From 2a11547a9b8c453d3bd6b9e09fbd41b5980da441 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 5 Apr 2022 17:09:14 +0000 Subject: [PATCH] fix: superset/assets/package.json & superset/assets/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MOMENT-2440688 - https://snyk.io/vuln/SNYK-JS-URIJS-2440699 --- superset/assets/package-lock.json | 32 +++++++++++++++---------------- superset/assets/package.json | 6 +++--- 2 files changed, 18 insertions(+), 20 deletions(-) diff --git a/superset/assets/package-lock.json b/superset/assets/package-lock.json index 8d3f8ac26fd8e..edc0989f9bda3 100644 --- a/superset/assets/package-lock.json +++ b/superset/assets/package-lock.json @@ -5906,18 +5906,11 @@ } }, "chrono-node": { - "version": "1.3.11", - "resolved": "https://registry.npmjs.org/chrono-node/-/chrono-node-1.3.11.tgz", - "integrity": "sha512-jDWRnY6nYvzfV3HPYBqo+tot7tcsUs9i3arGbMdI0TouPSXP2C2y/Ctp27rxKTQDi6yuTxAB2cw+Q6igGhOhdQ==", + "version": "1.4.2", + "resolved": "https://registry.npmjs.org/chrono-node/-/chrono-node-1.4.2.tgz", + "integrity": "sha512-fsb82wPDHVZl3xtche8k4ZZtNwf81/ZMueil2ANpSfogUAEa3BuzZAar7ObLXi1ptMjBzdzA6ys/bFq1oBjO8w==", "requires": { - "moment": "2.21.0" - }, - "dependencies": { - "moment": { - "version": "2.21.0", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.21.0.tgz", - "integrity": "sha512-TCZ36BjURTeFTM/CwRcViQlfkMvL1/vFISuNLO5GkcVm1+QHfbSiNqZuWeMFjj1/3+uAjXswgRk30j1kkLYJBQ==" - } + "dayjs": "^1.8.19" } }, "ci-info": { @@ -7212,6 +7205,11 @@ "integrity": "sha1-6vQ5/U1ISK105cx9vvIAZyueNFs=", "dev": true }, + "dayjs": { + "version": "1.11.0", + "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.0.tgz", + "integrity": "sha512-JLC809s6Y948/FuCZPm5IX8rRhQwOiyMb2TfVVQEixG7P8Lm/gt5S7yoQZmC8x1UehI9Pb7sksEt4xx14m+7Ug==" + }, "debug": { "version": "2.6.9", "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", @@ -14081,9 +14079,9 @@ } }, "moment": { - "version": "2.23.0", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.23.0.tgz", - "integrity": "sha512-3IE39bHVqFbWWaPOMHZF98Q9c3LDKGTmypMiTM2QygGXXElkFWIH7GxfmlwmY2vwa+wmNsoYZmG2iusf1ZjJoA==" + "version": "2.29.2", + "resolved": "https://registry.npmjs.org/moment/-/moment-2.29.2.tgz", + "integrity": "sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg==" }, "moo": { "version": "0.4.3", @@ -21563,9 +21561,9 @@ } }, "urijs": { - "version": "1.19.1", - "resolved": "https://registry.npmjs.org/urijs/-/urijs-1.19.1.tgz", - "integrity": "sha512-xVrGVi94ueCJNrBSTjWqjvtgvl3cyOTThp2zaMaFNGp3F542TR6sM3f2o8RqZl+AwteClSVmoCyt0ka4RjQOQg==" + "version": "1.19.11", + "resolved": "https://registry.npmjs.org/urijs/-/urijs-1.19.11.tgz", + "integrity": "sha512-HXgFDgDommxn5/bIv0cnQZsPhHDA90NPHD6+c/v21U5+Sx5hoP8+dP9IZXBU1gIfvdRfhG8cel9QNPeionfcCQ==" }, "urix": { "version": "0.1.0", diff --git a/superset/assets/package.json b/superset/assets/package.json index f314f6a6848cf..cefae644215ce 100644 --- a/superset/assets/package.json +++ b/superset/assets/package.json @@ -85,7 +85,7 @@ "bootstrap": "^3.3.6", "bootstrap-slider": "^10.0.0", "brace": "^0.11.1", - "chrono-node": "^1.3.11", + "chrono-node": "^1.4.2", "classnames": "^2.2.5", "d3-array": "^1.2.4", "d3-color": "^1.2.0", @@ -101,7 +101,7 @@ "lodash": "^4.17.11", "mapbox-gl": "^0.53.0", "mathjs": "^3.20.2", - "moment": "^2.20.1", + "moment": "^2.29.2", "mousetrap": "^1.6.1", "mustache": "^2.2.1", "omnibar": "^2.1.1", @@ -141,7 +141,7 @@ "redux-undo": "^1.0.0-beta9-9-7", "shortid": "^2.2.6", "underscore": "^1.8.3", - "urijs": "^1.18.10", + "urijs": "^1.19.11", "viewport-mercator-project": "^6.1.1" }, "devDependencies": {