From ea52093544a8d7a7bd5edd2b3ef62a40f1980d78 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 1 Mar 2023 01:52:20 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SEQUELIZE-3324088 - https://snyk.io/vuln/SNYK-JS-SEQUELIZE-3324089 - https://snyk.io/vuln/SNYK-JS-SEQUELIZE-3324090 --- package-lock.json | 37 ++++++++++++++++++++----------------- package.json | 2 +- 2 files changed, 21 insertions(+), 18 deletions(-) diff --git a/package-lock.json b/package-lock.json index a2758e4..3213bad 100644 --- a/package-lock.json +++ b/package-lock.json @@ -22,7 +22,7 @@ "leo-profanity": "^1.6.1", "mysql2": "^2.3.3", "nodemailer": "^6.7.8", - "sequelize": "^6.21.4", + "sequelize": "^6.29.0", "socket.io": "^4.5.2" }, "devDependencies": { @@ -1712,9 +1712,9 @@ } }, "node_modules/retry-as-promised": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/retry-as-promised/-/retry-as-promised-5.0.0.tgz", - "integrity": "sha512-6S+5LvtTl2ggBumk04hBo/4Uf6fRJUwIgunGZ7CYEBCeufGFW1Pu6ucUf/UskHeWOIsUcLOGLFXPig5tR5V1nA==" + "version": "7.0.4", + "resolved": "https://registry.npmjs.org/retry-as-promised/-/retry-as-promised-7.0.4.tgz", + "integrity": "sha512-XgmCoxKWkDofwH8WddD0w85ZfqYz+ZHlr5yo+3YUCfycWawU56T5ckWXsScsj5B8tqUcIG67DxXByo3VUgiAdA==" }, "node_modules/rimraf": { "version": "3.0.2", @@ -1805,9 +1805,9 @@ "integrity": "sha512-hr3Wtp/GZIc/6DAGPDcV4/9WoZhjrkXsi5B/07QgX8tsdc6ilr7BFM6PM6rbdAX1kFSDYeZGLipIZZKyQP0O5Q==" }, "node_modules/sequelize": { - "version": "6.21.4", - "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-6.21.4.tgz", - "integrity": "sha512-5A0+giRhGHerTDRMsZ54TYRB8oQPWxeVscbc4USG9wRtw2Eqik0Vk0p2EVDrhoq7tmNBh2nHpd9YMfvGdwPEJw==", + "version": "6.29.0", + "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-6.29.0.tgz", + "integrity": "sha512-m8Wi90rs3NZP9coXE52c7PL4Q078nwYZXqt1IxPvgki7nOFn0p/F0eKsYDBXCPw9G8/BCEa6zZNk0DQUAT4ypA==", "funding": [ { "type": "opencollective", @@ -1822,9 +1822,9 @@ "inflection": "^1.13.2", "lodash": "^4.17.21", "moment": "^2.29.1", - "moment-timezone": "^0.5.34", + "moment-timezone": "^0.5.35", "pg-connection-string": "^2.5.0", - "retry-as-promised": "^5.0.0", + "retry-as-promised": "^7.0.3", "semver": "^7.3.5", "sequelize-pool": "^7.1.0", "toposort-class": "^1.0.1", @@ -1845,6 +1845,9 @@ "mysql2": { "optional": true }, + "oracledb": { + "optional": true + }, "pg": { "optional": true }, @@ -3593,9 +3596,9 @@ } }, "retry-as-promised": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/retry-as-promised/-/retry-as-promised-5.0.0.tgz", - "integrity": "sha512-6S+5LvtTl2ggBumk04hBo/4Uf6fRJUwIgunGZ7CYEBCeufGFW1Pu6ucUf/UskHeWOIsUcLOGLFXPig5tR5V1nA==" + "version": "7.0.4", + "resolved": "https://registry.npmjs.org/retry-as-promised/-/retry-as-promised-7.0.4.tgz", + "integrity": "sha512-XgmCoxKWkDofwH8WddD0w85ZfqYz+ZHlr5yo+3YUCfycWawU56T5ckWXsScsj5B8tqUcIG67DxXByo3VUgiAdA==" }, "rimraf": { "version": "3.0.2", @@ -3659,9 +3662,9 @@ "integrity": "sha512-hr3Wtp/GZIc/6DAGPDcV4/9WoZhjrkXsi5B/07QgX8tsdc6ilr7BFM6PM6rbdAX1kFSDYeZGLipIZZKyQP0O5Q==" }, "sequelize": { - "version": "6.21.4", - "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-6.21.4.tgz", - "integrity": "sha512-5A0+giRhGHerTDRMsZ54TYRB8oQPWxeVscbc4USG9wRtw2Eqik0Vk0p2EVDrhoq7tmNBh2nHpd9YMfvGdwPEJw==", + "version": "6.29.0", + "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-6.29.0.tgz", + "integrity": "sha512-m8Wi90rs3NZP9coXE52c7PL4Q078nwYZXqt1IxPvgki7nOFn0p/F0eKsYDBXCPw9G8/BCEa6zZNk0DQUAT4ypA==", "requires": { "@types/debug": "^4.1.7", "@types/validator": "^13.7.1", @@ -3670,9 +3673,9 @@ "inflection": "^1.13.2", "lodash": "^4.17.21", "moment": "^2.29.1", - "moment-timezone": "^0.5.34", + "moment-timezone": "^0.5.35", "pg-connection-string": "^2.5.0", - "retry-as-promised": "^5.0.0", + "retry-as-promised": "^7.0.3", "semver": "^7.3.5", "sequelize-pool": "^7.1.0", "toposort-class": "^1.0.1", diff --git a/package.json b/package.json index 979f883..27ee0e6 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "leo-profanity": "^1.6.1", "mysql2": "^2.3.3", "nodemailer": "^6.7.8", - "sequelize": "^6.21.4", + "sequelize": "^6.29.0", "socket.io": "^4.5.2" }, "devDependencies": {