From 20fa2f74e0e22a747f558681de265d99bf952c51 Mon Sep 17 00:00:00 2001 From: mulahasanovic Date: Thu, 18 Sep 2025 16:15:08 +0200 Subject: [PATCH 1/3] fix(deps): bump axios CVE-2025-58754 --- package-lock.json | 37 +++++-------------------------------- package.json | 2 +- 2 files changed, 6 insertions(+), 33 deletions(-) diff --git a/package-lock.json b/package-lock.json index 910a561..3d8f2fd 100644 --- a/package-lock.json +++ b/package-lock.json @@ -17,7 +17,7 @@ "@sasjs/adapter": "4.12.2", "@sasjs/core": "4.56.1", "@sasjs/utils": "3.5.2", - "axios": "1.8.3", + "axios": "^1.12.2", "moment": "^2.29.1", "react": "^18.3.1", "react-dom": "^18.3.1", @@ -1810,18 +1810,6 @@ "node": ">=6.9.0" } }, - "node_modules/@colors/colors": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/@colors/colors/-/colors-1.5.0.tgz", - "integrity": "sha512-ooWCrlZP11i8GImSjTHYHLkvFDP48nS4+204nGb1RiX/WXYHmJA2III9/e2DWVabCESdW7hBAEzHRqUn9OUVvQ==", - "dev": true, - "license": "MIT", - "optional": true, - "peer": true, - "engines": { - "node": ">=0.1.90" - } - }, "node_modules/@coolaj86/urequest": { "version": "1.3.7", "resolved": "https://registry.npmjs.org/@coolaj86/urequest/-/urequest-1.3.7.tgz", @@ -4797,13 +4785,13 @@ } }, "node_modules/axios": { - "version": "1.8.3", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.8.3.tgz", - "integrity": "sha512-iP4DebzoNlP/YN2dpwCgb8zoCmhtkajzS48JvwmkSkXvPI3DHc7m+XYL5tGnSlJtR6nImXZmdCuN5aP8dh1d8A==", + "version": "1.12.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.12.2.tgz", + "integrity": "sha512-vMJzPewAlRyOgxV2dU0Cuz2O8zzzx9VYtbJOaBgXFeLc4IV/Eg50n4LowmehOOR61S8ZMpc2K5Sa7g6A4jfkUw==", "license": "MIT", "dependencies": { "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", + "form-data": "^4.0.4", "proxy-from-env": "^1.1.0" } }, @@ -18094,21 +18082,6 @@ "dev": true, "license": "MIT" }, - "node_modules/uglify-js": { - "version": "3.19.3", - "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.19.3.tgz", - "integrity": "sha512-v3Xu+yuwBXisp6QYTcH4UbH+xYJXqnq2m/LtQVWKWzYc1iehYnLixoQDN9FH6/j9/oybfd6W9Ghwkl8+UMKTKQ==", - "dev": true, - "license": "BSD-2-Clause", - "optional": true, - "peer": true, - "bin": { - "uglifyjs": "bin/uglifyjs" - }, - "engines": { - "node": ">=0.8.0" - } - }, "node_modules/unbox-primitive": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/unbox-primitive/-/unbox-primitive-1.1.0.tgz", diff --git a/package.json b/package.json index e182fc7..baf3cab 100644 --- a/package.json +++ b/package.json @@ -31,7 +31,7 @@ "@sasjs/adapter": "4.12.2", "@sasjs/core": "4.56.1", "@sasjs/utils": "3.5.2", - "axios": "1.8.3", + "axios": "^1.12.2", "moment": "^2.29.1", "react": "^18.3.1", "react-dom": "^18.3.1", From 235475b7e83228c11127713167e78590bf291556 Mon Sep 17 00:00:00 2001 From: mulahasanovic Date: Fri, 19 Sep 2025 10:52:00 +0200 Subject: [PATCH 2/3] fix(deps): bump @sasjs/adapter CVE-2025-58754 --- package-lock.json | 49 +++++++++++++++++++++++++++++++---------------- package.json | 2 +- 2 files changed, 34 insertions(+), 17 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3d8f2fd..0214d82 100644 --- a/package-lock.json +++ b/package-lock.json @@ -14,7 +14,7 @@ "@mui/material": "^5.16.7", "@mui/styles": "^6.4.8", "@mui/x-tree-view": "^6.17.0", - "@sasjs/adapter": "4.12.2", + "@sasjs/adapter": "^4.14.0", "@sasjs/core": "4.56.1", "@sasjs/utils": "3.5.2", "axios": "^1.12.2", @@ -3114,31 +3114,20 @@ } }, "node_modules/@sasjs/adapter": { - "version": "4.12.2", - "resolved": "https://registry.npmjs.org/@sasjs/adapter/-/adapter-4.12.2.tgz", - "integrity": "sha512-OV5mx3N2Hywhp0M+SBLTuG42x/LDnMxrb2/pwG4RQbhfzvAwdHVEoXRouDJ49RMSY9s6TJcwUPh+Xzafl5sG/g==", + "version": "4.14.0", + "resolved": "https://registry.npmjs.org/@sasjs/adapter/-/adapter-4.14.0.tgz", + "integrity": "sha512-kLjThuLayOr35A+MloXx4Z2tqjui48vHYmVXXmqiFe26Wal6i2jflzhVN5+srmYlGzJX+G0SN78kYTKfvr3lcA==", "hasInstallScript": true, "license": "ISC", "dependencies": { "@sasjs/utils": "3.5.2", - "axios": "1.8.2", + "axios": "1.12.2", "axios-cookiejar-support": "5.0.5", "form-data": "4.0.4", "https": "1.0.0", "tough-cookie": "4.1.3" } }, - "node_modules/@sasjs/adapter/node_modules/axios": { - "version": "1.8.2", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.8.2.tgz", - "integrity": "sha512-ls4GYBm5aig9vWx8AWDSGLpnpDQRtWAfrjU+EuytuODrFBkqesN2RkOQCBzrA1RQNHw1SmRMSDDDSwzNAYQ6Rg==", - "license": "MIT", - "dependencies": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } - }, "node_modules/@sasjs/cli": { "version": "4.12.10", "resolved": "https://registry.npmjs.org/@sasjs/cli/-/cli-4.12.10.tgz", @@ -3172,6 +3161,22 @@ "sasjs": "build/index.js" } }, + "node_modules/@sasjs/cli/node_modules/@sasjs/adapter": { + "version": "4.12.2", + "resolved": "https://registry.npmjs.org/@sasjs/adapter/-/adapter-4.12.2.tgz", + "integrity": "sha512-OV5mx3N2Hywhp0M+SBLTuG42x/LDnMxrb2/pwG4RQbhfzvAwdHVEoXRouDJ49RMSY9s6TJcwUPh+Xzafl5sG/g==", + "dev": true, + "hasInstallScript": true, + "license": "ISC", + "dependencies": { + "@sasjs/utils": "3.5.2", + "axios": "1.8.2", + "axios-cookiejar-support": "5.0.5", + "form-data": "4.0.4", + "https": "1.0.0", + "tough-cookie": "4.1.3" + } + }, "node_modules/@sasjs/cli/node_modules/@sasjs/core": { "version": "4.59.1", "resolved": "https://registry.npmjs.org/@sasjs/core/-/core-4.59.1.tgz", @@ -3179,6 +3184,18 @@ "dev": true, "license": "MIT" }, + "node_modules/@sasjs/cli/node_modules/axios": { + "version": "1.8.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.8.2.tgz", + "integrity": "sha512-ls4GYBm5aig9vWx8AWDSGLpnpDQRtWAfrjU+EuytuODrFBkqesN2RkOQCBzrA1RQNHw1SmRMSDDDSwzNAYQ6Rg==", + "dev": true, + "license": "MIT", + "dependencies": { + "follow-redirects": "^1.15.6", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" + } + }, "node_modules/@sasjs/cli/node_modules/dotenv": { "version": "16.0.3", "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.0.3.tgz", diff --git a/package.json b/package.json index baf3cab..a817087 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "@mui/material": "^5.16.7", "@mui/styles": "^6.4.8", "@mui/x-tree-view": "^6.17.0", - "@sasjs/adapter": "4.12.2", + "@sasjs/adapter": "^4.14.0", "@sasjs/core": "4.56.1", "@sasjs/utils": "3.5.2", "axios": "^1.12.2", From 781fcf578b18cef374375bffd059f6d2cf609ab1 Mon Sep 17 00:00:00 2001 From: mulahasanovic Date: Fri, 19 Sep 2025 14:33:00 +0200 Subject: [PATCH 3/3] fix(deps): bump @sasjs/cli --- package-lock.json | 38 +++++--------------------------------- package.json | 2 +- 2 files changed, 6 insertions(+), 34 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0214d82..6084fdc 100644 --- a/package-lock.json +++ b/package-lock.json @@ -31,7 +31,7 @@ "@babel/preset-env": "^7.18.2", "@babel/preset-react": "^7.16.7", "@babel/preset-typescript": "^7.17.12", - "@sasjs/cli": "^4.11.1", + "@sasjs/cli": "^4.12.11", "@semantic-release/changelog": "^6.0.1", "@semantic-release/exec": "^6.0.3", "@semantic-release/git": "^10.0.1", @@ -3129,14 +3129,14 @@ } }, "node_modules/@sasjs/cli": { - "version": "4.12.10", - "resolved": "https://registry.npmjs.org/@sasjs/cli/-/cli-4.12.10.tgz", - "integrity": "sha512-eWh7cTtIEH9PnKdooRWZ8yWVle4jPb0D7k+QKaPSBIW+ZbtyS87yNVU4MwkonSKCHneuhvrMMo8YV8QrqoUo7Q==", + "version": "4.12.11", + "resolved": "https://registry.npmjs.org/@sasjs/cli/-/cli-4.12.11.tgz", + "integrity": "sha512-s6iTbr9XmdeMreXdlIFFLrOjXWW9xOoV5AB7oMeSpw3mhlNV5EPh2BZMZAWTWgQ52038viiaaCzrTevMIJUsUQ==", "dev": true, "hasInstallScript": true, "license": "ISC", "dependencies": { - "@sasjs/adapter": "4.12.2", + "@sasjs/adapter": "4.14.0", "@sasjs/core": "4.59.1", "@sasjs/lint": "2.4.3", "@sasjs/utils": "3.5.2", @@ -3161,22 +3161,6 @@ "sasjs": "build/index.js" } }, - "node_modules/@sasjs/cli/node_modules/@sasjs/adapter": { - "version": "4.12.2", - "resolved": "https://registry.npmjs.org/@sasjs/adapter/-/adapter-4.12.2.tgz", - "integrity": "sha512-OV5mx3N2Hywhp0M+SBLTuG42x/LDnMxrb2/pwG4RQbhfzvAwdHVEoXRouDJ49RMSY9s6TJcwUPh+Xzafl5sG/g==", - "dev": true, - "hasInstallScript": true, - "license": "ISC", - "dependencies": { - "@sasjs/utils": "3.5.2", - "axios": "1.8.2", - "axios-cookiejar-support": "5.0.5", - "form-data": "4.0.4", - "https": "1.0.0", - "tough-cookie": "4.1.3" - } - }, "node_modules/@sasjs/cli/node_modules/@sasjs/core": { "version": "4.59.1", "resolved": "https://registry.npmjs.org/@sasjs/core/-/core-4.59.1.tgz", @@ -3184,18 +3168,6 @@ "dev": true, "license": "MIT" }, - "node_modules/@sasjs/cli/node_modules/axios": { - "version": "1.8.2", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.8.2.tgz", - "integrity": "sha512-ls4GYBm5aig9vWx8AWDSGLpnpDQRtWAfrjU+EuytuODrFBkqesN2RkOQCBzrA1RQNHw1SmRMSDDDSwzNAYQ6Rg==", - "dev": true, - "license": "MIT", - "dependencies": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } - }, "node_modules/@sasjs/cli/node_modules/dotenv": { "version": "16.0.3", "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.0.3.tgz", diff --git a/package.json b/package.json index a817087..edc471f 100644 --- a/package.json +++ b/package.json @@ -45,7 +45,7 @@ "@babel/preset-env": "^7.18.2", "@babel/preset-react": "^7.16.7", "@babel/preset-typescript": "^7.17.12", - "@sasjs/cli": "^4.11.1", + "@sasjs/cli": "^4.12.11", "@semantic-release/changelog": "^6.0.1", "@semantic-release/exec": "^6.0.3", "@semantic-release/git": "^10.0.1",