From d2109e921d28f174a1cc53643892434ca48b7cdd Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 27 Oct 2023 16:38:32 +0000 Subject: [PATCH] fix: packages/botonic-plugin-contentful/package.json & packages/botonic-plugin-contentful/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6032459 --- .../package-lock.json | 122 ++++++++++++++---- .../botonic-plugin-contentful/package.json | 4 +- 2 files changed, 99 insertions(+), 27 deletions(-) diff --git a/packages/botonic-plugin-contentful/package-lock.json b/packages/botonic-plugin-contentful/package-lock.json index 265d3c08c3..bb3dda8ac6 100644 --- a/packages/botonic-plugin-contentful/package-lock.json +++ b/packages/botonic-plugin-contentful/package-lock.json @@ -617,6 +617,7 @@ "version": "0.21.4", "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==", + "dev": true, "requires": { "follow-redirects": "^1.14.0" } @@ -1142,15 +1143,33 @@ } }, "contentful": { - "version": "8.5.8", - "resolved": "https://registry.npmjs.org/contentful/-/contentful-8.5.8.tgz", - "integrity": "sha512-6YyE95uDJYTyGKQYtqYrMzdDZe3sLkrC0UEnpXuIOeciGACRQP9ouTjRJnLMa5ONUPt0+UJh7JH3epNouPZWIw==", - "requires": { - "axios": "^0.21.1", - "contentful-resolve-response": "^1.3.0", - "contentful-sdk-core": "^6.8.5", - "fast-copy": "^2.1.0", - "json-stringify-safe": "^5.0.1" + "version": "10.4.0", + "resolved": "https://registry.npmjs.org/contentful/-/contentful-10.4.0.tgz", + "integrity": "sha512-uTwBjy0ipl2Vne6HNXK+I2nGbV5m81lnRAm3KH4jwuSv7QUAgy41rt6hU4SfuqDjK7MQ0am0Maak3leWZLBOxg==", + "requires": { + "@contentful/rich-text-types": "^16.0.2", + "axios": "^1.4.0", + "contentful-resolve-response": "^1.3.6", + "contentful-sdk-core": "^8.1.0", + "json-stringify-safe": "^5.0.1", + "type-fest": "^4.0.0" + }, + "dependencies": { + "axios": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", + "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", + "requires": { + "follow-redirects": "^1.15.0", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" + } + }, + "type-fest": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-4.6.0.tgz", + "integrity": "sha512-rLjWJzQFOq4xw7MgJrCZ6T1jIOvvYElXT12r+y0CC6u67hegDHaxcPqb2fZHOGlqxugGQPNB1EnTezjBetkwkw==" + } } }, "contentful-batch-libs": { @@ -1754,22 +1773,38 @@ } }, "contentful-management": { - "version": "7.54.2", - "resolved": "https://registry.npmjs.org/contentful-management/-/contentful-management-7.54.2.tgz", - "integrity": "sha512-up7a31QsVM3ADXm6CrLGp9u/AVHO/yIDJGyS9Ztesa/xlxJgGmrEMTqUevauT1Y/5vC54gBM5S8in1zcP7atqQ==", + "version": "10.40.0", + "resolved": "https://registry.npmjs.org/contentful-management/-/contentful-management-10.40.0.tgz", + "integrity": "sha512-73r3ecY7z69t6AdrUdyVUWxrIPJikp0FWqRl4kFbFkCd6tzohTN5gIAKLTupL06rvoKIfDOlgMKVypBVxxbrnQ==", "requires": { + "@contentful/rich-text-types": "^16.0.3", "@types/json-patch": "0.0.30", - "axios": "^0.21.4", - "contentful-sdk-core": "^6.10.4", - "fast-copy": "^2.1.0", + "axios": "^1.4.0", + "contentful-sdk-core": "^8.1.0", + "fast-copy": "^3.0.0", "lodash.isplainobject": "^4.0.6", - "type-fest": "^2.5.3" + "type-fest": "^4.0.0" }, "dependencies": { + "axios": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", + "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", + "requires": { + "follow-redirects": "^1.15.0", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" + } + }, + "fast-copy": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/fast-copy/-/fast-copy-3.0.1.tgz", + "integrity": "sha512-Knr7NOtK3HWRYGtHoJrjkaWepqT8thIVGAwt0p0aUs1zqkAzXZV4vo9fFNwyb5fcqK1GKYFYxldQdIDVKhUAfA==" + }, "type-fest": { - "version": "2.19.0", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-2.19.0.tgz", - "integrity": "sha512-RAH822pAdBgcNMAfWnCBU3CFZcfZ/i1eZjwFU/dsLKumyuuP3niueg2UAukXYF0E2AAoc82ZSSf9J0WQBinzHA==" + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-4.6.0.tgz", + "integrity": "sha512-rLjWJzQFOq4xw7MgJrCZ6T1jIOvvYElXT12r+y0CC6u67hegDHaxcPqb2fZHOGlqxugGQPNB1EnTezjBetkwkw==" } } }, @@ -1863,6 +1898,33 @@ "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", "dev": true }, + "contentful-management": { + "version": "7.54.2", + "resolved": "https://registry.npmjs.org/contentful-management/-/contentful-management-7.54.2.tgz", + "integrity": "sha512-up7a31QsVM3ADXm6CrLGp9u/AVHO/yIDJGyS9Ztesa/xlxJgGmrEMTqUevauT1Y/5vC54gBM5S8in1zcP7atqQ==", + "dev": true, + "requires": { + "@types/json-patch": "0.0.30", + "axios": "^0.21.4", + "contentful-sdk-core": "^6.10.4", + "fast-copy": "^2.1.0", + "lodash.isplainobject": "^4.0.6", + "type-fest": "^2.5.3" + } + }, + "contentful-sdk-core": { + "version": "6.11.0", + "resolved": "https://registry.npmjs.org/contentful-sdk-core/-/contentful-sdk-core-6.11.0.tgz", + "integrity": "sha512-ukKxiiHdCa/izTQbA3/VUPMQB2PZW5D2KYjV9WQVOc8QjmDhu1wpEDkYxYjOrUDgT5tM7xw6umpwlifxoYe9kQ==", + "dev": true, + "requires": { + "fast-copy": "^2.1.0", + "lodash.isplainobject": "^4.0.6", + "lodash.isstring": "^4.0.1", + "p-throttle": "^4.1.1", + "qs": "^6.9.4" + } + }, "debug": { "version": "4.3.4", "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", @@ -1913,6 +1975,12 @@ "has-flag": "^4.0.0" } }, + "type-fest": { + "version": "2.19.0", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-2.19.0.tgz", + "integrity": "sha512-RAH822pAdBgcNMAfWnCBU3CFZcfZ/i1eZjwFU/dsLKumyuuP3niueg2UAukXYF0E2AAoc82ZSSf9J0WQBinzHA==", + "dev": true + }, "wrap-ansi": { "version": "6.2.0", "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz", @@ -1970,15 +2038,14 @@ } }, "contentful-sdk-core": { - "version": "6.11.0", - "resolved": "https://registry.npmjs.org/contentful-sdk-core/-/contentful-sdk-core-6.11.0.tgz", - "integrity": "sha512-ukKxiiHdCa/izTQbA3/VUPMQB2PZW5D2KYjV9WQVOc8QjmDhu1wpEDkYxYjOrUDgT5tM7xw6umpwlifxoYe9kQ==", + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/contentful-sdk-core/-/contentful-sdk-core-8.1.0.tgz", + "integrity": "sha512-ZXTtrkrx4OlRcVY0WLihrskF+BSuHe7QZuWA8DNEeTlHmkPXAVch9Og5TJDoyGeqNrArR3Ovd7yfaG+1QYo+ag==", "requires": { - "fast-copy": "^2.1.0", + "fast-copy": "^2.1.7", "lodash.isplainobject": "^4.0.6", "lodash.isstring": "^4.0.1", - "p-throttle": "^4.1.1", - "qs": "^6.9.4" + "p-throttle": "^4.1.1" } }, "copy-descriptor": { @@ -4756,6 +4823,11 @@ "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==", "dev": true }, + "proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, "qs": { "version": "6.11.1", "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.1.tgz", diff --git a/packages/botonic-plugin-contentful/package.json b/packages/botonic-plugin-contentful/package.json index 17c9c95e3e..fee0f6e04a 100644 --- a/packages/botonic-plugin-contentful/package.json +++ b/packages/botonic-plugin-contentful/package.json @@ -55,9 +55,9 @@ "@nlpjs/ner": "^4.27.0", "@nlpjs/similarity": "^4.21.1", "async-parallel": "^1.2.3", - "contentful": "^8.5.8", + "contentful": "^10.4.0", "contentful-import": "^8.5.62", - "contentful-management": "^7.39.0", + "contentful-management": "^10.40.0", "csv-parse": "^4.16.0", "csv-stringify": "^5.6.5", "escape-string-regexp": "^4.0.0",