From cf7f59fdd09cf0e0d70620e4fadcf67d292b9b9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20Og=C3=B3rek?= Date: Wed, 9 Oct 2019 13:15:15 +0200 Subject: [PATCH] misc: Update https-proxy-agent to 3.0.0 for security reasons (#2262) --- packages/node/package.json | 8 ++++---- yarn.lock | 25 +++++++++++++++++-------- 2 files changed, 21 insertions(+), 12 deletions(-) diff --git a/packages/node/package.json b/packages/node/package.json index 84fa5082c656..06deb6da04df 100644 --- a/packages/node/package.json +++ b/packages/node/package.json @@ -20,13 +20,13 @@ "@sentry/hub": "5.7.0-beta.0", "@sentry/types": "5.7.0-beta.0", "@sentry/utils": "5.7.0-beta.0", - "cookie": "0.3.1", - "https-proxy-agent": "2.2.1", - "lru_map": "0.3.3", + "cookie": "^0.3.1", + "https-proxy-agent": "^3.0.0", + "lru_map": "^0.3.3", "tslib": "^1.9.3" }, "devDependencies": { - "@types/cookie": "0.3.2", + "@types/cookie": "^0.3.2", "@types/lru-cache": "^5.1.0", "@types/node": "^11.13.7", "express": "^4.16.4", diff --git a/yarn.lock b/yarn.lock index 9d598193e7cf..0c5164ffb3c8 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1202,10 +1202,10 @@ resolved "https://registry.yarnpkg.com/@types/chai/-/chai-4.1.7.tgz#1b8e33b61a8c09cbe1f85133071baa0dbf9fa71a" integrity sha512-2Y8uPt0/jwjhQ6EiluT0XCri1Dbplr0ZxfFXUz+ye13gaqE8u5gL5ppao1JrUYr9cIip5S6MvQzBS7Kke7U9VA== -"@types/cookie@0.3.2": - version "0.3.2" - resolved "https://registry.yarnpkg.com/@types/cookie/-/cookie-0.3.2.tgz#453f4b14b25da6a8ea4494842dedcbf0151deef9" - integrity sha512-aHQA072E10/8iUQsPH7mQU/KUyQBZAGzTVRCUvnSz8mSvbrYsP4xEO2RSA0Pjltolzi0j8+8ixrm//Hr4umPzw== +"@types/cookie@^0.3.2": + version "0.3.3" + resolved "https://registry.yarnpkg.com/@types/cookie/-/cookie-0.3.3.tgz#85bc74ba782fb7aa3a514d11767832b0e3bc6803" + integrity sha512-LKVP3cgXBT9RYj+t+9FDKwS5tdI+rPBXaNSkma7hvqy35lc7mAokC2zsqWJH0LaqIt3B962nuYI77hsJoT1gow== "@types/estree@0.0.39": version "0.0.39" @@ -1597,7 +1597,7 @@ after@0.8.2: version "0.8.2" resolved "https://registry.yarnpkg.com/after/-/after-0.8.2.tgz#fedb394f9f0e02aa9768e702bda23b505fae7e1f" -agent-base@4, agent-base@4.3.0, agent-base@^4.1.0, agent-base@~4.2.0: +agent-base@4, agent-base@4.3.0, agent-base@^4.1.0, agent-base@^4.3.0, agent-base@~4.2.0: version "4.3.0" resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-4.3.0.tgz#8165f01c436009bccad0b1d122f05ed770efc6ee" integrity sha512-salcGninV0nPrwpGNn4VTXBb1SOuXQBiqbrNXoeizJsHrsL6ERFM2Ne3JUSBWRE6aeNJI2ROP/WEEIDUiDe3cg== @@ -3514,7 +3514,7 @@ cookie-signature@1.0.6: version "1.0.6" resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c" -cookie@0.3.1: +cookie@0.3.1, cookie@^0.3.1: version "0.3.1" resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.3.1.tgz#e7e0a1f9ef43b4c8ba925c5c5a96e806d16873bb" @@ -5432,13 +5432,21 @@ https-browserify@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/https-browserify/-/https-browserify-1.0.0.tgz#ec06c10e0a34c0f2faf199f7fd7fc78fffd03c73" -https-proxy-agent@2.2.1, https-proxy-agent@^2.2.1: +https-proxy-agent@^2.2.1: version "2.2.1" resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-2.2.1.tgz#51552970fa04d723e04c56d04178c3f92592bbc0" dependencies: agent-base "^4.1.0" debug "^3.1.0" +https-proxy-agent@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-3.0.0.tgz#0106efa5d63d6d6f3ab87c999fa4877a3fd1ff97" + integrity sha512-y4jAxNEihqvBI5F3SaO2rtsjIOnnNA8sEbuiP+UhJZJHeM2NRm6c09ax2tgqme+SgUUvjao2fJXF4h3D6Cb2HQ== + dependencies: + agent-base "^4.3.0" + debug "^3.1.0" + humanize-ms@^1.2.1: version "1.2.1" resolved "https://registry.yarnpkg.com/humanize-ms/-/humanize-ms-1.2.1.tgz#c46e3159a293f6b896da29316d8b6fe8bb79bbed" @@ -7177,9 +7185,10 @@ lru-cache@^5.0.0, lru-cache@^5.1.1: dependencies: yallist "^3.0.2" -lru_map@0.3.3: +lru_map@^0.3.3: version "0.3.3" resolved "https://registry.yarnpkg.com/lru_map/-/lru_map-0.3.3.tgz#b5c8351b9464cbd750335a79650a0ec0e56118dd" + integrity sha1-tcg1G5Rky9dQM1p5ZQoOwOVhGN0= macos-release@^2.0.0: version "2.0.0"