From fa75d9722805108f765d17e609258325f42ee5c0 Mon Sep 17 00:00:00 2001
From: Davi Ottenheimer <davi@inrupt.com>
Date: Tue, 5 Nov 2024 21:58:52 +0100
Subject: [PATCH 1/2] fix: security vulnerabilities and align dependencies

---
 package.json | 79 ++++++++++++++++++++++++++++++++--------------------
 1 file changed, 49 insertions(+), 30 deletions(-)

diff --git a/package.json b/package.json
index 368d2888..7978d518 100644
--- a/package.json
+++ b/package.json
@@ -26,10 +26,17 @@
     "prepublishOnly": "npm run build"
   },
   "peerDependencies": {
-    "react": ">16.13.0 || ^17.0.0 || ^18.0.0 || ^18.0.0 || ^20.0.0"
+    "react": "^16.13.0 || ^17.0.0 || ^18.0.0 || ^20.0.0"
+  },
+  "dependencies": {
+    "@inrupt/solid-client": "^2.1.0",
+    "@inrupt/solid-client-authn-browser": "^2.1.0",
+    "react-table": "^7.8.0",
+    "swr": "^2.2.4"
   },
   "devDependencies": {
     "@babel/core": "^7.23.6",
+    "@babel/eslint-parser": "^7.25.9",
     "@babel/preset-env": "^7.23.6",
     "@babel/preset-react": "^7.23.3",
     "@babel/preset-typescript": "^7.23.3",
@@ -40,49 +47,75 @@
     "@inrupt/eslint-config-react": "^3.0.2",
     "@inrupt/jest-jsdom-polyfills": "^3.0.2",
     "@mui/material": "^5.15.1",
-    "@storybook/addon-actions": "^7.6.6",
-    "@storybook/addon-docs": "^7.6.6",
-    "@storybook/addon-essentials": "^7.6.6",
+    "@storybook/addon-actions": "^7.6.20",
+    "@storybook/addon-docs": "^7.6.20",
+    "@storybook/addon-essentials": "^7.6.20",
     "@storybook/addon-knobs": "^7.0.2",
-    "@storybook/addon-links": "^8.0.0",
-    "@storybook/addon-mdx-gfm": "^8.1.11",
-    "@storybook/addon-storysource": "^8.0.0",
-    "@storybook/addons": "^7.6.6",
-    "@storybook/cli": "^8.0.8",
+    "@storybook/addon-links": "^7.6.20",
+    "@storybook/addon-mdx-gfm": "^7.6.20",
+    "@storybook/addon-storysource": "^7.6.20",
+    "@storybook/addons": "^7.6.20",
+    "@storybook/cli": "^7.6.20",
+    "@storybook/core-server": "^7.6.20",
     "@storybook/mdx2-csf": "^1.1.0",
-    "@storybook/react": "^7.6.6",
-    "@storybook/react-webpack5": "^7.6.6",
+    "@storybook/react": "^7.6.20",
+    "@storybook/react-webpack5": "^7.6.20",
     "@testing-library/react": "^14.1.2",
     "@testing-library/react-hooks": "^7.0.2",
-    "@testing-library/user-event": "^14.1.0",
+    "@testing-library/user-event": "^14.5.2",
     "@types/jest": "^29.5.11",
     "@types/node": "^20.10.5",
-    "@types/react": "^17.0.44",
+    "@types/react": "^18.3.12",
     "@types/react-table": "^7.7.10",
     "@typescript-eslint/eslint-plugin": "^6.15.0",
     "@typescript-eslint/parser": "^6.15.0",
-    "babel-eslint": "^10.1.0",
     "babel-loader": "^9.1.3",
+    "cookie": "0.7.2",
     "core-js": "^3.34.0",
     "eslint": "^8.56.0",
     "eslint-plugin-storybook": "^0.8.0",
     "jest": "^29.7.0",
     "jest-environment-jsdom": "^29.7.0",
     "license-checker": "^25.0.1",
+    "markdown-to-jsx": "^7.5.0",
     "postcss": "^8.4.12",
     "prettier": "^3.1.1",
     "react": "^18.2.0",
-    "react-docgen-typescript-loader": "^3.7.2",
     "react-dom": "^18.2.0",
     "react-error-boundary": "^4.0.12",
     "react-test-renderer": "^18.2.0",
     "rollup": "^4.9.1",
-    "storybook": "^7.6.6",
+    "storybook": "^7.6.20",
+    "tar": "^6.2.1",
     "ts-jest": "^29.1.1",
     "ts-loader": "^9.5.1",
     "ts-node": "^10.9.1",
     "typescript": "^5.3.3"
   },
+  "resolutions": {
+    "braces": "^3.0.3",
+    "elliptic": "^6.6.0",
+    "es5-ext": "^0.10.63",
+    "micromatch": "4.0.8",
+    "chokidar": "^3.5.3",
+    "watchpack": "^2.4.0",
+    "cookie": "0.7.2",
+    "postcss": "^8.4.12",
+    "glob-parent": "5.1.2",
+    "trim-newlines": "3.0.1",
+    "serialize-javascript": "6.0.2",
+    "express": "4.21.1",
+    "ip": "2.0.1"
+  },
+  "overrides": {
+    "glob-parent": "5.1.2",
+    "trim-newlines": "3.0.1",
+    "serialize-javascript": "6.0.2",
+    "express": "4.21.1",
+    "cookie": "0.7.2",
+    "micromatch": "4.0.8",
+    "ip": "2.0.1"
+  },
   "repository": {
     "type": "git",
     "url": "git+https://github.com/inrupt/solid-ui-react.git"
@@ -98,20 +131,6 @@
     "url": "https://github.com/inrupt/solid-ui-react/issues"
   },
   "homepage": "https://github.com/inrupt/solid-ui-react#readme",
-  "dependencies": {
-    "@inrupt/solid-client": "^2.0.0",
-    "@inrupt/solid-client-authn-browser": "^2.0.0",
-    "react-table": "^7.6.3",
-    "stream": "0.0.3",
-    "swr": "^2.2.4"
-  },
-  "resolutions": {
-    "postcss": "8.4.5"
-  },
-  "overrides": {
-    "glob-parent": "5.1.2",
-    "trim-newlines": "3.0.1"
-  },
   "engines": {
     "node": "^18.0.0 || ^20.0.0"
   }

From c6de04c8e0bd82f8fdebc50ca299792ce109c7a1 Mon Sep 17 00:00:00 2001
From: Davi Ottenheimer <davi@inrupt.com>
Date: Tue, 5 Nov 2024 22:06:51 +0100
Subject: [PATCH 2/2] fix: restore stream dependency

---
 package.json | 1 +
 1 file changed, 1 insertion(+)

diff --git a/package.json b/package.json
index 7978d518..888cc40b 100644
--- a/package.json
+++ b/package.json
@@ -32,6 +32,7 @@
     "@inrupt/solid-client": "^2.1.0",
     "@inrupt/solid-client-authn-browser": "^2.1.0",
     "react-table": "^7.8.0",
+    "stream": "0.0.3",
     "swr": "^2.2.4"
   },
   "devDependencies": {