From 471a99de70529220bcee46a88f887b21f3eb89b5 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 16 Jan 2026 16:43:39 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-UNDICI-14943963 --- package-lock.json | 79 ++++++++++++++++++++--------------------------- package.json | 4 +-- 2 files changed, 36 insertions(+), 47 deletions(-) diff --git a/package-lock.json b/package-lock.json index 4afa738..fdff849 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,17 +1,17 @@ { "name": "doc2vec", - "version": "1.1.1", + "version": "1.3.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "doc2vec", - "version": "1.1.1", + "version": "1.3.0", "license": "ISC", "dependencies": { "@mozilla/readability": "^0.4.4", - "@qdrant/js-client-rest": "^1.13.0", - "@qdrant/qdrant-js": "^1.13.0", + "@qdrant/js-client-rest": "^1.14.1", + "@qdrant/qdrant-js": "^1.14.1", "axios": "^1.6.2", "better-sqlite3": "^11.9.1", "chalk": "^5.4.1", @@ -83,6 +83,7 @@ "resolved": "https://registry.npmjs.org/@bufbuild/connect/-/connect-0.10.1.tgz", "integrity": "sha512-rqdZakAdajdSnRO342K7S3gZnUPMYXF2JsUDMA4vpR34SYdWYXiL2mclUMTaUk+EfLK04ulyejNaFAc0e5o8Qw==", "deprecated": "Connect has moved to its own org @connectrpc and has a stable v1. Run `npx @connectrpc/connect-migrate@latest` to update. See https://github.com/connectrpc/connect-es/releases/tag/v0.13.1 for details.", + "license": "Apache-2.0", "peerDependencies": { "@bufbuild/protobuf": "^1.2.1" } @@ -92,6 +93,7 @@ "resolved": "https://registry.npmjs.org/@bufbuild/connect-node/-/connect-node-0.10.1.tgz", "integrity": "sha512-l70tmks+txIzggO+kPkaOQmAapiBavK3rqTGsUTIlwk2nuuq8dUCIBnhbRxgZlyF67pNA1FTzoOucv/A3RteGA==", "deprecated": "Connect has moved to its own org @connectrpc and has a stable v1. Run `npx @connectrpc/connect-migrate@latest` to update. See https://github.com/connectrpc/connect-es/releases/tag/v0.13.1 for details.", + "license": "Apache-2.0", "dependencies": { "@bufbuild/connect": "0.10.1", "headers-polyfill": "^3.1.2" @@ -104,9 +106,10 @@ } }, "node_modules/@bufbuild/protobuf": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/@bufbuild/protobuf/-/protobuf-1.10.0.tgz", - "integrity": "sha512-QDdVFLoN93Zjg36NoQPZfsVH9tZew7wKDKyV5qRdj8ntT4wQCOradQjRaTdwMhWUYsgKsvCINKKm87FdEk96Ag==" + "version": "1.10.1", + "resolved": "https://registry.npmjs.org/@bufbuild/protobuf/-/protobuf-1.10.1.tgz", + "integrity": "sha512-wJ8ReQbHxsAfXhrf9ixl0aYbZorRuOWpBNzm8pL8ftmSxQx/wnJD5Eg861NwJU/czy2VXFIebCeZnZrI9rktIQ==", + "license": "(Apache-2.0 AND BSD-3-Clause)" }, "node_modules/@cspotcode/source-map-support": { "version": "0.8.1", @@ -225,14 +228,6 @@ "node": ">=18" } }, - "node_modules/@fastify/busboy": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/@fastify/busboy/-/busboy-2.1.1.tgz", - "integrity": "sha512-vBZP4NlzfOlerQTnba4aqZoMhE/a9HY7HRqoOPaETQcSQuWEIyZMHGfVu6w9wGtGK5fED5qRs2DteVCjOH60sA==", - "engines": { - "node": ">=14" - } - }, "node_modules/@jridgewell/resolve-uri": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", @@ -497,9 +492,10 @@ } }, "node_modules/@qdrant/js-client-grpc": { - "version": "1.13.0", - "resolved": "https://registry.npmjs.org/@qdrant/js-client-grpc/-/js-client-grpc-1.13.0.tgz", - "integrity": "sha512-LO2owZJ/HYuj3Xq02X023ArA+JE0FcZjt7nVYHg6lb+JV02G2vF01R464ouqO1XawWsXyq0JOkczw1vFsoD3wQ==", + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/@qdrant/js-client-grpc/-/js-client-grpc-1.14.1.tgz", + "integrity": "sha512-vHp3+AyPKuFzEMmBHSj+2E3i70DDZyKas1dCBr+gtNNz9xrK4htLRZy3OdQoPPq/gV3uSLmVy2BMIsMJe0iW1g==", + "license": "Apache-2.0", "dependencies": { "@bufbuild/connect": "^0.10.0", "@bufbuild/connect-node": "^0.10.0", @@ -514,16 +510,17 @@ } }, "node_modules/@qdrant/js-client-rest": { - "version": "1.13.0", - "resolved": "https://registry.npmjs.org/@qdrant/js-client-rest/-/js-client-rest-1.13.0.tgz", - "integrity": "sha512-bewMtnXlGvhhnfXsp0sLoLXOGvnrCM15z9lNlG0Snp021OedNAnRtKkerjk5vkOcbQWUmJHXYCuxDfcT93aSkA==", + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/@qdrant/js-client-rest/-/js-client-rest-1.14.1.tgz", + "integrity": "sha512-CkCCTDc4gCXq+hhjB3yDw9Hs/PxCJ0bKqk/LjAAmuL9+nDm/RPue4C/tGOIMlzouTQ2l6J6t+JPeM//j38VFug==", + "license": "Apache-2.0", "dependencies": { "@qdrant/openapi-typescript-fetch": "1.2.6", "@sevinf/maybe": "0.5.0", - "undici": "~5.28.4" + "undici": "^6.0.0" }, "engines": { - "node": ">=18.0.0", + "node": ">=18.17.0", "pnpm": ">=8" }, "peerDependencies": { @@ -540,15 +537,16 @@ } }, "node_modules/@qdrant/qdrant-js": { - "version": "1.13.0", - "resolved": "https://registry.npmjs.org/@qdrant/qdrant-js/-/qdrant-js-1.13.0.tgz", - "integrity": "sha512-TDrO2twzAH52foK/dP1lCPiSCq+fi8At5BzizMP0gZcNd3QZoiafIk0smyX/JmPIhCJ1oenBO5epKjYrtBppiQ==", + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/@qdrant/qdrant-js/-/qdrant-js-1.14.1.tgz", + "integrity": "sha512-NHSOA0oryAbGo+1IfMcur+OEH67r/kLe9VieIF4+Xe2KZLADDQ2cHjB0V+VkOxiIQNNCe67bVHLwWEbSS3LSiw==", + "license": "Apache-2.0", "dependencies": { - "@qdrant/js-client-grpc": "1.13.0", - "@qdrant/js-client-rest": "1.13.0" + "@qdrant/js-client-grpc": "1.14.1", + "@qdrant/js-client-rest": "1.14.1" }, "engines": { - "node": ">=18.0.0", + "node": ">=18.17.0", "pnpm": ">=8" }, "peerDependencies": { @@ -1028,14 +1026,6 @@ "entities": "^4.5.0" } }, - "node_modules/cheerio/node_modules/undici": { - "version": "6.21.2", - "resolved": "https://registry.npmjs.org/undici/-/undici-6.21.2.tgz", - "integrity": "sha512-uROZWze0R0itiAKVPsYhFov9LxrPMHLMEQFszeI2gCN6bnIIZ8twzBCJcN2LJrBBLfrP0t1FW0g+JmKVl8Vk1g==", - "engines": { - "node": ">=18.17" - } - }, "node_modules/chownr": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", @@ -1783,7 +1773,8 @@ "node_modules/headers-polyfill": { "version": "3.3.0", "resolved": "https://registry.npmjs.org/headers-polyfill/-/headers-polyfill-3.3.0.tgz", - "integrity": "sha512-5e57etwBpNcDc0b6KCVWEh/Ro063OxPvzVimUdM0/tsYM/T7Hfy3kknIGj78SFTOhNd8AZY41U8mOHoO4LzmIQ==" + "integrity": "sha512-5e57etwBpNcDc0b6KCVWEh/Ro063OxPvzVimUdM0/tsYM/T7Hfy3kknIGj78SFTOhNd8AZY41U8mOHoO4LzmIQ==", + "license": "MIT" }, "node_modules/html-encoding-sniffer": { "version": "4.0.0", @@ -3001,14 +2992,12 @@ } }, "node_modules/undici": { - "version": "5.28.5", - "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.5.tgz", - "integrity": "sha512-zICwjrDrcrUE0pyyJc1I2QzBkLM8FINsgOrt6WjA+BgajVq9Nxu2PbFFXUrAggLfDXlZGZBVZYw7WNV5KiBiBA==", - "dependencies": { - "@fastify/busboy": "^2.0.0" - }, + "version": "6.23.0", + "resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz", + "integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==", + "license": "MIT", "engines": { - "node": ">=14.0" + "node": ">=18.17" } }, "node_modules/undici-types": { diff --git a/package.json b/package.json index 58cffbb..859a280 100644 --- a/package.json +++ b/package.json @@ -27,8 +27,8 @@ "license": "ISC", "dependencies": { "@mozilla/readability": "^0.4.4", - "@qdrant/js-client-rest": "^1.13.0", - "@qdrant/qdrant-js": "^1.13.0", + "@qdrant/js-client-rest": "^1.14.1", + "@qdrant/qdrant-js": "^1.14.1", "axios": "^1.6.2", "better-sqlite3": "^11.9.1", "chalk": "^5.4.1",