From 38e32cbe835de4ece5c5e84ed8713bdbf125151f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 27 Jul 2024 12:29:21 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-7444593 - https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-7444617 --- package-lock.json | 38 +++++++++++++++++++++++++++++++------- package.json | 2 +- 2 files changed, 32 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 6864fa6..4610728 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12,7 +12,7 @@ "async": "^2.6.3", "bcryptjs": "^2.4.3", "body-parser": "^1.19.0", - "bootstrap": "^3.4.1", + "bootstrap": "^4.0.0", "compression": "^1.7.4", "cookie-parser": "1.4.4", "debug": "^2.6.7", @@ -334,11 +334,16 @@ } }, "node_modules/bootstrap": { - "version": "3.4.1", - "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-3.4.1.tgz", - "integrity": "sha512-yN5oZVmRCwe5aKwzRj6736nSmKDX7pLYwsXiCj/EYmo16hODaBiT4En5btW/jhBF/seV+XMx3aYwukYC3A49DA==", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-4.0.0.tgz", + "integrity": "sha512-gulJE5dGFo6Q61V/whS6VM4WIyrlydXfCgkE+Gxe5hjrJ8rXLLZlALq7zq2RPhOc45PSwQpJkrTnc2KgD6cvmA==", + "license": "MIT", "engines": { "node": ">=6" + }, + "peerDependencies": { + "jquery": "1.9.1 - 3", + "popper.js": "^1.12.9" } }, "node_modules/brace-expansion": { @@ -3097,6 +3102,18 @@ "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==" }, + "node_modules/popper.js": { + "version": "1.16.1", + "resolved": "https://registry.npmjs.org/popper.js/-/popper.js-1.16.1.tgz", + "integrity": "sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ==", + "deprecated": "You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1", + "license": "MIT", + "peer": true, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/popperjs" + } + }, "node_modules/postcss": { "version": "8.4.13", "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.13.tgz", @@ -4306,9 +4323,10 @@ } }, "bootstrap": { - "version": "3.4.1", - "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-3.4.1.tgz", - "integrity": "sha512-yN5oZVmRCwe5aKwzRj6736nSmKDX7pLYwsXiCj/EYmo16hODaBiT4En5btW/jhBF/seV+XMx3aYwukYC3A49DA==" + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-4.0.0.tgz", + "integrity": "sha512-gulJE5dGFo6Q61V/whS6VM4WIyrlydXfCgkE+Gxe5hjrJ8rXLLZlALq7zq2RPhOc45PSwQpJkrTnc2KgD6cvmA==", + "requires": {} }, "brace-expansion": { "version": "1.1.11", @@ -6376,6 +6394,12 @@ "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==" }, + "popper.js": { + "version": "1.16.1", + "resolved": "https://registry.npmjs.org/popper.js/-/popper.js-1.16.1.tgz", + "integrity": "sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ==", + "peer": true + }, "postcss": { "version": "8.4.13", "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.13.tgz", diff --git a/package.json b/package.json index 6d6e820..e69a2b8 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "async": "^2.6.3", "bcryptjs": "^2.4.3", "body-parser": "^1.19.0", - "bootstrap": "^3.4.1", + "bootstrap": "^4.0.0", "compression": "^1.7.4", "cookie-parser": "1.4.4", "debug": "^2.6.7",