fix: package.json & package-lock.json to reduce vulnerabilities (#7112)

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-1038255
2021-01-06 23:44:21 +02:00
parent fefcabe858
commit 7b8d8ddbb0
2 changed files with 9 additions and 37 deletions
--- a/package-lock.json
+++ b/package-lock.json
@@ -4244,34 +4244,11 @@
      "integrity": "sha512-Uvq6hVe90D0B2WEnUqtdgY1bATGz3mw33nH9Y+dmA+w5DHvUmBgkr5rM/KCHpCsiFNRUfokW/szpPPgMK2hm4A=="
    },
    "axios": {
-      "version": "0.19.2",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-0.19.2.tgz",
-      "integrity": "sha512-fjgm5MvRHLhx+osE2xoekY70AhARk3a6hkN+3Io1jc00jtquGvxYlKlsFUhmUET0V5te6CcZI7lcv2Ym61mjHA==",
+      "version": "0.21.1",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.1.tgz",
+      "integrity": "sha512-dKQiRHxGD9PPRIUNIWvZhPTPpl1rf/OxTYKsqKUDjBwYylTvV7SjSHJb9ratfyzM6wCdLCOYLzs73qpg5c4iGA==",
      "requires": {
-        "follow-redirects": "1.5.10"
-      },
-      "dependencies": {
-        "debug": {
-          "version": "3.1.0",
-          "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz",
-          "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==",
-          "requires": {
-            "ms": "2.0.0"
-          }
-        },
-        "follow-redirects": {
-          "version": "1.5.10",
-          "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.10.tgz",
-          "integrity": "sha512-0V5l4Cizzvqt5D44aTXbFZz+FtyXV1vrDN6qrelxtfYQKW0KO0W2T/hkE8xvGa/540LkZlkaUjO4ailYTFtHVQ==",
-          "requires": {
-            "debug": "=3.1.0"
-          }
-        },
-        "ms": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
-          "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g="
-        }
+        "follow-redirects": "^1.10.0"
      }
    },
    "babel-eslint": {
@@ -8429,12 +8406,12 @@
      }
    },
    "jwks-rsa": {
-      "version": "1.12.0",
-      "resolved": "https://registry.npmjs.org/jwks-rsa/-/jwks-rsa-1.12.0.tgz",
-      "integrity": "sha512-6zKwlhnGQo+KivArZQThGoxrliRZgyC8s6yXDFSNRiMEVm+4jv07nBkVPFoaN/rEX0b47GKm5MSyBmuzGjj6wg==",
+      "version": "1.12.1",
+      "resolved": "https://registry.npmjs.org/jwks-rsa/-/jwks-rsa-1.12.1.tgz",
+      "integrity": "sha512-N7RsfrzK3+S+SqKEEhWF7Ak87Gzg0KcZq/f8h0VqL2ur3nTB6pi5J12uelGAzB3VfhWQI+zfolHE2XDu/EI7Hg==",
      "requires": {
        "@types/express-jwt": "0.0.42",
-        "axios": "^0.19.2",
+        "axios": "^0.21.1",
        "debug": "^4.1.0",
        "http-proxy-agent": "^4.0.1",
        "https-proxy-agent": "^5.0.0",
@@ -8479,11 +8456,6 @@
            "agent-base": "6",
            "debug": "4"
          }
-        },
-        "proxy-from-env": {
-          "version": "1.1.0",
-          "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
-          "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg=="
        }
      }
    },
--- a/package.json
+++ b/package.json
@@ -41,7 +41,7 @@
    "graphql-upload": "11.0.0",
    "intersect": "1.0.1",
    "jsonwebtoken": "8.5.1",
-    "jwks-rsa": "1.12.0",
+    "jwks-rsa": "1.12.1",
    "ldapjs": "2.2.3",
    "lodash": "4.17.20",
    "lru-cache": "5.1.1",