From a3231073d17f88003a465eb4a91ae67287e94e6d Mon Sep 17 00:00:00 2001 From: evilebottnawi Date: Fri, 9 Mar 2018 15:24:12 +0300 Subject: [PATCH] fix: `cacache` security problem --- package-lock.json | 122 +++++++++++++++++++++++----------------------- package.json | 2 +- 2 files changed, 62 insertions(+), 62 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0a5aa192..d17240b2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15,9 +15,9 @@ } }, "acorn": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-5.5.0.tgz", - "integrity": "sha512-arn53F07VXmls4o4pUhSzBa4fvaagPRe7AVZ8l7NHxFWUie2DsuFSBMMNAkgzRlOhEhzAnxeKyaWVzOH4xqp/g==", + "version": "5.5.3", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-5.5.3.tgz", + "integrity": "sha512-jd5MkIUlbbmb07nXH0DT3y7rDVtkzDi4XZOUVWAer8ajmF/DTSSbl5oNFyDOl/OXA33Bl79+ypHhl2pN20VeOQ==", "dev": true }, "acorn-jsx": { @@ -197,7 +197,7 @@ "babel-register": "6.26.0", "babel-runtime": "6.26.0", "chokidar": "1.7.0", - "commander": "2.14.1", + "commander": "2.15.0", "convert-source-map": "1.5.1", "fs-readdir-recursive": "1.1.0", "glob": "7.1.2", @@ -818,7 +818,7 @@ "chownr": "1.0.1", "glob": "7.1.2", "graceful-fs": "4.1.11", - "lru-cache": "4.1.1", + "lru-cache": "4.1.2", "mississippi": "2.0.0", "mkdirp": "0.5.1", "move-concurrently": "1.0.1", @@ -1002,9 +1002,9 @@ "dev": true }, "commander": { - "version": "2.14.1", - "resolved": "https://registry.npmjs.org/commander/-/commander-2.14.1.tgz", - "integrity": "sha512-+YR16o3rK53SmWHU3rEM3tPAh2rwb1yPcQX5irVn7mb0gXbwuCCrnkbV5+PBfETdfg1vui07nM6PCG1zndcjQw==", + "version": "2.15.0", + "resolved": "https://registry.npmjs.org/commander/-/commander-2.15.0.tgz", + "integrity": "sha512-7B1ilBwtYSbetCgTY1NJFg+gVpestg0fdA1MhC1Vs4ssyfSXnCAjFr+QcQM9/RedXC0EaUx1sG8Smgw2VfgKEg==", "dev": true }, "commondir": { @@ -1033,14 +1033,14 @@ "integrity": "sha512-gslSSJx03QKa59cIKqeJO9HQ/WZMotvYJCuaUULrLpjj8oG40kV2Z+gz82pVxlTkOADi4PJxQPPfhl1ELYrrXw==", "requires": { "inherits": "2.0.3", - "readable-stream": "2.3.4", + "readable-stream": "2.3.5", "typedarray": "0.0.6" } }, "conventional-changelog": { - "version": "1.1.17", - "resolved": "https://registry.npmjs.org/conventional-changelog/-/conventional-changelog-1.1.17.tgz", - "integrity": "sha512-FvIFg3UcgkAa8aVxv85IMGd07db3ue1nlJ4wMhcYVQ1XcXqVM1fy/hdhC1iSGotNrZL6qEgb6eOxgIXFAY5exA==", + "version": "1.1.18", + "resolved": "https://registry.npmjs.org/conventional-changelog/-/conventional-changelog-1.1.18.tgz", + "integrity": "sha512-swf5bqhm7PsY2cw6zxuPy6+rZiiGwEpQnrWki+L+z2oZI53QSYwU4brpljmmWss821AsiwmVL+7V6hP+ER+TBA==", "dev": true, "requires": { "conventional-changelog-angular": "1.6.6", @@ -1048,7 +1048,7 @@ "conventional-changelog-codemirror": "0.3.4", "conventional-changelog-core": "2.0.5", "conventional-changelog-ember": "0.3.6", - "conventional-changelog-eslint": "1.0.4", + "conventional-changelog-eslint": "1.0.5", "conventional-changelog-express": "0.3.4", "conventional-changelog-jquery": "0.1.0", "conventional-changelog-jscs": "0.1.0", @@ -1115,9 +1115,9 @@ } }, "conventional-changelog-eslint": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/conventional-changelog-eslint/-/conventional-changelog-eslint-1.0.4.tgz", - "integrity": "sha512-93ZGrElD1e/5dIxTWBPGluWup0vRoM9W5e1jajsY/QLd86rLIfkOUC2cL+pgHpHtG3beUsDupm4kbTtiGdw0/w==", + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/conventional-changelog-eslint/-/conventional-changelog-eslint-1.0.5.tgz", + "integrity": "sha512-7NUv+gMOS8Y49uPFRgF7kuLZqpnrKa2bQMZZsc62NzvaJmjUktnV03PYHuXhTDEHt5guvV9gyEFtUpgHCDkojg==", "dev": true, "requires": { "q": "1.5.1" @@ -1342,7 +1342,7 @@ "integrity": "sha1-6L0O/uWPz/b4+UUQoKVUu/ojVEk=", "dev": true, "requires": { - "lru-cache": "4.1.1", + "lru-cache": "4.1.2", "shebang-command": "1.2.0", "which": "1.3.0" } @@ -1367,7 +1367,7 @@ "integrity": "sha1-dUu1v+VUUdpppYuU1F9MWwRi1Y8=", "dev": true, "requires": { - "es5-ext": "0.10.39" + "es5-ext": "0.10.40" } }, "dargs": { @@ -1532,13 +1532,13 @@ } }, "duplexify": { - "version": "3.5.3", - "resolved": "https://registry.npmjs.org/duplexify/-/duplexify-3.5.3.tgz", - "integrity": "sha512-g8ID9OroF9hKt2POf8YLayy+9594PzmM3scI00/uBXocX3TWNgoB67hjzkFe9ITAbQOne/lLdBxHXvYUM4ZgGA==", + "version": "3.5.4", + "resolved": "https://registry.npmjs.org/duplexify/-/duplexify-3.5.4.tgz", + "integrity": "sha512-JzYSLYMhoVVBe8+mbHQ4KgpvHpm0DZpJuL8PY93Vyv1fW7jYJ90LoXa1di/CVbJM+TgMs91rbDapE/RNIfnJsA==", "requires": { "end-of-stream": "1.4.1", "inherits": "2.0.3", - "readable-stream": "2.3.4", + "readable-stream": "2.3.5", "stream-shift": "1.0.0" } }, @@ -1586,9 +1586,9 @@ } }, "es5-ext": { - "version": "0.10.39", - "resolved": "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.39.tgz", - "integrity": "sha512-AlaXZhPHl0po/uxMx1tyrlt1O86M6D5iVaDH8UgLfgek4kXTX6vzsRfJQWC2Ku+aG8pkw1XWzh9eTkwfVrsD5g==", + "version": "0.10.40", + "resolved": "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.40.tgz", + "integrity": "sha512-S9Fh3oya5OOvYSNGvPZJ+vyrs6VYpe1IXPowVe3N1OhaiwVaGlwfn3Zf5P5klYcWOA0toIwYQW8XEv/QqhdHvQ==", "dev": true, "requires": { "es6-iterator": "2.0.3", @@ -1602,7 +1602,7 @@ "dev": true, "requires": { "d": "1.0.0", - "es5-ext": "0.10.39", + "es5-ext": "0.10.40", "es6-symbol": "3.1.1" } }, @@ -1613,7 +1613,7 @@ "dev": true, "requires": { "d": "1.0.0", - "es5-ext": "0.10.39", + "es5-ext": "0.10.40", "es6-iterator": "2.0.3", "es6-set": "0.1.5", "es6-symbol": "3.1.1", @@ -1627,7 +1627,7 @@ "dev": true, "requires": { "d": "1.0.0", - "es5-ext": "0.10.39", + "es5-ext": "0.10.40", "es6-iterator": "2.0.3", "es6-symbol": "3.1.1", "event-emitter": "0.3.5" @@ -1640,7 +1640,7 @@ "dev": true, "requires": { "d": "1.0.0", - "es5-ext": "0.10.39" + "es5-ext": "0.10.40" } }, "es6-weak-map": { @@ -1650,7 +1650,7 @@ "dev": true, "requires": { "d": "1.0.0", - "es5-ext": "0.10.39", + "es5-ext": "0.10.40", "es6-iterator": "2.0.3", "es6-symbol": "3.1.1" } @@ -1685,7 +1685,7 @@ "doctrine": "1.5.0", "es6-map": "0.1.5", "escope": "3.6.0", - "espree": "3.5.3", + "espree": "3.5.4", "estraverse": "4.2.0", "esutils": "2.0.2", "file-entry-cache": "1.3.1", @@ -1696,7 +1696,7 @@ "inquirer": "0.12.0", "is-my-json-valid": "2.17.2", "is-resolvable": "1.1.0", - "js-yaml": "3.10.0", + "js-yaml": "3.11.0", "json-stable-stringify": "1.0.1", "levn": "0.3.0", "lodash": "4.17.5", @@ -1726,12 +1726,12 @@ } }, "espree": { - "version": "3.5.3", - "resolved": "https://registry.npmjs.org/espree/-/espree-3.5.3.tgz", - "integrity": "sha512-Zy3tAJDORxQZLl2baguiRU1syPERAIg0L+JB2MWorORgTu/CplzvxS9WWA7Xh4+Q+eOQihNs/1o1Xep8cvCxWQ==", + "version": "3.5.4", + "resolved": "https://registry.npmjs.org/espree/-/espree-3.5.4.tgz", + "integrity": "sha512-yAcIQxtmMiB/jL32dzEp2enBeidsB7xWPLNiw3IIkpVds1P+h7qF9YwJq1yUNzp2OKXgAprs4F61ih66UsoD1A==", "dev": true, "requires": { - "acorn": "5.5.0", + "acorn": "5.5.3", "acorn-jsx": "3.0.1" } }, @@ -1769,7 +1769,7 @@ "dev": true, "requires": { "d": "1.0.0", - "es5-ext": "0.10.39" + "es5-ext": "0.10.40" } }, "execa": { @@ -1915,7 +1915,7 @@ "integrity": "sha1-yBuQ2HRnZvGmCaRoCZRsRd2K5Bc=", "requires": { "inherits": "2.0.3", - "readable-stream": "2.3.4" + "readable-stream": "2.3.5" } }, "for-in": { @@ -1941,7 +1941,7 @@ "integrity": "sha1-i/tVAr3kpNNs/e6gB/zKIdfjgq8=", "requires": { "inherits": "2.0.3", - "readable-stream": "2.3.4" + "readable-stream": "2.3.5" } }, "fs-access": { @@ -1967,7 +1967,7 @@ "graceful-fs": "4.1.11", "iferr": "0.1.5", "imurmurhash": "0.1.4", - "readable-stream": "2.3.4" + "readable-stream": "2.3.5" } }, "fs.realpath": { @@ -2906,7 +2906,7 @@ "integrity": "sha1-xztInAbYDMVTbCyFP54FIyBWly0=", "dev": true, "requires": { - "hosted-git-info": "2.5.0", + "hosted-git-info": "2.6.0", "meow": "3.7.0", "normalize-package-data": "2.4.0", "parse-github-repo-url": "1.4.1", @@ -3199,9 +3199,9 @@ } }, "hosted-git-info": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.5.0.tgz", - "integrity": "sha512-pNgbURSuab90KbTqvRPsseaTxOJCZBD0a7t+haSN33piP9cCM4l0CqdzAif2hUqm716UovKB2ROmiabGAKVXyg==", + "version": "2.6.0", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.6.0.tgz", + "integrity": "sha512-lIbgIIQA3lz5XaB6vxakj6sDHADJiZadYEJB+FgA+C4nubM1NwcuvUr9EJPmnH1skZqpqUzWborWo8EIUi0Sdw==", "dev": true }, "iferr": { @@ -3543,9 +3543,9 @@ "dev": true }, "js-yaml": { - "version": "3.10.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.10.0.tgz", - "integrity": "sha512-O2v52ffjLa9VeM43J4XocZE//WT9N0IiwDa3KSHH7Tu8CtH+1qM8SIZvnsTh6v+4yFy5KUY3BHUVwjpfAWsjIA==", + "version": "3.11.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.11.0.tgz", + "integrity": "sha512-saJstZWv7oNeOyBh3+Dx1qWzhW0+e6/8eDzo7p5rDFqxntSztloLtuKu+Ejhtq82jsilwOIZYsCz+lIjthg1Hw==", "dev": true, "requires": { "argparse": "1.0.10", @@ -3725,9 +3725,9 @@ } }, "lru-cache": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.1.tgz", - "integrity": "sha512-q4spe4KTfsAS1SUHLO0wz8Qiyf1+vMIAgpRYioFYDMNqKfHQbg+AVDH3i4fvpl71/P1L0dBl+fQi+P37UYf0ew==", + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.2.tgz", + "integrity": "sha512-wgeVXhrDwAWnIF/yZARsFnMBtdFXOg1b8RIrhilp+0iDYN4mdQcNZElDZ0e4B64BhaxeQ5zN7PMyvu7we1kPeQ==", "requires": { "pseudomap": "1.0.2", "yallist": "2.1.2" @@ -3763,7 +3763,7 @@ "dev": true, "requires": { "errno": "0.1.7", - "readable-stream": "2.3.4" + "readable-stream": "2.3.5" } }, "meow": { @@ -3887,7 +3887,7 @@ "integrity": "sha512-zHo8v+otD1J10j/tC+VNoGK9keCuByhKovAvdn74dmxJl9+mWHnx6EMsDN4lgRoMI/eYo2nchAxniIbUPb5onw==", "requires": { "concat-stream": "1.6.1", - "duplexify": "3.5.3", + "duplexify": "3.5.4", "end-of-stream": "1.4.1", "flush-write-stream": "1.0.2", "from2": "2.3.0", @@ -4035,7 +4035,7 @@ "integrity": "sha512-9jjUFbTPfEy3R/ad/2oNbKtW9Hgovl5O1FvFWKkKblNXoN/Oou6+9+KKohPK13Yc3/TyunyWhJp6gvRNR/PPAw==", "dev": true, "requires": { - "hosted-git-info": "2.5.0", + "hosted-git-info": "2.6.0", "is-builtin-module": "1.0.0", "semver": "5.5.0", "validate-npm-package-license": "3.0.3" @@ -4202,7 +4202,7 @@ "requires": { "cyclist": "0.2.2", "inherits": "2.0.3", - "readable-stream": "2.3.4" + "readable-stream": "2.3.5" } }, "parse-github-repo-url": { @@ -4376,7 +4376,7 @@ "resolved": "https://registry.npmjs.org/pumpify/-/pumpify-1.4.0.tgz", "integrity": "sha512-2kmNR9ry+Pf45opRVirpNuIFotsxUGLaYqxIwuR77AYrYRMuFCz9eryHBS52L360O+NcR383CL4QYlMKPq4zYA==", "requires": { - "duplexify": "3.5.3", + "duplexify": "3.5.4", "inherits": "2.0.3", "pump": "2.0.1" } @@ -4531,9 +4531,9 @@ } }, "readable-stream": { - "version": "2.3.4", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.4.tgz", - "integrity": "sha512-vuYxeWYM+fde14+rajzqgeohAI7YoJcHE7kXDAc4Nk0EbuKnJfqtY9YtRkLo/tqkuF7MsBQRhPnPeyjYITp3ZQ==", + "version": "2.3.5", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.5.tgz", + "integrity": "sha512-tK0yDhrkygt/knjowCUiWP9YdV7c5R+8cR0r/kt9ZhBU906Fs6RpQJCEilamRJj1Nx2rWI6LkW9gKqjTkshhEw==", "requires": { "core-util-is": "1.0.2", "inherits": "2.0.3", @@ -4553,7 +4553,7 @@ "requires": { "graceful-fs": "4.1.11", "minimatch": "3.0.4", - "readable-stream": "2.3.4", + "readable-stream": "2.3.5", "set-immediate-shim": "1.0.1" } }, @@ -4910,7 +4910,7 @@ "dev": true, "requires": { "chalk": "1.1.3", - "conventional-changelog": "1.1.17", + "conventional-changelog": "1.1.18", "conventional-recommended-bump": "1.2.1", "dotgitignore": "1.0.3", "figures": "1.7.0", @@ -5067,7 +5067,7 @@ "resolved": "https://registry.npmjs.org/through2/-/through2-2.0.3.tgz", "integrity": "sha1-AARWmzfHx0ujnEPzzteNGtlBQL4=", "requires": { - "readable-stream": "2.3.4", + "readable-stream": "2.3.5", "xtend": "4.0.1" } }, diff --git a/package.json b/package.json index 2e441c3a..1cc8f18a 100644 --- a/package.json +++ b/package.json @@ -22,7 +22,7 @@ }, "dependencies": { "globby": "^7.1.1", - "cacache": "^10.0.1", + "cacache": "^10.0.4", "find-cache-dir": "^1.0.0", "serialize-javascript": "^1.4.0", "is-glob": "^4.0.0",