This run took 134 seconds.
From b7c7873b8c50fc2ec671128ce496b5bf81e8110a Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Tue, 11 Jun 2024 08:10:27 +0000
Subject: [PATCH] [DNM] there are no updates
Change-Id: Ia3df1f73f49fb847dc336e3ea4b0363ef527c0be
---
package-lock.json | 28 ++++++++++++++--------------
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 756d586..95a7636 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -3737,12 +3737,12 @@
}
},
"node_modules/braces": {
- "version": "3.0.2",
- "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz",
- "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
+ "version": "3.0.3",
+ "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
+ "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
"dev": true,
"dependencies": {
- "fill-range": "^7.0.1"
+ "fill-range": "^7.1.1"
},
"engines": {
"node": ">=8"
@@ -7808,9 +7808,9 @@
"optional": true
},
"node_modules/fill-range": {
- "version": "7.0.1",
- "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
- "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
+ "version": "7.1.1",
+ "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
+ "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
"dev": true,
"dependencies": {
"to-regex-range": "^5.0.1"
@@ -24005,12 +24005,12 @@
}
},
"braces": {
- "version": "3.0.2",
- "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz",
- "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
+ "version": "3.0.3",
+ "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
+ "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
"dev": true,
"requires": {
- "fill-range": "^7.0.1"
+ "fill-range": "^7.1.1"
}
},
"brotli-size": {
@@ -27201,9 +27201,9 @@
"optional": true
},
"fill-range": {
- "version": "7.0.1",
- "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
- "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
+ "version": "7.1.1",
+ "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
+ "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
"dev": true,
"requires": {
"to-regex-range": "^5.0.1"
--
2.39.2
$ date
--- stdout ---
Tue Jun 11 08:08:27 UTC 2024
--- end ---
$ git clone file:///srv/git/wikimedia-portals.git repo --depth=1 -b master
--- stderr ---
Cloning into 'repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stderr ---
Submodule 'prod' (https://gerrit.wikimedia.org/r/wikimedia/portals/deploy) registered for path 'prod'
Cloning into '/src/repo/prod'...
--- stdout ---
Submodule path 'prod': checked out 'ae1009042ab69b0ea76ce04463cb917416567f94'
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/master
--- stdout ---
949f5b604c8b7cb395921212187459996e191903 refs/heads/master
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"@koa/cors": {
"name": "@koa/cors",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095223,
"name": "@koa/cors",
"dependency": "@koa/cors",
"title": "Overly permissive origin policy",
"url": "https://github.com/advisories/GHSA-qxrj-hx23-xp82",
"severity": "high",
"cwe": [
"CWE-346"
],
"cvss": {
"score": 8.6,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"
},
"range": "<5.0.0"
}
],
"effects": [
"es-dev-server"
],
"range": "<5.0.0",
"nodes": [
"node_modules/@koa/cors"
],
"fixAvailable": true
},
"anymatch": {
"name": "anymatch",
"severity": "high",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar",
"glob-watcher"
],
"range": "1.2.0 - 2.0.0",
"nodes": [
"node_modules/glob-watcher/node_modules/anymatch"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"autoprefixer": {
"name": "autoprefixer",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss",
"postcss"
],
"effects": [
"stylelint"
],
"range": "1.0.20131222 - 9.8.8",
"nodes": [
"node_modules/autoprefixer",
"node_modules/stylelint/node_modules/autoprefixer"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"braces": {
"name": "braces",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1097496,
"name": "braces",
"dependency": "braces",
"title": "Uncontrolled resource consumption in braces",
"url": "https://github.com/advisories/GHSA-grv7-fg5c-xmjg",
"severity": "high",
"cwe": [
"CWE-1050"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.3"
}
],
"effects": [
"chokidar",
"micromatch"
],
"range": "<3.0.3",
"nodes": [
"node_modules/braces",
"node_modules/findup-sync/node_modules/braces",
"node_modules/glob-watcher/node_modules/braces",
"node_modules/matchdep/node_modules/braces"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"cheerio": {
"name": "cheerio",
"severity": "high",
"isDirect": false,
"via": [
"css-select",
"lodash.pick"
],
"effects": [
"gulp-inline"
],
"range": "0.19.0 - 1.0.0-rc.3",
"nodes": [
"node_modules/cheerio"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"chokidar": {
"name": "chokidar",
"severity": "high",
"isDirect": false,
"via": [
"anymatch",
"braces",
"glob-parent",
"readdirp"
],
"effects": [
"glob-watcher"
],
"range": "1.0.0-rc1 - 2.1.8",
"nodes": [
"node_modules/glob-watcher/node_modules/chokidar"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"color": {
"name": "color",
"severity": "moderate",
"isDirect": false,
"via": [
"color-string"
],
"effects": [
"css-color-function"
],
"range": "<=0.11.4",
"nodes": [
"node_modules/color"
],
"fixAvailable": true
},
"color-string": {
"name": "color-string",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1089718,
"name": "color-string",
"dependency": "color-string",
"title": "Regular Expression Denial of Service (ReDOS)",
"url": "https://github.com/advisories/GHSA-257v-vj4p-3w2h",
"severity": "moderate",
"cwe": [
"CWE-770"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<1.5.5"
}
],
"effects": [
"color"
],
"range": "<1.5.5",
"nodes": [
"node_modules/color/node_modules/color-string"
],
"fixAvailable": true
},
"css-color-function": {
"name": "css-color-function",
"severity": "moderate",
"isDirect": false,
"via": [
"color"
],
"effects": [
"postcss-color-function"
],
"range": "*",
"nodes": [
"node_modules/css-color-function"
],
"fixAvailable": true
},
"css-declaration-sorter": {
"name": "css-declaration-sorter",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=5.1.2",
"nodes": [
"node_modules/css-declaration-sorter"
],
"fixAvailable": true
},
"css-select": {
"name": "css-select",
"severity": "high",
"isDirect": false,
"via": [
"nth-check"
],
"effects": [
"cheerio",
"svgo"
],
"range": "<=3.1.0",
"nodes": [
"node_modules/css-select",
"node_modules/svgo/node_modules/css-select"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"cssnano": {
"name": "cssnano",
"severity": "moderate",
"isDirect": true,
"via": [
"cssnano-preset-default",
"postcss"
],
"effects": [],
"range": "<=4.1.11",
"nodes": [
"node_modules/cssnano"
],
"fixAvailable": {
"name": "cssnano",
"version": "7.0.2",
"isSemVerMajor": true
}
},
"cssnano-preset-default": {
"name": "cssnano-preset-default",
"severity": "moderate",
"isDirect": false,
"via": [
"css-declaration-sorter",
"cssnano-util-raw-cache",
"postcss",
"postcss-calc",
"postcss-colormin",
"postcss-convert-values",
"postcss-discard-comments",
"postcss-discard-duplicates",
"postcss-discard-empty",
"postcss-discard-overridden",
"postcss-merge-longhand",
"postcss-merge-rules",
"postcss-minify-font-values",
"postcss-minify-gradients",
"postcss-minify-params",
"postcss-minify-selectors",
"postcss-normalize-charset",
"postcss-normalize-display-values",
"postcss-normalize-positions",
"postcss-normalize-repeat-style",
"postcss-normalize-string",
"postcss-normalize-timing-functions",
"postcss-normalize-unicode",
"postcss-normalize-url",
"postcss-normalize-whitespace",
"postcss-ordered-values",
"postcss-reduce-initial",
"postcss-reduce-transforms",
"postcss-svgo",
"postcss-unique-selectors"
],
"effects": [
"cssnano"
],
"range": "<=4.0.8",
"nodes": [
"node_modules/cssnano-preset-default"
],
"fixAvailable": {
"name": "cssnano",
"version": "7.0.2",
"isSemVerMajor": true
}
},
"cssnano-util-raw-cache": {
"name": "cssnano-util-raw-cache",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/cssnano-util-raw-cache"
],
"fixAvailable": true
},
"es-dev-server": {
"name": "es-dev-server",
"severity": "high",
"isDirect": true,
"via": [
"@koa/cors"
],
"effects": [],
"range": ">=1.56.0",
"nodes": [
"node_modules/es-dev-server"
],
"fixAvailable": true
},
"findup-sync": {
"name": "findup-sync",
"severity": "high",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"liftoff",
"matchdep"
],
"range": "0.4.0 - 3.0.0",
"nodes": [
"node_modules/findup-sync",
"node_modules/matchdep/node_modules/findup-sync"
],
"fixAvailable": true
},
"glob-parent": {
"name": "glob-parent",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095007,
"name": "glob-parent",
"dependency": "glob-parent",
"title": "glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex",
"url": "https://github.com/advisories/GHSA-ww39-953v-wcq6",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<5.1.2"
}
],
"effects": [
"chokidar",
"glob-stream"
],
"range": "<5.1.2",
"nodes": [
"node_modules/glob-stream/node_modules/glob-parent",
"node_modules/glob-watcher/node_modules/glob-parent"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"glob-stream": {
"name": "glob-stream",
"severity": "high",
"isDirect": false,
"via": [
"glob-parent"
],
"effects": [
"vinyl-fs"
],
"range": "5.3.0 - 6.1.0",
"nodes": [
"node_modules/glob-stream"
],
"fixAvailable": {
"name": "gulp-useref",
"version": "3.1.3",
"isSemVerMajor": true
}
},
"glob-watcher": {
"name": "glob-watcher",
"severity": "high",
"isDirect": false,
"via": [
"anymatch",
"chokidar"
],
"effects": [
"gulp"
],
"range": "5.0.0 - 5.0.5",
"nodes": [
"node_modules/glob-watcher"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"gulp": {
"name": "gulp",
"severity": "high",
"isDirect": true,
"via": [
"glob-watcher",
"gulp-cli",
"vinyl-fs"
],
"effects": [],
"range": "4.0.0 - 4.0.2",
"nodes": [
"node_modules/gulp"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"gulp-cli": {
"name": "gulp-cli",
"severity": "high",
"isDirect": false,
"via": [
"liftoff",
"matchdep"
],
"effects": [],
"range": "1.3.0 - 2.3.0",
"nodes": [
"node_modules/gulp-cli"
],
"fixAvailable": true
},
"gulp-compile-handlebars": {
"name": "gulp-compile-handlebars",
"severity": "high",
"isDirect": true,
"via": [
"gulp-util"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/gulp-compile-handlebars"
],
"fixAvailable": false
},
"gulp-htmlmin": {
"name": "gulp-htmlmin",
"severity": "high",
"isDirect": true,
"via": [
"html-minifier"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/gulp-htmlmin"
],
"fixAvailable": false
},
"gulp-inline": {
"name": "gulp-inline",
"severity": "high",
"isDirect": true,
"via": [
"cheerio",
"gulp-util"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/gulp-inline"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"gulp-postcss": {
"name": "gulp-postcss",
"severity": "moderate",
"isDirect": true,
"via": [
"postcss"
],
"effects": [],
"range": "<=8.0.0",
"nodes": [
"node_modules/gulp-postcss"
],
"fixAvailable": {
"name": "gulp-postcss",
"version": "10.0.0",
"isSemVerMajor": true
}
},
"gulp-svg-sprite": {
"name": "gulp-svg-sprite",
"severity": "moderate",
"isDirect": true,
"via": [
"svg-sprite"
],
"effects": [],
"range": "1.3.0 - 1.5.0",
"nodes": [
"node_modules/gulp-svg-sprite"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"gulp-useref": {
"name": "gulp-useref",
"severity": "high",
"isDirect": true,
"via": [
"vinyl-fs"
],
"effects": [],
"range": ">=3.1.4",
"nodes": [
"node_modules/gulp-useref"
],
"fixAvailable": {
"name": "gulp-useref",
"version": "3.1.3",
"isSemVerMajor": true
}
},
"gulp-util": {
"name": "gulp-util",
"severity": "high",
"isDirect": false,
"via": [
"lodash.template"
],
"effects": [
"gulp-compile-handlebars",
"gulp-inline"
],
"range": ">=1.1.0",
"nodes": [
"node_modules/gulp-util"
],
"fixAvailable": false
},
"html-minifier": {
"name": "html-minifier",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1097148,
"name": "html-minifier",
"dependency": "html-minifier",
"title": "kangax html-minifier REDoS vulnerability",
"url": "https://github.com/advisories/GHSA-pfq8-rq6v-vf5m",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<=4.0.0"
}
],
"effects": [
"gulp-htmlmin"
],
"range": "*",
"nodes": [
"node_modules/html-minifier"
],
"fixAvailable": false
},
"liftoff": {
"name": "liftoff",
"severity": "high",
"isDirect": false,
"via": [
"findup-sync"
],
"effects": [
"gulp-cli"
],
"range": "2.2.3 - 3.1.0",
"nodes": [
"node_modules/liftoff"
],
"fixAvailable": true
},
"lodash.pick": {
"name": "lodash.pick",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1096303,
"name": "lodash.pick",
"dependency": "lodash.pick",
"title": "Prototype Pollution in lodash",
"url": "https://github.com/advisories/GHSA-p6mc-m468-83gw",
"severity": "high",
"cwe": [
"CWE-770",
"CWE-1321"
],
"cvss": {
"score": 7.4,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"
},
"range": ">=4.0.0 <=4.4.0"
}
],
"effects": [
"cheerio"
],
"range": ">=4.0.0",
"nodes": [
"node_modules/lodash.pick"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"lodash.template": {
"name": "lodash.template",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1096993,
"name": "lodash.template",
"dependency": "lodash.template",
"title": "Command Injection in lodash",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"severity": "high",
"cwe": [
"CWE-77",
"CWE-94"
],
"cvss": {
"score": 7.2,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=4.5.0"
}
],
"effects": [
"gulp-util",
"postcss-initial"
],
"range": "*",
"nodes": [
"node_modules/lodash.template",
"node_modules/postcss-initial/node_modules/lodash.template"
],
"fixAvailable": false
},
"matchdep": {
"name": "matchdep",
"severity": "high",
"isDirect": false,
"via": [
"findup-sync",
"micromatch"
],
"effects": [
"gulp-cli"
],
"range": ">=1.0.1",
"nodes": [
"node_modules/matchdep"
],
"fixAvailable": true
},
"micromatch": {
"name": "micromatch",
"severity": "high",
"isDirect": false,
"via": [
"braces"
],
"effects": [
"anymatch",
"findup-sync",
"matchdep",
"readdirp"
],
"range": "0.2.0 - 3.1.10",
"nodes": [
"node_modules/findup-sync/node_modules/micromatch",
"node_modules/glob-watcher/node_modules/micromatch",
"node_modules/matchdep/node_modules/micromatch"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"nth-check": {
"name": "nth-check",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095141,
"name": "nth-check",
"dependency": "nth-check",
"title": "Inefficient Regular Expression Complexity in nth-check",
"url": "https://github.com/advisories/GHSA-rp65-9cf3-cjxr",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<2.0.1"
}
],
"effects": [
"css-select"
],
"range": "<2.0.1",
"nodes": [
"node_modules/nth-check"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"phantomjs-prebuilt": {
"name": "phantomjs-prebuilt",
"severity": "moderate",
"isDirect": false,
"via": [
"request"
],
"effects": [
"svg-sprite"
],
"range": "*",
"nodes": [
"node_modules/phantomjs-prebuilt"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"pixrem": {
"name": "pixrem",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/pixrem"
],
"fixAvailable": true
},
"pleeease-filters": {
"name": "pleeease-filters",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/pleeease-filters"
],
"fixAvailable": true
},
"postcss": {
"name": "postcss",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1093539,
"name": "postcss",
"dependency": "postcss",
"title": "Regular Expression Denial of Service in postcss",
"url": "https://github.com/advisories/GHSA-566m-qj78-rww5",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<7.0.36"
},
{
"source": 1094544,
"name": "postcss",
"dependency": "postcss",
"title": "PostCSS line return parsing error",
"url": "https://github.com/advisories/GHSA-7fh5-64p2-3v2j",
"severity": "moderate",
"cwe": [
"CWE-74",
"CWE-144"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<8.4.31"
}
],
"effects": [
"autoprefixer",
"css-declaration-sorter",
"cssnano",
"cssnano-preset-default",
"cssnano-util-raw-cache",
"gulp-postcss",
"pixrem",
"pleeease-filters",
"postcss-apply",
"postcss-attribute-case-insensitive",
"postcss-calc",
"postcss-color-function",
"postcss-color-gray",
"postcss-color-hex-alpha",
"postcss-color-hsl",
"postcss-color-hwb",
"postcss-color-rebeccapurple",
"postcss-color-rgb",
"postcss-color-rgba-fallback",
"postcss-colormin",
"postcss-convert-values",
"postcss-cssnext",
"postcss-custom-media",
"postcss-custom-properties",
"postcss-custom-selectors",
"postcss-discard-comments",
"postcss-discard-duplicates",
"postcss-discard-empty",
"postcss-discard-overridden",
"postcss-font-family-system-ui",
"postcss-font-variant",
"postcss-image-set-polyfill",
"postcss-import",
"postcss-initial",
"postcss-less",
"postcss-media-minmax",
"postcss-merge-longhand",
"postcss-merge-rules",
"postcss-minify-font-values",
"postcss-minify-gradients",
"postcss-minify-params",
"postcss-minify-selectors",
"postcss-nesting",
"postcss-normalize-charset",
"postcss-normalize-display-values",
"postcss-normalize-positions",
"postcss-normalize-repeat-style",
"postcss-normalize-string",
"postcss-normalize-timing-functions",
"postcss-normalize-unicode",
"postcss-normalize-url",
"postcss-normalize-whitespace",
"postcss-ordered-values",
"postcss-pseudo-class-any-link",
"postcss-pseudoelements",
"postcss-reduce-initial",
"postcss-reduce-transforms",
"postcss-replace-overflow-wrap",
"postcss-reporter",
"postcss-safe-parser",
"postcss-sass",
"postcss-scss",
"postcss-selector-matches",
"postcss-selector-not",
"postcss-svgo",
"postcss-unique-selectors",
"stylehacks",
"stylelint",
"sugarss"
],
"range": "<=8.4.30",
"nodes": [
"node_modules/autoprefixer/node_modules/postcss",
"node_modules/css-declaration-sorter/node_modules/postcss",
"node_modules/cssnano-preset-default/node_modules/postcss",
"node_modules/cssnano-util-raw-cache/node_modules/postcss",
"node_modules/cssnano/node_modules/postcss",
"node_modules/gulp-postcss/node_modules/postcss",
"node_modules/pixrem/node_modules/postcss",
"node_modules/pleeease-filters/node_modules/postcss",
"node_modules/postcss-apply/node_modules/postcss",
"node_modules/postcss-attribute-case-insensitive/node_modules/postcss",
"node_modules/postcss-calc/node_modules/postcss",
"node_modules/postcss-color-function/node_modules/postcss",
"node_modules/postcss-color-gray/node_modules/postcss",
"node_modules/postcss-color-hex-alpha/node_modules/postcss",
"node_modules/postcss-color-hsl/node_modules/postcss",
"node_modules/postcss-color-hwb/node_modules/postcss",
"node_modules/postcss-color-rebeccapurple/node_modules/postcss",
"node_modules/postcss-color-rgb/node_modules/postcss",
"node_modules/postcss-color-rgba-fallback/node_modules/postcss",
"node_modules/postcss-colormin/node_modules/postcss",
"node_modules/postcss-convert-values/node_modules/postcss",
"node_modules/postcss-cssnext/node_modules/postcss",
"node_modules/postcss-cssnext/node_modules/postcss-calc/node_modules/postcss",
"node_modules/postcss-custom-media/node_modules/postcss",
"node_modules/postcss-custom-properties/node_modules/postcss",
"node_modules/postcss-custom-selectors/node_modules/postcss",
"node_modules/postcss-discard-comments/node_modules/postcss",
"node_modules/postcss-discard-duplicates/node_modules/postcss",
"node_modules/postcss-discard-empty/node_modules/postcss",
"node_modules/postcss-discard-overridden/node_modules/postcss",
"node_modules/postcss-font-family-system-ui/node_modules/postcss",
"node_modules/postcss-font-variant/node_modules/postcss",
"node_modules/postcss-image-set-polyfill/node_modules/postcss",
"node_modules/postcss-import/node_modules/postcss",
"node_modules/postcss-initial/node_modules/postcss",
"node_modules/postcss-less/node_modules/postcss",
"node_modules/postcss-media-minmax/node_modules/postcss",
"node_modules/postcss-merge-longhand/node_modules/postcss",
"node_modules/postcss-merge-rules/node_modules/postcss",
"node_modules/postcss-minify-font-values/node_modules/postcss",
"node_modules/postcss-minify-gradients/node_modules/postcss",
"node_modules/postcss-minify-params/node_modules/postcss",
"node_modules/postcss-minify-selectors/node_modules/postcss",
"node_modules/postcss-nesting/node_modules/postcss",
"node_modules/postcss-normalize-charset/node_modules/postcss",
"node_modules/postcss-normalize-display-values/node_modules/postcss",
"node_modules/postcss-normalize-positions/node_modules/postcss",
"node_modules/postcss-normalize-repeat-style/node_modules/postcss",
"node_modules/postcss-normalize-string/node_modules/postcss",
"node_modules/postcss-normalize-timing-functions/node_modules/postcss",
"node_modules/postcss-normalize-unicode/node_modules/postcss",
"node_modules/postcss-normalize-url/node_modules/postcss",
"node_modules/postcss-normalize-whitespace/node_modules/postcss",
"node_modules/postcss-ordered-values/node_modules/postcss",
"node_modules/postcss-pseudo-class-any-link/node_modules/postcss",
"node_modules/postcss-pseudoelements/node_modules/postcss",
"node_modules/postcss-reduce-initial/node_modules/postcss",
"node_modules/postcss-reduce-transforms/node_modules/postcss",
"node_modules/postcss-replace-overflow-wrap/node_modules/postcss",
"node_modules/postcss-reporter/node_modules/postcss",
"node_modules/postcss-safe-parser/node_modules/postcss",
"node_modules/postcss-sass/node_modules/postcss",
"node_modules/postcss-scss/node_modules/postcss",
"node_modules/postcss-selector-matches/node_modules/postcss",
"node_modules/postcss-selector-not/node_modules/postcss",
"node_modules/postcss-svgo/node_modules/postcss",
"node_modules/postcss-unique-selectors/node_modules/postcss",
"node_modules/stylehacks/node_modules/postcss",
"node_modules/stylelint/node_modules/postcss",
"node_modules/sugarss/node_modules/postcss"
],
"fixAvailable": {
"name": "cssnano",
"version": "7.0.2",
"isSemVerMajor": true
}
},
"postcss-apply": {
"name": "postcss-apply",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=0.10.0",
"nodes": [
"node_modules/postcss-apply"
],
"fixAvailable": false
},
"postcss-attribute-case-insensitive": {
"name": "postcss-attribute-case-insensitive",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=3.0.1",
"nodes": [
"node_modules/postcss-attribute-case-insensitive"
],
"fixAvailable": false
},
"postcss-calc": {
"name": "postcss-calc",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "4.1.0 - 7.0.5",
"nodes": [
"node_modules/postcss-calc",
"node_modules/postcss-cssnext/node_modules/postcss-calc"
],
"fixAvailable": true
},
"postcss-color-function": {
"name": "postcss-color-function",
"severity": "moderate",
"isDirect": false,
"via": [
"css-color-function",
"postcss"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/postcss-color-function"
],
"fixAvailable": true
},
"postcss-color-gray": {
"name": "postcss-color-gray",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "3.0.0 - 4.1.0",
"nodes": [
"node_modules/postcss-color-gray"
],
"fixAvailable": true
},
"postcss-color-hex-alpha": {
"name": "postcss-color-hex-alpha",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.3.0 - 3.0.0",
"nodes": [
"node_modules/postcss-color-hex-alpha"
],
"fixAvailable": true
},
"postcss-color-hsl": {
"name": "postcss-color-hsl",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "*",
"nodes": [
"node_modules/postcss-color-hsl"
],
"fixAvailable": false
},
"postcss-color-hwb": {
"name": "postcss-color-hwb",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": ">=1.2.0",
"nodes": [
"node_modules/postcss-color-hwb"
],
"fixAvailable": true
},
"postcss-color-rebeccapurple": {
"name": "postcss-color-rebeccapurple",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.2.0 - 3.1.0",
"nodes": [
"node_modules/postcss-color-rebeccapurple"
],
"fixAvailable": true
},
"postcss-color-rgb": {
"name": "postcss-color-rgb",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/postcss-color-rgb"
],
"fixAvailable": true
},
"postcss-color-rgba-fallback": {
"name": "postcss-color-rgba-fallback",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=3.0.0",
"nodes": [
"node_modules/postcss-color-rgba-fallback"
],
"fixAvailable": true
},
"postcss-colormin": {
"name": "postcss-colormin",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.3",
"nodes": [
"node_modules/postcss-colormin"
],
"fixAvailable": true
},
"postcss-convert-values": {
"name": "postcss-convert-values",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-convert-values"
],
"fixAvailable": true
},
"postcss-cssnext": {
"name": "postcss-cssnext",
"severity": "moderate",
"isDirect": true,
"via": [
"autoprefixer",
"pixrem",
"pleeease-filters",
"postcss",
"postcss-apply",
"postcss-attribute-case-insensitive",
"postcss-calc",
"postcss-color-function",
"postcss-color-gray",
"postcss-color-hex-alpha",
"postcss-color-hsl",
"postcss-color-hwb",
"postcss-color-rebeccapurple",
"postcss-color-rgb",
"postcss-color-rgba-fallback",
"postcss-custom-media",
"postcss-custom-properties",
"postcss-custom-selectors",
"postcss-font-family-system-ui",
"postcss-font-variant",
"postcss-image-set-polyfill",
"postcss-initial",
"postcss-media-minmax",
"postcss-nesting",
"postcss-pseudo-class-any-link",
"postcss-pseudoelements",
"postcss-replace-overflow-wrap",
"postcss-selector-matches",
"postcss-selector-not"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/postcss-cssnext"
],
"fixAvailable": false
},
"postcss-custom-media": {
"name": "postcss-custom-media",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "4.0.0 - 6.0.0",
"nodes": [
"node_modules/postcss-custom-media"
],
"fixAvailable": true
},
"postcss-custom-properties": {
"name": "postcss-custom-properties",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "3.3.0 - 7.0.0",
"nodes": [
"node_modules/postcss-custom-properties"
],
"fixAvailable": true
},
"postcss-custom-selectors": {
"name": "postcss-custom-selectors",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss",
"postcss-selector-matches"
],
"effects": [],
"range": "2.3.0 - 4.0.1",
"nodes": [
"node_modules/postcss-custom-selectors"
],
"fixAvailable": true
},
"postcss-discard-comments": {
"name": "postcss-discard-comments",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-discard-comments"
],
"fixAvailable": true
},
"postcss-discard-duplicates": {
"name": "postcss-discard-duplicates",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.1.0 - 4.0.2",
"nodes": [
"node_modules/postcss-discard-duplicates"
],
"fixAvailable": true
},
"postcss-discard-empty": {
"name": "postcss-discard-empty",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.1.0 - 4.0.1",
"nodes": [
"node_modules/postcss-discard-empty"
],
"fixAvailable": true
},
"postcss-discard-overridden": {
"name": "postcss-discard-overridden",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-discard-overridden"
],
"fixAvailable": true
},
"postcss-font-family-system-ui": {
"name": "postcss-font-family-system-ui",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=3.0.0",
"nodes": [
"node_modules/postcss-font-family-system-ui"
],
"fixAvailable": false
},
"postcss-font-variant": {
"name": "postcss-font-variant",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.2.0 - 3.0.0",
"nodes": [
"node_modules/postcss-font-variant"
],
"fixAvailable": true
},
"postcss-image-set-polyfill": {
"name": "postcss-image-set-polyfill",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=0.4.4",
"nodes": [
"node_modules/postcss-image-set-polyfill"
],
"fixAvailable": false
},
"postcss-import": {
"name": "postcss-import",
"severity": "moderate",
"isDirect": true,
"via": [
"postcss"
],
"effects": [],
"range": "<=12.0.1",
"nodes": [
"node_modules/postcss-import"
],
"fixAvailable": {
"name": "postcss-import",
"version": "16.1.0",
"isSemVerMajor": true
}
},
"postcss-initial": {
"name": "postcss-initial",
"severity": "high",
"isDirect": false,
"via": [
"lodash.template",
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=3.0.2 || 4.0.0",
"nodes": [
"node_modules/postcss-initial"
],
"fixAvailable": false
},
"postcss-less": {
"name": "postcss-less",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"stylelint"
],
"range": "<=3.1.4",
"nodes": [
"node_modules/postcss-less"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"postcss-media-minmax": {
"name": "postcss-media-minmax",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.2.0 - 3.0.0",
"nodes": [
"node_modules/postcss-media-minmax"
],
"fixAvailable": true
},
"postcss-merge-longhand": {
"name": "postcss-merge-longhand",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss",
"stylehacks"
],
"effects": [],
"range": "<=4.0.11",
"nodes": [
"node_modules/postcss-merge-longhand"
],
"fixAvailable": true
},
"postcss-merge-rules": {
"name": "postcss-merge-rules",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.3",
"nodes": [
"node_modules/postcss-merge-rules"
],
"fixAvailable": true
},
"postcss-minify-font-values": {
"name": "postcss-minify-font-values",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-minify-font-values"
],
"fixAvailable": true
},
"postcss-minify-gradients": {
"name": "postcss-minify-gradients",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-minify-gradients"
],
"fixAvailable": true
},
"postcss-minify-params": {
"name": "postcss-minify-params",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-minify-params"
],
"fixAvailable": true
},
"postcss-minify-selectors": {
"name": "postcss-minify-selectors",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-minify-selectors"
],
"fixAvailable": true
},
"postcss-nesting": {
"name": "postcss-nesting",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=6.0.0",
"nodes": [
"node_modules/postcss-nesting"
],
"fixAvailable": false
},
"postcss-normalize-charset": {
"name": "postcss-normalize-charset",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-normalize-charset"
],
"fixAvailable": true
},
"postcss-normalize-display-values": {
"name": "postcss-normalize-display-values",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-display-values"
],
"fixAvailable": true
},
"postcss-normalize-positions": {
"name": "postcss-normalize-positions",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-positions"
],
"fixAvailable": true
},
"postcss-normalize-repeat-style": {
"name": "postcss-normalize-repeat-style",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-repeat-style"
],
"fixAvailable": true
},
"postcss-normalize-string": {
"name": "postcss-normalize-string",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-string"
],
"fixAvailable": true
},
"postcss-normalize-timing-functions": {
"name": "postcss-normalize-timing-functions",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-timing-functions"
],
"fixAvailable": true
},
"postcss-normalize-unicode": {
"name": "postcss-normalize-unicode",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-normalize-unicode"
],
"fixAvailable": true
},
"postcss-normalize-url": {
"name": "postcss-normalize-url",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.1.0 - 4.0.1",
"nodes": [
"node_modules/postcss-normalize-url"
],
"fixAvailable": true
},
"postcss-normalize-whitespace": {
"name": "postcss-normalize-whitespace",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-whitespace"
],
"fixAvailable": true
},
"postcss-ordered-values": {
"name": "postcss-ordered-values",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.1.2",
"nodes": [
"node_modules/postcss-ordered-values"
],
"fixAvailable": true
},
"postcss-pseudo-class-any-link": {
"name": "postcss-pseudo-class-any-link",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=5.0.0",
"nodes": [
"node_modules/postcss-pseudo-class-any-link"
],
"fixAvailable": true
},
"postcss-pseudoelements": {
"name": "postcss-pseudoelements",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": ">=2.2.0",
"nodes": [
"node_modules/postcss-pseudoelements"
],
"fixAvailable": true
},
"postcss-reduce-initial": {
"name": "postcss-reduce-initial",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.3",
"nodes": [
"node_modules/postcss-reduce-initial"
],
"fixAvailable": true
},
"postcss-reduce-transforms": {
"name": "postcss-reduce-transforms",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-reduce-transforms"
],
"fixAvailable": true
},
"postcss-replace-overflow-wrap": {
"name": "postcss-replace-overflow-wrap",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=2.0.0",
"nodes": [
"node_modules/postcss-replace-overflow-wrap"
],
"fixAvailable": false
},
"postcss-reporter": {
"name": "postcss-reporter",
"severity": "moderate",
"isDirect": true,
"via": [
"postcss"
],
"effects": [],
"range": "<=6.0.1",
"nodes": [
"node_modules/postcss-reporter"
],
"fixAvailable": {
"name": "postcss-reporter",
"version": "7.1.0",
"isSemVerMajor": true
}
},
"postcss-safe-parser": {
"name": "postcss-safe-parser",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"stylelint"
],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-safe-parser"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"postcss-sass": {
"name": "postcss-sass",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"stylelint"
],
"range": "<=0.4.4",
"nodes": [
"node_modules/postcss-sass"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"postcss-scss": {
"name": "postcss-scss",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"stylelint"
],
"range": "<=2.1.1",
"nodes": [
"node_modules/postcss-scss"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"postcss-selector-matches": {
"name": "postcss-selector-matches",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=3.0.1",
"nodes": [
"node_modules/postcss-selector-matches"
],
"fixAvailable": true
},
"postcss-selector-not": {
"name": "postcss-selector-not",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=3.0.1",
"nodes": [
"node_modules/postcss-selector-not"
],
"fixAvailable": true
},
"postcss-svgo": {
"name": "postcss-svgo",
"severity": "high",
"isDirect": false,
"via": [
"postcss",
"svgo"
],
"effects": [],
"range": "<=5.0.0-rc.2",
"nodes": [
"node_modules/postcss-svgo"
],
"fixAvailable": true
},
"postcss-unique-selectors": {
"name": "postcss-unique-selectors",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-unique-selectors"
],
"fixAvailable": true
},
"readdirp": {
"name": "readdirp",
"severity": "high",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar"
],
"range": "2.2.0 - 2.2.1",
"nodes": [
"node_modules/glob-watcher/node_modules/readdirp"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"request": {
"name": "request",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"tough-cookie"
],
"effects": [
"phantomjs-prebuilt"
],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"stylehacks": {
"name": "stylehacks",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-merge-longhand"
],
"range": "<=4.0.3",
"nodes": [
"node_modules/stylehacks"
],
"fixAvailable": true
},
"stylelint": {
"name": "stylelint",
"severity": "moderate",
"isDirect": false,
"via": [
"autoprefixer",
"postcss",
"postcss-less",
"postcss-safe-parser",
"postcss-sass",
"postcss-scss",
"sugarss"
],
"effects": [
"stylelint-config-wikimedia"
],
"range": "0.1.0 - 13.13.1",
"nodes": [
"node_modules/stylelint"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"stylelint-config-wikimedia": {
"name": "stylelint-config-wikimedia",
"severity": "moderate",
"isDirect": true,
"via": [
"stylelint"
],
"effects": [],
"range": "<=0.11.1",
"nodes": [
"node_modules/stylelint-config-wikimedia"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"sugarss": {
"name": "sugarss",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.0.0",
"nodes": [
"node_modules/sugarss"
],
"fixAvailable": true
},
"svg-sprite": {
"name": "svg-sprite",
"severity": "high",
"isDirect": false,
"via": [
"phantomjs-prebuilt",
"svgo"
],
"effects": [
"gulp-svg-sprite"
],
"range": "1.3.0 - 1.5.4",
"nodes": [
"node_modules/svg-sprite"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"svgo": {
"name": "svgo",
"severity": "high",
"isDirect": false,
"via": [
"css-select"
],
"effects": [
"postcss-svgo",
"svg-sprite"
],
"range": "1.0.0 - 1.3.2",
"nodes": [
"node_modules/svgo"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1096643,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/tough-cookie"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"vinyl-fs": {
"name": "vinyl-fs",
"severity": "high",
"isDirect": false,
"via": [
"glob-stream"
],
"effects": [
"gulp-useref"
],
"range": "2.4.2 - 3.0.3",
"nodes": [
"node_modules/vinyl-fs"
],
"fixAvailable": {
"name": "gulp-useref",
"version": "3.1.3",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 76,
"high": 31,
"critical": 0,
"total": 107
},
"dependencies": {
"prod": 1,
"dev": 1824,
"optional": 4,
"peer": 1,
"peerOptional": 0,
"total": 1824
}
}
}
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"@koa/cors": {
"name": "@koa/cors",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095223,
"name": "@koa/cors",
"dependency": "@koa/cors",
"title": "Overly permissive origin policy",
"url": "https://github.com/advisories/GHSA-qxrj-hx23-xp82",
"severity": "high",
"cwe": [
"CWE-346"
],
"cvss": {
"score": 8.6,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"
},
"range": "<5.0.0"
}
],
"effects": [
"es-dev-server"
],
"range": "<5.0.0",
"nodes": [
"node_modules/@koa/cors"
],
"fixAvailable": true
},
"anymatch": {
"name": "anymatch",
"severity": "high",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar",
"glob-watcher"
],
"range": "1.2.0 - 2.0.0",
"nodes": [
"node_modules/glob-watcher/node_modules/anymatch"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"autoprefixer": {
"name": "autoprefixer",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss",
"postcss"
],
"effects": [
"stylelint"
],
"range": "1.0.20131222 - 9.8.8",
"nodes": [
"node_modules/autoprefixer",
"node_modules/stylelint/node_modules/autoprefixer"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"braces": {
"name": "braces",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1097496,
"name": "braces",
"dependency": "braces",
"title": "Uncontrolled resource consumption in braces",
"url": "https://github.com/advisories/GHSA-grv7-fg5c-xmjg",
"severity": "high",
"cwe": [
"CWE-1050"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.3"
}
],
"effects": [
"chokidar",
"micromatch"
],
"range": "<3.0.3",
"nodes": [
"node_modules/braces",
"node_modules/findup-sync/node_modules/braces",
"node_modules/glob-watcher/node_modules/braces",
"node_modules/matchdep/node_modules/braces"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"cheerio": {
"name": "cheerio",
"severity": "high",
"isDirect": false,
"via": [
"css-select",
"lodash.pick"
],
"effects": [
"gulp-inline"
],
"range": "0.19.0 - 1.0.0-rc.3",
"nodes": [
"node_modules/cheerio"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"chokidar": {
"name": "chokidar",
"severity": "high",
"isDirect": false,
"via": [
"anymatch",
"braces",
"glob-parent",
"readdirp"
],
"effects": [
"glob-watcher"
],
"range": "1.0.0-rc1 - 2.1.8",
"nodes": [
"node_modules/glob-watcher/node_modules/chokidar"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"color": {
"name": "color",
"severity": "moderate",
"isDirect": false,
"via": [
"color-string"
],
"effects": [
"css-color-function"
],
"range": "<=0.11.4",
"nodes": [
"node_modules/color"
],
"fixAvailable": true
},
"color-string": {
"name": "color-string",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1089718,
"name": "color-string",
"dependency": "color-string",
"title": "Regular Expression Denial of Service (ReDOS)",
"url": "https://github.com/advisories/GHSA-257v-vj4p-3w2h",
"severity": "moderate",
"cwe": [
"CWE-770"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<1.5.5"
}
],
"effects": [
"color"
],
"range": "<1.5.5",
"nodes": [
"node_modules/color/node_modules/color-string"
],
"fixAvailable": true
},
"css-color-function": {
"name": "css-color-function",
"severity": "moderate",
"isDirect": false,
"via": [
"color"
],
"effects": [
"postcss-color-function"
],
"range": "*",
"nodes": [
"node_modules/css-color-function"
],
"fixAvailable": true
},
"css-declaration-sorter": {
"name": "css-declaration-sorter",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=5.1.2",
"nodes": [
"node_modules/css-declaration-sorter"
],
"fixAvailable": true
},
"css-select": {
"name": "css-select",
"severity": "high",
"isDirect": false,
"via": [
"nth-check"
],
"effects": [
"cheerio",
"svgo"
],
"range": "<=3.1.0",
"nodes": [
"node_modules/css-select",
"node_modules/svgo/node_modules/css-select"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"cssnano": {
"name": "cssnano",
"severity": "moderate",
"isDirect": true,
"via": [
"cssnano-preset-default",
"postcss"
],
"effects": [],
"range": "<=4.1.11",
"nodes": [
"node_modules/cssnano"
],
"fixAvailable": {
"name": "cssnano",
"version": "7.0.2",
"isSemVerMajor": true
}
},
"cssnano-preset-default": {
"name": "cssnano-preset-default",
"severity": "moderate",
"isDirect": false,
"via": [
"css-declaration-sorter",
"cssnano-util-raw-cache",
"postcss",
"postcss-calc",
"postcss-colormin",
"postcss-convert-values",
"postcss-discard-comments",
"postcss-discard-duplicates",
"postcss-discard-empty",
"postcss-discard-overridden",
"postcss-merge-longhand",
"postcss-merge-rules",
"postcss-minify-font-values",
"postcss-minify-gradients",
"postcss-minify-params",
"postcss-minify-selectors",
"postcss-normalize-charset",
"postcss-normalize-display-values",
"postcss-normalize-positions",
"postcss-normalize-repeat-style",
"postcss-normalize-string",
"postcss-normalize-timing-functions",
"postcss-normalize-unicode",
"postcss-normalize-url",
"postcss-normalize-whitespace",
"postcss-ordered-values",
"postcss-reduce-initial",
"postcss-reduce-transforms",
"postcss-svgo",
"postcss-unique-selectors"
],
"effects": [
"cssnano"
],
"range": "<=4.0.8",
"nodes": [
"node_modules/cssnano-preset-default"
],
"fixAvailable": {
"name": "cssnano",
"version": "7.0.2",
"isSemVerMajor": true
}
},
"cssnano-util-raw-cache": {
"name": "cssnano-util-raw-cache",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/cssnano-util-raw-cache"
],
"fixAvailable": true
},
"es-dev-server": {
"name": "es-dev-server",
"severity": "high",
"isDirect": true,
"via": [
"@koa/cors"
],
"effects": [],
"range": ">=1.56.0",
"nodes": [
"node_modules/es-dev-server"
],
"fixAvailable": true
},
"findup-sync": {
"name": "findup-sync",
"severity": "high",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"liftoff",
"matchdep"
],
"range": "0.4.0 - 3.0.0",
"nodes": [
"node_modules/findup-sync",
"node_modules/matchdep/node_modules/findup-sync"
],
"fixAvailable": true
},
"glob-parent": {
"name": "glob-parent",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095007,
"name": "glob-parent",
"dependency": "glob-parent",
"title": "glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex",
"url": "https://github.com/advisories/GHSA-ww39-953v-wcq6",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<5.1.2"
}
],
"effects": [
"chokidar",
"glob-stream"
],
"range": "<5.1.2",
"nodes": [
"node_modules/glob-stream/node_modules/glob-parent",
"node_modules/glob-watcher/node_modules/glob-parent"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"glob-stream": {
"name": "glob-stream",
"severity": "high",
"isDirect": false,
"via": [
"glob-parent"
],
"effects": [
"vinyl-fs"
],
"range": "5.3.0 - 6.1.0",
"nodes": [
"node_modules/glob-stream"
],
"fixAvailable": {
"name": "gulp-useref",
"version": "3.1.3",
"isSemVerMajor": true
}
},
"glob-watcher": {
"name": "glob-watcher",
"severity": "high",
"isDirect": false,
"via": [
"anymatch",
"chokidar"
],
"effects": [
"gulp"
],
"range": "5.0.0 - 5.0.5",
"nodes": [
"node_modules/glob-watcher"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"gulp": {
"name": "gulp",
"severity": "high",
"isDirect": true,
"via": [
"glob-watcher",
"gulp-cli",
"vinyl-fs"
],
"effects": [],
"range": "4.0.0 - 4.0.2",
"nodes": [
"node_modules/gulp"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"gulp-cli": {
"name": "gulp-cli",
"severity": "high",
"isDirect": false,
"via": [
"liftoff",
"matchdep"
],
"effects": [],
"range": "1.3.0 - 2.3.0",
"nodes": [
"node_modules/gulp-cli"
],
"fixAvailable": true
},
"gulp-compile-handlebars": {
"name": "gulp-compile-handlebars",
"severity": "high",
"isDirect": true,
"via": [
"gulp-util"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/gulp-compile-handlebars"
],
"fixAvailable": false
},
"gulp-htmlmin": {
"name": "gulp-htmlmin",
"severity": "high",
"isDirect": true,
"via": [
"html-minifier"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/gulp-htmlmin"
],
"fixAvailable": false
},
"gulp-inline": {
"name": "gulp-inline",
"severity": "high",
"isDirect": true,
"via": [
"cheerio",
"gulp-util"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/gulp-inline"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"gulp-postcss": {
"name": "gulp-postcss",
"severity": "moderate",
"isDirect": true,
"via": [
"postcss"
],
"effects": [],
"range": "<=8.0.0",
"nodes": [
"node_modules/gulp-postcss"
],
"fixAvailable": {
"name": "gulp-postcss",
"version": "10.0.0",
"isSemVerMajor": true
}
},
"gulp-svg-sprite": {
"name": "gulp-svg-sprite",
"severity": "moderate",
"isDirect": true,
"via": [
"svg-sprite"
],
"effects": [],
"range": "1.3.0 - 1.5.0",
"nodes": [
"node_modules/gulp-svg-sprite"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"gulp-useref": {
"name": "gulp-useref",
"severity": "high",
"isDirect": true,
"via": [
"vinyl-fs"
],
"effects": [],
"range": ">=3.1.4",
"nodes": [
"node_modules/gulp-useref"
],
"fixAvailable": {
"name": "gulp-useref",
"version": "3.1.3",
"isSemVerMajor": true
}
},
"gulp-util": {
"name": "gulp-util",
"severity": "high",
"isDirect": false,
"via": [
"lodash.template"
],
"effects": [
"gulp-compile-handlebars",
"gulp-inline"
],
"range": ">=1.1.0",
"nodes": [
"node_modules/gulp-util"
],
"fixAvailable": false
},
"html-minifier": {
"name": "html-minifier",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1097148,
"name": "html-minifier",
"dependency": "html-minifier",
"title": "kangax html-minifier REDoS vulnerability",
"url": "https://github.com/advisories/GHSA-pfq8-rq6v-vf5m",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<=4.0.0"
}
],
"effects": [
"gulp-htmlmin"
],
"range": "*",
"nodes": [
"node_modules/html-minifier"
],
"fixAvailable": false
},
"liftoff": {
"name": "liftoff",
"severity": "high",
"isDirect": false,
"via": [
"findup-sync"
],
"effects": [
"gulp-cli"
],
"range": "2.2.3 - 3.1.0",
"nodes": [
"node_modules/liftoff"
],
"fixAvailable": true
},
"lodash.pick": {
"name": "lodash.pick",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1096303,
"name": "lodash.pick",
"dependency": "lodash.pick",
"title": "Prototype Pollution in lodash",
"url": "https://github.com/advisories/GHSA-p6mc-m468-83gw",
"severity": "high",
"cwe": [
"CWE-770",
"CWE-1321"
],
"cvss": {
"score": 7.4,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"
},
"range": ">=4.0.0 <=4.4.0"
}
],
"effects": [
"cheerio"
],
"range": ">=4.0.0",
"nodes": [
"node_modules/lodash.pick"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"lodash.template": {
"name": "lodash.template",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1096993,
"name": "lodash.template",
"dependency": "lodash.template",
"title": "Command Injection in lodash",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"severity": "high",
"cwe": [
"CWE-77",
"CWE-94"
],
"cvss": {
"score": 7.2,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=4.5.0"
}
],
"effects": [
"gulp-util",
"postcss-initial"
],
"range": "*",
"nodes": [
"node_modules/lodash.template",
"node_modules/postcss-initial/node_modules/lodash.template"
],
"fixAvailable": false
},
"matchdep": {
"name": "matchdep",
"severity": "high",
"isDirect": false,
"via": [
"findup-sync",
"micromatch"
],
"effects": [
"gulp-cli"
],
"range": ">=1.0.1",
"nodes": [
"node_modules/matchdep"
],
"fixAvailable": true
},
"micromatch": {
"name": "micromatch",
"severity": "high",
"isDirect": false,
"via": [
"braces"
],
"effects": [
"anymatch",
"findup-sync",
"matchdep",
"readdirp"
],
"range": "0.2.0 - 3.1.10",
"nodes": [
"node_modules/findup-sync/node_modules/micromatch",
"node_modules/glob-watcher/node_modules/micromatch",
"node_modules/matchdep/node_modules/micromatch"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"nth-check": {
"name": "nth-check",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095141,
"name": "nth-check",
"dependency": "nth-check",
"title": "Inefficient Regular Expression Complexity in nth-check",
"url": "https://github.com/advisories/GHSA-rp65-9cf3-cjxr",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<2.0.1"
}
],
"effects": [
"css-select"
],
"range": "<2.0.1",
"nodes": [
"node_modules/nth-check"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"phantomjs-prebuilt": {
"name": "phantomjs-prebuilt",
"severity": "moderate",
"isDirect": false,
"via": [
"request"
],
"effects": [
"svg-sprite"
],
"range": "*",
"nodes": [
"node_modules/phantomjs-prebuilt"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"pixrem": {
"name": "pixrem",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/pixrem"
],
"fixAvailable": true
},
"pleeease-filters": {
"name": "pleeease-filters",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/pleeease-filters"
],
"fixAvailable": true
},
"postcss": {
"name": "postcss",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1093539,
"name": "postcss",
"dependency": "postcss",
"title": "Regular Expression Denial of Service in postcss",
"url": "https://github.com/advisories/GHSA-566m-qj78-rww5",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<7.0.36"
},
{
"source": 1094544,
"name": "postcss",
"dependency": "postcss",
"title": "PostCSS line return parsing error",
"url": "https://github.com/advisories/GHSA-7fh5-64p2-3v2j",
"severity": "moderate",
"cwe": [
"CWE-74",
"CWE-144"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<8.4.31"
}
],
"effects": [
"autoprefixer",
"css-declaration-sorter",
"cssnano",
"cssnano-preset-default",
"cssnano-util-raw-cache",
"gulp-postcss",
"pixrem",
"pleeease-filters",
"postcss-apply",
"postcss-attribute-case-insensitive",
"postcss-calc",
"postcss-color-function",
"postcss-color-gray",
"postcss-color-hex-alpha",
"postcss-color-hsl",
"postcss-color-hwb",
"postcss-color-rebeccapurple",
"postcss-color-rgb",
"postcss-color-rgba-fallback",
"postcss-colormin",
"postcss-convert-values",
"postcss-cssnext",
"postcss-custom-media",
"postcss-custom-properties",
"postcss-custom-selectors",
"postcss-discard-comments",
"postcss-discard-duplicates",
"postcss-discard-empty",
"postcss-discard-overridden",
"postcss-font-family-system-ui",
"postcss-font-variant",
"postcss-image-set-polyfill",
"postcss-import",
"postcss-initial",
"postcss-less",
"postcss-media-minmax",
"postcss-merge-longhand",
"postcss-merge-rules",
"postcss-minify-font-values",
"postcss-minify-gradients",
"postcss-minify-params",
"postcss-minify-selectors",
"postcss-nesting",
"postcss-normalize-charset",
"postcss-normalize-display-values",
"postcss-normalize-positions",
"postcss-normalize-repeat-style",
"postcss-normalize-string",
"postcss-normalize-timing-functions",
"postcss-normalize-unicode",
"postcss-normalize-url",
"postcss-normalize-whitespace",
"postcss-ordered-values",
"postcss-pseudo-class-any-link",
"postcss-pseudoelements",
"postcss-reduce-initial",
"postcss-reduce-transforms",
"postcss-replace-overflow-wrap",
"postcss-reporter",
"postcss-safe-parser",
"postcss-sass",
"postcss-scss",
"postcss-selector-matches",
"postcss-selector-not",
"postcss-svgo",
"postcss-unique-selectors",
"stylehacks",
"stylelint",
"sugarss"
],
"range": "<=8.4.30",
"nodes": [
"node_modules/autoprefixer/node_modules/postcss",
"node_modules/css-declaration-sorter/node_modules/postcss",
"node_modules/cssnano-preset-default/node_modules/postcss",
"node_modules/cssnano-util-raw-cache/node_modules/postcss",
"node_modules/cssnano/node_modules/postcss",
"node_modules/gulp-postcss/node_modules/postcss",
"node_modules/pixrem/node_modules/postcss",
"node_modules/pleeease-filters/node_modules/postcss",
"node_modules/postcss-apply/node_modules/postcss",
"node_modules/postcss-attribute-case-insensitive/node_modules/postcss",
"node_modules/postcss-calc/node_modules/postcss",
"node_modules/postcss-color-function/node_modules/postcss",
"node_modules/postcss-color-gray/node_modules/postcss",
"node_modules/postcss-color-hex-alpha/node_modules/postcss",
"node_modules/postcss-color-hsl/node_modules/postcss",
"node_modules/postcss-color-hwb/node_modules/postcss",
"node_modules/postcss-color-rebeccapurple/node_modules/postcss",
"node_modules/postcss-color-rgb/node_modules/postcss",
"node_modules/postcss-color-rgba-fallback/node_modules/postcss",
"node_modules/postcss-colormin/node_modules/postcss",
"node_modules/postcss-convert-values/node_modules/postcss",
"node_modules/postcss-cssnext/node_modules/postcss",
"node_modules/postcss-cssnext/node_modules/postcss-calc/node_modules/postcss",
"node_modules/postcss-custom-media/node_modules/postcss",
"node_modules/postcss-custom-properties/node_modules/postcss",
"node_modules/postcss-custom-selectors/node_modules/postcss",
"node_modules/postcss-discard-comments/node_modules/postcss",
"node_modules/postcss-discard-duplicates/node_modules/postcss",
"node_modules/postcss-discard-empty/node_modules/postcss",
"node_modules/postcss-discard-overridden/node_modules/postcss",
"node_modules/postcss-font-family-system-ui/node_modules/postcss",
"node_modules/postcss-font-variant/node_modules/postcss",
"node_modules/postcss-image-set-polyfill/node_modules/postcss",
"node_modules/postcss-import/node_modules/postcss",
"node_modules/postcss-initial/node_modules/postcss",
"node_modules/postcss-less/node_modules/postcss",
"node_modules/postcss-media-minmax/node_modules/postcss",
"node_modules/postcss-merge-longhand/node_modules/postcss",
"node_modules/postcss-merge-rules/node_modules/postcss",
"node_modules/postcss-minify-font-values/node_modules/postcss",
"node_modules/postcss-minify-gradients/node_modules/postcss",
"node_modules/postcss-minify-params/node_modules/postcss",
"node_modules/postcss-minify-selectors/node_modules/postcss",
"node_modules/postcss-nesting/node_modules/postcss",
"node_modules/postcss-normalize-charset/node_modules/postcss",
"node_modules/postcss-normalize-display-values/node_modules/postcss",
"node_modules/postcss-normalize-positions/node_modules/postcss",
"node_modules/postcss-normalize-repeat-style/node_modules/postcss",
"node_modules/postcss-normalize-string/node_modules/postcss",
"node_modules/postcss-normalize-timing-functions/node_modules/postcss",
"node_modules/postcss-normalize-unicode/node_modules/postcss",
"node_modules/postcss-normalize-url/node_modules/postcss",
"node_modules/postcss-normalize-whitespace/node_modules/postcss",
"node_modules/postcss-ordered-values/node_modules/postcss",
"node_modules/postcss-pseudo-class-any-link/node_modules/postcss",
"node_modules/postcss-pseudoelements/node_modules/postcss",
"node_modules/postcss-reduce-initial/node_modules/postcss",
"node_modules/postcss-reduce-transforms/node_modules/postcss",
"node_modules/postcss-replace-overflow-wrap/node_modules/postcss",
"node_modules/postcss-reporter/node_modules/postcss",
"node_modules/postcss-safe-parser/node_modules/postcss",
"node_modules/postcss-sass/node_modules/postcss",
"node_modules/postcss-scss/node_modules/postcss",
"node_modules/postcss-selector-matches/node_modules/postcss",
"node_modules/postcss-selector-not/node_modules/postcss",
"node_modules/postcss-svgo/node_modules/postcss",
"node_modules/postcss-unique-selectors/node_modules/postcss",
"node_modules/stylehacks/node_modules/postcss",
"node_modules/stylelint/node_modules/postcss",
"node_modules/sugarss/node_modules/postcss"
],
"fixAvailable": {
"name": "cssnano",
"version": "7.0.2",
"isSemVerMajor": true
}
},
"postcss-apply": {
"name": "postcss-apply",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=0.10.0",
"nodes": [
"node_modules/postcss-apply"
],
"fixAvailable": false
},
"postcss-attribute-case-insensitive": {
"name": "postcss-attribute-case-insensitive",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=3.0.1",
"nodes": [
"node_modules/postcss-attribute-case-insensitive"
],
"fixAvailable": false
},
"postcss-calc": {
"name": "postcss-calc",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "4.1.0 - 7.0.5",
"nodes": [
"node_modules/postcss-calc",
"node_modules/postcss-cssnext/node_modules/postcss-calc"
],
"fixAvailable": true
},
"postcss-color-function": {
"name": "postcss-color-function",
"severity": "moderate",
"isDirect": false,
"via": [
"css-color-function",
"postcss"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/postcss-color-function"
],
"fixAvailable": true
},
"postcss-color-gray": {
"name": "postcss-color-gray",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "3.0.0 - 4.1.0",
"nodes": [
"node_modules/postcss-color-gray"
],
"fixAvailable": true
},
"postcss-color-hex-alpha": {
"name": "postcss-color-hex-alpha",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.3.0 - 3.0.0",
"nodes": [
"node_modules/postcss-color-hex-alpha"
],
"fixAvailable": true
},
"postcss-color-hsl": {
"name": "postcss-color-hsl",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/postcss-color-hsl"
],
"fixAvailable": true
},
"postcss-color-hwb": {
"name": "postcss-color-hwb",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": ">=1.2.0",
"nodes": [
"node_modules/postcss-color-hwb"
],
"fixAvailable": true
},
"postcss-color-rebeccapurple": {
"name": "postcss-color-rebeccapurple",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.2.0 - 3.1.0",
"nodes": [
"node_modules/postcss-color-rebeccapurple"
],
"fixAvailable": true
},
"postcss-color-rgb": {
"name": "postcss-color-rgb",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "*",
"nodes": [
"node_modules/postcss-color-rgb"
],
"fixAvailable": false
},
"postcss-color-rgba-fallback": {
"name": "postcss-color-rgba-fallback",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=3.0.0",
"nodes": [
"node_modules/postcss-color-rgba-fallback"
],
"fixAvailable": true
},
"postcss-colormin": {
"name": "postcss-colormin",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.3",
"nodes": [
"node_modules/postcss-colormin"
],
"fixAvailable": true
},
"postcss-convert-values": {
"name": "postcss-convert-values",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-convert-values"
],
"fixAvailable": true
},
"postcss-cssnext": {
"name": "postcss-cssnext",
"severity": "moderate",
"isDirect": true,
"via": [
"autoprefixer",
"pixrem",
"pleeease-filters",
"postcss",
"postcss-apply",
"postcss-attribute-case-insensitive",
"postcss-calc",
"postcss-color-function",
"postcss-color-gray",
"postcss-color-hex-alpha",
"postcss-color-hsl",
"postcss-color-hwb",
"postcss-color-rebeccapurple",
"postcss-color-rgb",
"postcss-color-rgba-fallback",
"postcss-custom-media",
"postcss-custom-properties",
"postcss-custom-selectors",
"postcss-font-family-system-ui",
"postcss-font-variant",
"postcss-image-set-polyfill",
"postcss-initial",
"postcss-media-minmax",
"postcss-nesting",
"postcss-pseudo-class-any-link",
"postcss-pseudoelements",
"postcss-replace-overflow-wrap",
"postcss-selector-matches",
"postcss-selector-not"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/postcss-cssnext"
],
"fixAvailable": false
},
"postcss-custom-media": {
"name": "postcss-custom-media",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "4.0.0 - 6.0.0",
"nodes": [
"node_modules/postcss-custom-media"
],
"fixAvailable": true
},
"postcss-custom-properties": {
"name": "postcss-custom-properties",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "3.3.0 - 7.0.0",
"nodes": [
"node_modules/postcss-custom-properties"
],
"fixAvailable": true
},
"postcss-custom-selectors": {
"name": "postcss-custom-selectors",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss",
"postcss-selector-matches"
],
"effects": [],
"range": "2.3.0 - 4.0.1",
"nodes": [
"node_modules/postcss-custom-selectors"
],
"fixAvailable": true
},
"postcss-discard-comments": {
"name": "postcss-discard-comments",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-discard-comments"
],
"fixAvailable": true
},
"postcss-discard-duplicates": {
"name": "postcss-discard-duplicates",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.1.0 - 4.0.2",
"nodes": [
"node_modules/postcss-discard-duplicates"
],
"fixAvailable": true
},
"postcss-discard-empty": {
"name": "postcss-discard-empty",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.1.0 - 4.0.1",
"nodes": [
"node_modules/postcss-discard-empty"
],
"fixAvailable": true
},
"postcss-discard-overridden": {
"name": "postcss-discard-overridden",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-discard-overridden"
],
"fixAvailable": true
},
"postcss-font-family-system-ui": {
"name": "postcss-font-family-system-ui",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=3.0.0",
"nodes": [
"node_modules/postcss-font-family-system-ui"
],
"fixAvailable": false
},
"postcss-font-variant": {
"name": "postcss-font-variant",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.2.0 - 3.0.0",
"nodes": [
"node_modules/postcss-font-variant"
],
"fixAvailable": true
},
"postcss-image-set-polyfill": {
"name": "postcss-image-set-polyfill",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=0.4.4",
"nodes": [
"node_modules/postcss-image-set-polyfill"
],
"fixAvailable": false
},
"postcss-import": {
"name": "postcss-import",
"severity": "moderate",
"isDirect": true,
"via": [
"postcss"
],
"effects": [],
"range": "<=12.0.1",
"nodes": [
"node_modules/postcss-import"
],
"fixAvailable": {
"name": "postcss-import",
"version": "16.1.0",
"isSemVerMajor": true
}
},
"postcss-initial": {
"name": "postcss-initial",
"severity": "high",
"isDirect": false,
"via": [
"lodash.template",
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=3.0.2 || 4.0.0",
"nodes": [
"node_modules/postcss-initial"
],
"fixAvailable": false
},
"postcss-less": {
"name": "postcss-less",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"stylelint"
],
"range": "<=3.1.4",
"nodes": [
"node_modules/postcss-less"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"postcss-media-minmax": {
"name": "postcss-media-minmax",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.2.0 - 3.0.0",
"nodes": [
"node_modules/postcss-media-minmax"
],
"fixAvailable": true
},
"postcss-merge-longhand": {
"name": "postcss-merge-longhand",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss",
"stylehacks"
],
"effects": [],
"range": "<=4.0.11",
"nodes": [
"node_modules/postcss-merge-longhand"
],
"fixAvailable": true
},
"postcss-merge-rules": {
"name": "postcss-merge-rules",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.3",
"nodes": [
"node_modules/postcss-merge-rules"
],
"fixAvailable": true
},
"postcss-minify-font-values": {
"name": "postcss-minify-font-values",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-minify-font-values"
],
"fixAvailable": true
},
"postcss-minify-gradients": {
"name": "postcss-minify-gradients",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-minify-gradients"
],
"fixAvailable": true
},
"postcss-minify-params": {
"name": "postcss-minify-params",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-minify-params"
],
"fixAvailable": true
},
"postcss-minify-selectors": {
"name": "postcss-minify-selectors",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-minify-selectors"
],
"fixAvailable": true
},
"postcss-nesting": {
"name": "postcss-nesting",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=6.0.0",
"nodes": [
"node_modules/postcss-nesting"
],
"fixAvailable": false
},
"postcss-normalize-charset": {
"name": "postcss-normalize-charset",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-normalize-charset"
],
"fixAvailable": true
},
"postcss-normalize-display-values": {
"name": "postcss-normalize-display-values",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-display-values"
],
"fixAvailable": true
},
"postcss-normalize-positions": {
"name": "postcss-normalize-positions",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-positions"
],
"fixAvailable": true
},
"postcss-normalize-repeat-style": {
"name": "postcss-normalize-repeat-style",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-repeat-style"
],
"fixAvailable": true
},
"postcss-normalize-string": {
"name": "postcss-normalize-string",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-string"
],
"fixAvailable": true
},
"postcss-normalize-timing-functions": {
"name": "postcss-normalize-timing-functions",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-timing-functions"
],
"fixAvailable": true
},
"postcss-normalize-unicode": {
"name": "postcss-normalize-unicode",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-normalize-unicode"
],
"fixAvailable": true
},
"postcss-normalize-url": {
"name": "postcss-normalize-url",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.1.0 - 4.0.1",
"nodes": [
"node_modules/postcss-normalize-url"
],
"fixAvailable": true
},
"postcss-normalize-whitespace": {
"name": "postcss-normalize-whitespace",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-whitespace"
],
"fixAvailable": true
},
"postcss-ordered-values": {
"name": "postcss-ordered-values",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.1.2",
"nodes": [
"node_modules/postcss-ordered-values"
],
"fixAvailable": true
},
"postcss-pseudo-class-any-link": {
"name": "postcss-pseudo-class-any-link",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=5.0.0",
"nodes": [
"node_modules/postcss-pseudo-class-any-link"
],
"fixAvailable": true
},
"postcss-pseudoelements": {
"name": "postcss-pseudoelements",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": ">=2.2.0",
"nodes": [
"node_modules/postcss-pseudoelements"
],
"fixAvailable": true
},
"postcss-reduce-initial": {
"name": "postcss-reduce-initial",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.3",
"nodes": [
"node_modules/postcss-reduce-initial"
],
"fixAvailable": true
},
"postcss-reduce-transforms": {
"name": "postcss-reduce-transforms",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-reduce-transforms"
],
"fixAvailable": true
},
"postcss-replace-overflow-wrap": {
"name": "postcss-replace-overflow-wrap",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=2.0.0",
"nodes": [
"node_modules/postcss-replace-overflow-wrap"
],
"fixAvailable": false
},
"postcss-reporter": {
"name": "postcss-reporter",
"severity": "moderate",
"isDirect": true,
"via": [
"postcss"
],
"effects": [],
"range": "<=6.0.1",
"nodes": [
"node_modules/postcss-reporter"
],
"fixAvailable": {
"name": "postcss-reporter",
"version": "7.1.0",
"isSemVerMajor": true
}
},
"postcss-safe-parser": {
"name": "postcss-safe-parser",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"stylelint"
],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-safe-parser"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"postcss-sass": {
"name": "postcss-sass",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"stylelint"
],
"range": "<=0.4.4",
"nodes": [
"node_modules/postcss-sass"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"postcss-scss": {
"name": "postcss-scss",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"stylelint"
],
"range": "<=2.1.1",
"nodes": [
"node_modules/postcss-scss"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"postcss-selector-matches": {
"name": "postcss-selector-matches",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=3.0.1",
"nodes": [
"node_modules/postcss-selector-matches"
],
"fixAvailable": true
},
"postcss-selector-not": {
"name": "postcss-selector-not",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=3.0.1",
"nodes": [
"node_modules/postcss-selector-not"
],
"fixAvailable": true
},
"postcss-svgo": {
"name": "postcss-svgo",
"severity": "high",
"isDirect": false,
"via": [
"postcss",
"svgo"
],
"effects": [],
"range": "<=5.0.0-rc.2",
"nodes": [
"node_modules/postcss-svgo"
],
"fixAvailable": true
},
"postcss-unique-selectors": {
"name": "postcss-unique-selectors",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-unique-selectors"
],
"fixAvailable": true
},
"readdirp": {
"name": "readdirp",
"severity": "high",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar"
],
"range": "2.2.0 - 2.2.1",
"nodes": [
"node_modules/glob-watcher/node_modules/readdirp"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"request": {
"name": "request",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"tough-cookie"
],
"effects": [
"phantomjs-prebuilt"
],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"stylehacks": {
"name": "stylehacks",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-merge-longhand"
],
"range": "<=4.0.3",
"nodes": [
"node_modules/stylehacks"
],
"fixAvailable": true
},
"stylelint": {
"name": "stylelint",
"severity": "moderate",
"isDirect": false,
"via": [
"autoprefixer",
"postcss",
"postcss-less",
"postcss-safe-parser",
"postcss-sass",
"postcss-scss",
"sugarss"
],
"effects": [
"stylelint-config-wikimedia"
],
"range": "0.1.0 - 13.13.1",
"nodes": [
"node_modules/stylelint"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"stylelint-config-wikimedia": {
"name": "stylelint-config-wikimedia",
"severity": "moderate",
"isDirect": true,
"via": [
"stylelint"
],
"effects": [],
"range": "<=0.11.1",
"nodes": [
"node_modules/stylelint-config-wikimedia"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"sugarss": {
"name": "sugarss",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.0.0",
"nodes": [
"node_modules/sugarss"
],
"fixAvailable": true
},
"svg-sprite": {
"name": "svg-sprite",
"severity": "high",
"isDirect": false,
"via": [
"phantomjs-prebuilt",
"svgo"
],
"effects": [
"gulp-svg-sprite"
],
"range": "1.3.0 - 1.5.4",
"nodes": [
"node_modules/svg-sprite"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"svgo": {
"name": "svgo",
"severity": "high",
"isDirect": false,
"via": [
"css-select"
],
"effects": [
"postcss-svgo",
"svg-sprite"
],
"range": "1.0.0 - 1.3.2",
"nodes": [
"node_modules/svgo"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1096643,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/tough-cookie"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"vinyl-fs": {
"name": "vinyl-fs",
"severity": "high",
"isDirect": false,
"via": [
"glob-stream"
],
"effects": [
"gulp-useref"
],
"range": "2.4.2 - 3.0.3",
"nodes": [
"node_modules/vinyl-fs"
],
"fixAvailable": {
"name": "gulp-useref",
"version": "3.1.3",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 76,
"high": 31,
"critical": 0,
"total": 107
},
"dependencies": {
"prod": 1,
"dev": 1824,
"optional": 4,
"peer": 1,
"peerOptional": 0,
"total": 1824
}
}
}
--- end ---
Attempting to npm audit fix
$ /usr/bin/npm audit fix --dry-run --only=dev --json
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
--- stdout ---
{
"added": 1824,
"removed": 0,
"changed": 0,
"audited": 1825,
"funding": 157,
"audit": {
"auditReportVersion": 2,
"vulnerabilities": {
"@koa/cors": {
"name": "@koa/cors",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095223,
"name": "@koa/cors",
"dependency": "@koa/cors",
"title": "Overly permissive origin policy",
"url": "https://github.com/advisories/GHSA-qxrj-hx23-xp82",
"severity": "high",
"cwe": [
"CWE-346"
],
"cvss": {
"score": 8.6,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"
},
"range": "<5.0.0"
}
],
"effects": [
"es-dev-server"
],
"range": "<5.0.0",
"nodes": [
"node_modules/@koa/cors"
],
"fixAvailable": true
},
"anymatch": {
"name": "anymatch",
"severity": "high",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar",
"glob-watcher"
],
"range": "1.2.0 - 2.0.0",
"nodes": [
"node_modules/glob-watcher/node_modules/anymatch"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"autoprefixer": {
"name": "autoprefixer",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss",
"postcss"
],
"effects": [
"stylelint"
],
"range": "1.0.20131222 - 9.8.8",
"nodes": [
"node_modules/autoprefixer",
"node_modules/stylelint/node_modules/autoprefixer"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"braces": {
"name": "braces",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1097496,
"name": "braces",
"dependency": "braces",
"title": "Uncontrolled resource consumption in braces",
"url": "https://github.com/advisories/GHSA-grv7-fg5c-xmjg",
"severity": "high",
"cwe": [
"CWE-1050"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.3"
}
],
"effects": [
"chokidar",
"micromatch"
],
"range": "<3.0.3",
"nodes": [
"",
"node_modules/findup-sync/node_modules/braces",
"node_modules/glob-watcher/node_modules/braces",
"node_modules/matchdep/node_modules/braces"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"cheerio": {
"name": "cheerio",
"severity": "high",
"isDirect": false,
"via": [
"css-select",
"lodash.pick"
],
"effects": [
"gulp-inline"
],
"range": "0.19.0 - 1.0.0-rc.3",
"nodes": [
"node_modules/cheerio"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"chokidar": {
"name": "chokidar",
"severity": "high",
"isDirect": false,
"via": [
"anymatch",
"braces",
"glob-parent",
"readdirp"
],
"effects": [
"glob-watcher"
],
"range": "1.0.0-rc1 - 2.1.8",
"nodes": [
"node_modules/glob-watcher/node_modules/chokidar"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"color": {
"name": "color",
"severity": "moderate",
"isDirect": false,
"via": [
"color-string"
],
"effects": [
"css-color-function"
],
"range": "<=0.11.4",
"nodes": [
"node_modules/color"
],
"fixAvailable": true
},
"color-string": {
"name": "color-string",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1089718,
"name": "color-string",
"dependency": "color-string",
"title": "Regular Expression Denial of Service (ReDOS)",
"url": "https://github.com/advisories/GHSA-257v-vj4p-3w2h",
"severity": "moderate",
"cwe": [
"CWE-770"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<1.5.5"
}
],
"effects": [
"color"
],
"range": "<1.5.5",
"nodes": [
"node_modules/color/node_modules/color-string"
],
"fixAvailable": true
},
"css-color-function": {
"name": "css-color-function",
"severity": "moderate",
"isDirect": false,
"via": [
"color"
],
"effects": [
"postcss-color-function"
],
"range": "*",
"nodes": [
"node_modules/css-color-function"
],
"fixAvailable": true
},
"css-declaration-sorter": {
"name": "css-declaration-sorter",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=5.1.2",
"nodes": [
"node_modules/css-declaration-sorter"
],
"fixAvailable": true
},
"css-select": {
"name": "css-select",
"severity": "high",
"isDirect": false,
"via": [
"nth-check"
],
"effects": [
"cheerio",
"svgo"
],
"range": "<=3.1.0",
"nodes": [
"node_modules/css-select",
"node_modules/svgo/node_modules/css-select"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"cssnano": {
"name": "cssnano",
"severity": "moderate",
"isDirect": true,
"via": [
"cssnano-preset-default",
"postcss"
],
"effects": [],
"range": "<=4.1.11",
"nodes": [
"node_modules/cssnano"
],
"fixAvailable": {
"name": "cssnano",
"version": "7.0.2",
"isSemVerMajor": true
}
},
"cssnano-preset-default": {
"name": "cssnano-preset-default",
"severity": "moderate",
"isDirect": false,
"via": [
"css-declaration-sorter",
"cssnano-util-raw-cache",
"postcss",
"postcss-calc",
"postcss-colormin",
"postcss-convert-values",
"postcss-discard-comments",
"postcss-discard-duplicates",
"postcss-discard-empty",
"postcss-discard-overridden",
"postcss-merge-longhand",
"postcss-merge-rules",
"postcss-minify-font-values",
"postcss-minify-gradients",
"postcss-minify-params",
"postcss-minify-selectors",
"postcss-normalize-charset",
"postcss-normalize-display-values",
"postcss-normalize-positions",
"postcss-normalize-repeat-style",
"postcss-normalize-string",
"postcss-normalize-timing-functions",
"postcss-normalize-unicode",
"postcss-normalize-url",
"postcss-normalize-whitespace",
"postcss-ordered-values",
"postcss-reduce-initial",
"postcss-reduce-transforms",
"postcss-svgo",
"postcss-unique-selectors"
],
"effects": [
"cssnano"
],
"range": "<=4.0.8",
"nodes": [
"node_modules/cssnano-preset-default"
],
"fixAvailable": {
"name": "cssnano",
"version": "7.0.2",
"isSemVerMajor": true
}
},
"cssnano-util-raw-cache": {
"name": "cssnano-util-raw-cache",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/cssnano-util-raw-cache"
],
"fixAvailable": true
},
"es-dev-server": {
"name": "es-dev-server",
"severity": "high",
"isDirect": true,
"via": [
"@koa/cors"
],
"effects": [],
"range": ">=1.56.0",
"nodes": [
"node_modules/es-dev-server"
],
"fixAvailable": true
},
"findup-sync": {
"name": "findup-sync",
"severity": "high",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"liftoff",
"matchdep"
],
"range": "0.4.0 - 3.0.0",
"nodes": [
"node_modules/findup-sync",
"node_modules/matchdep/node_modules/findup-sync"
],
"fixAvailable": true
},
"glob-parent": {
"name": "glob-parent",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095007,
"name": "glob-parent",
"dependency": "glob-parent",
"title": "glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex",
"url": "https://github.com/advisories/GHSA-ww39-953v-wcq6",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<5.1.2"
}
],
"effects": [
"chokidar",
"glob-stream"
],
"range": "<5.1.2",
"nodes": [
"node_modules/glob-stream/node_modules/glob-parent",
"node_modules/glob-watcher/node_modules/glob-parent"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"glob-stream": {
"name": "glob-stream",
"severity": "high",
"isDirect": false,
"via": [
"glob-parent"
],
"effects": [
"vinyl-fs"
],
"range": "5.3.0 - 6.1.0",
"nodes": [
"node_modules/glob-stream"
],
"fixAvailable": {
"name": "gulp-useref",
"version": "3.1.3",
"isSemVerMajor": true
}
},
"glob-watcher": {
"name": "glob-watcher",
"severity": "high",
"isDirect": false,
"via": [
"anymatch",
"chokidar"
],
"effects": [
"gulp"
],
"range": "5.0.0 - 5.0.5",
"nodes": [
"node_modules/glob-watcher"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"gulp": {
"name": "gulp",
"severity": "high",
"isDirect": true,
"via": [
"glob-watcher",
"gulp-cli",
"vinyl-fs"
],
"effects": [],
"range": "4.0.0 - 4.0.2",
"nodes": [
"node_modules/gulp"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"gulp-cli": {
"name": "gulp-cli",
"severity": "high",
"isDirect": false,
"via": [
"liftoff",
"matchdep"
],
"effects": [],
"range": "1.3.0 - 2.3.0",
"nodes": [
"node_modules/gulp-cli"
],
"fixAvailable": true
},
"gulp-compile-handlebars": {
"name": "gulp-compile-handlebars",
"severity": "high",
"isDirect": true,
"via": [
"gulp-util"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/gulp-compile-handlebars"
],
"fixAvailable": false
},
"gulp-htmlmin": {
"name": "gulp-htmlmin",
"severity": "high",
"isDirect": true,
"via": [
"html-minifier"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/gulp-htmlmin"
],
"fixAvailable": false
},
"gulp-inline": {
"name": "gulp-inline",
"severity": "high",
"isDirect": true,
"via": [
"cheerio",
"gulp-util"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/gulp-inline"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"gulp-postcss": {
"name": "gulp-postcss",
"severity": "moderate",
"isDirect": true,
"via": [
"postcss"
],
"effects": [],
"range": "<=8.0.0",
"nodes": [
"node_modules/gulp-postcss"
],
"fixAvailable": {
"name": "gulp-postcss",
"version": "10.0.0",
"isSemVerMajor": true
}
},
"gulp-svg-sprite": {
"name": "gulp-svg-sprite",
"severity": "moderate",
"isDirect": true,
"via": [
"svg-sprite"
],
"effects": [],
"range": "1.3.0 - 1.5.0",
"nodes": [
"node_modules/gulp-svg-sprite"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"gulp-useref": {
"name": "gulp-useref",
"severity": "high",
"isDirect": true,
"via": [
"vinyl-fs"
],
"effects": [],
"range": ">=3.1.4",
"nodes": [
"node_modules/gulp-useref"
],
"fixAvailable": {
"name": "gulp-useref",
"version": "3.1.3",
"isSemVerMajor": true
}
},
"gulp-util": {
"name": "gulp-util",
"severity": "high",
"isDirect": false,
"via": [
"lodash.template"
],
"effects": [
"gulp-compile-handlebars",
"gulp-inline"
],
"range": ">=1.1.0",
"nodes": [
"node_modules/gulp-util"
],
"fixAvailable": false
},
"html-minifier": {
"name": "html-minifier",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1097148,
"name": "html-minifier",
"dependency": "html-minifier",
"title": "kangax html-minifier REDoS vulnerability",
"url": "https://github.com/advisories/GHSA-pfq8-rq6v-vf5m",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<=4.0.0"
}
],
"effects": [
"gulp-htmlmin"
],
"range": "*",
"nodes": [
"node_modules/html-minifier"
],
"fixAvailable": false
},
"liftoff": {
"name": "liftoff",
"severity": "high",
"isDirect": false,
"via": [
"findup-sync"
],
"effects": [
"gulp-cli"
],
"range": "2.2.3 - 3.1.0",
"nodes": [
"node_modules/liftoff"
],
"fixAvailable": true
},
"lodash.pick": {
"name": "lodash.pick",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1096303,
"name": "lodash.pick",
"dependency": "lodash.pick",
"title": "Prototype Pollution in lodash",
"url": "https://github.com/advisories/GHSA-p6mc-m468-83gw",
"severity": "high",
"cwe": [
"CWE-770",
"CWE-1321"
],
"cvss": {
"score": 7.4,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"
},
"range": ">=4.0.0 <=4.4.0"
}
],
"effects": [
"cheerio"
],
"range": ">=4.0.0",
"nodes": [
"node_modules/lodash.pick"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"lodash.template": {
"name": "lodash.template",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1096993,
"name": "lodash.template",
"dependency": "lodash.template",
"title": "Command Injection in lodash",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"severity": "high",
"cwe": [
"CWE-77",
"CWE-94"
],
"cvss": {
"score": 7.2,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=4.5.0"
}
],
"effects": [
"gulp-util",
"postcss-initial"
],
"range": "*",
"nodes": [
"node_modules/lodash.template",
"node_modules/postcss-initial/node_modules/lodash.template"
],
"fixAvailable": false
},
"matchdep": {
"name": "matchdep",
"severity": "high",
"isDirect": false,
"via": [
"findup-sync",
"micromatch"
],
"effects": [
"gulp-cli"
],
"range": ">=1.0.1",
"nodes": [
"node_modules/matchdep"
],
"fixAvailable": true
},
"micromatch": {
"name": "micromatch",
"severity": "high",
"isDirect": false,
"via": [
"braces"
],
"effects": [
"anymatch",
"findup-sync",
"matchdep",
"readdirp"
],
"range": "0.2.0 - 3.1.10",
"nodes": [
"node_modules/findup-sync/node_modules/micromatch",
"node_modules/glob-watcher/node_modules/micromatch",
"node_modules/matchdep/node_modules/micromatch"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"nth-check": {
"name": "nth-check",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095141,
"name": "nth-check",
"dependency": "nth-check",
"title": "Inefficient Regular Expression Complexity in nth-check",
"url": "https://github.com/advisories/GHSA-rp65-9cf3-cjxr",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<2.0.1"
}
],
"effects": [
"css-select"
],
"range": "<2.0.1",
"nodes": [
"node_modules/nth-check"
],
"fixAvailable": {
"name": "gulp-inline",
"version": "0.1.2",
"isSemVerMajor": true
}
},
"phantomjs-prebuilt": {
"name": "phantomjs-prebuilt",
"severity": "moderate",
"isDirect": false,
"via": [
"request"
],
"effects": [
"svg-sprite"
],
"range": "*",
"nodes": [
"node_modules/phantomjs-prebuilt"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"pixrem": {
"name": "pixrem",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/pixrem"
],
"fixAvailable": true
},
"pleeease-filters": {
"name": "pleeease-filters",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/pleeease-filters"
],
"fixAvailable": true
},
"postcss": {
"name": "postcss",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1093539,
"name": "postcss",
"dependency": "postcss",
"title": "Regular Expression Denial of Service in postcss",
"url": "https://github.com/advisories/GHSA-566m-qj78-rww5",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<7.0.36"
},
{
"source": 1094544,
"name": "postcss",
"dependency": "postcss",
"title": "PostCSS line return parsing error",
"url": "https://github.com/advisories/GHSA-7fh5-64p2-3v2j",
"severity": "moderate",
"cwe": [
"CWE-74",
"CWE-144"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<8.4.31"
}
],
"effects": [
"autoprefixer",
"css-declaration-sorter",
"cssnano",
"cssnano-preset-default",
"cssnano-util-raw-cache",
"gulp-postcss",
"pixrem",
"pleeease-filters",
"postcss-apply",
"postcss-attribute-case-insensitive",
"postcss-calc",
"postcss-color-function",
"postcss-color-gray",
"postcss-color-hex-alpha",
"postcss-color-hsl",
"postcss-color-hwb",
"postcss-color-rebeccapurple",
"postcss-color-rgb",
"postcss-color-rgba-fallback",
"postcss-colormin",
"postcss-convert-values",
"postcss-cssnext",
"postcss-custom-media",
"postcss-custom-properties",
"postcss-custom-selectors",
"postcss-discard-comments",
"postcss-discard-duplicates",
"postcss-discard-empty",
"postcss-discard-overridden",
"postcss-font-family-system-ui",
"postcss-font-variant",
"postcss-image-set-polyfill",
"postcss-import",
"postcss-initial",
"postcss-less",
"postcss-media-minmax",
"postcss-merge-longhand",
"postcss-merge-rules",
"postcss-minify-font-values",
"postcss-minify-gradients",
"postcss-minify-params",
"postcss-minify-selectors",
"postcss-nesting",
"postcss-normalize-charset",
"postcss-normalize-display-values",
"postcss-normalize-positions",
"postcss-normalize-repeat-style",
"postcss-normalize-string",
"postcss-normalize-timing-functions",
"postcss-normalize-unicode",
"postcss-normalize-url",
"postcss-normalize-whitespace",
"postcss-ordered-values",
"postcss-pseudo-class-any-link",
"postcss-pseudoelements",
"postcss-reduce-initial",
"postcss-reduce-transforms",
"postcss-replace-overflow-wrap",
"postcss-reporter",
"postcss-safe-parser",
"postcss-sass",
"postcss-scss",
"postcss-selector-matches",
"postcss-selector-not",
"postcss-svgo",
"postcss-unique-selectors",
"stylehacks",
"stylelint",
"sugarss"
],
"range": "<=8.4.30",
"nodes": [
"node_modules/autoprefixer/node_modules/postcss",
"node_modules/css-declaration-sorter/node_modules/postcss",
"node_modules/cssnano-preset-default/node_modules/postcss",
"node_modules/cssnano-util-raw-cache/node_modules/postcss",
"node_modules/cssnano/node_modules/postcss",
"node_modules/gulp-postcss/node_modules/postcss",
"node_modules/pixrem/node_modules/postcss",
"node_modules/pleeease-filters/node_modules/postcss",
"node_modules/postcss-apply/node_modules/postcss",
"node_modules/postcss-attribute-case-insensitive/node_modules/postcss",
"node_modules/postcss-calc/node_modules/postcss",
"node_modules/postcss-color-function/node_modules/postcss",
"node_modules/postcss-color-gray/node_modules/postcss",
"node_modules/postcss-color-hex-alpha/node_modules/postcss",
"node_modules/postcss-color-hsl/node_modules/postcss",
"node_modules/postcss-color-hwb/node_modules/postcss",
"node_modules/postcss-color-rebeccapurple/node_modules/postcss",
"node_modules/postcss-color-rgb/node_modules/postcss",
"node_modules/postcss-color-rgba-fallback/node_modules/postcss",
"node_modules/postcss-colormin/node_modules/postcss",
"node_modules/postcss-convert-values/node_modules/postcss",
"node_modules/postcss-cssnext/node_modules/postcss",
"node_modules/postcss-cssnext/node_modules/postcss-calc/node_modules/postcss",
"node_modules/postcss-custom-media/node_modules/postcss",
"node_modules/postcss-custom-properties/node_modules/postcss",
"node_modules/postcss-custom-selectors/node_modules/postcss",
"node_modules/postcss-discard-comments/node_modules/postcss",
"node_modules/postcss-discard-duplicates/node_modules/postcss",
"node_modules/postcss-discard-empty/node_modules/postcss",
"node_modules/postcss-discard-overridden/node_modules/postcss",
"node_modules/postcss-font-family-system-ui/node_modules/postcss",
"node_modules/postcss-font-variant/node_modules/postcss",
"node_modules/postcss-image-set-polyfill/node_modules/postcss",
"node_modules/postcss-import/node_modules/postcss",
"node_modules/postcss-initial/node_modules/postcss",
"node_modules/postcss-less/node_modules/postcss",
"node_modules/postcss-media-minmax/node_modules/postcss",
"node_modules/postcss-merge-longhand/node_modules/postcss",
"node_modules/postcss-merge-rules/node_modules/postcss",
"node_modules/postcss-minify-font-values/node_modules/postcss",
"node_modules/postcss-minify-gradients/node_modules/postcss",
"node_modules/postcss-minify-params/node_modules/postcss",
"node_modules/postcss-minify-selectors/node_modules/postcss",
"node_modules/postcss-nesting/node_modules/postcss",
"node_modules/postcss-normalize-charset/node_modules/postcss",
"node_modules/postcss-normalize-display-values/node_modules/postcss",
"node_modules/postcss-normalize-positions/node_modules/postcss",
"node_modules/postcss-normalize-repeat-style/node_modules/postcss",
"node_modules/postcss-normalize-string/node_modules/postcss",
"node_modules/postcss-normalize-timing-functions/node_modules/postcss",
"node_modules/postcss-normalize-unicode/node_modules/postcss",
"node_modules/postcss-normalize-url/node_modules/postcss",
"node_modules/postcss-normalize-whitespace/node_modules/postcss",
"node_modules/postcss-ordered-values/node_modules/postcss",
"node_modules/postcss-pseudo-class-any-link/node_modules/postcss",
"node_modules/postcss-pseudoelements/node_modules/postcss",
"node_modules/postcss-reduce-initial/node_modules/postcss",
"node_modules/postcss-reduce-transforms/node_modules/postcss",
"node_modules/postcss-replace-overflow-wrap/node_modules/postcss",
"node_modules/postcss-reporter/node_modules/postcss",
"node_modules/postcss-safe-parser/node_modules/postcss",
"node_modules/postcss-sass/node_modules/postcss",
"node_modules/postcss-scss/node_modules/postcss",
"node_modules/postcss-selector-matches/node_modules/postcss",
"node_modules/postcss-selector-not/node_modules/postcss",
"node_modules/postcss-svgo/node_modules/postcss",
"node_modules/postcss-unique-selectors/node_modules/postcss",
"node_modules/stylehacks/node_modules/postcss",
"node_modules/stylelint/node_modules/postcss",
"node_modules/sugarss/node_modules/postcss"
],
"fixAvailable": {
"name": "cssnano",
"version": "7.0.2",
"isSemVerMajor": true
}
},
"postcss-apply": {
"name": "postcss-apply",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=0.10.0",
"nodes": [
"node_modules/postcss-apply"
],
"fixAvailable": false
},
"postcss-attribute-case-insensitive": {
"name": "postcss-attribute-case-insensitive",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=3.0.1",
"nodes": [
"node_modules/postcss-attribute-case-insensitive"
],
"fixAvailable": false
},
"postcss-calc": {
"name": "postcss-calc",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "4.1.0 - 7.0.5",
"nodes": [
"node_modules/postcss-calc",
"node_modules/postcss-cssnext/node_modules/postcss-calc"
],
"fixAvailable": true
},
"postcss-color-function": {
"name": "postcss-color-function",
"severity": "moderate",
"isDirect": false,
"via": [
"css-color-function",
"postcss"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/postcss-color-function"
],
"fixAvailable": true
},
"postcss-color-gray": {
"name": "postcss-color-gray",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "3.0.0 - 4.1.0",
"nodes": [
"node_modules/postcss-color-gray"
],
"fixAvailable": true
},
"postcss-color-hex-alpha": {
"name": "postcss-color-hex-alpha",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.3.0 - 3.0.0",
"nodes": [
"node_modules/postcss-color-hex-alpha"
],
"fixAvailable": true
},
"postcss-color-hsl": {
"name": "postcss-color-hsl",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "*",
"nodes": [
"node_modules/postcss-color-hsl"
],
"fixAvailable": false
},
"postcss-color-hwb": {
"name": "postcss-color-hwb",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": ">=1.2.0",
"nodes": [
"node_modules/postcss-color-hwb"
],
"fixAvailable": true
},
"postcss-color-rebeccapurple": {
"name": "postcss-color-rebeccapurple",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.2.0 - 3.1.0",
"nodes": [
"node_modules/postcss-color-rebeccapurple"
],
"fixAvailable": true
},
"postcss-color-rgb": {
"name": "postcss-color-rgb",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/postcss-color-rgb"
],
"fixAvailable": true
},
"postcss-color-rgba-fallback": {
"name": "postcss-color-rgba-fallback",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=3.0.0",
"nodes": [
"node_modules/postcss-color-rgba-fallback"
],
"fixAvailable": true
},
"postcss-colormin": {
"name": "postcss-colormin",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.3",
"nodes": [
"node_modules/postcss-colormin"
],
"fixAvailable": true
},
"postcss-convert-values": {
"name": "postcss-convert-values",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-convert-values"
],
"fixAvailable": true
},
"postcss-cssnext": {
"name": "postcss-cssnext",
"severity": "moderate",
"isDirect": true,
"via": [
"autoprefixer",
"pixrem",
"pleeease-filters",
"postcss",
"postcss-apply",
"postcss-attribute-case-insensitive",
"postcss-calc",
"postcss-color-function",
"postcss-color-gray",
"postcss-color-hex-alpha",
"postcss-color-hsl",
"postcss-color-hwb",
"postcss-color-rebeccapurple",
"postcss-color-rgb",
"postcss-color-rgba-fallback",
"postcss-custom-media",
"postcss-custom-properties",
"postcss-custom-selectors",
"postcss-font-family-system-ui",
"postcss-font-variant",
"postcss-image-set-polyfill",
"postcss-initial",
"postcss-media-minmax",
"postcss-nesting",
"postcss-pseudo-class-any-link",
"postcss-pseudoelements",
"postcss-replace-overflow-wrap",
"postcss-selector-matches",
"postcss-selector-not"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/postcss-cssnext"
],
"fixAvailable": false
},
"postcss-custom-media": {
"name": "postcss-custom-media",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "4.0.0 - 6.0.0",
"nodes": [
"node_modules/postcss-custom-media"
],
"fixAvailable": true
},
"postcss-custom-properties": {
"name": "postcss-custom-properties",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "3.3.0 - 7.0.0",
"nodes": [
"node_modules/postcss-custom-properties"
],
"fixAvailable": true
},
"postcss-custom-selectors": {
"name": "postcss-custom-selectors",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss",
"postcss-selector-matches"
],
"effects": [],
"range": "2.3.0 - 4.0.1",
"nodes": [
"node_modules/postcss-custom-selectors"
],
"fixAvailable": true
},
"postcss-discard-comments": {
"name": "postcss-discard-comments",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-discard-comments"
],
"fixAvailable": true
},
"postcss-discard-duplicates": {
"name": "postcss-discard-duplicates",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.1.0 - 4.0.2",
"nodes": [
"node_modules/postcss-discard-duplicates"
],
"fixAvailable": true
},
"postcss-discard-empty": {
"name": "postcss-discard-empty",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.1.0 - 4.0.1",
"nodes": [
"node_modules/postcss-discard-empty"
],
"fixAvailable": true
},
"postcss-discard-overridden": {
"name": "postcss-discard-overridden",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-discard-overridden"
],
"fixAvailable": true
},
"postcss-font-family-system-ui": {
"name": "postcss-font-family-system-ui",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=3.0.0",
"nodes": [
"node_modules/postcss-font-family-system-ui"
],
"fixAvailable": false
},
"postcss-font-variant": {
"name": "postcss-font-variant",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.2.0 - 3.0.0",
"nodes": [
"node_modules/postcss-font-variant"
],
"fixAvailable": true
},
"postcss-image-set-polyfill": {
"name": "postcss-image-set-polyfill",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=0.4.4",
"nodes": [
"node_modules/postcss-image-set-polyfill"
],
"fixAvailable": false
},
"postcss-import": {
"name": "postcss-import",
"severity": "moderate",
"isDirect": true,
"via": [
"postcss"
],
"effects": [],
"range": "<=12.0.1",
"nodes": [
"node_modules/postcss-import"
],
"fixAvailable": {
"name": "postcss-import",
"version": "16.1.0",
"isSemVerMajor": true
}
},
"postcss-initial": {
"name": "postcss-initial",
"severity": "high",
"isDirect": false,
"via": [
"lodash.template",
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=3.0.2 || 4.0.0",
"nodes": [
"node_modules/postcss-initial"
],
"fixAvailable": false
},
"postcss-less": {
"name": "postcss-less",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"stylelint"
],
"range": "<=3.1.4",
"nodes": [
"node_modules/postcss-less"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"postcss-media-minmax": {
"name": "postcss-media-minmax",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.2.0 - 3.0.0",
"nodes": [
"node_modules/postcss-media-minmax"
],
"fixAvailable": true
},
"postcss-merge-longhand": {
"name": "postcss-merge-longhand",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss",
"stylehacks"
],
"effects": [],
"range": "<=4.0.11",
"nodes": [
"node_modules/postcss-merge-longhand"
],
"fixAvailable": true
},
"postcss-merge-rules": {
"name": "postcss-merge-rules",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.3",
"nodes": [
"node_modules/postcss-merge-rules"
],
"fixAvailable": true
},
"postcss-minify-font-values": {
"name": "postcss-minify-font-values",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-minify-font-values"
],
"fixAvailable": true
},
"postcss-minify-gradients": {
"name": "postcss-minify-gradients",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-minify-gradients"
],
"fixAvailable": true
},
"postcss-minify-params": {
"name": "postcss-minify-params",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-minify-params"
],
"fixAvailable": true
},
"postcss-minify-selectors": {
"name": "postcss-minify-selectors",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-minify-selectors"
],
"fixAvailable": true
},
"postcss-nesting": {
"name": "postcss-nesting",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=6.0.0",
"nodes": [
"node_modules/postcss-nesting"
],
"fixAvailable": false
},
"postcss-normalize-charset": {
"name": "postcss-normalize-charset",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-normalize-charset"
],
"fixAvailable": true
},
"postcss-normalize-display-values": {
"name": "postcss-normalize-display-values",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-display-values"
],
"fixAvailable": true
},
"postcss-normalize-positions": {
"name": "postcss-normalize-positions",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-positions"
],
"fixAvailable": true
},
"postcss-normalize-repeat-style": {
"name": "postcss-normalize-repeat-style",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-repeat-style"
],
"fixAvailable": true
},
"postcss-normalize-string": {
"name": "postcss-normalize-string",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-string"
],
"fixAvailable": true
},
"postcss-normalize-timing-functions": {
"name": "postcss-normalize-timing-functions",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-timing-functions"
],
"fixAvailable": true
},
"postcss-normalize-unicode": {
"name": "postcss-normalize-unicode",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-normalize-unicode"
],
"fixAvailable": true
},
"postcss-normalize-url": {
"name": "postcss-normalize-url",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.1.0 - 4.0.1",
"nodes": [
"node_modules/postcss-normalize-url"
],
"fixAvailable": true
},
"postcss-normalize-whitespace": {
"name": "postcss-normalize-whitespace",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-normalize-whitespace"
],
"fixAvailable": true
},
"postcss-ordered-values": {
"name": "postcss-ordered-values",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.1.2",
"nodes": [
"node_modules/postcss-ordered-values"
],
"fixAvailable": true
},
"postcss-pseudo-class-any-link": {
"name": "postcss-pseudo-class-any-link",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=5.0.0",
"nodes": [
"node_modules/postcss-pseudo-class-any-link"
],
"fixAvailable": true
},
"postcss-pseudoelements": {
"name": "postcss-pseudoelements",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": ">=2.2.0",
"nodes": [
"node_modules/postcss-pseudoelements"
],
"fixAvailable": true
},
"postcss-reduce-initial": {
"name": "postcss-reduce-initial",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.3",
"nodes": [
"node_modules/postcss-reduce-initial"
],
"fixAvailable": true
},
"postcss-reduce-transforms": {
"name": "postcss-reduce-transforms",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-reduce-transforms"
],
"fixAvailable": true
},
"postcss-replace-overflow-wrap": {
"name": "postcss-replace-overflow-wrap",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-cssnext"
],
"range": "<=2.0.0",
"nodes": [
"node_modules/postcss-replace-overflow-wrap"
],
"fixAvailable": false
},
"postcss-reporter": {
"name": "postcss-reporter",
"severity": "moderate",
"isDirect": true,
"via": [
"postcss"
],
"effects": [],
"range": "<=6.0.1",
"nodes": [
"node_modules/postcss-reporter"
],
"fixAvailable": {
"name": "postcss-reporter",
"version": "7.1.0",
"isSemVerMajor": true
}
},
"postcss-safe-parser": {
"name": "postcss-safe-parser",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"stylelint"
],
"range": "<=4.0.2",
"nodes": [
"node_modules/postcss-safe-parser"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"postcss-sass": {
"name": "postcss-sass",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"stylelint"
],
"range": "<=0.4.4",
"nodes": [
"node_modules/postcss-sass"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"postcss-scss": {
"name": "postcss-scss",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"stylelint"
],
"range": "<=2.1.1",
"nodes": [
"node_modules/postcss-scss"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"postcss-selector-matches": {
"name": "postcss-selector-matches",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=3.0.1",
"nodes": [
"node_modules/postcss-selector-matches"
],
"fixAvailable": true
},
"postcss-selector-not": {
"name": "postcss-selector-not",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=3.0.1",
"nodes": [
"node_modules/postcss-selector-not"
],
"fixAvailable": true
},
"postcss-svgo": {
"name": "postcss-svgo",
"severity": "high",
"isDirect": false,
"via": [
"postcss",
"svgo"
],
"effects": [],
"range": "<=5.0.0-rc.2",
"nodes": [
"node_modules/postcss-svgo"
],
"fixAvailable": true
},
"postcss-unique-selectors": {
"name": "postcss-unique-selectors",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.0.1",
"nodes": [
"node_modules/postcss-unique-selectors"
],
"fixAvailable": true
},
"readdirp": {
"name": "readdirp",
"severity": "high",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar"
],
"range": "2.2.0 - 2.2.1",
"nodes": [
"node_modules/glob-watcher/node_modules/readdirp"
],
"fixAvailable": {
"name": "gulp",
"version": "5.0.0",
"isSemVerMajor": true
}
},
"request": {
"name": "request",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"tough-cookie"
],
"effects": [
"phantomjs-prebuilt"
],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"stylehacks": {
"name": "stylehacks",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"postcss-merge-longhand"
],
"range": "<=4.0.3",
"nodes": [
"node_modules/stylehacks"
],
"fixAvailable": true
},
"stylelint": {
"name": "stylelint",
"severity": "moderate",
"isDirect": false,
"via": [
"autoprefixer",
"postcss",
"postcss-less",
"postcss-safe-parser",
"postcss-sass",
"postcss-scss",
"sugarss"
],
"effects": [
"stylelint-config-wikimedia"
],
"range": "0.1.0 - 13.13.1",
"nodes": [
"node_modules/stylelint"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"stylelint-config-wikimedia": {
"name": "stylelint-config-wikimedia",
"severity": "moderate",
"isDirect": true,
"via": [
"stylelint"
],
"effects": [],
"range": "<=0.11.1",
"nodes": [
"node_modules/stylelint-config-wikimedia"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.17.2",
"isSemVerMajor": true
}
},
"sugarss": {
"name": "sugarss",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.0.0",
"nodes": [
"node_modules/sugarss"
],
"fixAvailable": true
},
"svg-sprite": {
"name": "svg-sprite",
"severity": "high",
"isDirect": false,
"via": [
"phantomjs-prebuilt",
"svgo"
],
"effects": [
"gulp-svg-sprite"
],
"range": "1.3.0 - 1.5.4",
"nodes": [
"node_modules/svg-sprite"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"svgo": {
"name": "svgo",
"severity": "high",
"isDirect": false,
"via": [
"css-select"
],
"effects": [
"postcss-svgo",
"svg-sprite"
],
"range": "1.0.0 - 1.3.2",
"nodes": [
"node_modules/svgo"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1096643,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/tough-cookie"
],
"fixAvailable": {
"name": "gulp-svg-sprite",
"version": "2.0.3",
"isSemVerMajor": true
}
},
"vinyl-fs": {
"name": "vinyl-fs",
"severity": "high",
"isDirect": false,
"via": [
"glob-stream"
],
"effects": [
"gulp-useref"
],
"range": "2.4.2 - 3.0.3",
"nodes": [
"node_modules/vinyl-fs"
],
"fixAvailable": {
"name": "gulp-useref",
"version": "3.1.3",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 76,
"high": 31,
"critical": 0,
"total": 107
},
"dependencies": {
"prod": 1,
"dev": 1824,
"optional": 4,
"peer": 1,
"peerOptional": 0,
"total": 1824
}
}
}
}
--- end ---
{"added": 1824, "removed": 0, "changed": 0, "audited": 1825, "funding": 157, "audit": {"auditReportVersion": 2, "vulnerabilities": {"@koa/cors": {"name": "@koa/cors", "severity": "high", "isDirect": false, "via": [{"source": 1095223, "name": "@koa/cors", "dependency": "@koa/cors", "title": "Overly permissive origin policy", "url": "https://github.com/advisories/GHSA-qxrj-hx23-xp82", "severity": "high", "cwe": ["CWE-346"], "cvss": {"score": 8.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"}, "range": "<5.0.0"}], "effects": ["es-dev-server"], "range": "<5.0.0", "nodes": ["node_modules/@koa/cors"], "fixAvailable": true}, "anymatch": {"name": "anymatch", "severity": "high", "isDirect": false, "via": ["micromatch"], "effects": ["chokidar", "glob-watcher"], "range": "1.2.0 - 2.0.0", "nodes": ["node_modules/glob-watcher/node_modules/anymatch"], "fixAvailable": {"name": "gulp", "version": "5.0.0", "isSemVerMajor": true}}, "autoprefixer": {"name": "autoprefixer", "severity": "moderate", "isDirect": false, "via": ["postcss", "postcss"], "effects": ["stylelint"], "range": "1.0.20131222 - 9.8.8", "nodes": ["node_modules/autoprefixer", "node_modules/stylelint/node_modules/autoprefixer"], "fixAvailable": {"name": "stylelint-config-wikimedia", "version": "0.17.2", "isSemVerMajor": true}}, "braces": {"name": "braces", "severity": "high", "isDirect": false, "via": [{"source": 1097496, "name": "braces", "dependency": "braces", "title": "Uncontrolled resource consumption in braces", "url": "https://github.com/advisories/GHSA-grv7-fg5c-xmjg", "severity": "high", "cwe": ["CWE-1050"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.3"}], "effects": ["chokidar", "micromatch"], "range": "<3.0.3", "nodes": ["", "node_modules/findup-sync/node_modules/braces", "node_modules/glob-watcher/node_modules/braces", "node_modules/matchdep/node_modules/braces"], "fixAvailable": {"name": "gulp", "version": "5.0.0", "isSemVerMajor": true}}, "cheerio": {"name": "cheerio", "severity": "high", "isDirect": false, "via": ["css-select", "lodash.pick"], "effects": ["gulp-inline"], "range": "0.19.0 - 1.0.0-rc.3", "nodes": ["node_modules/cheerio"], "fixAvailable": {"name": "gulp-inline", "version": "0.1.2", "isSemVerMajor": true}}, "chokidar": {"name": "chokidar", "severity": "high", "isDirect": false, "via": ["anymatch", "braces", "glob-parent", "readdirp"], "effects": ["glob-watcher"], "range": "1.0.0-rc1 - 2.1.8", "nodes": ["node_modules/glob-watcher/node_modules/chokidar"], "fixAvailable": {"name": "gulp", "version": "5.0.0", "isSemVerMajor": true}}, "color": {"name": "color", "severity": "moderate", "isDirect": false, "via": ["color-string"], "effects": ["css-color-function"], "range": "<=0.11.4", "nodes": ["node_modules/color"], "fixAvailable": true}, "color-string": {"name": "color-string", "severity": "moderate", "isDirect": false, "via": [{"source": 1089718, "name": "color-string", "dependency": "color-string", "title": "Regular Expression Denial of Service (ReDOS)", "url": "https://github.com/advisories/GHSA-257v-vj4p-3w2h", "severity": "moderate", "cwe": ["CWE-770"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<1.5.5"}], "effects": ["color"], "range": "<1.5.5", "nodes": ["node_modules/color/node_modules/color-string"], "fixAvailable": true}, "css-color-function": {"name": "css-color-function", "severity": "moderate", "isDirect": false, "via": ["color"], "effects": ["postcss-color-function"], "range": "*", "nodes": ["node_modules/css-color-function"], "fixAvailable": true}, "css-declaration-sorter": {"name": "css-declaration-sorter", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=5.1.2", "nodes": ["node_modules/css-declaration-sorter"], "fixAvailable": true}, "css-select": {"name": "css-select", "severity": "high", "isDirect": false, "via": ["nth-check"], "effects": ["cheerio", "svgo"], "range": "<=3.1.0", "nodes": ["node_modules/css-select", "node_modules/svgo/node_modules/css-select"], "fixAvailable": {"name": "gulp-inline", "version": "0.1.2", "isSemVerMajor": true}}, "cssnano": {"name": "cssnano", "severity": "moderate", "isDirect": true, "via": ["cssnano-preset-default", "postcss"], "effects": [], "range": "<=4.1.11", "nodes": ["node_modules/cssnano"], "fixAvailable": {"name": "cssnano", "version": "7.0.2", "isSemVerMajor": true}}, "cssnano-preset-default": {"name": "cssnano-preset-default", "severity": "moderate", "isDirect": false, "via": ["css-declaration-sorter", "cssnano-util-raw-cache", "postcss", "postcss-calc", "postcss-colormin", "postcss-convert-values", "postcss-discard-comments", "postcss-discard-duplicates", "postcss-discard-empty", "postcss-discard-overridden", "postcss-merge-longhand", "postcss-merge-rules", "postcss-minify-font-values", "postcss-minify-gradients", "postcss-minify-params", "postcss-minify-selectors", "postcss-normalize-charset", "postcss-normalize-display-values", "postcss-normalize-positions", "postcss-normalize-repeat-style", "postcss-normalize-string", "postcss-normalize-timing-functions", "postcss-normalize-unicode", "postcss-normalize-url", "postcss-normalize-whitespace", "postcss-ordered-values", "postcss-reduce-initial", "postcss-reduce-transforms", "postcss-svgo", "postcss-unique-selectors"], "effects": ["cssnano"], "range": "<=4.0.8", "nodes": ["node_modules/cssnano-preset-default"], "fixAvailable": {"name": "cssnano", "version": "7.0.2", "isSemVerMajor": true}}, "cssnano-util-raw-cache": {"name": "cssnano-util-raw-cache", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "*", "nodes": ["node_modules/cssnano-util-raw-cache"], "fixAvailable": true}, "es-dev-server": {"name": "es-dev-server", "severity": "high", "isDirect": true, "via": ["@koa/cors"], "effects": [], "range": ">=1.56.0", "nodes": ["node_modules/es-dev-server"], "fixAvailable": true}, "findup-sync": {"name": "findup-sync", "severity": "high", "isDirect": false, "via": ["micromatch"], "effects": ["liftoff", "matchdep"], "range": "0.4.0 - 3.0.0", "nodes": ["node_modules/findup-sync", "node_modules/matchdep/node_modules/findup-sync"], "fixAvailable": true}, "glob-parent": {"name": "glob-parent", "severity": "high", "isDirect": false, "via": [{"source": 1095007, "name": "glob-parent", "dependency": "glob-parent", "title": "glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex", "url": "https://github.com/advisories/GHSA-ww39-953v-wcq6", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<5.1.2"}], "effects": ["chokidar", "glob-stream"], "range": "<5.1.2", "nodes": ["node_modules/glob-stream/node_modules/glob-parent", "node_modules/glob-watcher/node_modules/glob-parent"], "fixAvailable": {"name": "gulp", "version": "5.0.0", "isSemVerMajor": true}}, "glob-stream": {"name": "glob-stream", "severity": "high", "isDirect": false, "via": ["glob-parent"], "effects": ["vinyl-fs"], "range": "5.3.0 - 6.1.0", "nodes": ["node_modules/glob-stream"], "fixAvailable": {"name": "gulp-useref", "version": "3.1.3", "isSemVerMajor": true}}, "glob-watcher": {"name": "glob-watcher", "severity": "high", "isDirect": false, "via": ["anymatch", "chokidar"], "effects": ["gulp"], "range": "5.0.0 - 5.0.5", "nodes": ["node_modules/glob-watcher"], "fixAvailable": {"name": "gulp", "version": "5.0.0", "isSemVerMajor": true}}, "gulp": {"name": "gulp", "severity": "high", "isDirect": true, "via": ["glob-watcher", "gulp-cli", "vinyl-fs"], "effects": [], "range": "4.0.0 - 4.0.2", "nodes": ["node_modules/gulp"], "fixAvailable": {"name": "gulp", "version": "5.0.0", "isSemVerMajor": true}}, "gulp-cli": {"name": "gulp-cli", "severity": "high", "isDirect": false, "via": ["liftoff", "matchdep"], "effects": [], "range": "1.3.0 - 2.3.0", "nodes": ["node_modules/gulp-cli"], "fixAvailable": true}, "gulp-compile-handlebars": {"name": "gulp-compile-handlebars", "severity": "high", "isDirect": true, "via": ["gulp-util"], "effects": [], "range": "*", "nodes": ["node_modules/gulp-compile-handlebars"], "fixAvailable": false}, "gulp-htmlmin": {"name": "gulp-htmlmin", "severity": "high", "isDirect": true, "via": ["html-minifier"], "effects": [], "range": "*", "nodes": ["node_modules/gulp-htmlmin"], "fixAvailable": false}, "gulp-inline": {"name": "gulp-inline", "severity": "high", "isDirect": true, "via": ["cheerio", "gulp-util"], "effects": [], "range": "*", "nodes": ["node_modules/gulp-inline"], "fixAvailable": {"name": "gulp-inline", "version": "0.1.2", "isSemVerMajor": true}}, "gulp-postcss": {"name": "gulp-postcss", "severity": "moderate", "isDirect": true, "via": ["postcss"], "effects": [], "range": "<=8.0.0", "nodes": ["node_modules/gulp-postcss"], "fixAvailable": {"name": "gulp-postcss", "version": "10.0.0", "isSemVerMajor": true}}, "gulp-svg-sprite": {"name": "gulp-svg-sprite", "severity": "moderate", "isDirect": true, "via": ["svg-sprite"], "effects": [], "range": "1.3.0 - 1.5.0", "nodes": ["node_modules/gulp-svg-sprite"], "fixAvailable": {"name": "gulp-svg-sprite", "version": "2.0.3", "isSemVerMajor": true}}, "gulp-useref": {"name": "gulp-useref", "severity": "high", "isDirect": true, "via": ["vinyl-fs"], "effects": [], "range": ">=3.1.4", "nodes": ["node_modules/gulp-useref"], "fixAvailable": {"name": "gulp-useref", "version": "3.1.3", "isSemVerMajor": true}}, "gulp-util": {"name": "gulp-util", "severity": "high", "isDirect": false, "via": ["lodash.template"], "effects": ["gulp-compile-handlebars", "gulp-inline"], "range": ">=1.1.0", "nodes": ["node_modules/gulp-util"], "fixAvailable": false}, "html-minifier": {"name": "html-minifier", "severity": "high", "isDirect": false, "via": [{"source": 1097148, "name": "html-minifier", "dependency": "html-minifier", "title": "kangax html-minifier REDoS vulnerability", "url": "https://github.com/advisories/GHSA-pfq8-rq6v-vf5m", "severity": "high", "cwe": ["CWE-400", "CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<=4.0.0"}], "effects": ["gulp-htmlmin"], "range": "*", "nodes": ["node_modules/html-minifier"], "fixAvailable": false}, "liftoff": {"name": "liftoff", "severity": "high", "isDirect": false, "via": ["findup-sync"], "effects": ["gulp-cli"], "range": "2.2.3 - 3.1.0", "nodes": ["node_modules/liftoff"], "fixAvailable": true}, "lodash.pick": {"name": "lodash.pick", "severity": "high", "isDirect": false, "via": [{"source": 1096303, "name": "lodash.pick", "dependency": "lodash.pick", "title": "Prototype Pollution in lodash", "url": "https://github.com/advisories/GHSA-p6mc-m468-83gw", "severity": "high", "cwe": ["CWE-770", "CWE-1321"], "cvss": {"score": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "range": ">=4.0.0 <=4.4.0"}], "effects": ["cheerio"], "range": ">=4.0.0", "nodes": ["node_modules/lodash.pick"], "fixAvailable": {"name": "gulp-inline", "version": "0.1.2", "isSemVerMajor": true}}, "lodash.template": {"name": "lodash.template", "severity": "high", "isDirect": false, "via": [{"source": 1096993, "name": "lodash.template", "dependency": "lodash.template", "title": "Command Injection in lodash", "url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm", "severity": "high", "cwe": ["CWE-77", "CWE-94"], "cvss": {"score": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "range": "<=4.5.0"}], "effects": ["gulp-util", "postcss-initial"], "range": "*", "nodes": ["node_modules/lodash.template", "node_modules/postcss-initial/node_modules/lodash.template"], "fixAvailable": false}, "matchdep": {"name": "matchdep", "severity": "high", "isDirect": false, "via": ["findup-sync", "micromatch"], "effects": ["gulp-cli"], "range": ">=1.0.1", "nodes": ["node_modules/matchdep"], "fixAvailable": true}, "micromatch": {"name": "micromatch", "severity": "high", "isDirect": false, "via": ["braces"], "effects": ["anymatch", "findup-sync", "matchdep", "readdirp"], "range": "0.2.0 - 3.1.10", "nodes": ["node_modules/findup-sync/node_modules/micromatch", "node_modules/glob-watcher/node_modules/micromatch", "node_modules/matchdep/node_modules/micromatch"], "fixAvailable": {"name": "gulp", "version": "5.0.0", "isSemVerMajor": true}}, "nth-check": {"name": "nth-check", "severity": "high", "isDirect": false, "via": [{"source": 1095141, "name": "nth-check", "dependency": "nth-check", "title": "Inefficient Regular Expression Complexity in nth-check", "url": "https://github.com/advisories/GHSA-rp65-9cf3-cjxr", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<2.0.1"}], "effects": ["css-select"], "range": "<2.0.1", "nodes": ["node_modules/nth-check"], "fixAvailable": {"name": "gulp-inline", "version": "0.1.2", "isSemVerMajor": true}}, "phantomjs-prebuilt": {"name": "phantomjs-prebuilt", "severity": "moderate", "isDirect": false, "via": ["request"], "effects": ["svg-sprite"], "range": "*", "nodes": ["node_modules/phantomjs-prebuilt"], "fixAvailable": {"name": "gulp-svg-sprite", "version": "2.0.3", "isSemVerMajor": true}}, "pixrem": {"name": "pixrem", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.1", "nodes": ["node_modules/pixrem"], "fixAvailable": true}, "pleeease-filters": {"name": "pleeease-filters", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "*", "nodes": ["node_modules/pleeease-filters"], "fixAvailable": true}, "postcss": {"name": "postcss", "severity": "moderate", "isDirect": false, "via": [{"source": 1093539, "name": "postcss", "dependency": "postcss", "title": "Regular Expression Denial of Service in postcss", "url": "https://github.com/advisories/GHSA-566m-qj78-rww5", "severity": "moderate", "cwe": ["CWE-400"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<7.0.36"}, {"source": 1094544, "name": "postcss", "dependency": "postcss", "title": "PostCSS line return parsing error", "url": "https://github.com/advisories/GHSA-7fh5-64p2-3v2j", "severity": "moderate", "cwe": ["CWE-74", "CWE-144"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "range": "<8.4.31"}], "effects": ["autoprefixer", "css-declaration-sorter", "cssnano", "cssnano-preset-default", "cssnano-util-raw-cache", "gulp-postcss", "pixrem", "pleeease-filters", "postcss-apply", "postcss-attribute-case-insensitive", "postcss-calc", "postcss-color-function", "postcss-color-gray", "postcss-color-hex-alpha", "postcss-color-hsl", "postcss-color-hwb", "postcss-color-rebeccapurple", "postcss-color-rgb", "postcss-color-rgba-fallback", "postcss-colormin", "postcss-convert-values", "postcss-cssnext", "postcss-custom-media", "postcss-custom-properties", "postcss-custom-selectors", "postcss-discard-comments", "postcss-discard-duplicates", "postcss-discard-empty", "postcss-discard-overridden", "postcss-font-family-system-ui", "postcss-font-variant", "postcss-image-set-polyfill", "postcss-import", "postcss-initial", "postcss-less", "postcss-media-minmax", "postcss-merge-longhand", "postcss-merge-rules", "postcss-minify-font-values", "postcss-minify-gradients", "postcss-minify-params", "postcss-minify-selectors", "postcss-nesting", "postcss-normalize-charset", "postcss-normalize-display-values", "postcss-normalize-positions", "postcss-normalize-repeat-style", "postcss-normalize-string", "postcss-normalize-timing-functions", "postcss-normalize-unicode", "postcss-normalize-url", "postcss-normalize-whitespace", "postcss-ordered-values", "postcss-pseudo-class-any-link", "postcss-pseudoelements", "postcss-reduce-initial", "postcss-reduce-transforms", "postcss-replace-overflow-wrap", "postcss-reporter", "postcss-safe-parser", "postcss-sass", "postcss-scss", "postcss-selector-matches", "postcss-selector-not", "postcss-svgo", "postcss-unique-selectors", "stylehacks", "stylelint", "sugarss"], "range": "<=8.4.30", "nodes": ["node_modules/autoprefixer/node_modules/postcss", "node_modules/css-declaration-sorter/node_modules/postcss", "node_modules/cssnano-preset-default/node_modules/postcss", "node_modules/cssnano-util-raw-cache/node_modules/postcss", "node_modules/cssnano/node_modules/postcss", "node_modules/gulp-postcss/node_modules/postcss", "node_modules/pixrem/node_modules/postcss", "node_modules/pleeease-filters/node_modules/postcss", "node_modules/postcss-apply/node_modules/postcss", "node_modules/postcss-attribute-case-insensitive/node_modules/postcss", "node_modules/postcss-calc/node_modules/postcss", "node_modules/postcss-color-function/node_modules/postcss", "node_modules/postcss-color-gray/node_modules/postcss", "node_modules/postcss-color-hex-alpha/node_modules/postcss", "node_modules/postcss-color-hsl/node_modules/postcss", "node_modules/postcss-color-hwb/node_modules/postcss", "node_modules/postcss-color-rebeccapurple/node_modules/postcss", "node_modules/postcss-color-rgb/node_modules/postcss", "node_modules/postcss-color-rgba-fallback/node_modules/postcss", "node_modules/postcss-colormin/node_modules/postcss", "node_modules/postcss-convert-values/node_modules/postcss", "node_modules/postcss-cssnext/node_modules/postcss", "node_modules/postcss-cssnext/node_modules/postcss-calc/node_modules/postcss", "node_modules/postcss-custom-media/node_modules/postcss", "node_modules/postcss-custom-properties/node_modules/postcss", "node_modules/postcss-custom-selectors/node_modules/postcss", "node_modules/postcss-discard-comments/node_modules/postcss", "node_modules/postcss-discard-duplicates/node_modules/postcss", "node_modules/postcss-discard-empty/node_modules/postcss", "node_modules/postcss-discard-overridden/node_modules/postcss", "node_modules/postcss-font-family-system-ui/node_modules/postcss", "node_modules/postcss-font-variant/node_modules/postcss", "node_modules/postcss-image-set-polyfill/node_modules/postcss", "node_modules/postcss-import/node_modules/postcss", "node_modules/postcss-initial/node_modules/postcss", "node_modules/postcss-less/node_modules/postcss", "node_modules/postcss-media-minmax/node_modules/postcss", "node_modules/postcss-merge-longhand/node_modules/postcss", "node_modules/postcss-merge-rules/node_modules/postcss", "node_modules/postcss-minify-font-values/node_modules/postcss", "node_modules/postcss-minify-gradients/node_modules/postcss", "node_modules/postcss-minify-params/node_modules/postcss", "node_modules/postcss-minify-selectors/node_modules/postcss", "node_modules/postcss-nesting/node_modules/postcss", "node_modules/postcss-normalize-charset/node_modules/postcss", "node_modules/postcss-normalize-display-values/node_modules/postcss", "node_modules/postcss-normalize-positions/node_modules/postcss", "node_modules/postcss-normalize-repeat-style/node_modules/postcss", "node_modules/postcss-normalize-string/node_modules/postcss", "node_modules/postcss-normalize-timing-functions/node_modules/postcss", "node_modules/postcss-normalize-unicode/node_modules/postcss", "node_modules/postcss-normalize-url/node_modules/postcss", "node_modules/postcss-normalize-whitespace/node_modules/postcss", "node_modules/postcss-ordered-values/node_modules/postcss", "node_modules/postcss-pseudo-class-any-link/node_modules/postcss", "node_modules/postcss-pseudoelements/node_modules/postcss", "node_modules/postcss-reduce-initial/node_modules/postcss", "node_modules/postcss-reduce-transforms/node_modules/postcss", "node_modules/postcss-replace-overflow-wrap/node_modules/postcss", "node_modules/postcss-reporter/node_modules/postcss", "node_modules/postcss-safe-parser/node_modules/postcss", "node_modules/postcss-sass/node_modules/postcss", "node_modules/postcss-scss/node_modules/postcss", "node_modules/postcss-selector-matches/node_modules/postcss", "node_modules/postcss-selector-not/node_modules/postcss", "node_modules/postcss-svgo/node_modules/postcss", "node_modules/postcss-unique-selectors/node_modules/postcss", "node_modules/stylehacks/node_modules/postcss", "node_modules/stylelint/node_modules/postcss", "node_modules/sugarss/node_modules/postcss"], "fixAvailable": {"name": "cssnano", "version": "7.0.2", "isSemVerMajor": true}}, "postcss-apply": {"name": "postcss-apply", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["postcss-cssnext"], "range": "<=0.10.0", "nodes": ["node_modules/postcss-apply"], "fixAvailable": false}, "postcss-attribute-case-insensitive": {"name": "postcss-attribute-case-insensitive", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["postcss-cssnext"], "range": "<=3.0.1", "nodes": ["node_modules/postcss-attribute-case-insensitive"], "fixAvailable": false}, "postcss-calc": {"name": "postcss-calc", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "4.1.0 - 7.0.5", "nodes": ["node_modules/postcss-calc", "node_modules/postcss-cssnext/node_modules/postcss-calc"], "fixAvailable": true}, "postcss-color-function": {"name": "postcss-color-function", "severity": "moderate", "isDirect": false, "via": ["css-color-function", "postcss"], "effects": [], "range": "*", "nodes": ["node_modules/postcss-color-function"], "fixAvailable": true}, "postcss-color-gray": {"name": "postcss-color-gray", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "3.0.0 - 4.1.0", "nodes": ["node_modules/postcss-color-gray"], "fixAvailable": true}, "postcss-color-hex-alpha": {"name": "postcss-color-hex-alpha", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "1.3.0 - 3.0.0", "nodes": ["node_modules/postcss-color-hex-alpha"], "fixAvailable": true}, "postcss-color-hsl": {"name": "postcss-color-hsl", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["postcss-cssnext"], "range": "*", "nodes": ["node_modules/postcss-color-hsl"], "fixAvailable": false}, "postcss-color-hwb": {"name": "postcss-color-hwb", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": ">=1.2.0", "nodes": ["node_modules/postcss-color-hwb"], "fixAvailable": true}, "postcss-color-rebeccapurple": {"name": "postcss-color-rebeccapurple", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "1.2.0 - 3.1.0", "nodes": ["node_modules/postcss-color-rebeccapurple"], "fixAvailable": true}, "postcss-color-rgb": {"name": "postcss-color-rgb", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "*", "nodes": ["node_modules/postcss-color-rgb"], "fixAvailable": true}, "postcss-color-rgba-fallback": {"name": "postcss-color-rgba-fallback", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=3.0.0", "nodes": ["node_modules/postcss-color-rgba-fallback"], "fixAvailable": true}, "postcss-colormin": {"name": "postcss-colormin", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.3", "nodes": ["node_modules/postcss-colormin"], "fixAvailable": true}, "postcss-convert-values": {"name": "postcss-convert-values", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.1", "nodes": ["node_modules/postcss-convert-values"], "fixAvailable": true}, "postcss-cssnext": {"name": "postcss-cssnext", "severity": "moderate", "isDirect": true, "via": ["autoprefixer", "pixrem", "pleeease-filters", "postcss", "postcss-apply", "postcss-attribute-case-insensitive", "postcss-calc", "postcss-color-function", "postcss-color-gray", "postcss-color-hex-alpha", "postcss-color-hsl", "postcss-color-hwb", "postcss-color-rebeccapurple", "postcss-color-rgb", "postcss-color-rgba-fallback", "postcss-custom-media", "postcss-custom-properties", "postcss-custom-selectors", "postcss-font-family-system-ui", "postcss-font-variant", "postcss-image-set-polyfill", "postcss-initial", "postcss-media-minmax", "postcss-nesting", "postcss-pseudo-class-any-link", "postcss-pseudoelements", "postcss-replace-overflow-wrap", "postcss-selector-matches", "postcss-selector-not"], "effects": [], "range": "*", "nodes": ["node_modules/postcss-cssnext"], "fixAvailable": false}, "postcss-custom-media": {"name": "postcss-custom-media", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "4.0.0 - 6.0.0", "nodes": ["node_modules/postcss-custom-media"], "fixAvailable": true}, "postcss-custom-properties": {"name": "postcss-custom-properties", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "3.3.0 - 7.0.0", "nodes": ["node_modules/postcss-custom-properties"], "fixAvailable": true}, "postcss-custom-selectors": {"name": "postcss-custom-selectors", "severity": "moderate", "isDirect": false, "via": ["postcss", "postcss-selector-matches"], "effects": [], "range": "2.3.0 - 4.0.1", "nodes": ["node_modules/postcss-custom-selectors"], "fixAvailable": true}, "postcss-discard-comments": {"name": "postcss-discard-comments", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.2", "nodes": ["node_modules/postcss-discard-comments"], "fixAvailable": true}, "postcss-discard-duplicates": {"name": "postcss-discard-duplicates", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "1.1.0 - 4.0.2", "nodes": ["node_modules/postcss-discard-duplicates"], "fixAvailable": true}, "postcss-discard-empty": {"name": "postcss-discard-empty", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "1.1.0 - 4.0.1", "nodes": ["node_modules/postcss-discard-empty"], "fixAvailable": true}, "postcss-discard-overridden": {"name": "postcss-discard-overridden", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.1", "nodes": ["node_modules/postcss-discard-overridden"], "fixAvailable": true}, "postcss-font-family-system-ui": {"name": "postcss-font-family-system-ui", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["postcss-cssnext"], "range": "<=3.0.0", "nodes": ["node_modules/postcss-font-family-system-ui"], "fixAvailable": false}, "postcss-font-variant": {"name": "postcss-font-variant", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "1.2.0 - 3.0.0", "nodes": ["node_modules/postcss-font-variant"], "fixAvailable": true}, "postcss-image-set-polyfill": {"name": "postcss-image-set-polyfill", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["postcss-cssnext"], "range": "<=0.4.4", "nodes": ["node_modules/postcss-image-set-polyfill"], "fixAvailable": false}, "postcss-import": {"name": "postcss-import", "severity": "moderate", "isDirect": true, "via": ["postcss"], "effects": [], "range": "<=12.0.1", "nodes": ["node_modules/postcss-import"], "fixAvailable": {"name": "postcss-import", "version": "16.1.0", "isSemVerMajor": true}}, "postcss-initial": {"name": "postcss-initial", "severity": "high", "isDirect": false, "via": ["lodash.template", "postcss"], "effects": ["postcss-cssnext"], "range": "<=3.0.2 || 4.0.0", "nodes": ["node_modules/postcss-initial"], "fixAvailable": false}, "postcss-less": {"name": "postcss-less", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["stylelint"], "range": "<=3.1.4", "nodes": ["node_modules/postcss-less"], "fixAvailable": {"name": "stylelint-config-wikimedia", "version": "0.17.2", "isSemVerMajor": true}}, "postcss-media-minmax": {"name": "postcss-media-minmax", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "1.2.0 - 3.0.0", "nodes": ["node_modules/postcss-media-minmax"], "fixAvailable": true}, "postcss-merge-longhand": {"name": "postcss-merge-longhand", "severity": "moderate", "isDirect": false, "via": ["postcss", "stylehacks"], "effects": [], "range": "<=4.0.11", "nodes": ["node_modules/postcss-merge-longhand"], "fixAvailable": true}, "postcss-merge-rules": {"name": "postcss-merge-rules", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.3", "nodes": ["node_modules/postcss-merge-rules"], "fixAvailable": true}, "postcss-minify-font-values": {"name": "postcss-minify-font-values", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.2", "nodes": ["node_modules/postcss-minify-font-values"], "fixAvailable": true}, "postcss-minify-gradients": {"name": "postcss-minify-gradients", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.2", "nodes": ["node_modules/postcss-minify-gradients"], "fixAvailable": true}, "postcss-minify-params": {"name": "postcss-minify-params", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.2", "nodes": ["node_modules/postcss-minify-params"], "fixAvailable": true}, "postcss-minify-selectors": {"name": "postcss-minify-selectors", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.2", "nodes": ["node_modules/postcss-minify-selectors"], "fixAvailable": true}, "postcss-nesting": {"name": "postcss-nesting", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["postcss-cssnext"], "range": "<=6.0.0", "nodes": ["node_modules/postcss-nesting"], "fixAvailable": false}, "postcss-normalize-charset": {"name": "postcss-normalize-charset", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.1", "nodes": ["node_modules/postcss-normalize-charset"], "fixAvailable": true}, "postcss-normalize-display-values": {"name": "postcss-normalize-display-values", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.2", "nodes": ["node_modules/postcss-normalize-display-values"], "fixAvailable": true}, "postcss-normalize-positions": {"name": "postcss-normalize-positions", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.2", "nodes": ["node_modules/postcss-normalize-positions"], "fixAvailable": true}, "postcss-normalize-repeat-style": {"name": "postcss-normalize-repeat-style", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.2", "nodes": ["node_modules/postcss-normalize-repeat-style"], "fixAvailable": true}, "postcss-normalize-string": {"name": "postcss-normalize-string", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.2", "nodes": ["node_modules/postcss-normalize-string"], "fixAvailable": true}, "postcss-normalize-timing-functions": {"name": "postcss-normalize-timing-functions", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.2", "nodes": ["node_modules/postcss-normalize-timing-functions"], "fixAvailable": true}, "postcss-normalize-unicode": {"name": "postcss-normalize-unicode", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.1", "nodes": ["node_modules/postcss-normalize-unicode"], "fixAvailable": true}, "postcss-normalize-url": {"name": "postcss-normalize-url", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "1.1.0 - 4.0.1", "nodes": ["node_modules/postcss-normalize-url"], "fixAvailable": true}, "postcss-normalize-whitespace": {"name": "postcss-normalize-whitespace", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.2", "nodes": ["node_modules/postcss-normalize-whitespace"], "fixAvailable": true}, "postcss-ordered-values": {"name": "postcss-ordered-values", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.1.2", "nodes": ["node_modules/postcss-ordered-values"], "fixAvailable": true}, "postcss-pseudo-class-any-link": {"name": "postcss-pseudo-class-any-link", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=5.0.0", "nodes": ["node_modules/postcss-pseudo-class-any-link"], "fixAvailable": true}, "postcss-pseudoelements": {"name": "postcss-pseudoelements", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": ">=2.2.0", "nodes": ["node_modules/postcss-pseudoelements"], "fixAvailable": true}, "postcss-reduce-initial": {"name": "postcss-reduce-initial", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.3", "nodes": ["node_modules/postcss-reduce-initial"], "fixAvailable": true}, "postcss-reduce-transforms": {"name": "postcss-reduce-transforms", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.2", "nodes": ["node_modules/postcss-reduce-transforms"], "fixAvailable": true}, "postcss-replace-overflow-wrap": {"name": "postcss-replace-overflow-wrap", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["postcss-cssnext"], "range": "<=2.0.0", "nodes": ["node_modules/postcss-replace-overflow-wrap"], "fixAvailable": false}, "postcss-reporter": {"name": "postcss-reporter", "severity": "moderate", "isDirect": true, "via": ["postcss"], "effects": [], "range": "<=6.0.1", "nodes": ["node_modules/postcss-reporter"], "fixAvailable": {"name": "postcss-reporter", "version": "7.1.0", "isSemVerMajor": true}}, "postcss-safe-parser": {"name": "postcss-safe-parser", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["stylelint"], "range": "<=4.0.2", "nodes": ["node_modules/postcss-safe-parser"], "fixAvailable": {"name": "stylelint-config-wikimedia", "version": "0.17.2", "isSemVerMajor": true}}, "postcss-sass": {"name": "postcss-sass", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["stylelint"], "range": "<=0.4.4", "nodes": ["node_modules/postcss-sass"], "fixAvailable": {"name": "stylelint-config-wikimedia", "version": "0.17.2", "isSemVerMajor": true}}, "postcss-scss": {"name": "postcss-scss", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["stylelint"], "range": "<=2.1.1", "nodes": ["node_modules/postcss-scss"], "fixAvailable": {"name": "stylelint-config-wikimedia", "version": "0.17.2", "isSemVerMajor": true}}, "postcss-selector-matches": {"name": "postcss-selector-matches", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=3.0.1", "nodes": ["node_modules/postcss-selector-matches"], "fixAvailable": true}, "postcss-selector-not": {"name": "postcss-selector-not", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=3.0.1", "nodes": ["node_modules/postcss-selector-not"], "fixAvailable": true}, "postcss-svgo": {"name": "postcss-svgo", "severity": "high", "isDirect": false, "via": ["postcss", "svgo"], "effects": [], "range": "<=5.0.0-rc.2", "nodes": ["node_modules/postcss-svgo"], "fixAvailable": true}, "postcss-unique-selectors": {"name": "postcss-unique-selectors", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.0.1", "nodes": ["node_modules/postcss-unique-selectors"], "fixAvailable": true}, "readdirp": {"name": "readdirp", "severity": "high", "isDirect": false, "via": ["micromatch"], "effects": ["chokidar"], "range": "2.2.0 - 2.2.1", "nodes": ["node_modules/glob-watcher/node_modules/readdirp"], "fixAvailable": {"name": "gulp", "version": "5.0.0", "isSemVerMajor": true}}, "request": {"name": "request", "severity": "moderate", "isDirect": false, "via": [{"source": 1096727, "name": "request", "dependency": "request", "title": "Server-Side Request Forgery in Request", "url": "https://github.com/advisories/GHSA-p8p7-x288-28g6", "severity": "moderate", "cwe": ["CWE-918"], "cvss": {"score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "range": "<=2.88.2"}, "tough-cookie"], "effects": ["phantomjs-prebuilt"], "range": "*", "nodes": ["node_modules/request"], "fixAvailable": {"name": "gulp-svg-sprite", "version": "2.0.3", "isSemVerMajor": true}}, "stylehacks": {"name": "stylehacks", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["postcss-merge-longhand"], "range": "<=4.0.3", "nodes": ["node_modules/stylehacks"], "fixAvailable": true}, "stylelint": {"name": "stylelint", "severity": "moderate", "isDirect": false, "via": ["autoprefixer", "postcss", "postcss-less", "postcss-safe-parser", "postcss-sass", "postcss-scss", "sugarss"], "effects": ["stylelint-config-wikimedia"], "range": "0.1.0 - 13.13.1", "nodes": ["node_modules/stylelint"], "fixAvailable": {"name": "stylelint-config-wikimedia", "version": "0.17.2", "isSemVerMajor": true}}, "stylelint-config-wikimedia": {"name": "stylelint-config-wikimedia", "severity": "moderate", "isDirect": true, "via": ["stylelint"], "effects": [], "range": "<=0.11.1", "nodes": ["node_modules/stylelint-config-wikimedia"], "fixAvailable": {"name": "stylelint-config-wikimedia", "version": "0.17.2", "isSemVerMajor": true}}, "sugarss": {"name": "sugarss", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=2.0.0", "nodes": ["node_modules/sugarss"], "fixAvailable": true}, "svg-sprite": {"name": "svg-sprite", "severity": "high", "isDirect": false, "via": ["phantomjs-prebuilt", "svgo"], "effects": ["gulp-svg-sprite"], "range": "1.3.0 - 1.5.4", "nodes": ["node_modules/svg-sprite"], "fixAvailable": {"name": "gulp-svg-sprite", "version": "2.0.3", "isSemVerMajor": true}}, "svgo": {"name": "svgo", "severity": "high", "isDirect": false, "via": ["css-select"], "effects": ["postcss-svgo", "svg-sprite"], "range": "1.0.0 - 1.3.2", "nodes": ["node_modules/svgo"], "fixAvailable": {"name": "gulp-svg-sprite", "version": "2.0.3", "isSemVerMajor": true}}, "tough-cookie": {"name": "tough-cookie", "severity": "moderate", "isDirect": false, "via": [{"source": 1096643, "name": "tough-cookie", "dependency": "tough-cookie", "title": "tough-cookie Prototype Pollution vulnerability", "url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}, "range": "<4.1.3"}], "effects": ["request"], "range": "<4.1.3", "nodes": ["node_modules/tough-cookie"], "fixAvailable": {"name": "gulp-svg-sprite", "version": "2.0.3", "isSemVerMajor": true}}, "vinyl-fs": {"name": "vinyl-fs", "severity": "high", "isDirect": false, "via": ["glob-stream"], "effects": ["gulp-useref"], "range": "2.4.2 - 3.0.3", "nodes": ["node_modules/vinyl-fs"], "fixAvailable": {"name": "gulp-useref", "version": "3.1.3", "isSemVerMajor": true}}}, "metadata": {"vulnerabilities": {"info": 0, "low": 0, "moderate": 76, "high": 31, "critical": 0, "total": 107}, "dependencies": {"prod": 1, "dev": 1824, "optional": 4, "peer": 1, "peerOptional": 0, "total": 1824}}}}
$ /usr/bin/npm audit fix --only=dev
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
npm WARN deprecated @types/browserslist@4.15.0: This is a stub types definition. browserslist provides its own type definitions, so you do not need this installed.
npm WARN deprecated stable@0.1.8: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility
npm WARN deprecated source-map-url@0.4.1: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated flatten@1.0.3: flatten is deprecated in favor of utility frameworks such as lodash.
npm WARN deprecated @babel/plugin-proposal-private-property-in-object@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-private-property-in-object instead.
npm WARN deprecated @babel/plugin-proposal-optional-catch-binding@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-optional-catch-binding instead.
npm WARN deprecated @babel/plugin-proposal-private-methods@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-private-methods instead.
npm WARN deprecated @babel/plugin-proposal-numeric-separator@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-numeric-separator instead.
npm WARN deprecated @babel/plugin-proposal-nullish-coalescing-operator@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-nullish-coalescing-operator instead.
npm WARN deprecated @babel/plugin-proposal-json-strings@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-json-strings instead.
npm WARN deprecated @babel/plugin-proposal-class-static-block@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-class-static-block instead.
npm WARN deprecated @babel/plugin-proposal-dynamic-import@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-dynamic-import instead.
npm WARN deprecated @babel/plugin-proposal-class-properties@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-class-properties instead.
npm WARN deprecated @babel/plugin-proposal-unicode-property-regex@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-unicode-property-regex instead.
npm WARN deprecated @babel/plugin-proposal-export-namespace-from@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-export-namespace-from instead.
npm WARN deprecated @babel/plugin-proposal-logical-assignment-operators@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-logical-assignment-operators instead.
npm WARN deprecated @stylelint/postcss-markdown@0.36.2: Use the original unforked package instead: postcss-markdown
npm WARN deprecated @babel/plugin-proposal-async-generator-functions@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-async-generator-functions instead.
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated @babel/plugin-proposal-optional-chaining@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-optional-chaining instead.
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated source-map-resolve@0.5.3: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated @babel/plugin-proposal-object-rest-spread@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-object-rest-spread instead.
npm WARN deprecated browserslist@2.11.3: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.
npm WARN deprecated browserslist@2.11.3: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.
npm WARN deprecated browserslist@2.11.3: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.
npm WARN deprecated gulp-util@3.0.8: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
npm WARN deprecated chokidar@2.1.8: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated phantomjs-prebuilt@2.1.16: this package is now deprecated
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated @stylelint/postcss-css-in-js@0.37.3: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated postcss-cssnext@3.1.1: 'postcss-cssnext' has been deprecated in favor of 'postcss-preset-env'. Read more at https://moox.io/blog/deprecating-cssnext/
npm WARN deprecated svgo@1.3.2: This SVGO version is no longer supported. Upgrade to v2.x.x.
npm WARN deprecated iltorb@2.4.5: The zlib module provides APIs for brotli compression/decompression starting with Node.js v10.16.0, please use it over iltorb
npm WARN deprecated core-js@2.6.12: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.
--- stdout ---
added 1820 packages, and audited 1821 packages in 46s
157 packages are looking for funding
run `npm fund` for details
# npm audit report
@koa/cors <5.0.0
Severity: high
Overly permissive origin policy - https://github.com/advisories/GHSA-qxrj-hx23-xp82
fix available via `npm audit fix`
node_modules/@koa/cors
es-dev-server >=1.56.0
Depends on vulnerable versions of @koa/cors
node_modules/es-dev-server
braces <3.0.3
Severity: high
Uncontrolled resource consumption in braces - https://github.com/advisories/GHSA-grv7-fg5c-xmjg
fix available via `npm audit fix --force`
Will install gulp@5.0.0, which is a breaking change
node_modules/findup-sync/node_modules/braces
node_modules/glob-watcher/node_modules/braces
node_modules/matchdep/node_modules/braces
chokidar 1.0.0-rc1 - 2.1.8
Depends on vulnerable versions of anymatch
Depends on vulnerable versions of braces
Depends on vulnerable versions of glob-parent
Depends on vulnerable versions of readdirp
node_modules/glob-watcher/node_modules/chokidar
glob-watcher 5.0.0 - 5.0.5
Depends on vulnerable versions of anymatch
Depends on vulnerable versions of chokidar
node_modules/glob-watcher
gulp 4.0.0 - 4.0.2
Depends on vulnerable versions of glob-watcher
Depends on vulnerable versions of gulp-cli
Depends on vulnerable versions of vinyl-fs
node_modules/gulp
micromatch 0.2.0 - 3.1.10
Depends on vulnerable versions of braces
node_modules/findup-sync/node_modules/micromatch
node_modules/glob-watcher/node_modules/micromatch
node_modules/matchdep/node_modules/micromatch
anymatch 1.2.0 - 2.0.0
Depends on vulnerable versions of micromatch
node_modules/glob-watcher/node_modules/anymatch
findup-sync 0.4.0 - 3.0.0
Depends on vulnerable versions of micromatch
node_modules/findup-sync
node_modules/matchdep/node_modules/findup-sync
liftoff 2.2.3 - 3.1.0
Depends on vulnerable versions of findup-sync
node_modules/liftoff
gulp-cli 1.3.0 - 2.3.0
Depends on vulnerable versions of liftoff
Depends on vulnerable versions of matchdep
node_modules/gulp-cli
matchdep >=1.0.1
Depends on vulnerable versions of findup-sync
Depends on vulnerable versions of micromatch
node_modules/matchdep
readdirp 2.2.0 - 2.2.1
Depends on vulnerable versions of micromatch
node_modules/glob-watcher/node_modules/readdirp
color-string <1.5.5
Severity: moderate
Regular Expression Denial of Service (ReDOS) - https://github.com/advisories/GHSA-257v-vj4p-3w2h
fix available via `npm audit fix`
node_modules/color/node_modules/color-string
color <=0.11.4
Depends on vulnerable versions of color-string
node_modules/color
css-color-function *
Depends on vulnerable versions of color
node_modules/css-color-function
postcss-color-function *
Depends on vulnerable versions of css-color-function
Depends on vulnerable versions of postcss
node_modules/postcss-color-function
glob-parent <5.1.2
Severity: high
glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex - https://github.com/advisories/GHSA-ww39-953v-wcq6
fix available via `npm audit fix --force`
Will install gulp@5.0.0, which is a breaking change
node_modules/glob-stream/node_modules/glob-parent
node_modules/glob-watcher/node_modules/glob-parent
glob-stream 5.3.0 - 6.1.0
Depends on vulnerable versions of glob-parent
node_modules/glob-stream
vinyl-fs 2.4.2 - 3.0.3
Depends on vulnerable versions of glob-stream
node_modules/vinyl-fs
gulp-useref >=3.1.4
Depends on vulnerable versions of vinyl-fs
node_modules/gulp-useref
html-minifier *
Severity: high
kangax html-minifier REDoS vulnerability - https://github.com/advisories/GHSA-pfq8-rq6v-vf5m
No fix available
node_modules/html-minifier
gulp-htmlmin *
Depends on vulnerable versions of html-minifier
node_modules/gulp-htmlmin
lodash.pick >=4.0.0
Severity: high
Prototype Pollution in lodash - https://github.com/advisories/GHSA-p6mc-m468-83gw
fix available via `npm audit fix --force`
Will install gulp-inline@0.1.2, which is a breaking change
node_modules/lodash.pick
cheerio 0.19.0 - 1.0.0-rc.3
Depends on vulnerable versions of css-select
Depends on vulnerable versions of lodash.pick
node_modules/cheerio
gulp-inline *
Depends on vulnerable versions of cheerio
Depends on vulnerable versions of gulp-util
node_modules/gulp-inline
lodash.template *
Severity: high
Command Injection in lodash - https://github.com/advisories/GHSA-35jh-r3h4-6jhm
fix available via `npm audit fix --force`
Will install gulp-inline@0.1.2, which is a breaking change
node_modules/lodash.template
node_modules/postcss-initial/node_modules/lodash.template
gulp-util >=1.1.0
Depends on vulnerable versions of lodash.template
node_modules/gulp-util
gulp-compile-handlebars *
Depends on vulnerable versions of gulp-util
node_modules/gulp-compile-handlebars
postcss-initial <=3.0.2 || 4.0.0
Depends on vulnerable versions of lodash.template
Depends on vulnerable versions of postcss
node_modules/postcss-initial
postcss-cssnext *
Depends on vulnerable versions of autoprefixer
Depends on vulnerable versions of pixrem
Depends on vulnerable versions of pleeease-filters
Depends on vulnerable versions of postcss
Depends on vulnerable versions of postcss-apply
Depends on vulnerable versions of postcss-attribute-case-insensitive
Depends on vulnerable versions of postcss-calc
Depends on vulnerable versions of postcss-color-function
Depends on vulnerable versions of postcss-color-gray
Depends on vulnerable versions of postcss-color-hex-alpha
Depends on vulnerable versions of postcss-color-hsl
Depends on vulnerable versions of postcss-color-hwb
Depends on vulnerable versions of postcss-color-rebeccapurple
Depends on vulnerable versions of postcss-color-rgb
Depends on vulnerable versions of postcss-color-rgba-fallback
Depends on vulnerable versions of postcss-custom-media
Depends on vulnerable versions of postcss-custom-properties
Depends on vulnerable versions of postcss-custom-selectors
Depends on vulnerable versions of postcss-font-family-system-ui
Depends on vulnerable versions of postcss-font-variant
Depends on vulnerable versions of postcss-image-set-polyfill
Depends on vulnerable versions of postcss-initial
Depends on vulnerable versions of postcss-media-minmax
Depends on vulnerable versions of postcss-nesting
Depends on vulnerable versions of postcss-pseudo-class-any-link
Depends on vulnerable versions of postcss-pseudoelements
Depends on vulnerable versions of postcss-replace-overflow-wrap
Depends on vulnerable versions of postcss-selector-matches
Depends on vulnerable versions of postcss-selector-not
node_modules/postcss-cssnext
nth-check <2.0.1
Severity: high
Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr
fix available via `npm audit fix --force`
Will install gulp-inline@0.1.2, which is a breaking change
node_modules/nth-check
css-select <=3.1.0
Depends on vulnerable versions of nth-check
node_modules/css-select
node_modules/svgo/node_modules/css-select
svgo 1.0.0 - 1.3.2
Depends on vulnerable versions of css-select
node_modules/svgo
postcss-svgo <=5.0.0-rc.2
Depends on vulnerable versions of postcss
Depends on vulnerable versions of svgo
node_modules/postcss-svgo
svg-sprite 1.3.0 - 1.5.4
Depends on vulnerable versions of phantomjs-prebuilt
Depends on vulnerable versions of svgo
node_modules/svg-sprite
gulp-svg-sprite 1.3.0 - 1.5.0
Depends on vulnerable versions of svg-sprite
node_modules/gulp-svg-sprite
postcss <=8.4.30
Severity: moderate
Regular Expression Denial of Service in postcss - https://github.com/advisories/GHSA-566m-qj78-rww5
PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j
fix available via `npm audit fix --force`
Will install cssnano@7.0.2, which is a breaking change
node_modules/autoprefixer/node_modules/postcss
node_modules/css-declaration-sorter/node_modules/postcss
node_modules/cssnano-preset-default/node_modules/postcss
node_modules/cssnano-util-raw-cache/node_modules/postcss
node_modules/cssnano/node_modules/postcss
node_modules/gulp-postcss/node_modules/postcss
node_modules/pixrem/node_modules/postcss
node_modules/pleeease-filters/node_modules/postcss
node_modules/postcss-apply/node_modules/postcss
node_modules/postcss-attribute-case-insensitive/node_modules/postcss
node_modules/postcss-calc/node_modules/postcss
node_modules/postcss-color-function/node_modules/postcss
node_modules/postcss-color-gray/node_modules/postcss
node_modules/postcss-color-hex-alpha/node_modules/postcss
node_modules/postcss-color-hsl/node_modules/postcss
node_modules/postcss-color-hwb/node_modules/postcss
node_modules/postcss-color-rebeccapurple/node_modules/postcss
node_modules/postcss-color-rgb/node_modules/postcss
node_modules/postcss-color-rgba-fallback/node_modules/postcss
node_modules/postcss-colormin/node_modules/postcss
node_modules/postcss-convert-values/node_modules/postcss
node_modules/postcss-cssnext/node_modules/postcss
node_modules/postcss-cssnext/node_modules/postcss-calc/node_modules/postcss
node_modules/postcss-custom-media/node_modules/postcss
node_modules/postcss-custom-properties/node_modules/postcss
node_modules/postcss-custom-selectors/node_modules/postcss
node_modules/postcss-discard-comments/node_modules/postcss
node_modules/postcss-discard-duplicates/node_modules/postcss
node_modules/postcss-discard-empty/node_modules/postcss
node_modules/postcss-discard-overridden/node_modules/postcss
node_modules/postcss-font-family-system-ui/node_modules/postcss
node_modules/postcss-font-variant/node_modules/postcss
node_modules/postcss-image-set-polyfill/node_modules/postcss
node_modules/postcss-import/node_modules/postcss
node_modules/postcss-initial/node_modules/postcss
node_modules/postcss-less/node_modules/postcss
node_modules/postcss-media-minmax/node_modules/postcss
node_modules/postcss-merge-longhand/node_modules/postcss
node_modules/postcss-merge-rules/node_modules/postcss
node_modules/postcss-minify-font-values/node_modules/postcss
node_modules/postcss-minify-gradients/node_modules/postcss
node_modules/postcss-minify-params/node_modules/postcss
node_modules/postcss-minify-selectors/node_modules/postcss
node_modules/postcss-nesting/node_modules/postcss
node_modules/postcss-normalize-charset/node_modules/postcss
node_modules/postcss-normalize-display-values/node_modules/postcss
node_modules/postcss-normalize-positions/node_modules/postcss
node_modules/postcss-normalize-repeat-style/node_modules/postcss
node_modules/postcss-normalize-string/node_modules/postcss
node_modules/postcss-normalize-timing-functions/node_modules/postcss
node_modules/postcss-normalize-unicode/node_modules/postcss
node_modules/postcss-normalize-url/node_modules/postcss
node_modules/postcss-normalize-whitespace/node_modules/postcss
node_modules/postcss-ordered-values/node_modules/postcss
node_modules/postcss-pseudo-class-any-link/node_modules/postcss
node_modules/postcss-pseudoelements/node_modules/postcss
node_modules/postcss-reduce-initial/node_modules/postcss
node_modules/postcss-reduce-transforms/node_modules/postcss
node_modules/postcss-replace-overflow-wrap/node_modules/postcss
node_modules/postcss-reporter/node_modules/postcss
node_modules/postcss-safe-parser/node_modules/postcss
node_modules/postcss-sass/node_modules/postcss
node_modules/postcss-scss/node_modules/postcss
node_modules/postcss-selector-matches/node_modules/postcss
node_modules/postcss-selector-not/node_modules/postcss
node_modules/postcss-svgo/node_modules/postcss
node_modules/postcss-unique-selectors/node_modules/postcss
node_modules/stylehacks/node_modules/postcss
node_modules/stylelint/node_modules/postcss
node_modules/sugarss/node_modules/postcss
autoprefixer 1.0.20131222 - 9.8.8
Depends on vulnerable versions of postcss
Depends on vulnerable versions of postcss
node_modules/autoprefixer
node_modules/stylelint/node_modules/autoprefixer
stylelint 0.1.0 - 13.13.1
Depends on vulnerable versions of autoprefixer
Depends on vulnerable versions of postcss
Depends on vulnerable versions of postcss-less
Depends on vulnerable versions of postcss-safe-parser
Depends on vulnerable versions of postcss-sass
Depends on vulnerable versions of postcss-scss
Depends on vulnerable versions of sugarss
node_modules/stylelint
stylelint-config-wikimedia <=0.11.1
Depends on vulnerable versions of stylelint
node_modules/stylelint-config-wikimedia
css-declaration-sorter <=5.1.2
Depends on vulnerable versions of postcss
node_modules/css-declaration-sorter
cssnano <=4.1.11
Depends on vulnerable versions of cssnano-preset-default
Depends on vulnerable versions of postcss
node_modules/cssnano
cssnano-preset-default <=4.0.8
Depends on vulnerable versions of css-declaration-sorter
Depends on vulnerable versions of cssnano-util-raw-cache
Depends on vulnerable versions of postcss
Depends on vulnerable versions of postcss-calc
Depends on vulnerable versions of postcss-colormin
Depends on vulnerable versions of postcss-convert-values
Depends on vulnerable versions of postcss-discard-comments
Depends on vulnerable versions of postcss-discard-duplicates
Depends on vulnerable versions of postcss-discard-empty
Depends on vulnerable versions of postcss-discard-overridden
Depends on vulnerable versions of postcss-merge-longhand
Depends on vulnerable versions of postcss-merge-rules
Depends on vulnerable versions of postcss-minify-font-values
Depends on vulnerable versions of postcss-minify-gradients
Depends on vulnerable versions of postcss-minify-params
Depends on vulnerable versions of postcss-minify-selectors
Depends on vulnerable versions of postcss-normalize-charset
Depends on vulnerable versions of postcss-normalize-display-values
Depends on vulnerable versions of postcss-normalize-positions
Depends on vulnerable versions of postcss-normalize-repeat-style
Depends on vulnerable versions of postcss-normalize-string
Depends on vulnerable versions of postcss-normalize-timing-functions
Depends on vulnerable versions of postcss-normalize-unicode
Depends on vulnerable versions of postcss-normalize-url
Depends on vulnerable versions of postcss-normalize-whitespace
Depends on vulnerable versions of postcss-ordered-values
Depends on vulnerable versions of postcss-reduce-initial
Depends on vulnerable versions of postcss-reduce-transforms
Depends on vulnerable versions of postcss-svgo
Depends on vulnerable versions of postcss-unique-selectors
node_modules/cssnano-preset-default
cssnano-util-raw-cache *
Depends on vulnerable versions of postcss
node_modules/cssnano-util-raw-cache
gulp-postcss <=8.0.0
Depends on vulnerable versions of postcss
node_modules/gulp-postcss
pixrem <=4.0.1
Depends on vulnerable versions of postcss
node_modules/pixrem
pleeease-filters *
Depends on vulnerable versions of postcss
node_modules/pleeease-filters
postcss-apply <=0.10.0
Depends on vulnerable versions of postcss
node_modules/postcss-apply
postcss-attribute-case-insensitive <=3.0.1
Depends on vulnerable versions of postcss
node_modules/postcss-attribute-case-insensitive
postcss-calc 4.1.0 - 7.0.5
Depends on vulnerable versions of postcss
node_modules/postcss-calc
node_modules/postcss-cssnext/node_modules/postcss-calc
postcss-color-gray 3.0.0 - 4.1.0
Depends on vulnerable versions of postcss
node_modules/postcss-color-gray
postcss-color-hex-alpha 1.3.0 - 3.0.0
Depends on vulnerable versions of postcss
node_modules/postcss-color-hex-alpha
postcss-color-hsl *
Depends on vulnerable versions of postcss
node_modules/postcss-color-hsl
postcss-color-hwb >=1.2.0
Depends on vulnerable versions of postcss
node_modules/postcss-color-hwb
postcss-color-rebeccapurple 1.2.0 - 3.1.0
Depends on vulnerable versions of postcss
node_modules/postcss-color-rebeccapurple
postcss-color-rgb *
Depends on vulnerable versions of postcss
node_modules/postcss-color-rgb
postcss-color-rgba-fallback <=3.0.0
Depends on vulnerable versions of postcss
node_modules/postcss-color-rgba-fallback
postcss-colormin <=4.0.3
Depends on vulnerable versions of postcss
node_modules/postcss-colormin
postcss-convert-values <=4.0.1
Depends on vulnerable versions of postcss
node_modules/postcss-convert-values
postcss-custom-media 4.0.0 - 6.0.0
Depends on vulnerable versions of postcss
node_modules/postcss-custom-media
postcss-custom-properties 3.3.0 - 7.0.0
Depends on vulnerable versions of postcss
node_modules/postcss-custom-properties
postcss-custom-selectors 2.3.0 - 4.0.1
Depends on vulnerable versions of postcss
Depends on vulnerable versions of postcss-selector-matches
node_modules/postcss-custom-selectors
postcss-discard-comments <=4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-discard-comments
postcss-discard-duplicates 1.1.0 - 4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-discard-duplicates
postcss-discard-empty 1.1.0 - 4.0.1
Depends on vulnerable versions of postcss
node_modules/postcss-discard-empty
postcss-discard-overridden <=4.0.1
Depends on vulnerable versions of postcss
node_modules/postcss-discard-overridden
postcss-font-family-system-ui <=3.0.0
Depends on vulnerable versions of postcss
node_modules/postcss-font-family-system-ui
postcss-font-variant 1.2.0 - 3.0.0
Depends on vulnerable versions of postcss
node_modules/postcss-font-variant
postcss-image-set-polyfill <=0.4.4
Depends on vulnerable versions of postcss
node_modules/postcss-image-set-polyfill
postcss-import <=12.0.1
Depends on vulnerable versions of postcss
node_modules/postcss-import
postcss-less <=3.1.4
Depends on vulnerable versions of postcss
node_modules/postcss-less
postcss-media-minmax 1.2.0 - 3.0.0
Depends on vulnerable versions of postcss
node_modules/postcss-media-minmax
postcss-merge-longhand <=4.0.11
Depends on vulnerable versions of postcss
Depends on vulnerable versions of stylehacks
node_modules/postcss-merge-longhand
postcss-merge-rules <=4.0.3
Depends on vulnerable versions of postcss
node_modules/postcss-merge-rules
postcss-minify-font-values <=4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-minify-font-values
postcss-minify-gradients <=4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-minify-gradients
postcss-minify-params <=4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-minify-params
postcss-minify-selectors <=4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-minify-selectors
postcss-nesting <=6.0.0
Depends on vulnerable versions of postcss
node_modules/postcss-nesting
postcss-normalize-charset <=4.0.1
Depends on vulnerable versions of postcss
node_modules/postcss-normalize-charset
postcss-normalize-display-values <=4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-normalize-display-values
postcss-normalize-positions <=4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-normalize-positions
postcss-normalize-repeat-style <=4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-normalize-repeat-style
postcss-normalize-string <=4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-normalize-string
postcss-normalize-timing-functions <=4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-normalize-timing-functions
postcss-normalize-unicode <=4.0.1
Depends on vulnerable versions of postcss
node_modules/postcss-normalize-unicode
postcss-normalize-url 1.1.0 - 4.0.1
Depends on vulnerable versions of postcss
node_modules/postcss-normalize-url
postcss-normalize-whitespace <=4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-normalize-whitespace
postcss-ordered-values <=4.1.2
Depends on vulnerable versions of postcss
node_modules/postcss-ordered-values
postcss-pseudo-class-any-link <=5.0.0
Depends on vulnerable versions of postcss
node_modules/postcss-pseudo-class-any-link
postcss-pseudoelements >=2.2.0
Depends on vulnerable versions of postcss
node_modules/postcss-pseudoelements
postcss-reduce-initial <=4.0.3
Depends on vulnerable versions of postcss
node_modules/postcss-reduce-initial
postcss-reduce-transforms <=4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-reduce-transforms
postcss-replace-overflow-wrap <=2.0.0
Depends on vulnerable versions of postcss
node_modules/postcss-replace-overflow-wrap
postcss-reporter <=6.0.1
Depends on vulnerable versions of postcss
node_modules/postcss-reporter
postcss-safe-parser <=4.0.2
Depends on vulnerable versions of postcss
node_modules/postcss-safe-parser
postcss-sass <=0.4.4
Depends on vulnerable versions of postcss
node_modules/postcss-sass
postcss-scss <=2.1.1
Depends on vulnerable versions of postcss
node_modules/postcss-scss
postcss-selector-matches <=3.0.1
Depends on vulnerable versions of postcss
node_modules/postcss-selector-matches
postcss-selector-not <=3.0.1
Depends on vulnerable versions of postcss
node_modules/postcss-selector-not
postcss-unique-selectors <=4.0.1
Depends on vulnerable versions of postcss
node_modules/postcss-unique-selectors
stylehacks <=4.0.3
Depends on vulnerable versions of postcss
node_modules/stylehacks
sugarss <=2.0.0
Depends on vulnerable versions of postcss
node_modules/sugarss
request *
Severity: moderate
Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6
Depends on vulnerable versions of tough-cookie
fix available via `npm audit fix --force`
Will install gulp-svg-sprite@2.0.3, which is a breaking change
node_modules/request
phantomjs-prebuilt *
Depends on vulnerable versions of request
node_modules/phantomjs-prebuilt
tough-cookie <4.1.3
Severity: moderate
tough-cookie Prototype Pollution vulnerability - https://github.com/advisories/GHSA-72xf-g2v4-qvf3
fix available via `npm audit fix --force`
Will install gulp-svg-sprite@2.0.3, which is a breaking change
node_modules/tough-cookie
107 vulnerabilities (76 moderate, 31 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json
--- end ---
Verifying that tests still pass
$ /usr/bin/npm ci
--- stderr ---
npm WARN deprecated @types/browserslist@4.15.0: This is a stub types definition. browserslist provides its own type definitions, so you do not need this installed.
npm WARN deprecated stable@0.1.8: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility
npm WARN deprecated source-map-url@0.4.1: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated flatten@1.0.3: flatten is deprecated in favor of utility frameworks such as lodash.
npm WARN deprecated @babel/plugin-proposal-unicode-property-regex@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-unicode-property-regex instead.
npm WARN deprecated @babel/plugin-proposal-private-property-in-object@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-private-property-in-object instead.
npm WARN deprecated @babel/plugin-proposal-private-methods@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-private-methods instead.
npm WARN deprecated @babel/plugin-proposal-numeric-separator@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-numeric-separator instead.
npm WARN deprecated @babel/plugin-proposal-optional-catch-binding@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-optional-catch-binding instead.
npm WARN deprecated @babel/plugin-proposal-nullish-coalescing-operator@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-nullish-coalescing-operator instead.
npm WARN deprecated @babel/plugin-proposal-logical-assignment-operators@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-logical-assignment-operators instead.
npm WARN deprecated @babel/plugin-proposal-class-static-block@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-class-static-block instead.
npm WARN deprecated @babel/plugin-proposal-class-properties@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-class-properties instead.
npm WARN deprecated @babel/plugin-proposal-json-strings@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-json-strings instead.
npm WARN deprecated @babel/plugin-proposal-export-namespace-from@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-export-namespace-from instead.
npm WARN deprecated @babel/plugin-proposal-dynamic-import@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-dynamic-import instead.
npm WARN deprecated @stylelint/postcss-markdown@0.36.2: Use the original unforked package instead: postcss-markdown
npm WARN deprecated @babel/plugin-proposal-async-generator-functions@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-async-generator-functions instead.
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated @babel/plugin-proposal-optional-chaining@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-optional-chaining instead.
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated source-map-resolve@0.5.3: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated @babel/plugin-proposal-object-rest-spread@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-object-rest-spread instead.
npm WARN deprecated browserslist@2.11.3: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.
npm WARN deprecated browserslist@2.11.3: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.
npm WARN deprecated browserslist@2.11.3: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.
npm WARN deprecated gulp-util@3.0.8: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
npm WARN deprecated chokidar@2.1.8: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated phantomjs-prebuilt@2.1.16: this package is now deprecated
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated @stylelint/postcss-css-in-js@0.37.3: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated postcss-cssnext@3.1.1: 'postcss-cssnext' has been deprecated in favor of 'postcss-preset-env'. Read more at https://moox.io/blog/deprecating-cssnext/
npm WARN deprecated svgo@1.3.2: This SVGO version is no longer supported. Upgrade to v2.x.x.
npm WARN deprecated iltorb@2.4.5: The zlib module provides APIs for brotli compression/decompression starting with Node.js v10.16.0, please use it over iltorb
npm WARN deprecated core-js@2.6.12: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.
--- stdout ---
added 1820 packages, and audited 1821 packages in 46s
157 packages are looking for funding
run `npm fund` for details
107 vulnerabilities (76 moderate, 31 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
--- end ---
$ /usr/bin/npm test
--- stdout ---
> test
> npm -s run lint:styles && npm -s run lint:js
34 sources checked
/src/repo/src/wikimedia.org/assets/postcss/_wikimedia-custom.css
/src/repo/src/wikimedia.org/assets/postcss/style.css
/src/repo/src/wikibooks.org/assets/postcss/_wikibooks-custom.css
/src/repo/src/wikibooks.org/assets/postcss/style.css
/src/repo/src/common/assets/postcss/_app-badge.css
/src/repo/src/common/assets/postcss/_base-portal.css
/src/repo/src/common/assets/postcss/_base.css
/src/repo/src/common/assets/postcss/_buttons.css
/src/repo/src/common/assets/postcss/_central-featured.css
/src/repo/src/common/assets/postcss/_central-textlogo.css
/src/repo/src/common/assets/postcss/_footer.css
/src/repo/src/common/assets/postcss/_forms.css
/src/repo/src/common/assets/postcss/_localization.css
/src/repo/src/common/assets/postcss/_media-print.css
/src/repo/src/common/assets/postcss/_other-languages-bookshelf.css
/src/repo/src/common/assets/postcss/_other-languages.css
/src/repo/src/common/assets/postcss/_other-projects.css
/src/repo/src/common/assets/postcss/_search-language-picker.css
/src/repo/src/common/assets/postcss/_search-suggestions.css
/src/repo/src/common/assets/postcss/_search.css
/src/repo/src/common/assets/postcss/_vars.css
/src/repo/src/common/assets/postcss/_wm-portal.css
/src/repo/src/wikinews.org/assets/postcss/_wikinews-custom.css
/src/repo/src/wikinews.org/assets/postcss/style.css
/src/repo/src/wikipedia.org/assets/postcss/_banner.css
/src/repo/src/wikipedia.org/assets/postcss/style.css
/src/repo/src/wikiquote.org/assets/postcss/_wikibooks-custom.css
/src/repo/src/wikiquote.org/assets/postcss/style.css
/src/repo/src/wikivoyage.org/assets/postcss/_wikivoyage-custom.css
/src/repo/src/wikivoyage.org/assets/postcss/style.css
/src/repo/src/wikiversity.org/assets/postcss/_wikinews-custom.css
/src/repo/src/wikiversity.org/assets/postcss/style.css
/src/repo/src/wiktionary.org/assets/postcss/_wiktionary-custom.css
/src/repo/src/wiktionary.org/assets/postcss/style.css
0 problems found
/src/repo/gulpfile.js/prod.js
41:1 warning Missing JSDoc @param "cb" type jsdoc/require-param-type
48:8 warning Found existsSync from package "fs" with non literal argument at index 0 security/detect-non-literal-fs-filename
49:4 warning Found rmdirSync from package "fs" with non literal argument at index 0 security/detect-non-literal-fs-filename
54:1 warning This line has a length of 108. Maximum allowed is 100 max-len
67:7 warning Found existsSync from package "fs" with non literal argument at index 0 security/detect-non-literal-fs-filename
69:3 warning Found readdirSync from package "fs" with non literal argument at index 0 security/detect-non-literal-fs-filename
71:22 warning Found unlinkSync from package "fs" with non literal argument at index 0 security/detect-non-literal-fs-filename
/src/repo/gulpfile.js/sprites.js
16:4 warning Found unlink from package "fs" with non literal argument at index 0 security/detect-non-literal-fs-filename
/src/repo/src/common/assets/js/topten-localized.js
114:1 warning This line has a length of 101. Maximum allowed is 100 max-len
119:1 warning This line has a length of 117. Maximum allowed is 100 max-len
/src/repo/src/wikipedia.org/assets/js/banner.js
2:1 warning Missing JSDoc @param "wmTest" declaration jsdoc/require-param
✖ 11 problems (0 errors, 11 warnings)
0 errors and 1 warning potentially fixable with the `--fix` option.
--- end ---
{"1095223": {"source": 1095223, "name": "@koa/cors", "dependency": "@koa/cors", "title": "Overly permissive origin policy", "url": "https://github.com/advisories/GHSA-qxrj-hx23-xp82", "severity": "high", "cwe": ["CWE-346"], "cvss": {"score": 8.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"}, "range": "<5.0.0"}}
{"1089718": {"source": 1089718, "name": "color-string", "dependency": "color-string", "title": "Regular Expression Denial of Service (ReDOS)", "url": "https://github.com/advisories/GHSA-257v-vj4p-3w2h", "severity": "moderate", "cwe": ["CWE-770"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<1.5.5"}}
{"1089718": {"source": 1089718, "name": "color-string", "dependency": "color-string", "title": "Regular Expression Denial of Service (ReDOS)", "url": "https://github.com/advisories/GHSA-257v-vj4p-3w2h", "severity": "moderate", "cwe": ["CWE-770"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<1.5.5"}}
{"1089718": {"source": 1089718, "name": "color-string", "dependency": "color-string", "title": "Regular Expression Denial of Service (ReDOS)", "url": "https://github.com/advisories/GHSA-257v-vj4p-3w2h", "severity": "moderate", "cwe": ["CWE-770"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<1.5.5"}}
{}
{}
{"1095223": {"source": 1095223, "name": "@koa/cors", "dependency": "@koa/cors", "title": "Overly permissive origin policy", "url": "https://github.com/advisories/GHSA-qxrj-hx23-xp82", "severity": "high", "cwe": ["CWE-346"], "cvss": {"score": 8.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"}, "range": "<5.0.0"}}
{}
{}
{}
{}
{}
{}
{}
{"1089718": {"source": 1089718, "name": "color-string", "dependency": "color-string", "title": "Regular Expression Denial of Service (ReDOS)", "url": "https://github.com/advisories/GHSA-257v-vj4p-3w2h", "severity": "moderate", "cwe": ["CWE-770"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<1.5.5"}}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{}
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json
--- end ---
[DNM] there are no updates
$ git add .
--- stdout ---
--- end ---
$ git commit -F /tmp/tmpsmt937bg
--- stderr ---
34 sources checked
/src/repo/src/wikibooks.org/assets/postcss/_wikibooks-custom.css
/src/repo/src/wikibooks.org/assets/postcss/style.css
/src/repo/src/common/assets/postcss/_app-badge.css
/src/repo/src/common/assets/postcss/_base-portal.css
/src/repo/src/common/assets/postcss/_base.css
/src/repo/src/common/assets/postcss/_buttons.css
/src/repo/src/common/assets/postcss/_central-featured.css
/src/repo/src/common/assets/postcss/_central-textlogo.css
/src/repo/src/common/assets/postcss/_footer.css
/src/repo/src/common/assets/postcss/_forms.css
/src/repo/src/common/assets/postcss/_localization.css
/src/repo/src/common/assets/postcss/_media-print.css
/src/repo/src/common/assets/postcss/_other-languages-bookshelf.css
/src/repo/src/common/assets/postcss/_other-languages.css
/src/repo/src/common/assets/postcss/_other-projects.css
/src/repo/src/common/assets/postcss/_search-language-picker.css
/src/repo/src/common/assets/postcss/_search-suggestions.css
/src/repo/src/common/assets/postcss/_search.css
/src/repo/src/common/assets/postcss/_vars.css
/src/repo/src/common/assets/postcss/_wm-portal.css
/src/repo/src/wikimedia.org/assets/postcss/_wikimedia-custom.css
/src/repo/src/wikimedia.org/assets/postcss/style.css
/src/repo/src/wikinews.org/assets/postcss/_wikinews-custom.css
/src/repo/src/wikinews.org/assets/postcss/style.css
/src/repo/src/wikipedia.org/assets/postcss/_banner.css
/src/repo/src/wikipedia.org/assets/postcss/style.css
/src/repo/src/wikiquote.org/assets/postcss/_wikibooks-custom.css
/src/repo/src/wikiquote.org/assets/postcss/style.css
/src/repo/src/wikiversity.org/assets/postcss/_wikinews-custom.css
/src/repo/src/wikiversity.org/assets/postcss/style.css
/src/repo/src/wiktionary.org/assets/postcss/_wiktionary-custom.css
/src/repo/src/wiktionary.org/assets/postcss/style.css
/src/repo/src/wikivoyage.org/assets/postcss/_wikivoyage-custom.css
/src/repo/src/wikivoyage.org/assets/postcss/style.css
0 problems found
/src/repo/gulpfile.js/prod.js
41:1 warning Missing JSDoc @param "cb" type jsdoc/require-param-type
48:8 warning Found existsSync from package "fs" with non literal argument at index 0 security/detect-non-literal-fs-filename
49:4 warning Found rmdirSync from package "fs" with non literal argument at index 0 security/detect-non-literal-fs-filename
54:1 warning This line has a length of 108. Maximum allowed is 100 max-len
67:7 warning Found existsSync from package "fs" with non literal argument at index 0 security/detect-non-literal-fs-filename
69:3 warning Found readdirSync from package "fs" with non literal argument at index 0 security/detect-non-literal-fs-filename
71:22 warning Found unlinkSync from package "fs" with non literal argument at index 0 security/detect-non-literal-fs-filename
/src/repo/gulpfile.js/sprites.js
16:4 warning Found unlink from package "fs" with non literal argument at index 0 security/detect-non-literal-fs-filename
/src/repo/src/common/assets/js/topten-localized.js
114:1 warning This line has a length of 101. Maximum allowed is 100 max-len
119:1 warning This line has a length of 117. Maximum allowed is 100 max-len
/src/repo/src/wikipedia.org/assets/js/banner.js
2:1 warning Missing JSDoc @param "wmTest" declaration jsdoc/require-param
✖ 11 problems (0 errors, 11 warnings)
0 errors and 1 warning potentially fixable with the `--fix` option.
--- stdout ---
[master b7c7873] [DNM] there are no updates
1 file changed, 14 insertions(+), 14 deletions(-)
--- end ---
$ git format-patch HEAD~1 --stdout
--- stdout ---
From b7c7873b8c50fc2ec671128ce496b5bf81e8110a Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Tue, 11 Jun 2024 08:10:27 +0000
Subject: [PATCH] [DNM] there are no updates
Change-Id: Ia3df1f73f49fb847dc336e3ea4b0363ef527c0be
---
package-lock.json | 28 ++++++++++++++--------------
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 756d586..95a7636 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -3737,12 +3737,12 @@
}
},
"node_modules/braces": {
- "version": "3.0.2",
- "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz",
- "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
+ "version": "3.0.3",
+ "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
+ "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
"dev": true,
"dependencies": {
- "fill-range": "^7.0.1"
+ "fill-range": "^7.1.1"
},
"engines": {
"node": ">=8"
@@ -7808,9 +7808,9 @@
"optional": true
},
"node_modules/fill-range": {
- "version": "7.0.1",
- "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
- "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
+ "version": "7.1.1",
+ "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
+ "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
"dev": true,
"dependencies": {
"to-regex-range": "^5.0.1"
@@ -24005,12 +24005,12 @@
}
},
"braces": {
- "version": "3.0.2",
- "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz",
- "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
+ "version": "3.0.3",
+ "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
+ "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
"dev": true,
"requires": {
- "fill-range": "^7.0.1"
+ "fill-range": "^7.1.1"
}
},
"brotli-size": {
@@ -27201,9 +27201,9 @@
"optional": true
},
"fill-range": {
- "version": "7.0.1",
- "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
- "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
+ "version": "7.1.1",
+ "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
+ "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
"dev": true,
"requires": {
"to-regex-range": "^5.0.1"
--
2.39.2
--- end ---