRYPw6LlaTKoxD3s2AkXzkCjnp6h0V77ozyqj0jakteJ4YqDJT830+lVGw==", + "license": "MIT", "engines": { "node": ">=14" } @@ -6471,6 +6483,7 @@ "version": "2.0.2", "resolved": "https://registry.npmjs.org/lower-case/-/lower-case-2.0.2.tgz", "integrity": "sha512-7fm3l3NAF9WfN6W3JOmf5drwpVqX78JtoGJ3A6W0a6ZnldM41w2fV5D490psKFTpMds8TJse/eHLFFsNHHjHgg==", + "license": "MIT", "dependencies": { "tslib": "^2.0.3" } @@ -6505,6 +6518,7 @@ "version": "4.3.0", "resolved": "https://registry.npmjs.org/map-obj/-/map-obj-4.3.0.tgz", "integrity": "sha512-hdN1wVrZbb29eBGiGjJbeP8JbKjq1urkHJ/LIP/NY48MZ1QVXUsQBV1G1zvYFHn1XE06cwjBsOI2K3Ulnj1YXQ==", + "license": "MIT", "engines": { "node": ">=8" }, @@ -6726,6 +6740,7 @@ "version": "3.0.4", "resolved": "https://registry.npmjs.org/no-case/-/no-case-3.0.4.tgz", "integrity": "sha512-fgAN3jGAh+RoxUGZHTSOLJIqUc2wmoBwGR4tbpNAKmmovFoWq0OdRkb0VkldReO2a2iBT/OEulG9XSUc10r3zg==", + "license": "MIT", "dependencies": { "lower-case": "^2.0.2", "tslib": "^2.0.3" @@ -8187,6 +8202,7 @@ "version": "3.0.4", "resolved": "https://registry.npmjs.org/snake-case/-/snake-case-3.0.4.tgz", "integrity": "sha512-LAOh4z89bGQvl9pFfNF8V146i7o7/CqFPbqzYgP+yYzDIDeS9HaNFtXABamRW+AQzEVODcvE79ljJ+8a9YSdMg==", + "license": "MIT", "dependencies": { "dot-case": "^3.0.4", "tslib": "^2.0.3" @@ -8196,6 +8212,7 @@ "version": "5.4.4", "resolved": "https://registry.npmjs.org/snakecase-keys/-/snakecase-keys-5.4.4.tgz", "integrity": "sha512-YTywJG93yxwHLgrYLZjlC75moVEX04LZM4FHfihjHe1FCXm+QaLOFfSf535aXOAd0ArVQMWUAe8ZPm4VtWyXaA==", + "license": "MIT", "dependencies": { "map-obj": "^4.1.0", "snake-case": "^3.0.4", @@ -8209,6 +8226,7 @@ "version": "2.19.0", "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-2.19.0.tgz", "integrity": "sha512-RAH822pAdBgcNMAfWnCBU3CFZcfZ/i1eZjwFU/dsLKumyuuP3niueg2UAukXYF0E2AAoc82ZSSf9J0WQBinzHA==", + "license": "(MIT OR CC0-1.0)", "engines": { "node": ">=12.20" }, @@ -8309,9 +8327,10 @@ } }, "node_modules/std-env": { - "version": "3.7.0", - "resolved": "https://registry.npmjs.org/std-env/-/std-env-3.7.0.tgz", - "integrity": "sha512-JPbdCEQLj1w5GilpiHAx3qJvFndqybBysA3qUOnznweH4QbNYUsW/ea8QzSrnh0vNsezMMw5bcVool8lM0gwzg==" + "version": "3.8.0", + "resolved": "https://registry.npmjs.org/std-env/-/std-env-3.8.0.tgz", + "integrity": "sha512-Bc3YwwCB+OzldMxOXJIIvC6cPRWr/LxOp48CdQTOkPyk/t4JWWJbrilwBd7RJzKV8QW7tJkcgAmeuLLJugl5/w==", + "license": "MIT" }, "node_modules/stop-iteration-iterator": { "version": "1.0.0", @@ -8638,6 +8657,7 @@ "version": "2.2.5", "resolved": "https://registry.npmjs.org/swr/-/swr-2.2.5.tgz", "integrity": "sha512-QtxqyclFeAsxEUeZIYmsaQ0UjimSq1RZ9Un7I68/0ClKK/U3LoyQunwkQfJZr2fc22DfIXLNDc2wFyTEikCUpg==", + "license": "MIT", "dependencies": { "client-only": "^0.0.1", "use-sync-external-store": "^1.2.0" diff --git a/package.json b/package.json index 63a01be..1e13648 100644 --- a/package.json +++ b/package.json @@ -12,7 +12,7 @@ "db:seed": "tsx ./scripts/prod.ts" }, "dependencies": { - "@clerk/nextjs": "^5.6.3", + "@clerk/nextjs": "^5.7.2", "@neondatabase/serverless": "^0.9.4", "@radix-ui/react-avatar": "^1.1.0", "@radix-ui/react-dialog": "^1.1.1",