Skip to content

Commit a342420

Browse files
snyk-botsnyk-bot
authored
fix: package.json & yarn.lock to reduce vulnerabilities (#792)
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MARKED-2342073 - https://snyk.io/vuln/SNYK-JS-MARKED-2342082 - https://snyk.io/vuln/SNYK-JS-MARKED-584281
1 parent 03b90dd commit a342420

File tree

2 files changed

+37
-86
lines changed

2 files changed

+37
-86
lines changed

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@
6060
"dgeni": "^0.4.12",
6161
"dgeni-packages": "~0.28.3",
6262
"dotenv": "^10.0.0",
63-
"firebase-tools": "^10.1.0",
63+
"firebase-tools": "^10.1.2",
6464
"fs-extra": "^5.0.0",
6565
"glob": "^7.1.3",
6666
"gulp": "^4.0.0",

yarn.lock

Lines changed: 36 additions & 85 deletions
Original file line numberDiff line numberDiff line change
@@ -1435,7 +1435,7 @@
14351435
resolved "https://registry.yarnpkg.com/@google-cloud/promisify/-/promisify-2.0.4.tgz#9d8705ecb2baa41b6b2673f3a8e9b7b7e1abc52a"
14361436
integrity sha512-j8yRSSqswWi1QqUGKVEKOG03Q7qOoZP6/h2zN2YO+F5h2+DHU0bSrHCK9Y7lo2DI9fBd8qGAw795sf+3Jva4yA==
14371437

1438-
"@google-cloud/pubsub@^2.7.0":
1438+
"@google-cloud/pubsub@^2.18.4":
14391439
version "2.18.4"
14401440
resolved "https://registry.yarnpkg.com/@google-cloud/pubsub/-/pubsub-2.18.4.tgz#41b56cd428d51c6a699b7515af86d9c22ea94a4a"
14411441
integrity sha512-mgKZ7XdXN7MEGK+MCmRKuoq3GBiuYIa9ytYuV1DIHbd+eYqqyPYZHvL8g/73eogkNYK5TxSydja7TCRDzfJaxA==
@@ -2414,7 +2414,7 @@
24142414
resolved "https://registry.yarnpkg.com/@yarnpkg/lockfile/-/lockfile-1.1.0.tgz#e77a97fbd345b76d83245edcd17d393b1b41fb31"
24152415
integrity sha512-GpSwvyXOcOOlV70vbnzjj4fW5xW/FdUF6nQEt1ENy7m4ZCczi1+/buVUPAqmGfqznsORNFzUMjctTIp8a9tuCQ==
24162416

2417-
JSONStream@^1.0.4, JSONStream@^1.2.1:
2417+
JSONStream@^1.0.4:
24182418
version "1.3.5"
24192419
resolved "https://registry.yarnpkg.com/JSONStream/-/JSONStream-1.3.5.tgz#3208c1f08d3a4d99261ab64f92302bc15e111ca0"
24202420
integrity sha512-E+iruNOY8VV9s4JEbe1aNEm6MiszPRr/UfcHMz0TQh1BXSxHK+ASV1R6W4HpjBhSeS+54PIsAMCBmwD06LLsqQ==
@@ -3725,11 +3725,6 @@ chokidar@^2.0.0:
37253725
optionalDependencies:
37263726
fsevents "^1.2.7"
37273727

3728-
chownr@^1.1.4:
3729-
version "1.1.4"
3730-
resolved "https://registry.yarnpkg.com/chownr/-/chownr-1.1.4.tgz#6fc9d7b42d32a583596337666e7d08084da2cc6b"
3731-
integrity sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==
3732-
37333728
chownr@^2.0.0:
37343729
version "2.0.0"
37353730
resolved "https://registry.yarnpkg.com/chownr/-/chownr-2.0.0.tgz#15bfbe53d2eab4cf70f18a8cd68ebe5b3cb1dece"
@@ -4601,12 +4596,10 @@ cssesc@^3.0.0:
46014596
resolved "https://registry.yarnpkg.com/cssesc/-/cssesc-3.0.0.tgz#37741919903b868565e1c09ea747445cd18983ee"
46024597
integrity sha512-/Tb/JcjK111nNScGob5MNtsntNM1aCNUDipB/TkwZFhyDrrE47SOx/18wF2bbjgc3ZzCSKW1T5nt5EbFoAz/Vg==
46034598

4604-
csv-streamify@^3.0.4:
4605-
version "3.0.4"
4606-
resolved "https://registry.yarnpkg.com/csv-streamify/-/csv-streamify-3.0.4.tgz#4cb614c57e3f299cca17b63fdcb4ad167777f47a"
4607-
integrity sha1-TLYUxX4/KZzKF7Y/3LStFnd39Ho=
4608-
dependencies:
4609-
through2 "2.0.1"
4599+
csv-parse@^5.0.4:
4600+
version "5.0.4"
4601+
resolved "https://registry.yarnpkg.com/csv-parse/-/csv-parse-5.0.4.tgz#97e5e654413bcf95f2714ce09bcb2be6de0eb8e3"
4602+
integrity sha512-5AIdl8l6n3iYQYxan5djB5eKDa+vBnhfWZtRpJTcrETWfVLYN0WSj3L9RwvgYt+psoO77juUr8TG8qpfGZifVQ==
46104603

46114604
cuint@^0.2.2:
46124605
version "0.2.2"
@@ -6010,13 +6003,12 @@ fined@^1.0.1:
60106003
object.pick "^1.2.0"
60116004
parse-filepath "^1.0.1"
60126005

6013-
firebase-tools@^10.1.0:
6014-
version "10.1.1"
6015-
resolved "https://registry.yarnpkg.com/firebase-tools/-/firebase-tools-10.1.1.tgz#1aeab1b058c9adbca1884cfe743380d196ef5065"
6016-
integrity sha512-rL/p4TJ1KSDymIO7Ve4WJT8P3tvpzvU0G1AfqzmvouuYO7eCuv8yOaZwkpXmM48F1YiHqlj28YgAt5Vyh2u+nw==
6006+
firebase-tools@^10.1.2:
6007+
version "10.1.2"
6008+
resolved "https://registry.yarnpkg.com/firebase-tools/-/firebase-tools-10.1.2.tgz#7ed235dc8739aaf5047aa0437eba1765d724d52a"
6009+
integrity sha512-Z8TA9wGeN5vbl/NJBhiwrm2RLmZgHPvv9G4mQhqyWkfcrlglWwqxgA4KsmZABwtyE7A4teDC4yBdw4K7d6JTcw==
60176010
dependencies:
6018-
"@google-cloud/pubsub" "^2.7.0"
6019-
JSONStream "^1.2.1"
6011+
"@google-cloud/pubsub" "^2.18.4"
60206012
abort-controller "^3.0.0"
60216013
ajv "^6.12.6"
60226014
archiver "^5.0.0"
@@ -6030,7 +6022,7 @@ firebase-tools@^10.1.0:
60306022
cors "^2.8.5"
60316023
cross-env "^5.1.3"
60326024
cross-spawn "^7.0.1"
6033-
csv-streamify "^3.0.4"
6025+
csv-parse "^5.0.4"
60346026
dotenv "^6.1.0"
60356027
exegesis "^4.1.0"
60366028
exegesis-express "^4.0.0"
@@ -6045,7 +6037,7 @@ firebase-tools@^10.1.0:
60456037
jsonwebtoken "^8.5.1"
60466038
leven "^3.1.0"
60476039
lodash "^4.17.21"
6048-
marked "^0.7.0"
6040+
marked "^4.0.10"
60496041
marked-terminal "^3.3.0"
60506042
mime "^2.5.2"
60516043
minimatch "^3.0.4"
@@ -6059,8 +6051,10 @@ firebase-tools@^10.1.0:
60596051
request "^2.87.0"
60606052
rimraf "^3.0.0"
60616053
semver "^5.7.1"
6054+
stream-chain "^2.2.4"
6055+
stream-json "^1.7.3"
60626056
superstatic "^7.1.0"
6063-
tar "^4.3.0"
6057+
tar "^6.1.11"
60646058
tcp-port-used "^1.0.1"
60656059
tmp "0.0.33"
60666060
triple-beam "^1.3.0"
@@ -6214,13 +6208,6 @@ fs-extra@~7.0.1:
62146208
jsonfile "^4.0.0"
62156209
universalify "^0.1.0"
62166210

6217-
fs-minipass@^1.2.7:
6218-
version "1.2.7"
6219-
resolved "https://registry.yarnpkg.com/fs-minipass/-/fs-minipass-1.2.7.tgz#ccff8570841e7fe4265693da88936c55aed7f7c7"
6220-
integrity sha512-GWSSJGFy4e9GUeCcbIkED+bgAoFyj7XF1mV8rma3QW4NIqX9Kyx79N/PF61H5udOV3aY1IaMLs6pGbH71nlCTA==
6221-
dependencies:
6222-
minipass "^2.6.0"
6223-
62246211
fs-minipass@^2.0.0, fs-minipass@^2.1.0:
62256212
version "2.1.0"
62266213
resolved "https://registry.yarnpkg.com/fs-minipass/-/fs-minipass-2.1.0.tgz#7f5036fdbf12c63c169190cbe4199c852271f9fb"
@@ -9062,6 +9049,11 @@ marked@^1.1.0:
90629049
resolved "https://registry.yarnpkg.com/marked/-/marked-1.2.9.tgz#53786f8b05d4c01a2a5a76b7d1ec9943d29d72dc"
90639050
integrity sha512-H8lIX2SvyitGX+TRdtS06m1jHMijKN/XjfH6Ooii9fvxMlh8QdqBfBDkGUpMWH2kQNrtixjzYUa3SH8ROTgRRw==
90649051

9052+
marked@^4.0.10:
9053+
version "4.0.10"
9054+
resolved "https://registry.yarnpkg.com/marked/-/marked-4.0.10.tgz#423e295385cc0c3a70fa495e0df68b007b879423"
9055+
integrity sha512-+QvuFj0nGgO970fySghXGmuw+Fd0gD2x3+MqCWLIPf5oxdv1Ka6b2q+z9RP01P/IaKPMEramy+7cNy/Lw8c3hw==
9056+
90659057
matchdep@^2.0.0:
90669058
version "2.0.0"
90679059
resolved "https://registry.yarnpkg.com/matchdep/-/matchdep-2.0.0.tgz#c6f34834a0d8dbc3b37c27ee8bbcb27c7775582e"
@@ -9357,28 +9349,13 @@ minipass-sized@^1.0.3:
93579349
dependencies:
93589350
minipass "^3.0.0"
93599351

9360-
minipass@^2.6.0, minipass@^2.9.0:
9361-
version "2.9.0"
9362-
resolved "https://registry.yarnpkg.com/minipass/-/minipass-2.9.0.tgz#e713762e7d3e32fed803115cf93e04bca9fcc9a6"
9363-
integrity sha512-wxfUjg9WebH+CUDX/CdbRlh5SmfZiy/hpkxaRI16Y9W56Pa75sWgd/rvFilSgrauD9NyFymP/+JFV3KwzIsJeg==
9364-
dependencies:
9365-
safe-buffer "^5.1.2"
9366-
yallist "^3.0.0"
9367-
93689352
minipass@^3.0.0, minipass@^3.1.0, minipass@^3.1.1, minipass@^3.1.3:
93699353
version "3.1.6"
93709354
resolved "https://registry.yarnpkg.com/minipass/-/minipass-3.1.6.tgz#3b8150aa688a711a1521af5e8779c1d3bb4f45ee"
93719355
integrity sha512-rty5kpw9/z8SX9dmxblFA6edItUmwJgMeYDZRrwlIVN27i8gysGbznJwUggw2V/FVqFSDdWy040ZPS811DYAqQ==
93729356
dependencies:
93739357
yallist "^4.0.0"
93749358

9375-
minizlib@^1.3.3:
9376-
version "1.3.3"
9377-
resolved "https://registry.yarnpkg.com/minizlib/-/minizlib-1.3.3.tgz#2290de96818a34c29551c8a8d301216bd65a861d"
9378-
integrity sha512-6ZYMOEnmVsdCeTJVE0W9ZD+pVnE8h9Hma/iOwwRDsdQoePpoX56/8B6z3P9VNwppJuBKNRuFDRNRqRWexT9G9Q==
9379-
dependencies:
9380-
minipass "^2.9.0"
9381-
93829359
minizlib@^2.0.0, minizlib@^2.1.1:
93839360
version "2.1.2"
93849361
resolved "https://registry.yarnpkg.com/minizlib/-/minizlib-2.1.2.tgz#e90d3466ba209b932451508a11ce3d3632145931"
@@ -11234,11 +11211,6 @@ process-nextick-args@^2.0.0, process-nextick-args@~2.0.0:
1123411211
resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.1.tgz#7820d9b16120cc55ca9ae7792680ae7dba6d7fe2"
1123511212
integrity sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==
1123611213

11237-
process-nextick-args@~1.0.6:
11238-
version "1.0.7"
11239-
resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3"
11240-
integrity sha1-FQ4gt1ZZCtP5EJPyWk8q2L/zC6M=
11241-
1124211214
[email protected], progress@^2.0.3:
1124311215
version "2.0.3"
1124411216
resolved "https://registry.yarnpkg.com/progress/-/progress-2.0.3.tgz#7e8cf8d8f5b8f239c1bc68beb4eb78567d572ef8"
@@ -11586,18 +11558,6 @@ readable-stream@^2.0.0, readable-stream@^2.0.1, readable-stream@^2.0.2, readable
1158611558
string_decoder "~1.1.1"
1158711559
util-deprecate "~1.0.1"
1158811560

11589-
readable-stream@~2.0.0:
11590-
version "2.0.6"
11591-
resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.0.6.tgz#8f90341e68a53ccc928788dacfcd11b36eb9b78e"
11592-
integrity sha1-j5A0HmilPMySh4jaz80Rs265t44=
11593-
dependencies:
11594-
core-util-is "~1.0.0"
11595-
inherits "~2.0.1"
11596-
isarray "~1.0.0"
11597-
process-nextick-args "~1.0.6"
11598-
string_decoder "~0.10.x"
11599-
util-deprecate "~1.0.1"
11600-
1160111561
readdir-glob@^1.0.0:
1160211562
version "1.1.1"
1160311563
resolved "https://registry.yarnpkg.com/readdir-glob/-/readdir-glob-1.1.1.tgz#f0e10bb7bf7bfa7e0add8baffdc54c3f7dbee6c4"
@@ -12133,7 +12093,7 @@ [email protected], safe-buffer@~5.1.0, safe-buffer@~5.1.1:
1213312093
resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
1213412094
integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==
1213512095

12136-
[email protected], safe-buffer@>=5.1.0, safe-buffer@^5.0.1, safe-buffer@^5.1.0, safe-buffer@^5.1.2, safe-buffer@^5.2.1, safe-buffer@~5.2.0:
12096+
[email protected], safe-buffer@>=5.1.0, safe-buffer@^5.0.1, safe-buffer@^5.1.0, safe-buffer@^5.1.2, safe-buffer@~5.2.0:
1213712097
version "5.2.1"
1213812098
resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz#1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6"
1213912099
integrity sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==
@@ -12908,11 +12868,23 @@ static-extend@^0.1.1:
1290812868
resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.5.0.tgz#161c7dac177659fd9811f43771fa99381478628c"
1290912869
integrity sha1-Fhx9rBd2Wf2YEfQ3cfqZOBR4Yow=
1291012870

12871+
stream-chain@^2.2.4:
12872+
version "2.2.4"
12873+
resolved "https://registry.yarnpkg.com/stream-chain/-/stream-chain-2.2.4.tgz#2e5e9858e00d25ebaf7e4339e8328ddcab5facad"
12874+
integrity sha512-9lsl3YM53V5N/I1C2uJtc3Kavyi3kNYN83VkKb/bMWRk7D9imiFyUPYa0PoZbLohSVOX1mYE9YsmwObZUsth6Q==
12875+
1291112876
stream-exhaust@^1.0.1:
1291212877
version "1.0.2"
1291312878
resolved "https://registry.yarnpkg.com/stream-exhaust/-/stream-exhaust-1.0.2.tgz#acdac8da59ef2bc1e17a2c0ccf6c320d120e555d"
1291412879
integrity sha512-b/qaq/GlBK5xaq1yrK9/zFcyRSTNxmcZwFLGSTG0mXgZl/4Z6GgiyYOXOvY7N3eEvFRAG1bkDRz5EPGSvPYQlw==
1291512880

12881+
stream-json@^1.7.3:
12882+
version "1.7.3"
12883+
resolved "https://registry.yarnpkg.com/stream-json/-/stream-json-1.7.3.tgz#8a2abe8b51a2e84ffbc8d09bca9d01dc70facae3"
12884+
integrity sha512-Y6dXn9KKWSwxOqnvHGcdZy1PK+J+7alBwHCeU3W9oRqm4ilLRA0XSPmd1tWwhg7tv9EIxJTMWh7KF15tYelKJg==
12885+
dependencies:
12886+
stream-chain "^2.2.4"
12887+
1291612888
stream-shift@^1.0.0:
1291712889
version "1.0.1"
1291812890
resolved "https://registry.yarnpkg.com/stream-shift/-/stream-shift-1.0.1.tgz#d7088281559ab2778424279b0877da3c392d5a3d"
@@ -13331,20 +13303,7 @@ tar-stream@^2.2.0:
1333113303
inherits "^2.0.3"
1333213304
readable-stream "^3.1.1"
1333313305

13334-
tar@^4.3.0:
13335-
version "4.4.19"
13336-
resolved "https://registry.yarnpkg.com/tar/-/tar-4.4.19.tgz#2e4d7263df26f2b914dee10c825ab132123742f3"
13337-
integrity sha512-a20gEsvHnWe0ygBY8JbxoM4w3SJdhc7ZAuxkLqh+nvNQN2IOt0B5lLgM490X5Hl8FF0dl0tOf2ewFYAlIFgzVA==
13338-
dependencies:
13339-
chownr "^1.1.4"
13340-
fs-minipass "^1.2.7"
13341-
minipass "^2.9.0"
13342-
minizlib "^1.3.3"
13343-
mkdirp "^0.5.5"
13344-
safe-buffer "^5.2.1"
13345-
yallist "^3.1.1"
13346-
13347-
tar@^6.0.2, tar@^6.1.0, tar@^6.1.2:
13306+
tar@^6.0.2, tar@^6.1.0, tar@^6.1.11, tar@^6.1.2:
1334813307
version "6.1.11"
1334913308
resolved "https://registry.yarnpkg.com/tar/-/tar-6.1.11.tgz#6760a38f003afa1b2ffd0ffe9e9abbd0eab3d621"
1335013309
integrity sha512-an/KZQzQUkZCkuoAA64hM92X0Urb6VpRhAFllDzz44U2mcD5scmT3zBc4VgVpkugF580+DQn8eAFSyoQt0tznA==
@@ -13431,14 +13390,6 @@ through2-filter@^3.0.0:
1343113390
through2 "~2.0.0"
1343213391
xtend "~4.0.0"
1343313392

13434-
[email protected]:
13435-
version "2.0.1"
13436-
resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.1.tgz#384e75314d49f32de12eebb8136b8eb6b5d59da9"
13437-
integrity sha1-OE51MU1J8y3hLuu4E2uOtrXVnak=
13438-
dependencies:
13439-
readable-stream "~2.0.0"
13440-
xtend "~4.0.0"
13441-
1344213393
[email protected]:
1344313394
version "2.0.3"
1344413395
resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.3.tgz#0004569b37c7c74ba39c43f3ced78d1ad94140be"
@@ -14754,7 +14705,7 @@ y18n@^5.0.5:
1475414705
resolved "https://registry.yarnpkg.com/y18n/-/y18n-5.0.8.tgz#7f4934d0f7ca8c56f95314939ddcd2dd91ce1d55"
1475514706
integrity sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==
1475614707

14757-
yallist@^3.0.0, yallist@^3.0.2, yallist@^3.1.1:
14708+
yallist@^3.0.2:
1475814709
version "3.1.1"
1475914710
resolved "https://registry.yarnpkg.com/yallist/-/yallist-3.1.1.tgz#dbb7daf9bfd8bac9ab45ebf602b8cbad0d5d08fd"
1476014711
integrity sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==

0 commit comments

Comments
 (0)