This run took 175 seconds.
From c36e386e8216b5fd4fc3b82139042cb6dd1b5bef Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Fri, 1 May 2026 02:10:04 +0000
Subject: [PATCH] build: Updating npm dependencies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* ajv: 6.12.6, 8.17.1 → 6.15.0, 8.20.0
* https://github.com/advisories/GHSA-2g4f-4pwh-qvx6
* bn.js: 4.12.0, 5.2.1 → 4.12.3, 5.2.3
* https://github.com/advisories/GHSA-378v-28hj-76wf
* body-parser: 1.20.3 → 1.20.5
* https://github.com/advisories/GHSA-6rw7-vpxm-498p
* https://github.com/advisories/GHSA-w7fw-mjwx-w883
* brace-expansion: 1.1.12, 2.0.2 → 1.1.14, 2.1.0
* https://github.com/advisories/GHSA-f886-m6hf-6m8v
* editorconfig: 1.0.4 → 1.0.7
* https://github.com/advisories/GHSA-23c5-xmqv-rm74
* https://github.com/advisories/GHSA-3ppc-4f35-3m26
* https://github.com/advisories/GHSA-7r86-cg39-jmmj
* flatted: 3.3.1 → 3.4.2
* https://github.com/advisories/GHSA-25h7-pfq9-p65f
* https://github.com/advisories/GHSA-rf6f-7fwh-wjgh
* handlebars: 4.7.7 → 4.7.9
* https://github.com/advisories/GHSA-2qvq-rjwj-gvw9
* https://github.com/advisories/GHSA-2w6w-674q-4c4q
* https://github.com/advisories/GHSA-3mfm-83xf-c92r
* https://github.com/advisories/GHSA-442j-39wm-28r2
* https://github.com/advisories/GHSA-7rx3-28cr-v5wh
* https://github.com/advisories/GHSA-9cx6-37pm-9jff
* https://github.com/advisories/GHSA-xhpv-hc6g-r9c6
* https://github.com/advisories/GHSA-xjpj-3mr7-gcpf
* lodash: 4.17.21 → 4.18.1
* https://github.com/advisories/GHSA-f23m-r3pf-42rh
* https://github.com/advisories/GHSA-r5fr-rjxr-66jc
* https://github.com/advisories/GHSA-xxjr-mmjv-4gpg
* minimatch: 3.1.2, 9.0.1, 9.0.4, 9.0.5 → 3.1.5, 9.0.9
* https://github.com/advisories/GHSA-23c5-xmqv-rm74
* https://github.com/advisories/GHSA-3ppc-4f35-3m26
* https://github.com/advisories/GHSA-7r86-cg39-jmmj
* path-to-regexp: 0.1.12 → 0.1.13
* https://github.com/advisories/GHSA-37ch-88jc-xwx2
* picomatch: 2.3.1 → 2.3.2
* https://github.com/advisories/GHSA-3v7f-55p6-f55p
* https://github.com/advisories/GHSA-c2c7-rcm5-vvqj
* qs: 6.13.0, 6.14.0 → 6.14.0, 6.15.1
* https://github.com/advisories/GHSA-6rw7-vpxm-498p
* https://github.com/advisories/GHSA-w7fw-mjwx-w883
* yaml: 1.10.2, 2.4.1 → 1.10.3, 2.8.3
* https://github.com/advisories/GHSA-48c2-rrv3-qjmp
Change-Id: If18086ca8d9404e0897e88bb01f5057541c37fee
---
package-lock.json | 1060 +++++++++++++++++++++++++--------------------
1 file changed, 594 insertions(+), 466 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 2ecbdec..c9e3e86 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -7790,9 +7790,9 @@
}
},
"node_modules/ajv": {
- "version": "6.12.6",
- "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
- "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
+ "version": "6.15.0",
+ "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.15.0.tgz",
+ "integrity": "sha512-fgFx7Hfoq60ytK2c7DhnF8jIvzYgOMxfugjLOSMHjLIPgenqa7S7oaagATUq99mV6IYvN2tRmC0wnTYX6iPbMw==",
"dev": true,
"dependencies": {
"fast-deep-equal": "^3.1.1",
@@ -8224,9 +8224,9 @@
}
},
"node_modules/asn1.js/node_modules/bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
},
"node_modules/assert": {
@@ -8875,29 +8875,29 @@
"dev": true
},
"node_modules/bn.js": {
- "version": "5.2.1",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.1.tgz",
- "integrity": "sha512-eXRvHzWyYPBuB4NBy0cmYQjGitUrtqwbvlzP3G6VFnNRbsZQIxQ10PbKKHt8gZ/HW/D/747aDl+QkDqg3KQLMQ==",
+ "version": "5.2.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.3.tgz",
+ "integrity": "sha512-EAcmnPkxpntVL+DS7bO1zhcZNvCkxqtkd0ZY53h06GNQ3DEkkGZ/gKgmDv6DdZQGj9BgfSPKtJJ7Dp1GPP8f7w==",
"dev": true
},
"node_modules/body-parser": {
- "version": "1.20.3",
- "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz",
- "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==",
+ "version": "1.20.5",
+ "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.5.tgz",
+ "integrity": "sha512-3grm+/2tUOvu2cjJkvsIxrv/wVpfXQW4PsQHYm7yk4vfpu7Ekl6nEsYBoJUL6qDwZUx8wUhQ8tR2qz+ad9c9OA==",
"dev": true,
"dependencies": {
- "bytes": "3.1.2",
+ "bytes": "~3.1.2",
"content-type": "~1.0.5",
"debug": "2.6.9",
"depd": "2.0.0",
- "destroy": "1.2.0",
- "http-errors": "2.0.0",
- "iconv-lite": "0.4.24",
- "on-finished": "2.4.1",
- "qs": "6.13.0",
- "raw-body": "2.5.2",
+ "destroy": "~1.2.0",
+ "http-errors": "~2.0.1",
+ "iconv-lite": "~0.4.24",
+ "on-finished": "~2.4.1",
+ "qs": "~6.15.1",
+ "raw-body": "~2.5.3",
"type-is": "~1.6.18",
- "unpipe": "1.0.0"
+ "unpipe": "~1.0.0"
},
"engines": {
"node": ">= 0.8",
@@ -8913,6 +8913,26 @@
"ms": "2.0.0"
}
},
+ "node_modules/body-parser/node_modules/http-errors": {
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz",
+ "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==",
+ "dev": true,
+ "dependencies": {
+ "depd": "~2.0.0",
+ "inherits": "~2.0.4",
+ "setprototypeof": "~1.2.0",
+ "statuses": "~2.0.2",
+ "toidentifier": "~1.0.1"
+ },
+ "engines": {
+ "node": ">= 0.8"
+ },
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
"node_modules/body-parser/node_modules/ms": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
@@ -8920,12 +8940,12 @@
"dev": true
},
"node_modules/body-parser/node_modules/qs": {
- "version": "6.13.0",
- "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz",
- "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==",
+ "version": "6.15.1",
+ "resolved": "https://registry.npmjs.org/qs/-/qs-6.15.1.tgz",
+ "integrity": "sha512-6YHEFRL9mfgcAvql/XhwTvf5jKcOiiupt2FiJxHkiX1z4j7WL8J/jRHYLluORvc1XxB5rV20KoeK00gVJamspg==",
"dev": true,
"dependencies": {
- "side-channel": "^1.0.6"
+ "side-channel": "^1.1.0"
},
"engines": {
"node": ">=0.6"
@@ -8934,6 +8954,15 @@
"url": "https://github.com/sponsors/ljharb"
}
},
+ "node_modules/body-parser/node_modules/statuses": {
+ "version": "2.0.2",
+ "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
+ "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==",
+ "dev": true,
+ "engines": {
+ "node": ">= 0.8"
+ }
+ },
"node_modules/boolbase": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/boolbase/-/boolbase-1.0.0.tgz",
@@ -9067,9 +9096,9 @@
}
},
"node_modules/brace-expansion": {
- "version": "1.1.12",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
- "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
+ "version": "1.1.14",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.14.tgz",
+ "integrity": "sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==",
"dev": true,
"dependencies": {
"balanced-match": "^1.0.0",
@@ -9132,47 +9161,57 @@
}
},
"node_modules/browserify-rsa": {
- "version": "4.1.0",
- "resolved": "https://registry.npmjs.org/browserify-rsa/-/browserify-rsa-4.1.0.tgz",
- "integrity": "sha512-AdEER0Hkspgno2aR97SAf6vi0y0k8NuOpGnVH3O99rcA5Q6sh8QxcngtHuJ6uXwnfAXNM4Gn1Gb7/MV1+Ymbog==",
+ "version": "4.1.1",
+ "resolved": "https://registry.npmjs.org/browserify-rsa/-/browserify-rsa-4.1.1.tgz",
+ "integrity": "sha512-YBjSAiTqM04ZVei6sXighu679a3SqWORA3qZTEqZImnlkDIFtKc6pNutpjyZ8RJTjQtuYfeetkxM11GwoYXMIQ==",
"dev": true,
"dependencies": {
- "bn.js": "^5.0.0",
- "randombytes": "^2.0.1"
+ "bn.js": "^5.2.1",
+ "randombytes": "^2.1.0",
+ "safe-buffer": "^5.2.1"
+ },
+ "engines": {
+ "node": ">= 0.10"
}
},
+ "node_modules/browserify-rsa/node_modules/safe-buffer": {
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+ "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+ "dev": true,
+ "funding": [
+ {
+ "type": "github",
+ "url": "https://github.com/sponsors/feross"
+ },
+ {
+ "type": "patreon",
+ "url": "https://www.patreon.com/feross"
+ },
+ {
+ "type": "consulting",
+ "url": "https://feross.org/support"
+ }
+ ]
+ },
"node_modules/browserify-sign": {
- "version": "4.2.3",
- "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.3.tgz",
- "integrity": "sha512-JWCZW6SKhfhjJxO8Tyiiy+XYB7cqd2S5/+WeYHsKdNKFlCBhKbblba1A/HN/90YwtxKc8tCErjffZl++UNmGiw==",
+ "version": "4.2.5",
+ "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.5.tgz",
+ "integrity": "sha512-C2AUdAJg6rlM2W5QMp2Q4KGQMVBwR1lIimTsUnutJ8bMpW5B52pGpR2gEnNBNwijumDo5FojQ0L9JrXA8m4YEw==",
"dev": true,
"dependencies": {
- "bn.js": "^5.2.1",
- "browserify-rsa": "^4.1.0",
+ "bn.js": "^5.2.2",
+ "browserify-rsa": "^4.1.1",
"create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
- "elliptic": "^6.5.5",
- "hash-base": "~3.0",
+ "elliptic": "^6.6.1",
"inherits": "^2.0.4",
- "parse-asn1": "^5.1.7",
+ "parse-asn1": "^5.1.9",
"readable-stream": "^2.3.8",
"safe-buffer": "^5.2.1"
},
"engines": {
- "node": ">= 0.12"
- }
- },
- "node_modules/browserify-sign/node_modules/hash-base": {
- "version": "3.0.4",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
- "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
- "dev": true,
- "dependencies": {
- "inherits": "^2.0.1",
- "safe-buffer": "^5.0.1"
- },
- "engines": {
- "node": ">=4"
+ "node": ">= 0.10"
}
},
"node_modules/browserify-sign/node_modules/isarray": {
@@ -10728,9 +10767,9 @@
}
},
"node_modules/create-ecdh/node_modules/bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
},
"node_modules/create-hash": {
@@ -10910,27 +10949,64 @@
}
},
"node_modules/crypto-browserify": {
- "version": "3.12.0",
- "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.0.tgz",
- "integrity": "sha512-fz4spIh+znjO2VjL+IdhEpRJ3YN6sMzITSBijk6FK2UvTqruSQW+/cCZTSNsMiZNvUeq0CqurF+dAbyiGOY6Wg==",
+ "version": "3.12.1",
+ "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.1.tgz",
+ "integrity": "sha512-r4ESw/IlusD17lgQi1O20Fa3qNnsckR126TdUuBgAu7GBYSIPvdNyONd3Zrxh0xCwA4+6w/TDArBPsMvhur+KQ==",
"dev": true,
"dependencies": {
- "browserify-cipher": "^1.0.0",
- "browserify-sign": "^4.0.0",
- "create-ecdh": "^4.0.0",
- "create-hash": "^1.1.0",
- "create-hmac": "^1.1.0",
- "diffie-hellman": "^5.0.0",
- "inherits": "^2.0.1",
- "pbkdf2": "^3.0.3",
- "public-encrypt": "^4.0.0",
- "randombytes": "^2.0.0",
- "randomfill": "^1.0.3"
+ "browserify-cipher": "^1.0.1",
+ "browserify-sign": "^4.2.3",
+ "create-ecdh": "^4.0.4",
+ "create-hash": "^1.2.0",
+ "create-hmac": "^1.1.7",
+ "diffie-hellman": "^5.0.3",
+ "hash-base": "~3.0.4",
+ "inherits": "^2.0.4",
+ "pbkdf2": "^3.1.2",
+ "public-encrypt": "^4.0.3",
+ "randombytes": "^2.1.0",
+ "randomfill": "^1.0.4"
},
"engines": {
- "node": "*"
+ "node": ">= 0.10"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/ljharb"
}
},
+ "node_modules/crypto-browserify/node_modules/hash-base": {
+ "version": "3.0.5",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.5.tgz",
+ "integrity": "sha512-vXm0l45VbcHEVlTCzs8M+s0VeYsB2lnlAaThoLKGXr3bE/VWDOelNUnycUPEhKEaXARL2TEFjBOyUiM6+55KBg==",
+ "dev": true,
+ "dependencies": {
+ "inherits": "^2.0.4",
+ "safe-buffer": "^5.2.1"
+ },
+ "engines": {
+ "node": ">= 0.10"
+ }
+ },
+ "node_modules/crypto-browserify/node_modules/safe-buffer": {
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+ "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+ "dev": true,
+ "funding": [
+ {
+ "type": "github",
+ "url": "https://github.com/sponsors/feross"
+ },
+ {
+ "type": "patreon",
+ "url": "https://www.patreon.com/feross"
+ },
+ {
+ "type": "consulting",
+ "url": "https://feross.org/support"
+ }
+ ]
+ },
"node_modules/css-functions-list": {
"version": "3.2.3",
"resolved": "https://registry.npmjs.org/css-functions-list/-/css-functions-list-3.2.3.tgz",
@@ -11643,9 +11719,9 @@
}
},
"node_modules/diffie-hellman/node_modules/bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
},
"node_modules/dir-glob": {
@@ -11998,14 +12074,14 @@
"dev": true
},
"node_modules/editorconfig": {
- "version": "1.0.4",
- "resolved": "https://registry.npmjs.org/editorconfig/-/editorconfig-1.0.4.tgz",
- "integrity": "sha512-L9Qe08KWTlqYMVvMcTIvMAdl1cDUubzRNYL+WfA4bLDMHe4nemKkpmYzkznE1FwLKu0EEmy6obgQKzMJrg4x9Q==",
+ "version": "1.0.7",
+ "resolved": "https://registry.npmjs.org/editorconfig/-/editorconfig-1.0.7.tgz",
+ "integrity": "sha512-e0GOtq/aTQhVdNyDU9e02+wz9oDDM+SIOQxWME2QRjzRX5yyLAuHDE+0aE8vHb9XRC8XD37eO2u57+F09JqFhw==",
"dev": true,
"dependencies": {
"@one-ini/wasm": "0.1.1",
"commander": "^10.0.0",
- "minimatch": "9.0.1",
+ "minimatch": "^9.0.1",
"semver": "^7.5.3"
},
"bin": {
@@ -12016,9 +12092,9 @@
}
},
"node_modules/editorconfig/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"dependencies": {
"balanced-match": "^1.0.0"
@@ -12034,12 +12110,12 @@
}
},
"node_modules/editorconfig/node_modules/minimatch": {
- "version": "9.0.1",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.1.tgz",
- "integrity": "sha512-0jWhJpD/MdhPXwPuiRkCbfYfSKp2qnn2eOc279qI7f+osl/l+prKSrvhg157zSYvx/1nmgn2NqdT6k2Z7zSH9w==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"dependencies": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
},
"engines": {
"node": ">=16 || 14 >=14.17"
@@ -12088,9 +12164,9 @@
}
},
"node_modules/elliptic/node_modules/bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
},
"node_modules/emittery": {
@@ -12641,9 +12717,9 @@
}
},
"node_modules/eslint-config-wikimedia/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"dependencies": {
"balanced-match": "^1.0.0"
@@ -12687,12 +12763,12 @@
}
},
"node_modules/eslint-config-wikimedia/node_modules/minimatch": {
- "version": "9.0.4",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz",
- "integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"dependencies": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
},
"engines": {
"node": ">=16 || 14 >=14.17"
@@ -13020,9 +13096,9 @@
}
},
"node_modules/eslint-plugin-n/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"dependencies": {
"balanced-match": "^1.0.0"
@@ -13054,12 +13130,12 @@
}
},
"node_modules/eslint-plugin-n/node_modules/minimatch": {
- "version": "9.0.4",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz",
- "integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"dependencies": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
},
"engines": {
"node": ">=16 || 14 >=14.17"
@@ -14532,9 +14608,9 @@
}
},
"node_modules/flatted": {
- "version": "3.3.1",
- "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz",
- "integrity": "sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw==",
+ "version": "3.4.2",
+ "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.4.2.tgz",
+ "integrity": "sha512-PjDse7RzhcPkIJwy5t7KPWQSZ9cAbzQXcafsetQoD7sOJRQlGikNbx7yZp2OotDnJyrDcbyRq3Ttb18iYOqkxA==",
"dev": true
},
"node_modules/flow-parser": {
@@ -15343,13 +15419,13 @@
"dev": true
},
"node_modules/handlebars": {
- "version": "4.7.7",
- "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.7.tgz",
- "integrity": "sha512-aAcXm5OAfE/8IXkcZvCepKU3VzW1/39Fb5ZuqMtgI/hT8X2YgoMvBY5dLhq/cpOvw7Lk1nK/UF71aLG/ZnVYRA==",
+ "version": "4.7.9",
+ "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.9.tgz",
+ "integrity": "sha512-4E71E0rpOaQuJR2A3xDZ+GM1HyWYv1clR58tC8emQNeQe3RH7MAzSbat+V0wG78LQBo6m6bzSG/L4pBuCsgnUQ==",
"dev": true,
"dependencies": {
"minimist": "^1.2.5",
- "neo-async": "^2.6.0",
+ "neo-async": "^2.6.2",
"source-map": "^0.6.1",
"wordwrap": "^1.0.0"
},
@@ -15562,33 +15638,47 @@
}
},
"node_modules/hash-base": {
- "version": "3.1.0",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.1.0.tgz",
- "integrity": "sha512-1nmYp/rhMDiE7AYkDw+lLwlAzz0AntGIe51F3RfFfEqyQ3feY2eI/NcwC6umIQVOASPMsWJLJScWKSSvzL9IVA==",
+ "version": "3.1.2",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.1.2.tgz",
+ "integrity": "sha512-Bb33KbowVTIj5s7Ked1OsqHUeCpz//tPwR+E2zJgJKo9Z5XolZ9b6bdUgjmYlwnWhoOQKoTd1TYToZGn5mAYOg==",
"dev": true,
"dependencies": {
"inherits": "^2.0.4",
- "readable-stream": "^3.6.0",
- "safe-buffer": "^5.2.0"
+ "readable-stream": "^2.3.8",
+ "safe-buffer": "^5.2.1",
+ "to-buffer": "^1.2.1"
},
"engines": {
- "node": ">=4"
+ "node": ">= 0.8"
}
},
+ "node_modules/hash-base/node_modules/isarray": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
+ "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==",
+ "dev": true
+ },
"node_modules/hash-base/node_modules/readable-stream": {
- "version": "3.6.2",
- "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
- "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
+ "version": "2.3.8",
+ "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
+ "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
"dev": true,
"dependencies": {
- "inherits": "^2.0.3",
- "string_decoder": "^1.1.1",
- "util-deprecate": "^1.0.1"
- },
- "engines": {
- "node": ">= 6"
+ "core-util-is": "~1.0.0",
+ "inherits": "~2.0.3",
+ "isarray": "~1.0.0",
+ "process-nextick-args": "~2.0.0",
+ "safe-buffer": "~5.1.1",
+ "string_decoder": "~1.1.1",
+ "util-deprecate": "~1.0.1"
}
},
+ "node_modules/hash-base/node_modules/readable-stream/node_modules/safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ },
"node_modules/hash-base/node_modules/safe-buffer": {
"version": "5.2.1",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
@@ -15610,14 +15700,20 @@
]
},
"node_modules/hash-base/node_modules/string_decoder": {
- "version": "1.3.0",
- "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
- "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==",
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
+ "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
"dev": true,
"dependencies": {
- "safe-buffer": "~5.2.0"
+ "safe-buffer": "~5.1.0"
}
},
+ "node_modules/hash-base/node_modules/string_decoder/node_modules/safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ },
"node_modules/hash-sum": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/hash-sum/-/hash-sum-2.0.0.tgz",
@@ -20113,9 +20209,9 @@
}
},
"node_modules/js-beautify/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"dependencies": {
"balanced-match": "^1.0.0"
@@ -20142,12 +20238,12 @@
}
},
"node_modules/js-beautify/node_modules/minimatch": {
- "version": "9.0.5",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
- "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"dependencies": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
},
"engines": {
"node": ">=16 || 14 >=14.17"
@@ -20864,9 +20960,9 @@
}
},
"node_modules/lodash": {
- "version": "4.17.21",
- "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
- "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
+ "version": "4.18.1",
+ "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.18.1.tgz",
+ "integrity": "sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==",
"dev": true
},
"node_modules/lodash.debounce": {
@@ -21280,9 +21376,9 @@
}
},
"node_modules/miller-rabin/node_modules/bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
},
"node_modules/mime": {
@@ -21358,9 +21454,9 @@
"dev": true
},
"node_modules/minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.5",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+ "integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
"dev": true,
"dependencies": {
"brace-expansion": "^1.1.7"
@@ -21599,9 +21695,9 @@
"optional": true
},
"node_modules/nanoid": {
- "version": "3.3.8",
- "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.8.tgz",
- "integrity": "sha512-WNLf5Sd8oZxOm+TzppcYk8gVOgP+l58xNy58D0nbUnOxOWRWvlcCV4kUF7ltmI6PsrLl/BgKEyS4mqsGChFN0w==",
+ "version": "3.3.12",
+ "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.12.tgz",
+ "integrity": "sha512-ZB9RH/39qpq5Vu6Y+NmUaFhQR6pp+M2Xt76XBnEwDaGcVAqhlvxrl3B2bKS5D3NH3QR76v3aSrKaF/Kiy7lEtQ==",
"dev": true,
"funding": [
{
@@ -22569,35 +22665,21 @@
}
},
"node_modules/parse-asn1": {
- "version": "5.1.7",
- "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.7.tgz",
- "integrity": "sha512-CTM5kuWR3sx9IFamcl5ErfPl6ea/N8IYwiJ+vpeB2g+1iknv7zBl5uPwbMbRVznRVbrNY6lGuDoE5b30grmbqg==",
+ "version": "5.1.9",
+ "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.9.tgz",
+ "integrity": "sha512-fIYNuZ/HastSb80baGOuPRo1O9cf4baWw5WsAp7dBuUzeTD/BoaG8sVTdlPFksBE2lF21dN+A1AnrpIjSWqHHg==",
"dev": true,
"dependencies": {
"asn1.js": "^4.10.1",
"browserify-aes": "^1.2.0",
"evp_bytestokey": "^1.0.3",
- "hash-base": "~3.0",
- "pbkdf2": "^3.1.2",
+ "pbkdf2": "^3.1.5",
"safe-buffer": "^5.2.1"
},
"engines": {
"node": ">= 0.10"
}
},
- "node_modules/parse-asn1/node_modules/hash-base": {
- "version": "3.0.4",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
- "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
- "dev": true,
- "dependencies": {
- "inherits": "^2.0.1",
- "safe-buffer": "^5.0.1"
- },
- "engines": {
- "node": ">=4"
- }
- },
"node_modules/parse-asn1/node_modules/safe-buffer": {
"version": "5.2.1",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
@@ -22771,9 +22853,9 @@
}
},
"node_modules/path-to-regexp": {
- "version": "0.1.12",
- "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz",
- "integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==",
+ "version": "0.1.13",
+ "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.13.tgz",
+ "integrity": "sha512-A/AGNMFN3c8bOlvV9RreMdrv7jsmF9XIfDeCd87+I8RNg6s78BhJxMu69NEMHBSJFxKidViTEdruRwEk/WIKqA==",
"dev": true
},
"node_modules/path-type": {
@@ -22786,51 +22868,20 @@
}
},
"node_modules/pbkdf2": {
- "version": "3.1.3",
- "resolved": "https://registry.npmjs.org/pbkdf2/-/pbkdf2-3.1.3.tgz",
- "integrity": "sha512-wfRLBZ0feWRhCIkoMB6ete7czJcnNnqRpcoWQBLqatqXXmelSRqfdDK4F3u9T2s2cXas/hQJcryI/4lAL+XTlA==",
+ "version": "3.1.5",
+ "resolved": "https://registry.npmjs.org/pbkdf2/-/pbkdf2-3.1.5.tgz",
+ "integrity": "sha512-Q3CG/cYvCO1ye4QKkuH7EXxs3VC/rI1/trd+qX2+PolbaKG0H+bgcZzrTt96mMyRtejk+JMCiLUn3y29W8qmFQ==",
"dev": true,
"dependencies": {
- "create-hash": "~1.1.3",
+ "create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
- "ripemd160": "=2.0.1",
+ "ripemd160": "^2.0.3",
"safe-buffer": "^5.2.1",
- "sha.js": "^2.4.11",
- "to-buffer": "^1.2.0"
+ "sha.js": "^2.4.12",
+ "to-buffer": "^1.2.1"
},
"engines": {
- "node": ">=0.12"
- }
- },
- "node_modules/pbkdf2/node_modules/create-hash": {
- "version": "1.1.3",
- "resolved": "https://registry.npmjs.org/create-hash/-/create-hash-1.1.3.tgz",
- "integrity": "sha512-snRpch/kwQhcdlnZKYanNF1m0RDlrCdSKQaH87w1FCFPVPNCQ/Il9QJKAX2jVBZddRdaHBMC+zXa9Gw9tmkNUA==",
- "dev": true,
- "dependencies": {
- "cipher-base": "^1.0.1",
- "inherits": "^2.0.1",
- "ripemd160": "^2.0.0",
- "sha.js": "^2.4.0"
- }
- },
- "node_modules/pbkdf2/node_modules/hash-base": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-2.0.2.tgz",
- "integrity": "sha512-0TROgQ1/SxE6KmxWSvXHvRj90/Xo1JvZShofnYF+f6ZsGtR4eES7WfrQzPalmyagfKZCXpVnitiRebZulWsbiw==",
- "dev": true,
- "dependencies": {
- "inherits": "^2.0.1"
- }
- },
- "node_modules/pbkdf2/node_modules/ripemd160": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.1.tgz",
- "integrity": "sha512-J7f4wutN8mdbV08MJnXibYpCOPHR+yzy+iQ/AsjMv2j8cLavQ8VGagDFUwwTAdF8FmRKVeNpbTTEwNHCW1g94w==",
- "dev": true,
- "dependencies": {
- "hash-base": "^2.0.0",
- "inherits": "^2.0.1"
+ "node": ">= 0.10"
}
},
"node_modules/pbkdf2/node_modules/safe-buffer": {
@@ -22860,9 +22911,9 @@
"dev": true
},
"node_modules/picomatch": {
- "version": "2.3.1",
- "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
- "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
+ "version": "2.3.2",
+ "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.2.tgz",
+ "integrity": "sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==",
"dev": true,
"engines": {
"node": ">=8.6"
@@ -22977,9 +23028,9 @@
}
},
"node_modules/postcss": {
- "version": "8.4.49",
- "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.49.tgz",
- "integrity": "sha512-OCVPnIObs4N29kxTjzLfUryOkvZEq+pf8jTF0lg8E7uETuWHA+v7j3c/xJmiqpX450191LlmZfUKkXxkTry7nA==",
+ "version": "8.5.13",
+ "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.13.tgz",
+ "integrity": "sha512-qif0+jGGZoLWdHey3UFHHWP0H7Gbmsk8T5VEqyYFbWqPr1XqvLGBbk/sl8V5exGmcYJklJOhOQq1pV9IcsiFag==",
"dev": true,
"funding": [
{
@@ -22996,7 +23047,7 @@
}
],
"dependencies": {
- "nanoid": "^3.3.7",
+ "nanoid": "^3.3.11",
"picocolors": "^1.1.1",
"source-map-js": "^1.2.1"
},
@@ -23576,9 +23627,9 @@
}
},
"node_modules/public-encrypt/node_modules/bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
},
"node_modules/pug": {
@@ -23856,16 +23907,45 @@
}
},
"node_modules/raw-body": {
- "version": "2.5.2",
- "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz",
- "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==",
+ "version": "2.5.3",
+ "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.3.tgz",
+ "integrity": "sha512-s4VSOf6yN0rvbRZGxs8Om5CWj6seneMwK3oDb4lWDH0UPhWcxwOWw5+qk24bxq87szX1ydrwylIOp2uG1ojUpA==",
"dev": true,
"dependencies": {
- "bytes": "3.1.2",
- "http-errors": "2.0.0",
- "iconv-lite": "0.4.24",
- "unpipe": "1.0.0"
+ "bytes": "~3.1.2",
+ "http-errors": "~2.0.1",
+ "iconv-lite": "~0.4.24",
+ "unpipe": "~1.0.0"
+ },
+ "engines": {
+ "node": ">= 0.8"
+ }
+ },
+ "node_modules/raw-body/node_modules/http-errors": {
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz",
+ "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==",
+ "dev": true,
+ "dependencies": {
+ "depd": "~2.0.0",
+ "inherits": "~2.0.4",
+ "setprototypeof": "~1.2.0",
+ "statuses": "~2.0.2",
+ "toidentifier": "~1.0.1"
},
+ "engines": {
+ "node": ">= 0.8"
+ },
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
+ "node_modules/raw-body/node_modules/statuses": {
+ "version": "2.0.2",
+ "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
+ "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==",
+ "dev": true,
"engines": {
"node": ">= 0.8"
}
@@ -24654,13 +24734,16 @@
}
},
"node_modules/ripemd160": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.2.tgz",
- "integrity": "sha512-ii4iagi25WusVoiC4B4lq7pbXfAp3D9v5CwfkY33vffw2+pkDjY1D8GaN7spsxvCSx8dkPqOZCEZyfxcmJG2IA==",
+ "version": "2.0.3",
+ "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.3.tgz",
+ "integrity": "sha512-5Di9UC0+8h1L6ZD2d7awM7E/T4uA1fJRlx6zk/NvdCCVEoAnFqvHmCuNeIKoCeIixBX/q8uM+6ycDvF8woqosA==",
"dev": true,
"dependencies": {
- "hash-base": "^3.0.0",
- "inherits": "^2.0.1"
+ "hash-base": "^3.1.2",
+ "inherits": "^2.0.4"
+ },
+ "engines": {
+ "node": ">= 0.8"
}
},
"node_modules/rsvp": {
@@ -26904,9 +26987,9 @@
}
},
"node_modules/table/node_modules/ajv": {
- "version": "8.17.1",
- "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz",
- "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==",
+ "version": "8.20.0",
+ "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.20.0.tgz",
+ "integrity": "sha512-Thbli+OlOj+iMPYFBVBfJ3OmCAnaSyNn4M1vz9T6Gka5Jt9ba/HIR56joy65tY6kx/FCF5VXNB819Y7/GUrBGA==",
"dev": true,
"dependencies": {
"fast-deep-equal": "^3.1.3",
@@ -30013,9 +30096,9 @@
"dev": true
},
"node_modules/yaml": {
- "version": "1.10.2",
- "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz",
- "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==",
+ "version": "1.10.3",
+ "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.3.tgz",
+ "integrity": "sha512-vIYeF1u3CjlhAFekPPAk2h/Kv4T3mAkMox5OymRiJQB0spDP10LHvt+K7G9Ny6NuuMAb25/6n1qyUjAcGNf/AA==",
"dev": true,
"engines": {
"node": ">= 6"
@@ -30051,15 +30134,18 @@
}
},
"node_modules/yaml-eslint-parser/node_modules/yaml": {
- "version": "2.4.1",
- "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.4.1.tgz",
- "integrity": "sha512-pIXzoImaqmfOrL7teGUBt/T7ZDnyeGBWyXQBvOVhLkWLN37GXv8NMLK406UY6dS51JfcQHsmcW5cJ441bHg6Lg==",
+ "version": "2.8.3",
+ "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.8.3.tgz",
+ "integrity": "sha512-AvbaCLOO2Otw/lW5bmh9d/WEdcDFdQp2Z2ZUH3pX9U2ihyUY0nvLv7J6TrWowklRGPYbB/IuIMfYgxaCPg5Bpg==",
"dev": true,
"bin": {
"yaml": "bin.mjs"
},
"engines": {
- "node": ">= 14"
+ "node": ">= 14.6"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/eemeli"
}
},
"node_modules/yocto-queue": {
@@ -35810,9 +35896,9 @@
}
},
"ajv": {
- "version": "6.12.6",
- "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
- "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
+ "version": "6.15.0",
+ "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.15.0.tgz",
+ "integrity": "sha512-fgFx7Hfoq60ytK2c7DhnF8jIvzYgOMxfugjLOSMHjLIPgenqa7S7oaagATUq99mV6IYvN2tRmC0wnTYX6iPbMw==",
"dev": true,
"requires": {
"fast-deep-equal": "^3.1.1",
@@ -36122,9 +36208,9 @@
},
"dependencies": {
"bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
}
}
@@ -36614,29 +36700,29 @@
"dev": true
},
"bn.js": {
- "version": "5.2.1",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.1.tgz",
- "integrity": "sha512-eXRvHzWyYPBuB4NBy0cmYQjGitUrtqwbvlzP3G6VFnNRbsZQIxQ10PbKKHt8gZ/HW/D/747aDl+QkDqg3KQLMQ==",
+ "version": "5.2.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.3.tgz",
+ "integrity": "sha512-EAcmnPkxpntVL+DS7bO1zhcZNvCkxqtkd0ZY53h06GNQ3DEkkGZ/gKgmDv6DdZQGj9BgfSPKtJJ7Dp1GPP8f7w==",
"dev": true
},
"body-parser": {
- "version": "1.20.3",
- "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz",
- "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==",
+ "version": "1.20.5",
+ "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.5.tgz",
+ "integrity": "sha512-3grm+/2tUOvu2cjJkvsIxrv/wVpfXQW4PsQHYm7yk4vfpu7Ekl6nEsYBoJUL6qDwZUx8wUhQ8tR2qz+ad9c9OA==",
"dev": true,
"requires": {
- "bytes": "3.1.2",
+ "bytes": "~3.1.2",
"content-type": "~1.0.5",
"debug": "2.6.9",
"depd": "2.0.0",
- "destroy": "1.2.0",
- "http-errors": "2.0.0",
- "iconv-lite": "0.4.24",
- "on-finished": "2.4.1",
- "qs": "6.13.0",
- "raw-body": "2.5.2",
+ "destroy": "~1.2.0",
+ "http-errors": "~2.0.1",
+ "iconv-lite": "~0.4.24",
+ "on-finished": "~2.4.1",
+ "qs": "~6.15.1",
+ "raw-body": "~2.5.3",
"type-is": "~1.6.18",
- "unpipe": "1.0.0"
+ "unpipe": "~1.0.0"
},
"dependencies": {
"debug": {
@@ -36648,6 +36734,19 @@
"ms": "2.0.0"
}
},
+ "http-errors": {
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz",
+ "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==",
+ "dev": true,
+ "requires": {
+ "depd": "~2.0.0",
+ "inherits": "~2.0.4",
+ "setprototypeof": "~1.2.0",
+ "statuses": "~2.0.2",
+ "toidentifier": "~1.0.1"
+ }
+ },
"ms": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
@@ -36655,13 +36754,19 @@
"dev": true
},
"qs": {
- "version": "6.13.0",
- "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz",
- "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==",
+ "version": "6.15.1",
+ "resolved": "https://registry.npmjs.org/qs/-/qs-6.15.1.tgz",
+ "integrity": "sha512-6YHEFRL9mfgcAvql/XhwTvf5jKcOiiupt2FiJxHkiX1z4j7WL8J/jRHYLluORvc1XxB5rV20KoeK00gVJamspg==",
"dev": true,
"requires": {
- "side-channel": "^1.0.6"
+ "side-channel": "^1.1.0"
}
+ },
+ "statuses": {
+ "version": "2.0.2",
+ "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
+ "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==",
+ "dev": true
}
}
},
@@ -36761,9 +36866,9 @@
}
},
"brace-expansion": {
- "version": "1.1.12",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
- "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
+ "version": "1.1.14",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.14.tgz",
+ "integrity": "sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==",
"dev": true,
"requires": {
"balanced-match": "^1.0.0",
@@ -36823,43 +36928,41 @@
}
},
"browserify-rsa": {
- "version": "4.1.0",
- "resolved": "https://registry.npmjs.org/browserify-rsa/-/browserify-rsa-4.1.0.tgz",
- "integrity": "sha512-AdEER0Hkspgno2aR97SAf6vi0y0k8NuOpGnVH3O99rcA5Q6sh8QxcngtHuJ6uXwnfAXNM4Gn1Gb7/MV1+Ymbog==",
+ "version": "4.1.1",
+ "resolved": "https://registry.npmjs.org/browserify-rsa/-/browserify-rsa-4.1.1.tgz",
+ "integrity": "sha512-YBjSAiTqM04ZVei6sXighu679a3SqWORA3qZTEqZImnlkDIFtKc6pNutpjyZ8RJTjQtuYfeetkxM11GwoYXMIQ==",
"dev": true,
"requires": {
- "bn.js": "^5.0.0",
- "randombytes": "^2.0.1"
+ "bn.js": "^5.2.1",
+ "randombytes": "^2.1.0",
+ "safe-buffer": "^5.2.1"
+ },
+ "dependencies": {
+ "safe-buffer": {
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+ "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+ "dev": true
+ }
}
},
"browserify-sign": {
- "version": "4.2.3",
- "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.3.tgz",
- "integrity": "sha512-JWCZW6SKhfhjJxO8Tyiiy+XYB7cqd2S5/+WeYHsKdNKFlCBhKbblba1A/HN/90YwtxKc8tCErjffZl++UNmGiw==",
+ "version": "4.2.5",
+ "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.5.tgz",
+ "integrity": "sha512-C2AUdAJg6rlM2W5QMp2Q4KGQMVBwR1lIimTsUnutJ8bMpW5B52pGpR2gEnNBNwijumDo5FojQ0L9JrXA8m4YEw==",
"dev": true,
"requires": {
- "bn.js": "^5.2.1",
- "browserify-rsa": "^4.1.0",
+ "bn.js": "^5.2.2",
+ "browserify-rsa": "^4.1.1",
"create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
- "elliptic": "^6.5.5",
- "hash-base": "~3.0",
+ "elliptic": "^6.6.1",
"inherits": "^2.0.4",
- "parse-asn1": "^5.1.7",
+ "parse-asn1": "^5.1.9",
"readable-stream": "^2.3.8",
"safe-buffer": "^5.2.1"
},
"dependencies": {
- "hash-base": {
- "version": "3.0.4",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
- "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
- "dev": true,
- "requires": {
- "inherits": "^2.0.1",
- "safe-buffer": "^5.0.1"
- }
- },
"isarray": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
@@ -38068,9 +38171,9 @@
},
"dependencies": {
"bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
}
}
@@ -38218,22 +38321,41 @@
}
},
"crypto-browserify": {
- "version": "3.12.0",
- "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.0.tgz",
- "integrity": "sha512-fz4spIh+znjO2VjL+IdhEpRJ3YN6sMzITSBijk6FK2UvTqruSQW+/cCZTSNsMiZNvUeq0CqurF+dAbyiGOY6Wg==",
+ "version": "3.12.1",
+ "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.1.tgz",
+ "integrity": "sha512-r4ESw/IlusD17lgQi1O20Fa3qNnsckR126TdUuBgAu7GBYSIPvdNyONd3Zrxh0xCwA4+6w/TDArBPsMvhur+KQ==",
"dev": true,
"requires": {
- "browserify-cipher": "^1.0.0",
- "browserify-sign": "^4.0.0",
- "create-ecdh": "^4.0.0",
- "create-hash": "^1.1.0",
- "create-hmac": "^1.1.0",
- "diffie-hellman": "^5.0.0",
- "inherits": "^2.0.1",
- "pbkdf2": "^3.0.3",
- "public-encrypt": "^4.0.0",
- "randombytes": "^2.0.0",
- "randomfill": "^1.0.3"
+ "browserify-cipher": "^1.0.1",
+ "browserify-sign": "^4.2.3",
+ "create-ecdh": "^4.0.4",
+ "create-hash": "^1.2.0",
+ "create-hmac": "^1.1.7",
+ "diffie-hellman": "^5.0.3",
+ "hash-base": "~3.0.4",
+ "inherits": "^2.0.4",
+ "pbkdf2": "^3.1.2",
+ "public-encrypt": "^4.0.3",
+ "randombytes": "^2.1.0",
+ "randomfill": "^1.0.4"
+ },
+ "dependencies": {
+ "hash-base": {
+ "version": "3.0.5",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.5.tgz",
+ "integrity": "sha512-vXm0l45VbcHEVlTCzs8M+s0VeYsB2lnlAaThoLKGXr3bE/VWDOelNUnycUPEhKEaXARL2TEFjBOyUiM6+55KBg==",
+ "dev": true,
+ "requires": {
+ "inherits": "^2.0.4",
+ "safe-buffer": "^5.2.1"
+ }
+ },
+ "safe-buffer": {
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+ "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+ "dev": true
+ }
}
},
"css-functions-list": {
@@ -38769,9 +38891,9 @@
},
"dependencies": {
"bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
}
}
@@ -39059,21 +39181,21 @@
"dev": true
},
"editorconfig": {
- "version": "1.0.4",
- "resolved": "https://registry.npmjs.org/editorconfig/-/editorconfig-1.0.4.tgz",
- "integrity": "sha512-L9Qe08KWTlqYMVvMcTIvMAdl1cDUubzRNYL+WfA4bLDMHe4nemKkpmYzkznE1FwLKu0EEmy6obgQKzMJrg4x9Q==",
+ "version": "1.0.7",
+ "resolved": "https://registry.npmjs.org/editorconfig/-/editorconfig-1.0.7.tgz",
+ "integrity": "sha512-e0GOtq/aTQhVdNyDU9e02+wz9oDDM+SIOQxWME2QRjzRX5yyLAuHDE+0aE8vHb9XRC8XD37eO2u57+F09JqFhw==",
"dev": true,
"requires": {
"@one-ini/wasm": "0.1.1",
"commander": "^10.0.0",
- "minimatch": "9.0.1",
+ "minimatch": "^9.0.1",
"semver": "^7.5.3"
},
"dependencies": {
"brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"requires": {
"balanced-match": "^1.0.0"
@@ -39086,12 +39208,12 @@
"dev": true
},
"minimatch": {
- "version": "9.0.1",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.1.tgz",
- "integrity": "sha512-0jWhJpD/MdhPXwPuiRkCbfYfSKp2qnn2eOc279qI7f+osl/l+prKSrvhg157zSYvx/1nmgn2NqdT6k2Z7zSH9w==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"requires": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
}
},
"semver": {
@@ -39130,9 +39252,9 @@
},
"dependencies": {
"bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
}
}
@@ -39701,9 +39823,9 @@
}
},
"brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"requires": {
"balanced-match": "^1.0.0"
@@ -39725,12 +39847,12 @@
"dev": true
},
"minimatch": {
- "version": "9.0.4",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz",
- "integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"requires": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
}
},
"semver": {
@@ -39938,9 +40060,9 @@
},
"dependencies": {
"brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"requires": {
"balanced-match": "^1.0.0"
@@ -39963,12 +40085,12 @@
"dev": true
},
"minimatch": {
- "version": "9.0.4",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz",
- "integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"requires": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
}
},
"semver": {
@@ -40888,9 +41010,9 @@
}
},
"flatted": {
- "version": "3.3.1",
- "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz",
- "integrity": "sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw==",
+ "version": "3.4.2",
+ "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.4.2.tgz",
+ "integrity": "sha512-PjDse7RzhcPkIJwy5t7KPWQSZ9cAbzQXcafsetQoD7sOJRQlGikNbx7yZp2OotDnJyrDcbyRq3Ttb18iYOqkxA==",
"dev": true
},
"flow-parser": {
@@ -41526,13 +41648,13 @@
"dev": true
},
"handlebars": {
- "version": "4.7.7",
- "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.7.tgz",
- "integrity": "sha512-aAcXm5OAfE/8IXkcZvCepKU3VzW1/39Fb5ZuqMtgI/hT8X2YgoMvBY5dLhq/cpOvw7Lk1nK/UF71aLG/ZnVYRA==",
+ "version": "4.7.9",
+ "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.9.tgz",
+ "integrity": "sha512-4E71E0rpOaQuJR2A3xDZ+GM1HyWYv1clR58tC8emQNeQe3RH7MAzSbat+V0wG78LQBo6m6bzSG/L4pBuCsgnUQ==",
"dev": true,
"requires": {
"minimist": "^1.2.5",
- "neo-async": "^2.6.0",
+ "neo-async": "^2.6.2",
"source-map": "^0.6.1",
"uglify-js": "^3.1.4",
"wordwrap": "^1.0.0"
@@ -41690,25 +41812,44 @@
}
},
"hash-base": {
- "version": "3.1.0",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.1.0.tgz",
- "integrity": "sha512-1nmYp/rhMDiE7AYkDw+lLwlAzz0AntGIe51F3RfFfEqyQ3feY2eI/NcwC6umIQVOASPMsWJLJScWKSSvzL9IVA==",
+ "version": "3.1.2",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.1.2.tgz",
+ "integrity": "sha512-Bb33KbowVTIj5s7Ked1OsqHUeCpz//tPwR+E2zJgJKo9Z5XolZ9b6bdUgjmYlwnWhoOQKoTd1TYToZGn5mAYOg==",
"dev": true,
"requires": {
"inherits": "^2.0.4",
- "readable-stream": "^3.6.0",
- "safe-buffer": "^5.2.0"
+ "readable-stream": "^2.3.8",
+ "safe-buffer": "^5.2.1",
+ "to-buffer": "^1.2.1"
},
"dependencies": {
+ "isarray": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
+ "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==",
+ "dev": true
+ },
"readable-stream": {
- "version": "3.6.2",
- "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
- "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
+ "version": "2.3.8",
+ "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
+ "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
"dev": true,
"requires": {
- "inherits": "^2.0.3",
- "string_decoder": "^1.1.1",
- "util-deprecate": "^1.0.1"
+ "core-util-is": "~1.0.0",
+ "inherits": "~2.0.3",
+ "isarray": "~1.0.0",
+ "process-nextick-args": "~2.0.0",
+ "safe-buffer": "~5.1.1",
+ "string_decoder": "~1.1.1",
+ "util-deprecate": "~1.0.1"
+ },
+ "dependencies": {
+ "safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ }
}
},
"safe-buffer": {
@@ -41718,12 +41859,20 @@
"dev": true
},
"string_decoder": {
- "version": "1.3.0",
- "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
- "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==",
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
+ "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
"dev": true,
"requires": {
- "safe-buffer": "~5.2.0"
+ "safe-buffer": "~5.1.0"
+ },
+ "dependencies": {
+ "safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ }
}
}
}
@@ -45118,9 +45267,9 @@
},
"dependencies": {
"brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"requires": {
"balanced-match": "^1.0.0"
@@ -45141,12 +45290,12 @@
}
},
"minimatch": {
- "version": "9.0.5",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
- "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"requires": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
}
},
"minipass": {
@@ -45711,9 +45860,9 @@
}
},
"lodash": {
- "version": "4.17.21",
- "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
- "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
+ "version": "4.18.1",
+ "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.18.1.tgz",
+ "integrity": "sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==",
"dev": true
},
"lodash.debounce": {
@@ -46050,9 +46199,9 @@
},
"dependencies": {
"bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
}
}
@@ -46112,9 +46261,9 @@
"dev": true
},
"minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.5",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+ "integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
"dev": true,
"requires": {
"brace-expansion": "^1.1.7"
@@ -46315,9 +46464,9 @@
"optional": true
},
"nanoid": {
- "version": "3.3.8",
- "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.8.tgz",
- "integrity": "sha512-WNLf5Sd8oZxOm+TzppcYk8gVOgP+l58xNy58D0nbUnOxOWRWvlcCV4kUF7ltmI6PsrLl/BgKEyS4mqsGChFN0w==",
+ "version": "3.3.12",
+ "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.12.tgz",
+ "integrity": "sha512-ZB9RH/39qpq5Vu6Y+NmUaFhQR6pp+M2Xt76XBnEwDaGcVAqhlvxrl3B2bKS5D3NH3QR76v3aSrKaF/Kiy7lEtQ==",
"dev": true
},
"nanomatch": {
@@ -47104,29 +47253,18 @@
}
},
"parse-asn1": {
- "version": "5.1.7",
- "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.7.tgz",
- "integrity": "sha512-CTM5kuWR3sx9IFamcl5ErfPl6ea/N8IYwiJ+vpeB2g+1iknv7zBl5uPwbMbRVznRVbrNY6lGuDoE5b30grmbqg==",
+ "version": "5.1.9",
+ "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.9.tgz",
+ "integrity": "sha512-fIYNuZ/HastSb80baGOuPRo1O9cf4baWw5WsAp7dBuUzeTD/BoaG8sVTdlPFksBE2lF21dN+A1AnrpIjSWqHHg==",
"dev": true,
"requires": {
"asn1.js": "^4.10.1",
"browserify-aes": "^1.2.0",
"evp_bytestokey": "^1.0.3",
- "hash-base": "~3.0",
- "pbkdf2": "^3.1.2",
+ "pbkdf2": "^3.1.5",
"safe-buffer": "^5.2.1"
},
"dependencies": {
- "hash-base": {
- "version": "3.0.4",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
- "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
- "dev": true,
- "requires": {
- "inherits": "^2.0.1",
- "safe-buffer": "^5.0.1"
- }
- },
"safe-buffer": {
"version": "5.2.1",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
@@ -47258,9 +47396,9 @@
}
},
"path-to-regexp": {
- "version": "0.1.12",
- "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz",
- "integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==",
+ "version": "0.1.13",
+ "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.13.tgz",
+ "integrity": "sha512-A/AGNMFN3c8bOlvV9RreMdrv7jsmF9XIfDeCd87+I8RNg6s78BhJxMu69NEMHBSJFxKidViTEdruRwEk/WIKqA==",
"dev": true
},
"path-type": {
@@ -47270,50 +47408,19 @@
"dev": true
},
"pbkdf2": {
- "version": "3.1.3",
- "resolved": "https://registry.npmjs.org/pbkdf2/-/pbkdf2-3.1.3.tgz",
- "integrity": "sha512-wfRLBZ0feWRhCIkoMB6ete7czJcnNnqRpcoWQBLqatqXXmelSRqfdDK4F3u9T2s2cXas/hQJcryI/4lAL+XTlA==",
+ "version": "3.1.5",
+ "resolved": "https://registry.npmjs.org/pbkdf2/-/pbkdf2-3.1.5.tgz",
+ "integrity": "sha512-Q3CG/cYvCO1ye4QKkuH7EXxs3VC/rI1/trd+qX2+PolbaKG0H+bgcZzrTt96mMyRtejk+JMCiLUn3y29W8qmFQ==",
"dev": true,
"requires": {
- "create-hash": "~1.1.3",
+ "create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
- "ripemd160": "=2.0.1",
+ "ripemd160": "^2.0.3",
"safe-buffer": "^5.2.1",
- "sha.js": "^2.4.11",
- "to-buffer": "^1.2.0"
+ "sha.js": "^2.4.12",
+ "to-buffer": "^1.2.1"
},
"dependencies": {
- "create-hash": {
- "version": "1.1.3",
- "resolved": "https://registry.npmjs.org/create-hash/-/create-hash-1.1.3.tgz",
- "integrity": "sha512-snRpch/kwQhcdlnZKYanNF1m0RDlrCdSKQaH87w1FCFPVPNCQ/Il9QJKAX2jVBZddRdaHBMC+zXa9Gw9tmkNUA==",
- "dev": true,
- "requires": {
- "cipher-base": "^1.0.1",
- "inherits": "^2.0.1",
- "ripemd160": "^2.0.0",
- "sha.js": "^2.4.0"
- }
- },
- "hash-base": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-2.0.2.tgz",
- "integrity": "sha512-0TROgQ1/SxE6KmxWSvXHvRj90/Xo1JvZShofnYF+f6ZsGtR4eES7WfrQzPalmyagfKZCXpVnitiRebZulWsbiw==",
- "dev": true,
- "requires": {
- "inherits": "^2.0.1"
- }
- },
- "ripemd160": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.1.tgz",
- "integrity": "sha512-J7f4wutN8mdbV08MJnXibYpCOPHR+yzy+iQ/AsjMv2j8cLavQ8VGagDFUwwTAdF8FmRKVeNpbTTEwNHCW1g94w==",
- "dev": true,
- "requires": {
- "hash-base": "^2.0.0",
- "inherits": "^2.0.1"
- }
- },
"safe-buffer": {
"version": "5.2.1",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
@@ -47329,9 +47436,9 @@
"dev": true
},
"picomatch": {
- "version": "2.3.1",
- "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
- "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
+ "version": "2.3.2",
+ "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.2.tgz",
+ "integrity": "sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==",
"dev": true
},
"pify": {
@@ -47410,12 +47517,12 @@
"dev": true
},
"postcss": {
- "version": "8.4.49",
- "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.49.tgz",
- "integrity": "sha512-OCVPnIObs4N29kxTjzLfUryOkvZEq+pf8jTF0lg8E7uETuWHA+v7j3c/xJmiqpX450191LlmZfUKkXxkTry7nA==",
+ "version": "8.5.13",
+ "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.13.tgz",
+ "integrity": "sha512-qif0+jGGZoLWdHey3UFHHWP0H7Gbmsk8T5VEqyYFbWqPr1XqvLGBbk/sl8V5exGmcYJklJOhOQq1pV9IcsiFag==",
"dev": true,
"requires": {
- "nanoid": "^3.3.7",
+ "nanoid": "^3.3.11",
"picocolors": "^1.1.1",
"source-map-js": "^1.2.1"
}
@@ -47859,9 +47966,9 @@
},
"dependencies": {
"bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
}
}
@@ -48100,15 +48207,36 @@
"dev": true
},
"raw-body": {
- "version": "2.5.2",
- "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz",
- "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==",
+ "version": "2.5.3",
+ "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.3.tgz",
+ "integrity": "sha512-s4VSOf6yN0rvbRZGxs8Om5CWj6seneMwK3oDb4lWDH0UPhWcxwOWw5+qk24bxq87szX1ydrwylIOp2uG1ojUpA==",
"dev": true,
"requires": {
- "bytes": "3.1.2",
- "http-errors": "2.0.0",
- "iconv-lite": "0.4.24",
- "unpipe": "1.0.0"
+ "bytes": "~3.1.2",
+ "http-errors": "~2.0.1",
+ "iconv-lite": "~0.4.24",
+ "unpipe": "~1.0.0"
+ },
+ "dependencies": {
+ "http-errors": {
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz",
+ "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==",
+ "dev": true,
+ "requires": {
+ "depd": "~2.0.0",
+ "inherits": "~2.0.4",
+ "setprototypeof": "~1.2.0",
+ "statuses": "~2.0.2",
+ "toidentifier": "~1.0.1"
+ }
+ },
+ "statuses": {
+ "version": "2.0.2",
+ "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
+ "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==",
+ "dev": true
+ }
}
},
"raw-loader": {
@@ -48712,13 +48840,13 @@
}
},
"ripemd160": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.2.tgz",
- "integrity": "sha512-ii4iagi25WusVoiC4B4lq7pbXfAp3D9v5CwfkY33vffw2+pkDjY1D8GaN7spsxvCSx8dkPqOZCEZyfxcmJG2IA==",
+ "version": "2.0.3",
+ "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.3.tgz",
+ "integrity": "sha512-5Di9UC0+8h1L6ZD2d7awM7E/T4uA1fJRlx6zk/NvdCCVEoAnFqvHmCuNeIKoCeIixBX/q8uM+6ycDvF8woqosA==",
"dev": true,
"requires": {
- "hash-base": "^3.0.0",
- "inherits": "^2.0.1"
+ "hash-base": "^3.1.2",
+ "inherits": "^2.0.4"
}
},
"rsvp": {
@@ -50446,9 +50574,9 @@
},
"dependencies": {
"ajv": {
- "version": "8.17.1",
- "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz",
- "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==",
+ "version": "8.20.0",
+ "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.20.0.tgz",
+ "integrity": "sha512-Thbli+OlOj+iMPYFBVBfJ3OmCAnaSyNn4M1vz9T6Gka5Jt9ba/HIR56joy65tY6kx/FCF5VXNB819Y7/GUrBGA==",
"dev": true,
"requires": {
"fast-deep-equal": "^3.1.3",
@@ -52858,9 +52986,9 @@
"dev": true
},
"yaml": {
- "version": "1.10.2",
- "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz",
- "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==",
+ "version": "1.10.3",
+ "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.3.tgz",
+ "integrity": "sha512-vIYeF1u3CjlhAFekPPAk2h/Kv4T3mAkMox5OymRiJQB0spDP10LHvt+K7G9Ny6NuuMAb25/6n1qyUjAcGNf/AA==",
"dev": true
},
"yaml-eslint-parser": {
@@ -52881,9 +53009,9 @@
"dev": true
},
"yaml": {
- "version": "2.4.1",
- "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.4.1.tgz",
- "integrity": "sha512-pIXzoImaqmfOrL7teGUBt/T7ZDnyeGBWyXQBvOVhLkWLN37GXv8NMLK406UY6dS51JfcQHsmcW5cJ441bHg6Lg==",
+ "version": "2.8.3",
+ "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.8.3.tgz",
+ "integrity": "sha512-AvbaCLOO2Otw/lW5bmh9d/WEdcDFdQp2Z2ZUH3pX9U2ihyUY0nvLv7J6TrWowklRGPYbB/IuIMfYgxaCPg5Bpg==",
"dev": true
}
}
--
2.47.3
$ date
--- stdout ---
Fri May 1 02:07:16 UTC 2026
--- end ---
$ git clone file:///srv/git/mediawiki-extensions-Wikistories.git /src/repo --depth=1 -b REL1_46
--- stderr ---
Cloning into '/src/repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stdout ---
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/REL1_46
--- stdout ---
ef6550e2d3e57c978dcc282f21e4f663ac093697 refs/heads/REL1_46
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"@babel/runtime": {
"name": "@babel/runtime",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1104000,
"name": "@babel/runtime",
"dependency": "@babel/runtime",
"title": "Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups",
"url": "https://github.com/advisories/GHSA-968p-4wvh-cqc8",
"severity": "moderate",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 6.2,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<7.26.10"
}
],
"effects": [
"@devtools-ds/object-inspector",
"@devtools-ds/object-parser",
"@devtools-ds/themes",
"@devtools-ds/tree"
],
"range": "<7.26.10",
"nodes": [
"node_modules/@devtools-ds/object-inspector/node_modules/@babel/runtime",
"node_modules/@devtools-ds/object-parser/node_modules/@babel/runtime",
"node_modules/@devtools-ds/themes/node_modules/@babel/runtime",
"node_modules/@devtools-ds/tree/node_modules/@babel/runtime"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@devtools-ds/object-inspector": {
"name": "@devtools-ds/object-inspector",
"severity": "moderate",
"isDirect": false,
"via": [
"@babel/runtime",
"@devtools-ds/object-parser",
"@devtools-ds/themes",
"@devtools-ds/tree"
],
"effects": [
"@storybook/addon-interactions"
],
"range": "*",
"nodes": [
"node_modules/@devtools-ds/object-inspector"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@devtools-ds/object-parser": {
"name": "@devtools-ds/object-parser",
"severity": "moderate",
"isDirect": false,
"via": [
"@babel/runtime"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@devtools-ds/object-parser"
],
"fixAvailable": true
},
"@devtools-ds/themes": {
"name": "@devtools-ds/themes",
"severity": "moderate",
"isDirect": false,
"via": [
"@babel/runtime"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@devtools-ds/themes"
],
"fixAvailable": true
},
"@devtools-ds/tree": {
"name": "@devtools-ds/tree",
"severity": "moderate",
"isDirect": false,
"via": [
"@babel/runtime",
"@devtools-ds/themes"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@devtools-ds/tree"
],
"fixAvailable": true
},
"@jest/transform": {
"name": "@jest/transform",
"severity": "moderate",
"isDirect": false,
"via": [
"jest-haste-map"
],
"effects": [
"@storybook/addon-docs"
],
"range": "<=26.6.2",
"nodes": [
"node_modules/@storybook/addon-docs/node_modules/@jest/transform"
],
"fixAvailable": true
},
"@mdx-js/mdx": {
"name": "@mdx-js/mdx",
"severity": "high",
"isDirect": false,
"via": [
"remark-mdx",
"remark-parse"
],
"effects": [
"@storybook/mdx1-csf"
],
"range": "<=1.6.22",
"nodes": [
"node_modules/@mdx-js/mdx"
],
"fixAvailable": true
},
"@storybook/addon-controls": {
"name": "@storybook/addon-controls",
"severity": "moderate",
"isDirect": false,
"via": [
"@storybook/core-common"
],
"effects": [
"@storybook/addon-essentials"
],
"range": "6.4.0-alpha.0 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/addon-controls"
],
"fixAvailable": {
"name": "@storybook/addon-essentials",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@storybook/addon-docs": {
"name": "@storybook/addon-docs",
"severity": "high",
"isDirect": false,
"via": [
"@jest/transform",
"@storybook/core-common",
"@storybook/mdx1-csf"
],
"effects": [],
"range": "5.3.0-alpha.0 - 7.0.3 || 7.1.0-alpha.0 - 7.1.0-rc.2",
"nodes": [
"node_modules/@storybook/addon-docs"
],
"fixAvailable": true
},
"@storybook/addon-essentials": {
"name": "@storybook/addon-essentials",
"severity": "moderate",
"isDirect": true,
"via": [
"@storybook/addon-controls",
"@storybook/addon-docs",
"@storybook/core-common"
],
"effects": [],
"range": "6.4.0-alpha.0 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/addon-essentials"
],
"fixAvailable": {
"name": "@storybook/addon-essentials",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@storybook/addon-interactions": {
"name": "@storybook/addon-interactions",
"severity": "moderate",
"isDirect": true,
"via": [
"@devtools-ds/object-inspector",
"@storybook/core-common"
],
"effects": [],
"range": "<=7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/addon-interactions"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@storybook/builder-webpack4": {
"name": "@storybook/builder-webpack4",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core-common",
"autoprefixer",
"css-loader",
"fork-ts-checker-webpack-plugin",
"postcss",
"postcss-flexbugs-fixes",
"terser-webpack-plugin",
"webpack",
"webpack-dev-middleware"
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/@storybook/builder-webpack4"
],
"fixAvailable": false
},
"@storybook/core": {
"name": "@storybook/core",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/core-server"
],
"effects": [],
"range": "6.2.0-alpha.0 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/core"
],
"fixAvailable": true
},
"@storybook/core-common": {
"name": "@storybook/core-common",
"severity": "moderate",
"isDirect": false,
"via": [
"webpack"
],
"effects": [
"@storybook/addon-controls",
"@storybook/addon-docs",
"@storybook/addon-essentials",
"@storybook/addon-interactions",
"@storybook/telemetry",
"@storybook/vue3"
],
"range": "<=6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/core-common"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@storybook/core-server": {
"name": "@storybook/core-server",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/builder-webpack4",
"@storybook/core-common",
"@storybook/csf-tools",
"@storybook/manager-webpack4",
"@storybook/telemetry",
"cpy",
"ip",
"webpack"
],
"effects": [
"@storybook/core"
],
"range": "<=7.6.19 || 8.0.0-alpha.0 - 8.1.5 || 8.2.0-alpha.0 - 8.2.0-beta.3",
"nodes": [
"node_modules/@storybook/core-server"
],
"fixAvailable": true
},
"@storybook/csf-tools": {
"name": "@storybook/csf-tools",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/mdx1-csf"
],
"effects": [],
"range": "6.5.0-alpha.1 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/csf-tools"
],
"fixAvailable": true
},
"@storybook/manager-webpack4": {
"name": "@storybook/manager-webpack4",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core-common",
"css-loader",
"terser-webpack-plugin",
"webpack",
"webpack-dev-middleware"
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/@storybook/manager-webpack4"
],
"fixAvailable": false
},
"@storybook/mdx1-csf": {
"name": "@storybook/mdx1-csf",
"severity": "high",
"isDirect": false,
"via": [
"@mdx-js/mdx"
],
"effects": [
"@storybook/addon-docs",
"@storybook/csf-tools"
],
"range": "*",
"nodes": [
"node_modules/@storybook/mdx1-csf"
],
"fixAvailable": true
},
"@storybook/telemetry": {
"name": "@storybook/telemetry",
"severity": "moderate",
"isDirect": false,
"via": [
"@storybook/core-common"
],
"effects": [
"@storybook/core-server"
],
"range": "<=6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/telemetry"
],
"fixAvailable": true
},
"@storybook/vue3": {
"name": "@storybook/vue3",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core",
"@storybook/core-common",
"vue-docgen-loader"
],
"effects": [],
"range": "<=6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/vue3"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "10.3.6",
"isSemVerMajor": true
}
},
"@tootallnate/once": {
"name": "@tootallnate/once",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1113977,
"name": "@tootallnate/once",
"dependency": "@tootallnate/once",
"title": "@tootallnate/once vulnerable to Incorrect Control Flow Scoping",
"url": "https://github.com/advisories/GHSA-vpq2-c234-7xj6",
"severity": "low",
"cwe": [
"CWE-705"
],
"cvss": {
"score": 3.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<3.0.1"
}
],
"effects": [
"http-proxy-agent"
],
"range": "<3.0.1",
"nodes": [
"node_modules/@tootallnate/once"
],
"fixAvailable": {
"name": "jest-environment-jsdom",
"version": "30.3.0",
"isSemVerMajor": true
}
},
"ajv": {
"name": "ajv",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1113714,
"name": "ajv",
"dependency": "ajv",
"title": "ajv has ReDoS when using `$data` option",
"url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6",
"severity": "moderate",
"cwe": [
"CWE-400",
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<6.14.0"
},
{
"source": 1113715,
"name": "ajv",
"dependency": "ajv",
"title": "ajv has ReDoS when using `$data` option",
"url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6",
"severity": "moderate",
"cwe": [
"CWE-400",
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": ">=7.0.0-alpha.0 <8.18.0"
}
],
"effects": [],
"range": "<6.14.0 || >=7.0.0-alpha.0 <8.18.0",
"nodes": [
"node_modules/ajv",
"node_modules/table/node_modules/ajv"
],
"fixAvailable": true
},
"anymatch": {
"name": "anymatch",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar",
"sane"
],
"range": "1.2.0 - 2.0.0",
"nodes": [
"node_modules/sane/node_modules/anymatch",
"node_modules/watchpack-chokidar2/node_modules/anymatch"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"autoprefixer": {
"name": "autoprefixer",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.0.20131222 - 9.8.8",
"nodes": [
"node_modules/autoprefixer"
],
"fixAvailable": true
},
"bn.js": {
"name": "bn.js",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1113441,
"name": "bn.js",
"dependency": "bn.js",
"title": "bn.js affected by an infinite loop",
"url": "https://github.com/advisories/GHSA-378v-28hj-76wf",
"severity": "moderate",
"cwe": [
"CWE-835"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=5.0.0 <5.2.3"
},
{
"source": 1113442,
"name": "bn.js",
"dependency": "bn.js",
"title": "bn.js affected by an infinite loop",
"url": "https://github.com/advisories/GHSA-378v-28hj-76wf",
"severity": "moderate",
"cwe": [
"CWE-835"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<4.12.3"
}
],
"effects": [],
"range": ">=5.0.0 <5.2.3 || <4.12.3",
"nodes": [
"node_modules/asn1.js/node_modules/bn.js",
"node_modules/bn.js",
"node_modules/create-ecdh/node_modules/bn.js",
"node_modules/diffie-hellman/node_modules/bn.js",
"node_modules/elliptic/node_modules/bn.js",
"node_modules/miller-rabin/node_modules/bn.js",
"node_modules/public-encrypt/node_modules/bn.js"
],
"fixAvailable": true
},
"body-parser": {
"name": "body-parser",
"severity": "low",
"isDirect": false,
"via": [
"qs"
],
"effects": [],
"range": "1.19.0 - 1.20.3 || 2.0.0-beta.1 - 2.0.2",
"nodes": [
"node_modules/body-parser"
],
"fixAvailable": true
},
"brace-expansion": {
"name": "brace-expansion",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1115540,
"name": "brace-expansion",
"dependency": "brace-expansion",
"title": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
"url": "https://github.com/advisories/GHSA-f886-m6hf-6m8v",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
"range": "<1.1.13"
},
{
"source": 1115541,
"name": "brace-expansion",
"dependency": "brace-expansion",
"title": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
"url": "https://github.com/advisories/GHSA-f886-m6hf-6m8v",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
"range": ">=2.0.0 <2.0.3"
}
],
"effects": [],
"range": "<1.1.13 || >=2.0.0 <2.0.3",
"nodes": [
"node_modules/brace-expansion",
"node_modules/editorconfig/node_modules/brace-expansion",
"node_modules/eslint-config-wikimedia/node_modules/brace-expansion",
"node_modules/eslint-plugin-n/node_modules/brace-expansion",
"node_modules/js-beautify/node_modules/brace-expansion"
],
"fixAvailable": true
},
"braces": {
"name": "braces",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098094,
"name": "braces",
"dependency": "braces",
"title": "Uncontrolled resource consumption in braces",
"url": "https://github.com/advisories/GHSA-grv7-fg5c-xmjg",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-1050"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.3"
}
],
"effects": [
"chokidar",
"micromatch"
],
"range": "<3.0.3",
"nodes": [
"node_modules/cpy/node_modules/braces",
"node_modules/fork-ts-checker-webpack-plugin/node_modules/braces",
"node_modules/jscodeshift/node_modules/braces",
"node_modules/sane/node_modules/braces",
"node_modules/watchpack-chokidar2/node_modules/braces",
"node_modules/webpack/node_modules/braces"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"browserify-sign": {
"name": "browserify-sign",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": ">=2.4.0",
"nodes": [
"node_modules/browserify-sign"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"cacache": {
"name": "cacache",
"severity": "high",
"isDirect": false,
"via": [
"tar"
],
"effects": [
"terser-webpack-plugin"
],
"range": "14.0.0 - 18.0.4",
"nodes": [
"node_modules/cacache"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"chokidar": {
"name": "chokidar",
"severity": "high",
"isDirect": false,
"via": [
"anymatch",
"braces",
"readdirp"
],
"effects": [
"watchpack-chokidar2"
],
"range": "1.3.0 - 2.1.8",
"nodes": [
"node_modules/watchpack-chokidar2/node_modules/chokidar"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"cpy": {
"name": "cpy",
"severity": "moderate",
"isDirect": false,
"via": [
"globby"
],
"effects": [
"@storybook/core-server"
],
"range": "7.0.0 - 8.1.2",
"nodes": [
"node_modules/cpy"
],
"fixAvailable": true
},
"create-ecdh": {
"name": "create-ecdh",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": "*",
"nodes": [
"node_modules/create-ecdh"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"crypto-browserify": {
"name": "crypto-browserify",
"severity": "low",
"isDirect": false,
"via": [
"browserify-sign",
"create-ecdh"
],
"effects": [
"node-libs-browser"
],
"range": ">=3.4.0",
"nodes": [
"node_modules/crypto-browserify"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"css-loader": {
"name": "css-loader",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss",
"postcss-modules-extract-imports",
"postcss-modules-local-by-default",
"postcss-modules-scope",
"postcss-modules-values"
],
"effects": [],
"range": "0.15.0 - 4.3.0",
"nodes": [
"node_modules/css-loader"
],
"fixAvailable": true
},
"editorconfig": {
"name": "editorconfig",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [],
"range": "1.0.3 - 1.0.4 || 2.0.0",
"nodes": [
"node_modules/editorconfig"
],
"fixAvailable": true
},
"elliptic": {
"name": "elliptic",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1112030,
"name": "elliptic",
"dependency": "elliptic",
"title": "Elliptic Uses a Cryptographic Primitive with a Risky Implementation",
"url": "https://github.com/advisories/GHSA-848j-6mx2-7j84",
"severity": "low",
"cwe": [
"CWE-1240"
],
"cvss": {
"score": 5.6,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
},
"range": "<=6.6.1"
}
],
"effects": [
"browserify-sign",
"create-ecdh"
],
"range": "*",
"nodes": [
"node_modules/elliptic"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"fast-glob": {
"name": "fast-glob",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"globby"
],
"range": "<=2.2.7",
"nodes": [
"node_modules/cpy/node_modules/fast-glob"
],
"fixAvailable": true
},
"flatted": {
"name": "flatted",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1114526,
"name": "flatted",
"dependency": "flatted",
"title": "flatted vulnerable to unbounded recursion DoS in parse() revive phase",
"url": "https://github.com/advisories/GHSA-25h7-pfq9-p65f",
"severity": "high",
"cwe": [
"CWE-674"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.4.0"
},
{
"source": 1115357,
"name": "flatted",
"dependency": "flatted",
"title": "Prototype Pollution via parse() in NodeJS flatted",
"url": "https://github.com/advisories/GHSA-rf6f-7fwh-wjgh",
"severity": "high",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=3.4.1"
}
],
"effects": [],
"range": "<=3.4.1",
"nodes": [
"node_modules/flatted"
],
"fixAvailable": true
},
"fork-ts-checker-webpack-plugin": {
"name": "fork-ts-checker-webpack-plugin",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [],
"range": "0.4.14 - 4.1.6",
"nodes": [
"node_modules/fork-ts-checker-webpack-plugin"
],
"fixAvailable": true
},
"globby": {
"name": "globby",
"severity": "moderate",
"isDirect": false,
"via": [
"fast-glob"
],
"effects": [
"cpy"
],
"range": "8.0.0 - 9.2.0",
"nodes": [
"node_modules/cpy/node_modules/globby"
],
"fixAvailable": true
},
"handlebars": {
"name": "handlebars",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1115538,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block",
"url": "https://github.com/advisories/GHSA-3mfm-83xf-c92r",
"severity": "high",
"cwe": [
"CWE-94",
"CWE-843"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115539,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has JavaScript Injection via AST Type Confusion",
"url": "https://github.com/advisories/GHSA-2w6w-674q-4c4q",
"severity": "critical",
"cwe": [
"CWE-94",
"CWE-843"
],
"cvss": {
"score": 9.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115544,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection",
"url": "https://github.com/advisories/GHSA-2qvq-rjwj-gvw9",
"severity": "moderate",
"cwe": [
"CWE-79",
"CWE-1321"
],
"cvss": {
"score": 4.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": ">=4.0.0 <4.7.9"
},
{
"source": 1115588,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has a Prototype Method Access Control Gap via Missing __lookupSetter__ Blocklist Entry",
"url": "https://github.com/advisories/GHSA-7rx3-28cr-v5wh",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 4.8,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": ">=4.6.0 <=4.7.8"
},
{
"source": 1115589,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has a Property Access Validation Bypass in container.lookup",
"url": "https://github.com/advisories/GHSA-442j-39wm-28r2",
"severity": "low",
"cwe": [
"CWE-367"
],
"cvss": {
"score": 3.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115692,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options",
"url": "https://github.com/advisories/GHSA-xjpj-3mr7-gcpf",
"severity": "high",
"cwe": [
"CWE-79",
"CWE-94",
"CWE-116"
],
"cvss": {
"score": 8.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115693,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial",
"url": "https://github.com/advisories/GHSA-xhpv-hc6g-r9c6",
"severity": "high",
"cwe": [
"CWE-94",
"CWE-843"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115694,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation",
"url": "https://github.com/advisories/GHSA-9cx6-37pm-9jff",
"severity": "high",
"cwe": [
"CWE-754"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=4.0.0 <=4.7.8"
}
],
"effects": [],
"range": "4.0.0 - 4.7.8",
"nodes": [
"node_modules/handlebars"
],
"fixAvailable": true
},
"http-proxy-agent": {
"name": "http-proxy-agent",
"severity": "low",
"isDirect": false,
"via": [
"@tootallnate/once"
],
"effects": [
"jsdom"
],
"range": "4.0.1 - 5.0.0",
"nodes": [
"node_modules/http-proxy-agent"
],
"fixAvailable": {
"name": "jest-environment-jsdom",
"version": "30.3.0",
"isSemVerMajor": true
}
},
"icss-utils": {
"name": "icss-utils",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"css-loader",
"postcss-modules-local-by-default",
"postcss-modules-values"
],
"range": "<=4.1.1",
"nodes": [
"node_modules/icss-utils"
],
"fixAvailable": true
},
"ip": {
"name": "ip",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1101851,
"name": "ip",
"dependency": "ip",
"title": "ip SSRF improper categorization in isPublic",
"url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp",
"severity": "high",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=2.0.1"
}
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/ip"
],
"fixAvailable": true
},
"jest-environment-jsdom": {
"name": "jest-environment-jsdom",
"severity": "low",
"isDirect": true,
"via": [
"jsdom"
],
"effects": [],
"range": "27.0.1 - 30.0.0-rc.1",
"nodes": [
"node_modules/jest-environment-jsdom"
],
"fixAvailable": {
"name": "jest-environment-jsdom",
"version": "30.3.0",
"isSemVerMajor": true
}
},
"jest-haste-map": {
"name": "jest-haste-map",
"severity": "moderate",
"isDirect": false,
"via": [
"sane"
],
"effects": [
"@jest/transform"
],
"range": "24.0.0-alpha.0 - 26.6.2",
"nodes": [
"node_modules/@storybook/addon-docs/node_modules/jest-haste-map"
],
"fixAvailable": true
},
"jscodeshift": {
"name": "jscodeshift",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"vue-docgen-loader"
],
"range": "0.3.20 - 0.13.1",
"nodes": [
"node_modules/jscodeshift"
],
"fixAvailable": true
},
"jsdom": {
"name": "jsdom",
"severity": "low",
"isDirect": false,
"via": [
"http-proxy-agent"
],
"effects": [
"jest-environment-jsdom"
],
"range": "16.6.0 - 22.1.0",
"nodes": [
"node_modules/jsdom"
],
"fixAvailable": {
"name": "jest-environment-jsdom",
"version": "30.3.0",
"isSemVerMajor": true
}
},
"lodash": {
"name": "lodash",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1112455,
"name": "lodash",
"dependency": "lodash",
"title": "Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions",
"url": "https://github.com/advisories/GHSA-xxjr-mmjv-4gpg",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
},
"range": ">=4.0.0 <=4.17.22"
},
{
"source": 1115806,
"name": "lodash",
"dependency": "lodash",
"title": "lodash vulnerable to Code Injection via `_.template` imports key names",
"url": "https://github.com/advisories/GHSA-r5fr-rjxr-66jc",
"severity": "high",
"cwe": [
"CWE-94"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.17.23"
},
{
"source": 1115810,
"name": "lodash",
"dependency": "lodash",
"title": "lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`",
"url": "https://github.com/advisories/GHSA-f23m-r3pf-42rh",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
},
"range": "<=4.17.23"
}
],
"effects": [],
"range": "<=4.17.23",
"nodes": [
"node_modules/lodash"
],
"fixAvailable": true
},
"meow": {
"name": "meow",
"severity": "high",
"isDirect": false,
"via": [
"trim-newlines"
],
"effects": [],
"range": "3.4.0 - 5.0.0",
"nodes": [
"node_modules/default-browser-id/node_modules/meow"
],
"fixAvailable": true
},
"micromatch": {
"name": "micromatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098681,
"name": "micromatch",
"dependency": "micromatch",
"title": "Regular Expression Denial of Service (ReDoS) in micromatch",
"url": "https://github.com/advisories/GHSA-952p-6rrq-rcjv",
"severity": "moderate",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<4.0.8"
},
"braces"
],
"effects": [
"anymatch",
"fast-glob",
"fork-ts-checker-webpack-plugin",
"jscodeshift",
"readdirp",
"sane",
"webpack"
],
"range": "<=4.0.7",
"nodes": [
"node_modules/cpy/node_modules/micromatch",
"node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch",
"node_modules/jscodeshift/node_modules/micromatch",
"node_modules/sane/node_modules/micromatch",
"node_modules/watchpack-chokidar2/node_modules/micromatch",
"node_modules/webpack/node_modules/micromatch"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"minimatch": {
"name": "minimatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113459,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<3.1.3"
},
{
"source": 1113465,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": ">=9.0.0 <9.0.6"
},
{
"source": 1113538,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
"url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
"severity": "high",
"cwe": [
"CWE-407"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.3"
},
{
"source": 1113544,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
"url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
"severity": "high",
"cwe": [
"CWE-407"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=9.0.0 <9.0.7"
},
{
"source": 1113546,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
"url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.4"
},
{
"source": 1113552,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
"url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=9.0.0 <9.0.7"
}
],
"effects": [
"editorconfig"
],
"range": "<=3.1.3 || 9.0.0 - 9.0.6",
"nodes": [
"node_modules/editorconfig/node_modules/minimatch",
"node_modules/eslint-config-wikimedia/node_modules/minimatch",
"node_modules/eslint-plugin-n/node_modules/minimatch",
"node_modules/js-beautify/node_modules/minimatch",
"node_modules/minimatch"
],
"fixAvailable": true
},
"node-libs-browser": {
"name": "node-libs-browser",
"severity": "low",
"isDirect": false,
"via": [
"crypto-browserify"
],
"effects": [
"webpack"
],
"range": "0.4.2 || >=1.0.0",
"nodes": [
"node_modules/node-libs-browser"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"path-to-regexp": {
"name": "path-to-regexp",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1115527,
"name": "path-to-regexp",
"dependency": "path-to-regexp",
"title": "path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters",
"url": "https://github.com/advisories/GHSA-37ch-88jc-xwx2",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<0.1.13"
}
],
"effects": [],
"range": "<0.1.13",
"nodes": [
"node_modules/path-to-regexp"
],
"fixAvailable": true
},
"picomatch": {
"name": "picomatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1115549,
"name": "picomatch",
"dependency": "picomatch",
"title": "Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching",
"url": "https://github.com/advisories/GHSA-3v7f-55p6-f55p",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<2.3.2"
},
{
"source": 1115552,
"name": "picomatch",
"dependency": "picomatch",
"title": "Picomatch has a ReDoS vulnerability via extglob quantifiers",
"url": "https://github.com/advisories/GHSA-c2c7-rcm5-vvqj",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<2.3.2"
}
],
"effects": [],
"range": "<=2.3.1",
"nodes": [
"node_modules/picomatch"
],
"fixAvailable": true
},
"postcss": {
"name": "postcss",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1109574,
"name": "postcss",
"dependency": "postcss",
"title": "PostCSS line return parsing error",
"url": "https://github.com/advisories/GHSA-7fh5-64p2-3v2j",
"severity": "moderate",
"cwe": [
"CWE-74",
"CWE-144"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<8.4.31"
},
{
"source": 1117015,
"name": "postcss",
"dependency": "postcss",
"title": "PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
"url": "https://github.com/advisories/GHSA-qx2v-qp2m-jg93",
"severity": "moderate",
"cwe": [
"CWE-79"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<8.5.10"
}
],
"effects": [
"@storybook/builder-webpack4",
"autoprefixer",
"css-loader",
"icss-utils",
"postcss-flexbugs-fixes",
"postcss-modules-extract-imports",
"postcss-modules-local-by-default",
"postcss-modules-scope",
"postcss-modules-values"
],
"range": "<=8.5.9",
"nodes": [
"node_modules/@storybook/builder-webpack4/node_modules/postcss",
"node_modules/autoprefixer/node_modules/postcss",
"node_modules/css-loader/node_modules/postcss",
"node_modules/icss-utils/node_modules/postcss",
"node_modules/postcss",
"node_modules/postcss-flexbugs-fixes/node_modules/postcss",
"node_modules/postcss-modules-extract-imports/node_modules/postcss",
"node_modules/postcss-modules-local-by-default/node_modules/postcss",
"node_modules/postcss-modules-scope/node_modules/postcss",
"node_modules/postcss-modules-values/node_modules/postcss"
],
"fixAvailable": false
},
"postcss-flexbugs-fixes": {
"name": "postcss-flexbugs-fixes",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.2.1",
"nodes": [
"node_modules/postcss-flexbugs-fixes"
],
"fixAvailable": true
},
"postcss-modules-extract-imports": {
"name": "postcss-modules-extract-imports",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.0.0",
"nodes": [
"node_modules/postcss-modules-extract-imports"
],
"fixAvailable": true
},
"postcss-modules-local-by-default": {
"name": "postcss-modules-local-by-default",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss"
],
"effects": [],
"range": "<=4.0.0-rc.4",
"nodes": [
"node_modules/postcss-modules-local-by-default"
],
"fixAvailable": true
},
"postcss-modules-scope": {
"name": "postcss-modules-scope",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.2.0",
"nodes": [
"node_modules/postcss-modules-scope"
],
"fixAvailable": true
},
"postcss-modules-values": {
"name": "postcss-modules-values",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss"
],
"effects": [
"css-loader"
],
"range": "<=4.0.0-rc.5",
"nodes": [
"node_modules/postcss-modules-values"
],
"fixAvailable": true
},
"qs": {
"name": "qs",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1113161,
"name": "qs",
"dependency": "qs",
"title": "qs's arrayLimit bypass in comma parsing allows denial of service",
"url": "https://github.com/advisories/GHSA-w7fw-mjwx-w883",
"severity": "low",
"cwe": [
"CWE-20"
],
"cvss": {
"score": 3.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=6.7.0 <=6.14.1"
},
{
"source": 1113719,
"name": "qs",
"dependency": "qs",
"title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion",
"url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p",
"severity": "moderate",
"cwe": [
"CWE-20"
],
"cvss": {
"score": 3.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<6.14.1"
}
],
"effects": [
"body-parser"
],
"range": "<=6.14.1",
"nodes": [
"node_modules/body-parser/node_modules/qs",
"node_modules/qs"
],
"fixAvailable": true
},
"readdirp": {
"name": "readdirp",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar"
],
"range": "2.2.0 - 2.2.1",
"nodes": [
"node_modules/watchpack-chokidar2/node_modules/readdirp"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"remark-mdx": {
"name": "remark-mdx",
"severity": "high",
"isDirect": false,
"via": [
"remark-parse"
],
"effects": [
"@mdx-js/mdx"
],
"range": "<=1.6.22",
"nodes": [
"node_modules/remark-mdx"
],
"fixAvailable": true
},
"remark-parse": {
"name": "remark-parse",
"severity": "high",
"isDirect": false,
"via": [
"trim"
],
"effects": [
"@mdx-js/mdx",
"remark-mdx"
],
"range": "<=8.0.3",
"nodes": [
"node_modules/remark-parse"
],
"fixAvailable": true
},
"sane": {
"name": "sane",
"severity": "moderate",
"isDirect": false,
"via": [
"anymatch",
"micromatch"
],
"effects": [
"jest-haste-map"
],
"range": "1.5.0 - 4.1.0",
"nodes": [
"node_modules/sane"
],
"fixAvailable": true
},
"serialize-javascript": {
"name": "serialize-javascript",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113686,
"name": "serialize-javascript",
"dependency": "serialize-javascript",
"title": "Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()",
"url": "https://github.com/advisories/GHSA-5c6j-r48x-rmvq",
"severity": "high",
"cwe": [
"CWE-96"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=7.0.2"
},
{
"source": 1115723,
"name": "serialize-javascript",
"dependency": "serialize-javascript",
"title": "Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects",
"url": "https://github.com/advisories/GHSA-qj8w-gfj5-8c6v",
"severity": "moderate",
"cwe": [
"CWE-400",
"CWE-834"
],
"cvss": {
"score": 5.9,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<7.0.5"
}
],
"effects": [
"terser-webpack-plugin"
],
"range": "<=7.0.4",
"nodes": [
"node_modules/serialize-javascript",
"node_modules/webpack/node_modules/serialize-javascript"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"tar": {
"name": "tar",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1112659,
"name": "tar",
"dependency": "tar",
"title": "node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal",
"url": "https://github.com/advisories/GHSA-34x7-hfp2-rc4v",
"severity": "high",
"cwe": [
"CWE-22",
"CWE-59"
],
"cvss": {
"score": 8.2,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"
},
"range": "<7.5.7"
},
{
"source": 1113300,
"name": "tar",
"dependency": "tar",
"title": "node-tar is Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path Sanitization",
"url": "https://github.com/advisories/GHSA-8qq5-rm4j-mr97",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=7.5.2"
},
{
"source": 1113375,
"name": "tar",
"dependency": "tar",
"title": "Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in node-tar Extraction",
"url": "https://github.com/advisories/GHSA-83g3-92jg-28cx",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 7.1,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"
},
"range": "<7.5.8"
},
{
"source": 1114200,
"name": "tar",
"dependency": "tar",
"title": "tar has Hardlink Path Traversal via Drive-Relative Linkpath",
"url": "https://github.com/advisories/GHSA-qffp-2rhf-9h96",
"severity": "high",
"cwe": [
"CWE-22",
"CWE-59"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=7.5.9"
},
{
"source": 1114302,
"name": "tar",
"dependency": "tar",
"title": "node-tar Symlink Path Traversal via Drive-Relative Linkpath",
"url": "https://github.com/advisories/GHSA-9ppj-qmqm-q256",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=7.5.10"
},
{
"source": 1114680,
"name": "tar",
"dependency": "tar",
"title": "Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS",
"url": "https://github.com/advisories/GHSA-r6q2-hw4h-h46w",
"severity": "high",
"cwe": [
"CWE-176",
"CWE-367"
],
"cvss": {
"score": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L"
},
"range": "<=7.5.3"
}
],
"effects": [
"cacache"
],
"range": "<=7.5.10",
"nodes": [
"node_modules/tar"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"terser-webpack-plugin": {
"name": "terser-webpack-plugin",
"severity": "high",
"isDirect": false,
"via": [
"cacache",
"serialize-javascript"
],
"effects": [
"webpack"
],
"range": "<=5.3.16",
"nodes": [
"node_modules/terser-webpack-plugin",
"node_modules/webpack/node_modules/terser-webpack-plugin"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"trim": {
"name": "trim",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1089867,
"name": "trim",
"dependency": "trim",
"title": "Regular Expression Denial of Service in trim",
"url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<0.0.3"
}
],
"effects": [
"remark-parse"
],
"range": "<0.0.3",
"nodes": [
"node_modules/trim"
],
"fixAvailable": true
},
"trim-newlines": {
"name": "trim-newlines",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095100,
"name": "trim-newlines",
"dependency": "trim-newlines",
"title": "Uncontrolled Resource Consumption in trim-newlines",
"url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.1"
}
],
"effects": [
"meow"
],
"range": "<3.0.1",
"nodes": [
"node_modules/trim-newlines"
],
"fixAvailable": true
},
"uuid": {
"name": "uuid",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1116970,
"name": "uuid",
"dependency": "uuid",
"title": "uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided",
"url": "https://github.com/advisories/GHSA-w5hq-g745-h8pq",
"severity": "moderate",
"cwe": [
"CWE-787",
"CWE-1285"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<14.0.0"
}
],
"effects": [
"webpack-log"
],
"range": "<14.0.0",
"nodes": [
"node_modules/uuid"
],
"fixAvailable": false
},
"vue-docgen-loader": {
"name": "vue-docgen-loader",
"severity": "moderate",
"isDirect": false,
"via": [
"jscodeshift"
],
"effects": [],
"range": "1.3.0-beta.0 - 2.0.0",
"nodes": [
"node_modules/vue-docgen-loader"
],
"fixAvailable": true
},
"watchpack": {
"name": "watchpack",
"severity": "high",
"isDirect": false,
"via": [
"watchpack-chokidar2"
],
"effects": [
"webpack"
],
"range": "1.7.2 - 1.7.5",
"nodes": [
"node_modules/webpack/node_modules/watchpack"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"watchpack-chokidar2": {
"name": "watchpack-chokidar2",
"severity": "high",
"isDirect": false,
"via": [
"chokidar"
],
"effects": [
"watchpack"
],
"range": "*",
"nodes": [
"node_modules/watchpack-chokidar2"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"webpack": {
"name": "webpack",
"severity": "high",
"isDirect": false,
"via": [
"micromatch",
"node-libs-browser",
"terser-webpack-plugin",
"watchpack"
],
"effects": [
"@storybook/core-common"
],
"range": "2.0.0-beta - 5.1.0",
"nodes": [
"node_modules/webpack"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"webpack-dev-middleware": {
"name": "webpack-dev-middleware",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1096729,
"name": "webpack-dev-middleware",
"dependency": "webpack-dev-middleware",
"title": "Path traversal in webpack-dev-middleware",
"url": "https://github.com/advisories/GHSA-wr3j-pwj9-hqq6",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 7.4,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"
},
"range": "<=5.3.3"
},
"webpack-log"
],
"effects": [
"@storybook/manager-webpack4"
],
"range": "<=5.3.3",
"nodes": [
"node_modules/webpack-dev-middleware"
],
"fixAvailable": false
},
"webpack-log": {
"name": "webpack-log",
"severity": "moderate",
"isDirect": false,
"via": [
"uuid"
],
"effects": [
"webpack-dev-middleware"
],
"range": "1.1.0 - 2.0.0",
"nodes": [
"node_modules/webpack-log"
],
"fixAvailable": false
},
"yaml": {
"name": "yaml",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1115555,
"name": "yaml",
"dependency": "yaml",
"title": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections",
"url": "https://github.com/advisories/GHSA-48c2-rrv3-qjmp",
"severity": "moderate",
"cwe": [
"CWE-674"
],
"cvss": {
"score": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=1.0.0 <1.10.3"
},
{
"source": 1115556,
"name": "yaml",
"dependency": "yaml",
"title": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections",
"url": "https://github.com/advisories/GHSA-48c2-rrv3-qjmp",
"severity": "moderate",
"cwe": [
"CWE-674"
],
"cvss": {
"score": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=2.0.0 <2.8.3"
}
],
"effects": [],
"range": "1.0.0 - 1.10.2 || 2.0.0 - 2.8.2",
"nodes": [
"node_modules/yaml",
"node_modules/yaml-eslint-parser/node_modules/yaml"
],
"fixAvailable": true
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 10,
"moderate": 37,
"high": 32,
"critical": 1,
"total": 80
},
"dependencies": {
"prod": 1,
"dev": 2423,
"optional": 66,
"peer": 0,
"peerOptional": 0,
"total": 2423
}
}
}
--- end ---
$ /usr/bin/composer install
--- stderr ---
No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information.
Loading composer repositories with package information
Updating dependencies
Lock file operations: 37 installs, 0 updates, 0 removals
- Locking composer/pcre (3.3.2)
- Locking composer/semver (3.4.4)
- Locking composer/spdx-licenses (1.5.10)
- Locking composer/xdebug-handler (3.0.5)
- Locking danog/advanced-json-rpc (v3.2.3)
- Locking dealerdirect/phpcodesniffer-composer-installer (v1.2.0)
- Locking doctrine/deprecations (1.1.6)
- Locking mediawiki/mediawiki-codesniffer (v50.0.0)
- Locking mediawiki/mediawiki-phan-config (0.20.0)
- Locking mediawiki/minus-x (2.0.1)
- Locking mediawiki/phan-taint-check-plugin (9.1.0)
- Locking netresearch/jsonmapper (v5.0.1)
- Locking phan/phan (6.0.2)
- Locking phan/tolerant-php-parser (v0.2.0)
- Locking phan/var_representation_polyfill (0.1.4)
- Locking php-parallel-lint/php-console-color (v1.0.1)
- Locking php-parallel-lint/php-console-highlighter (v1.0.0)
- Locking php-parallel-lint/php-parallel-lint (v1.4.0)
- Locking phpcsstandards/phpcsextra (1.4.0)
- Locking phpcsstandards/phpcsutils (1.2.2)
- Locking phpdocumentor/reflection-common (2.2.0)
- Locking phpdocumentor/reflection-docblock (6.0.3)
- Locking phpdocumentor/type-resolver (2.0.0)
- Locking phpstan/phpdoc-parser (2.3.2)
- Locking psr/container (2.0.2)
- Locking psr/log (3.0.2)
- Locking sabre/event (6.1.0)
- Locking squizlabs/php_codesniffer (3.13.5)
- Locking symfony/console (v8.0.8)
- Locking symfony/deprecation-contracts (v3.6.0)
- Locking symfony/polyfill-ctype (v1.37.0)
- Locking symfony/polyfill-intl-grapheme (v1.37.0)
- Locking symfony/polyfill-intl-normalizer (v1.37.0)
- Locking symfony/polyfill-mbstring (v1.37.0)
- Locking symfony/service-contracts (v3.6.1)
- Locking symfony/string (v8.0.8)
- Locking webmozart/assert (2.3.0)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 37 installs, 0 updates, 0 removals
0 [>---------------------------] 0 [->--------------------------]
- Installing squizlabs/php_codesniffer (3.13.5): Extracting archive
- Installing dealerdirect/phpcodesniffer-composer-installer (v1.2.0): Extracting archive
- Installing composer/pcre (3.3.2): Extracting archive
- Installing phpcsstandards/phpcsutils (1.2.2): Extracting archive
- Installing phpcsstandards/phpcsextra (1.4.0): Extracting archive
- Installing symfony/polyfill-mbstring (v1.37.0): Extracting archive
- Installing composer/spdx-licenses (1.5.10): Extracting archive
- Installing composer/semver (3.4.4): Extracting archive
- Installing mediawiki/mediawiki-codesniffer (v50.0.0): Extracting archive
- Installing symfony/polyfill-intl-normalizer (v1.37.0): Extracting archive
- Installing symfony/polyfill-intl-grapheme (v1.37.0): Extracting archive
- Installing symfony/polyfill-ctype (v1.37.0): Extracting archive
- Installing symfony/string (v8.0.8): Extracting archive
- Installing symfony/deprecation-contracts (v3.6.0): Extracting archive
- Installing psr/container (2.0.2): Extracting archive
- Installing symfony/service-contracts (v3.6.1): Extracting archive
- Installing symfony/console (v8.0.8): Extracting archive
- Installing sabre/event (6.1.0): Extracting archive
- Installing phan/var_representation_polyfill (0.1.4): Extracting archive
- Installing phan/tolerant-php-parser (v0.2.0): Extracting archive
- Installing netresearch/jsonmapper (v5.0.1): Extracting archive
- Installing webmozart/assert (2.3.0): Extracting archive
- Installing phpstan/phpdoc-parser (2.3.2): Extracting archive
- Installing phpdocumentor/reflection-common (2.2.0): Extracting archive
- Installing doctrine/deprecations (1.1.6): Extracting archive
- Installing phpdocumentor/type-resolver (2.0.0): Extracting archive
- Installing phpdocumentor/reflection-docblock (6.0.3): Extracting archive
- Installing danog/advanced-json-rpc (v3.2.3): Extracting archive
- Installing psr/log (3.0.2): Extracting archive
- Installing composer/xdebug-handler (3.0.5): Extracting archive
- Installing phan/phan (6.0.2): Extracting archive
- Installing mediawiki/phan-taint-check-plugin (9.1.0): Extracting archive
- Installing mediawiki/mediawiki-phan-config (0.20.0): Extracting archive
- Installing mediawiki/minus-x (2.0.1): Extracting archive
- Installing php-parallel-lint/php-console-color (v1.0.1): Extracting archive
- Installing php-parallel-lint/php-console-highlighter (v1.0.0): Extracting archive
- Installing php-parallel-lint/php-parallel-lint (v1.4.0): Extracting archive
0/35 [>---------------------------] 0%
28/35 [======================>-----] 80%
35/35 [============================] 100%
1 package suggestions were added by new dependencies, use `composer suggest` to see details.
Generating autoload files
16 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
--- stdout ---
PHP CodeSniffer Config installed_paths set to ../../mediawiki/mediawiki-codesniffer,../../phpcsstandards/phpcsextra,../../phpcsstandards/phpcsutils
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"@babel/runtime": {
"name": "@babel/runtime",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1104000,
"name": "@babel/runtime",
"dependency": "@babel/runtime",
"title": "Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups",
"url": "https://github.com/advisories/GHSA-968p-4wvh-cqc8",
"severity": "moderate",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 6.2,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<7.26.10"
}
],
"effects": [
"@devtools-ds/object-inspector",
"@devtools-ds/object-parser",
"@devtools-ds/themes",
"@devtools-ds/tree"
],
"range": "<7.26.10",
"nodes": [
"node_modules/@devtools-ds/object-inspector/node_modules/@babel/runtime",
"node_modules/@devtools-ds/object-parser/node_modules/@babel/runtime",
"node_modules/@devtools-ds/themes/node_modules/@babel/runtime",
"node_modules/@devtools-ds/tree/node_modules/@babel/runtime"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@devtools-ds/object-inspector": {
"name": "@devtools-ds/object-inspector",
"severity": "moderate",
"isDirect": false,
"via": [
"@babel/runtime",
"@devtools-ds/object-parser",
"@devtools-ds/themes",
"@devtools-ds/tree"
],
"effects": [
"@storybook/addon-interactions"
],
"range": "*",
"nodes": [
"node_modules/@devtools-ds/object-inspector"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@devtools-ds/object-parser": {
"name": "@devtools-ds/object-parser",
"severity": "moderate",
"isDirect": false,
"via": [
"@babel/runtime"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@devtools-ds/object-parser"
],
"fixAvailable": true
},
"@devtools-ds/themes": {
"name": "@devtools-ds/themes",
"severity": "moderate",
"isDirect": false,
"via": [
"@babel/runtime"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@devtools-ds/themes"
],
"fixAvailable": true
},
"@devtools-ds/tree": {
"name": "@devtools-ds/tree",
"severity": "moderate",
"isDirect": false,
"via": [
"@babel/runtime",
"@devtools-ds/themes"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@devtools-ds/tree"
],
"fixAvailable": true
},
"@jest/transform": {
"name": "@jest/transform",
"severity": "moderate",
"isDirect": false,
"via": [
"jest-haste-map"
],
"effects": [
"@storybook/addon-docs"
],
"range": "<=26.6.2",
"nodes": [
"node_modules/@storybook/addon-docs/node_modules/@jest/transform"
],
"fixAvailable": true
},
"@mdx-js/mdx": {
"name": "@mdx-js/mdx",
"severity": "high",
"isDirect": false,
"via": [
"remark-mdx",
"remark-parse"
],
"effects": [
"@storybook/mdx1-csf"
],
"range": "<=1.6.22",
"nodes": [
"node_modules/@mdx-js/mdx"
],
"fixAvailable": true
},
"@storybook/addon-controls": {
"name": "@storybook/addon-controls",
"severity": "moderate",
"isDirect": false,
"via": [
"@storybook/core-common"
],
"effects": [
"@storybook/addon-essentials"
],
"range": "6.4.0-alpha.0 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/addon-controls"
],
"fixAvailable": {
"name": "@storybook/addon-essentials",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@storybook/addon-docs": {
"name": "@storybook/addon-docs",
"severity": "high",
"isDirect": false,
"via": [
"@jest/transform",
"@storybook/core-common",
"@storybook/mdx1-csf"
],
"effects": [],
"range": "5.3.0-alpha.0 - 7.0.3 || 7.1.0-alpha.0 - 7.1.0-rc.2",
"nodes": [
"node_modules/@storybook/addon-docs"
],
"fixAvailable": true
},
"@storybook/addon-essentials": {
"name": "@storybook/addon-essentials",
"severity": "moderate",
"isDirect": true,
"via": [
"@storybook/addon-controls",
"@storybook/addon-docs",
"@storybook/core-common"
],
"effects": [],
"range": "6.4.0-alpha.0 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/addon-essentials"
],
"fixAvailable": {
"name": "@storybook/addon-essentials",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@storybook/addon-interactions": {
"name": "@storybook/addon-interactions",
"severity": "moderate",
"isDirect": true,
"via": [
"@devtools-ds/object-inspector",
"@storybook/core-common"
],
"effects": [],
"range": "<=7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/addon-interactions"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@storybook/builder-webpack4": {
"name": "@storybook/builder-webpack4",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core-common",
"autoprefixer",
"css-loader",
"fork-ts-checker-webpack-plugin",
"postcss",
"postcss-flexbugs-fixes",
"terser-webpack-plugin",
"webpack",
"webpack-dev-middleware"
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/@storybook/builder-webpack4"
],
"fixAvailable": false
},
"@storybook/core": {
"name": "@storybook/core",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/core-server"
],
"effects": [],
"range": "6.2.0-alpha.0 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/core"
],
"fixAvailable": true
},
"@storybook/core-common": {
"name": "@storybook/core-common",
"severity": "moderate",
"isDirect": false,
"via": [
"webpack"
],
"effects": [
"@storybook/addon-controls",
"@storybook/addon-docs",
"@storybook/addon-essentials",
"@storybook/addon-interactions",
"@storybook/telemetry",
"@storybook/vue3"
],
"range": "<=6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/core-common"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@storybook/core-server": {
"name": "@storybook/core-server",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/builder-webpack4",
"@storybook/core-common",
"@storybook/csf-tools",
"@storybook/manager-webpack4",
"@storybook/telemetry",
"cpy",
"ip",
"webpack"
],
"effects": [
"@storybook/core"
],
"range": "<=7.6.19 || 8.0.0-alpha.0 - 8.1.5 || 8.2.0-alpha.0 - 8.2.0-beta.3",
"nodes": [
"node_modules/@storybook/core-server"
],
"fixAvailable": true
},
"@storybook/csf-tools": {
"name": "@storybook/csf-tools",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/mdx1-csf"
],
"effects": [],
"range": "6.5.0-alpha.1 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/csf-tools"
],
"fixAvailable": true
},
"@storybook/manager-webpack4": {
"name": "@storybook/manager-webpack4",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core-common",
"css-loader",
"terser-webpack-plugin",
"webpack",
"webpack-dev-middleware"
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/@storybook/manager-webpack4"
],
"fixAvailable": false
},
"@storybook/mdx1-csf": {
"name": "@storybook/mdx1-csf",
"severity": "high",
"isDirect": false,
"via": [
"@mdx-js/mdx"
],
"effects": [
"@storybook/addon-docs",
"@storybook/csf-tools"
],
"range": "*",
"nodes": [
"node_modules/@storybook/mdx1-csf"
],
"fixAvailable": true
},
"@storybook/telemetry": {
"name": "@storybook/telemetry",
"severity": "moderate",
"isDirect": false,
"via": [
"@storybook/core-common"
],
"effects": [
"@storybook/core-server"
],
"range": "<=6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/telemetry"
],
"fixAvailable": true
},
"@storybook/vue3": {
"name": "@storybook/vue3",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core",
"@storybook/core-common",
"vue-docgen-loader"
],
"effects": [],
"range": "<=6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/vue3"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "10.3.6",
"isSemVerMajor": true
}
},
"@tootallnate/once": {
"name": "@tootallnate/once",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1113977,
"name": "@tootallnate/once",
"dependency": "@tootallnate/once",
"title": "@tootallnate/once vulnerable to Incorrect Control Flow Scoping",
"url": "https://github.com/advisories/GHSA-vpq2-c234-7xj6",
"severity": "low",
"cwe": [
"CWE-705"
],
"cvss": {
"score": 3.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<3.0.1"
}
],
"effects": [
"http-proxy-agent"
],
"range": "<3.0.1",
"nodes": [
"node_modules/@tootallnate/once"
],
"fixAvailable": {
"name": "jest-environment-jsdom",
"version": "30.3.0",
"isSemVerMajor": true
}
},
"ajv": {
"name": "ajv",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1113714,
"name": "ajv",
"dependency": "ajv",
"title": "ajv has ReDoS when using `$data` option",
"url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6",
"severity": "moderate",
"cwe": [
"CWE-400",
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<6.14.0"
},
{
"source": 1113715,
"name": "ajv",
"dependency": "ajv",
"title": "ajv has ReDoS when using `$data` option",
"url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6",
"severity": "moderate",
"cwe": [
"CWE-400",
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": ">=7.0.0-alpha.0 <8.18.0"
}
],
"effects": [],
"range": "<6.14.0 || >=7.0.0-alpha.0 <8.18.0",
"nodes": [
"node_modules/ajv",
"node_modules/table/node_modules/ajv"
],
"fixAvailable": true
},
"anymatch": {
"name": "anymatch",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar",
"sane"
],
"range": "1.2.0 - 2.0.0",
"nodes": [
"node_modules/sane/node_modules/anymatch",
"node_modules/watchpack-chokidar2/node_modules/anymatch"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"autoprefixer": {
"name": "autoprefixer",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.0.20131222 - 9.8.8",
"nodes": [
"node_modules/autoprefixer"
],
"fixAvailable": true
},
"bn.js": {
"name": "bn.js",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1113441,
"name": "bn.js",
"dependency": "bn.js",
"title": "bn.js affected by an infinite loop",
"url": "https://github.com/advisories/GHSA-378v-28hj-76wf",
"severity": "moderate",
"cwe": [
"CWE-835"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=5.0.0 <5.2.3"
},
{
"source": 1113442,
"name": "bn.js",
"dependency": "bn.js",
"title": "bn.js affected by an infinite loop",
"url": "https://github.com/advisories/GHSA-378v-28hj-76wf",
"severity": "moderate",
"cwe": [
"CWE-835"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<4.12.3"
}
],
"effects": [],
"range": ">=5.0.0 <5.2.3 || <4.12.3",
"nodes": [
"node_modules/asn1.js/node_modules/bn.js",
"node_modules/bn.js",
"node_modules/create-ecdh/node_modules/bn.js",
"node_modules/diffie-hellman/node_modules/bn.js",
"node_modules/elliptic/node_modules/bn.js",
"node_modules/miller-rabin/node_modules/bn.js",
"node_modules/public-encrypt/node_modules/bn.js"
],
"fixAvailable": true
},
"body-parser": {
"name": "body-parser",
"severity": "low",
"isDirect": false,
"via": [
"qs"
],
"effects": [],
"range": "1.19.0 - 1.20.3 || 2.0.0-beta.1 - 2.0.2",
"nodes": [
"node_modules/body-parser"
],
"fixAvailable": true
},
"brace-expansion": {
"name": "brace-expansion",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1115540,
"name": "brace-expansion",
"dependency": "brace-expansion",
"title": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
"url": "https://github.com/advisories/GHSA-f886-m6hf-6m8v",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
"range": "<1.1.13"
},
{
"source": 1115541,
"name": "brace-expansion",
"dependency": "brace-expansion",
"title": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
"url": "https://github.com/advisories/GHSA-f886-m6hf-6m8v",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
"range": ">=2.0.0 <2.0.3"
}
],
"effects": [],
"range": "<1.1.13 || >=2.0.0 <2.0.3",
"nodes": [
"node_modules/brace-expansion",
"node_modules/editorconfig/node_modules/brace-expansion",
"node_modules/eslint-config-wikimedia/node_modules/brace-expansion",
"node_modules/eslint-plugin-n/node_modules/brace-expansion",
"node_modules/js-beautify/node_modules/brace-expansion"
],
"fixAvailable": true
},
"braces": {
"name": "braces",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098094,
"name": "braces",
"dependency": "braces",
"title": "Uncontrolled resource consumption in braces",
"url": "https://github.com/advisories/GHSA-grv7-fg5c-xmjg",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-1050"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.3"
}
],
"effects": [
"chokidar",
"micromatch"
],
"range": "<3.0.3",
"nodes": [
"node_modules/cpy/node_modules/braces",
"node_modules/fork-ts-checker-webpack-plugin/node_modules/braces",
"node_modules/jscodeshift/node_modules/braces",
"node_modules/sane/node_modules/braces",
"node_modules/watchpack-chokidar2/node_modules/braces",
"node_modules/webpack/node_modules/braces"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"browserify-sign": {
"name": "browserify-sign",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": ">=2.4.0",
"nodes": [
"node_modules/browserify-sign"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"cacache": {
"name": "cacache",
"severity": "high",
"isDirect": false,
"via": [
"tar"
],
"effects": [
"terser-webpack-plugin"
],
"range": "14.0.0 - 18.0.4",
"nodes": [
"node_modules/cacache"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"chokidar": {
"name": "chokidar",
"severity": "high",
"isDirect": false,
"via": [
"anymatch",
"braces",
"readdirp"
],
"effects": [
"watchpack-chokidar2"
],
"range": "1.3.0 - 2.1.8",
"nodes": [
"node_modules/watchpack-chokidar2/node_modules/chokidar"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"cpy": {
"name": "cpy",
"severity": "moderate",
"isDirect": false,
"via": [
"globby"
],
"effects": [
"@storybook/core-server"
],
"range": "7.0.0 - 8.1.2",
"nodes": [
"node_modules/cpy"
],
"fixAvailable": true
},
"create-ecdh": {
"name": "create-ecdh",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": "*",
"nodes": [
"node_modules/create-ecdh"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"crypto-browserify": {
"name": "crypto-browserify",
"severity": "low",
"isDirect": false,
"via": [
"browserify-sign",
"create-ecdh"
],
"effects": [
"node-libs-browser"
],
"range": ">=3.4.0",
"nodes": [
"node_modules/crypto-browserify"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"css-loader": {
"name": "css-loader",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss",
"postcss-modules-extract-imports",
"postcss-modules-local-by-default",
"postcss-modules-scope",
"postcss-modules-values"
],
"effects": [],
"range": "0.15.0 - 4.3.0",
"nodes": [
"node_modules/css-loader"
],
"fixAvailable": true
},
"editorconfig": {
"name": "editorconfig",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [],
"range": "1.0.3 - 1.0.4 || 2.0.0",
"nodes": [
"node_modules/editorconfig"
],
"fixAvailable": true
},
"elliptic": {
"name": "elliptic",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1112030,
"name": "elliptic",
"dependency": "elliptic",
"title": "Elliptic Uses a Cryptographic Primitive with a Risky Implementation",
"url": "https://github.com/advisories/GHSA-848j-6mx2-7j84",
"severity": "low",
"cwe": [
"CWE-1240"
],
"cvss": {
"score": 5.6,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
},
"range": "<=6.6.1"
}
],
"effects": [
"browserify-sign",
"create-ecdh"
],
"range": "*",
"nodes": [
"node_modules/elliptic"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"fast-glob": {
"name": "fast-glob",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"globby"
],
"range": "<=2.2.7",
"nodes": [
"node_modules/cpy/node_modules/fast-glob"
],
"fixAvailable": true
},
"flatted": {
"name": "flatted",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1114526,
"name": "flatted",
"dependency": "flatted",
"title": "flatted vulnerable to unbounded recursion DoS in parse() revive phase",
"url": "https://github.com/advisories/GHSA-25h7-pfq9-p65f",
"severity": "high",
"cwe": [
"CWE-674"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.4.0"
},
{
"source": 1115357,
"name": "flatted",
"dependency": "flatted",
"title": "Prototype Pollution via parse() in NodeJS flatted",
"url": "https://github.com/advisories/GHSA-rf6f-7fwh-wjgh",
"severity": "high",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=3.4.1"
}
],
"effects": [],
"range": "<=3.4.1",
"nodes": [
"node_modules/flatted"
],
"fixAvailable": true
},
"fork-ts-checker-webpack-plugin": {
"name": "fork-ts-checker-webpack-plugin",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [],
"range": "0.4.14 - 4.1.6",
"nodes": [
"node_modules/fork-ts-checker-webpack-plugin"
],
"fixAvailable": true
},
"globby": {
"name": "globby",
"severity": "moderate",
"isDirect": false,
"via": [
"fast-glob"
],
"effects": [
"cpy"
],
"range": "8.0.0 - 9.2.0",
"nodes": [
"node_modules/cpy/node_modules/globby"
],
"fixAvailable": true
},
"handlebars": {
"name": "handlebars",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1115538,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block",
"url": "https://github.com/advisories/GHSA-3mfm-83xf-c92r",
"severity": "high",
"cwe": [
"CWE-94",
"CWE-843"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115539,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has JavaScript Injection via AST Type Confusion",
"url": "https://github.com/advisories/GHSA-2w6w-674q-4c4q",
"severity": "critical",
"cwe": [
"CWE-94",
"CWE-843"
],
"cvss": {
"score": 9.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115544,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection",
"url": "https://github.com/advisories/GHSA-2qvq-rjwj-gvw9",
"severity": "moderate",
"cwe": [
"CWE-79",
"CWE-1321"
],
"cvss": {
"score": 4.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": ">=4.0.0 <4.7.9"
},
{
"source": 1115588,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has a Prototype Method Access Control Gap via Missing __lookupSetter__ Blocklist Entry",
"url": "https://github.com/advisories/GHSA-7rx3-28cr-v5wh",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 4.8,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": ">=4.6.0 <=4.7.8"
},
{
"source": 1115589,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has a Property Access Validation Bypass in container.lookup",
"url": "https://github.com/advisories/GHSA-442j-39wm-28r2",
"severity": "low",
"cwe": [
"CWE-367"
],
"cvss": {
"score": 3.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115692,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options",
"url": "https://github.com/advisories/GHSA-xjpj-3mr7-gcpf",
"severity": "high",
"cwe": [
"CWE-79",
"CWE-94",
"CWE-116"
],
"cvss": {
"score": 8.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115693,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial",
"url": "https://github.com/advisories/GHSA-xhpv-hc6g-r9c6",
"severity": "high",
"cwe": [
"CWE-94",
"CWE-843"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115694,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation",
"url": "https://github.com/advisories/GHSA-9cx6-37pm-9jff",
"severity": "high",
"cwe": [
"CWE-754"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=4.0.0 <=4.7.8"
}
],
"effects": [],
"range": "4.0.0 - 4.7.8",
"nodes": [
"node_modules/handlebars"
],
"fixAvailable": true
},
"http-proxy-agent": {
"name": "http-proxy-agent",
"severity": "low",
"isDirect": false,
"via": [
"@tootallnate/once"
],
"effects": [
"jsdom"
],
"range": "4.0.1 - 5.0.0",
"nodes": [
"node_modules/http-proxy-agent"
],
"fixAvailable": {
"name": "jest-environment-jsdom",
"version": "30.3.0",
"isSemVerMajor": true
}
},
"icss-utils": {
"name": "icss-utils",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"css-loader",
"postcss-modules-local-by-default",
"postcss-modules-values"
],
"range": "<=4.1.1",
"nodes": [
"node_modules/icss-utils"
],
"fixAvailable": true
},
"ip": {
"name": "ip",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1101851,
"name": "ip",
"dependency": "ip",
"title": "ip SSRF improper categorization in isPublic",
"url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp",
"severity": "high",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=2.0.1"
}
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/ip"
],
"fixAvailable": true
},
"jest-environment-jsdom": {
"name": "jest-environment-jsdom",
"severity": "low",
"isDirect": true,
"via": [
"jsdom"
],
"effects": [],
"range": "27.0.1 - 30.0.0-rc.1",
"nodes": [
"node_modules/jest-environment-jsdom"
],
"fixAvailable": {
"name": "jest-environment-jsdom",
"version": "30.3.0",
"isSemVerMajor": true
}
},
"jest-haste-map": {
"name": "jest-haste-map",
"severity": "moderate",
"isDirect": false,
"via": [
"sane"
],
"effects": [
"@jest/transform"
],
"range": "24.0.0-alpha.0 - 26.6.2",
"nodes": [
"node_modules/@storybook/addon-docs/node_modules/jest-haste-map"
],
"fixAvailable": true
},
"jscodeshift": {
"name": "jscodeshift",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"vue-docgen-loader"
],
"range": "0.3.20 - 0.13.1",
"nodes": [
"node_modules/jscodeshift"
],
"fixAvailable": true
},
"jsdom": {
"name": "jsdom",
"severity": "low",
"isDirect": false,
"via": [
"http-proxy-agent"
],
"effects": [
"jest-environment-jsdom"
],
"range": "16.6.0 - 22.1.0",
"nodes": [
"node_modules/jsdom"
],
"fixAvailable": {
"name": "jest-environment-jsdom",
"version": "30.3.0",
"isSemVerMajor": true
}
},
"lodash": {
"name": "lodash",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1112455,
"name": "lodash",
"dependency": "lodash",
"title": "Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions",
"url": "https://github.com/advisories/GHSA-xxjr-mmjv-4gpg",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
},
"range": ">=4.0.0 <=4.17.22"
},
{
"source": 1115806,
"name": "lodash",
"dependency": "lodash",
"title": "lodash vulnerable to Code Injection via `_.template` imports key names",
"url": "https://github.com/advisories/GHSA-r5fr-rjxr-66jc",
"severity": "high",
"cwe": [
"CWE-94"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.17.23"
},
{
"source": 1115810,
"name": "lodash",
"dependency": "lodash",
"title": "lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`",
"url": "https://github.com/advisories/GHSA-f23m-r3pf-42rh",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
},
"range": "<=4.17.23"
}
],
"effects": [],
"range": "<=4.17.23",
"nodes": [
"node_modules/lodash"
],
"fixAvailable": true
},
"meow": {
"name": "meow",
"severity": "high",
"isDirect": false,
"via": [
"trim-newlines"
],
"effects": [],
"range": "3.4.0 - 5.0.0",
"nodes": [
"node_modules/default-browser-id/node_modules/meow"
],
"fixAvailable": true
},
"micromatch": {
"name": "micromatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098681,
"name": "micromatch",
"dependency": "micromatch",
"title": "Regular Expression Denial of Service (ReDoS) in micromatch",
"url": "https://github.com/advisories/GHSA-952p-6rrq-rcjv",
"severity": "moderate",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<4.0.8"
},
"braces"
],
"effects": [
"anymatch",
"fast-glob",
"fork-ts-checker-webpack-plugin",
"jscodeshift",
"readdirp",
"sane",
"webpack"
],
"range": "<=4.0.7",
"nodes": [
"node_modules/cpy/node_modules/micromatch",
"node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch",
"node_modules/jscodeshift/node_modules/micromatch",
"node_modules/sane/node_modules/micromatch",
"node_modules/watchpack-chokidar2/node_modules/micromatch",
"node_modules/webpack/node_modules/micromatch"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"minimatch": {
"name": "minimatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113459,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<3.1.3"
},
{
"source": 1113465,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": ">=9.0.0 <9.0.6"
},
{
"source": 1113538,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
"url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
"severity": "high",
"cwe": [
"CWE-407"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.3"
},
{
"source": 1113544,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
"url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
"severity": "high",
"cwe": [
"CWE-407"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=9.0.0 <9.0.7"
},
{
"source": 1113546,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
"url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.4"
},
{
"source": 1113552,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
"url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=9.0.0 <9.0.7"
}
],
"effects": [
"editorconfig"
],
"range": "<=3.1.3 || 9.0.0 - 9.0.6",
"nodes": [
"node_modules/editorconfig/node_modules/minimatch",
"node_modules/eslint-config-wikimedia/node_modules/minimatch",
"node_modules/eslint-plugin-n/node_modules/minimatch",
"node_modules/js-beautify/node_modules/minimatch",
"node_modules/minimatch"
],
"fixAvailable": true
},
"node-libs-browser": {
"name": "node-libs-browser",
"severity": "low",
"isDirect": false,
"via": [
"crypto-browserify"
],
"effects": [
"webpack"
],
"range": "0.4.2 || >=1.0.0",
"nodes": [
"node_modules/node-libs-browser"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"path-to-regexp": {
"name": "path-to-regexp",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1115527,
"name": "path-to-regexp",
"dependency": "path-to-regexp",
"title": "path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters",
"url": "https://github.com/advisories/GHSA-37ch-88jc-xwx2",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<0.1.13"
}
],
"effects": [],
"range": "<0.1.13",
"nodes": [
"node_modules/path-to-regexp"
],
"fixAvailable": true
},
"picomatch": {
"name": "picomatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1115549,
"name": "picomatch",
"dependency": "picomatch",
"title": "Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching",
"url": "https://github.com/advisories/GHSA-3v7f-55p6-f55p",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<2.3.2"
},
{
"source": 1115552,
"name": "picomatch",
"dependency": "picomatch",
"title": "Picomatch has a ReDoS vulnerability via extglob quantifiers",
"url": "https://github.com/advisories/GHSA-c2c7-rcm5-vvqj",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<2.3.2"
}
],
"effects": [],
"range": "<=2.3.1",
"nodes": [
"node_modules/picomatch"
],
"fixAvailable": true
},
"postcss": {
"name": "postcss",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1109574,
"name": "postcss",
"dependency": "postcss",
"title": "PostCSS line return parsing error",
"url": "https://github.com/advisories/GHSA-7fh5-64p2-3v2j",
"severity": "moderate",
"cwe": [
"CWE-74",
"CWE-144"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<8.4.31"
},
{
"source": 1117015,
"name": "postcss",
"dependency": "postcss",
"title": "PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
"url": "https://github.com/advisories/GHSA-qx2v-qp2m-jg93",
"severity": "moderate",
"cwe": [
"CWE-79"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<8.5.10"
}
],
"effects": [
"@storybook/builder-webpack4",
"autoprefixer",
"css-loader",
"icss-utils",
"postcss-flexbugs-fixes",
"postcss-modules-extract-imports",
"postcss-modules-local-by-default",
"postcss-modules-scope",
"postcss-modules-values"
],
"range": "<=8.5.9",
"nodes": [
"node_modules/@storybook/builder-webpack4/node_modules/postcss",
"node_modules/autoprefixer/node_modules/postcss",
"node_modules/css-loader/node_modules/postcss",
"node_modules/icss-utils/node_modules/postcss",
"node_modules/postcss",
"node_modules/postcss-flexbugs-fixes/node_modules/postcss",
"node_modules/postcss-modules-extract-imports/node_modules/postcss",
"node_modules/postcss-modules-local-by-default/node_modules/postcss",
"node_modules/postcss-modules-scope/node_modules/postcss",
"node_modules/postcss-modules-values/node_modules/postcss"
],
"fixAvailable": false
},
"postcss-flexbugs-fixes": {
"name": "postcss-flexbugs-fixes",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.2.1",
"nodes": [
"node_modules/postcss-flexbugs-fixes"
],
"fixAvailable": true
},
"postcss-modules-extract-imports": {
"name": "postcss-modules-extract-imports",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.0.0",
"nodes": [
"node_modules/postcss-modules-extract-imports"
],
"fixAvailable": true
},
"postcss-modules-local-by-default": {
"name": "postcss-modules-local-by-default",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss"
],
"effects": [],
"range": "<=4.0.0-rc.4",
"nodes": [
"node_modules/postcss-modules-local-by-default"
],
"fixAvailable": true
},
"postcss-modules-scope": {
"name": "postcss-modules-scope",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.2.0",
"nodes": [
"node_modules/postcss-modules-scope"
],
"fixAvailable": true
},
"postcss-modules-values": {
"name": "postcss-modules-values",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss"
],
"effects": [
"css-loader"
],
"range": "<=4.0.0-rc.5",
"nodes": [
"node_modules/postcss-modules-values"
],
"fixAvailable": true
},
"qs": {
"name": "qs",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1113161,
"name": "qs",
"dependency": "qs",
"title": "qs's arrayLimit bypass in comma parsing allows denial of service",
"url": "https://github.com/advisories/GHSA-w7fw-mjwx-w883",
"severity": "low",
"cwe": [
"CWE-20"
],
"cvss": {
"score": 3.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=6.7.0 <=6.14.1"
},
{
"source": 1113719,
"name": "qs",
"dependency": "qs",
"title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion",
"url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p",
"severity": "moderate",
"cwe": [
"CWE-20"
],
"cvss": {
"score": 3.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<6.14.1"
}
],
"effects": [
"body-parser"
],
"range": "<=6.14.1",
"nodes": [
"node_modules/body-parser/node_modules/qs",
"node_modules/qs"
],
"fixAvailable": true
},
"readdirp": {
"name": "readdirp",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar"
],
"range": "2.2.0 - 2.2.1",
"nodes": [
"node_modules/watchpack-chokidar2/node_modules/readdirp"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"remark-mdx": {
"name": "remark-mdx",
"severity": "high",
"isDirect": false,
"via": [
"remark-parse"
],
"effects": [
"@mdx-js/mdx"
],
"range": "<=1.6.22",
"nodes": [
"node_modules/remark-mdx"
],
"fixAvailable": true
},
"remark-parse": {
"name": "remark-parse",
"severity": "high",
"isDirect": false,
"via": [
"trim"
],
"effects": [
"@mdx-js/mdx",
"remark-mdx"
],
"range": "<=8.0.3",
"nodes": [
"node_modules/remark-parse"
],
"fixAvailable": true
},
"sane": {
"name": "sane",
"severity": "moderate",
"isDirect": false,
"via": [
"anymatch",
"micromatch"
],
"effects": [
"jest-haste-map"
],
"range": "1.5.0 - 4.1.0",
"nodes": [
"node_modules/sane"
],
"fixAvailable": true
},
"serialize-javascript": {
"name": "serialize-javascript",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113686,
"name": "serialize-javascript",
"dependency": "serialize-javascript",
"title": "Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()",
"url": "https://github.com/advisories/GHSA-5c6j-r48x-rmvq",
"severity": "high",
"cwe": [
"CWE-96"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=7.0.2"
},
{
"source": 1115723,
"name": "serialize-javascript",
"dependency": "serialize-javascript",
"title": "Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects",
"url": "https://github.com/advisories/GHSA-qj8w-gfj5-8c6v",
"severity": "moderate",
"cwe": [
"CWE-400",
"CWE-834"
],
"cvss": {
"score": 5.9,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<7.0.5"
}
],
"effects": [
"terser-webpack-plugin"
],
"range": "<=7.0.4",
"nodes": [
"node_modules/serialize-javascript",
"node_modules/webpack/node_modules/serialize-javascript"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"tar": {
"name": "tar",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1112659,
"name": "tar",
"dependency": "tar",
"title": "node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal",
"url": "https://github.com/advisories/GHSA-34x7-hfp2-rc4v",
"severity": "high",
"cwe": [
"CWE-22",
"CWE-59"
],
"cvss": {
"score": 8.2,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"
},
"range": "<7.5.7"
},
{
"source": 1113300,
"name": "tar",
"dependency": "tar",
"title": "node-tar is Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path Sanitization",
"url": "https://github.com/advisories/GHSA-8qq5-rm4j-mr97",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=7.5.2"
},
{
"source": 1113375,
"name": "tar",
"dependency": "tar",
"title": "Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in node-tar Extraction",
"url": "https://github.com/advisories/GHSA-83g3-92jg-28cx",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 7.1,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"
},
"range": "<7.5.8"
},
{
"source": 1114200,
"name": "tar",
"dependency": "tar",
"title": "tar has Hardlink Path Traversal via Drive-Relative Linkpath",
"url": "https://github.com/advisories/GHSA-qffp-2rhf-9h96",
"severity": "high",
"cwe": [
"CWE-22",
"CWE-59"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=7.5.9"
},
{
"source": 1114302,
"name": "tar",
"dependency": "tar",
"title": "node-tar Symlink Path Traversal via Drive-Relative Linkpath",
"url": "https://github.com/advisories/GHSA-9ppj-qmqm-q256",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=7.5.10"
},
{
"source": 1114680,
"name": "tar",
"dependency": "tar",
"title": "Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS",
"url": "https://github.com/advisories/GHSA-r6q2-hw4h-h46w",
"severity": "high",
"cwe": [
"CWE-176",
"CWE-367"
],
"cvss": {
"score": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L"
},
"range": "<=7.5.3"
}
],
"effects": [
"cacache"
],
"range": "<=7.5.10",
"nodes": [
"node_modules/tar"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"terser-webpack-plugin": {
"name": "terser-webpack-plugin",
"severity": "high",
"isDirect": false,
"via": [
"cacache",
"serialize-javascript"
],
"effects": [
"webpack"
],
"range": "<=5.3.16",
"nodes": [
"node_modules/terser-webpack-plugin",
"node_modules/webpack/node_modules/terser-webpack-plugin"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"trim": {
"name": "trim",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1089867,
"name": "trim",
"dependency": "trim",
"title": "Regular Expression Denial of Service in trim",
"url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<0.0.3"
}
],
"effects": [
"remark-parse"
],
"range": "<0.0.3",
"nodes": [
"node_modules/trim"
],
"fixAvailable": true
},
"trim-newlines": {
"name": "trim-newlines",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095100,
"name": "trim-newlines",
"dependency": "trim-newlines",
"title": "Uncontrolled Resource Consumption in trim-newlines",
"url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.1"
}
],
"effects": [
"meow"
],
"range": "<3.0.1",
"nodes": [
"node_modules/trim-newlines"
],
"fixAvailable": true
},
"uuid": {
"name": "uuid",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1116970,
"name": "uuid",
"dependency": "uuid",
"title": "uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided",
"url": "https://github.com/advisories/GHSA-w5hq-g745-h8pq",
"severity": "moderate",
"cwe": [
"CWE-787",
"CWE-1285"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<14.0.0"
}
],
"effects": [
"webpack-log"
],
"range": "<14.0.0",
"nodes": [
"node_modules/uuid"
],
"fixAvailable": false
},
"vue-docgen-loader": {
"name": "vue-docgen-loader",
"severity": "moderate",
"isDirect": false,
"via": [
"jscodeshift"
],
"effects": [],
"range": "1.3.0-beta.0 - 2.0.0",
"nodes": [
"node_modules/vue-docgen-loader"
],
"fixAvailable": true
},
"watchpack": {
"name": "watchpack",
"severity": "high",
"isDirect": false,
"via": [
"watchpack-chokidar2"
],
"effects": [
"webpack"
],
"range": "1.7.2 - 1.7.5",
"nodes": [
"node_modules/webpack/node_modules/watchpack"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"watchpack-chokidar2": {
"name": "watchpack-chokidar2",
"severity": "high",
"isDirect": false,
"via": [
"chokidar"
],
"effects": [
"watchpack"
],
"range": "*",
"nodes": [
"node_modules/watchpack-chokidar2"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"webpack": {
"name": "webpack",
"severity": "high",
"isDirect": false,
"via": [
"micromatch",
"node-libs-browser",
"terser-webpack-plugin",
"watchpack"
],
"effects": [
"@storybook/core-common"
],
"range": "2.0.0-beta - 5.1.0",
"nodes": [
"node_modules/webpack"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"webpack-dev-middleware": {
"name": "webpack-dev-middleware",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1096729,
"name": "webpack-dev-middleware",
"dependency": "webpack-dev-middleware",
"title": "Path traversal in webpack-dev-middleware",
"url": "https://github.com/advisories/GHSA-wr3j-pwj9-hqq6",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 7.4,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"
},
"range": "<=5.3.3"
},
"webpack-log"
],
"effects": [
"@storybook/manager-webpack4"
],
"range": "<=5.3.3",
"nodes": [
"node_modules/webpack-dev-middleware"
],
"fixAvailable": false
},
"webpack-log": {
"name": "webpack-log",
"severity": "moderate",
"isDirect": false,
"via": [
"uuid"
],
"effects": [
"webpack-dev-middleware"
],
"range": "1.1.0 - 2.0.0",
"nodes": [
"node_modules/webpack-log"
],
"fixAvailable": false
},
"yaml": {
"name": "yaml",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1115555,
"name": "yaml",
"dependency": "yaml",
"title": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections",
"url": "https://github.com/advisories/GHSA-48c2-rrv3-qjmp",
"severity": "moderate",
"cwe": [
"CWE-674"
],
"cvss": {
"score": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=1.0.0 <1.10.3"
},
{
"source": 1115556,
"name": "yaml",
"dependency": "yaml",
"title": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections",
"url": "https://github.com/advisories/GHSA-48c2-rrv3-qjmp",
"severity": "moderate",
"cwe": [
"CWE-674"
],
"cvss": {
"score": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=2.0.0 <2.8.3"
}
],
"effects": [],
"range": "1.0.0 - 1.10.2 || 2.0.0 - 2.8.2",
"nodes": [
"node_modules/yaml",
"node_modules/yaml-eslint-parser/node_modules/yaml"
],
"fixAvailable": true
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 10,
"moderate": 37,
"high": 32,
"critical": 1,
"total": 80
},
"dependencies": {
"prod": 1,
"dev": 2423,
"optional": 66,
"peer": 0,
"peerOptional": 0,
"total": 2423
}
}
}
--- end ---
Attempting to npm audit fix
$ /usr/bin/npm audit fix --dry-run --only=dev --json
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
--- stdout ---
{
"added": 2428,
"removed": 0,
"changed": 0,
"audited": 2429,
"funding": 339,
"audit": {
"auditReportVersion": 2,
"vulnerabilities": {
"@babel/runtime": {
"name": "@babel/runtime",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1104000,
"name": "@babel/runtime",
"dependency": "@babel/runtime",
"title": "Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups",
"url": "https://github.com/advisories/GHSA-968p-4wvh-cqc8",
"severity": "moderate",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 6.2,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<7.26.10"
}
],
"effects": [
"@devtools-ds/object-inspector",
"@devtools-ds/object-parser",
"@devtools-ds/themes",
"@devtools-ds/tree"
],
"range": "<7.26.10",
"nodes": [
"node_modules/@devtools-ds/object-inspector/node_modules/@babel/runtime",
"node_modules/@devtools-ds/object-parser/node_modules/@babel/runtime",
"node_modules/@devtools-ds/themes/node_modules/@babel/runtime",
"node_modules/@devtools-ds/tree/node_modules/@babel/runtime"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@devtools-ds/object-inspector": {
"name": "@devtools-ds/object-inspector",
"severity": "moderate",
"isDirect": false,
"via": [
"@babel/runtime",
"@devtools-ds/object-parser",
"@devtools-ds/themes",
"@devtools-ds/tree"
],
"effects": [
"@storybook/addon-interactions"
],
"range": "*",
"nodes": [
"node_modules/@devtools-ds/object-inspector"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@devtools-ds/object-parser": {
"name": "@devtools-ds/object-parser",
"severity": "moderate",
"isDirect": false,
"via": [
"@babel/runtime"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@devtools-ds/object-parser"
],
"fixAvailable": true
},
"@devtools-ds/themes": {
"name": "@devtools-ds/themes",
"severity": "moderate",
"isDirect": false,
"via": [
"@babel/runtime"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@devtools-ds/themes"
],
"fixAvailable": true
},
"@devtools-ds/tree": {
"name": "@devtools-ds/tree",
"severity": "moderate",
"isDirect": false,
"via": [
"@babel/runtime",
"@devtools-ds/themes"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@devtools-ds/tree"
],
"fixAvailable": true
},
"@jest/transform": {
"name": "@jest/transform",
"severity": "moderate",
"isDirect": false,
"via": [
"jest-haste-map"
],
"effects": [
"@storybook/addon-docs"
],
"range": "<=26.6.2",
"nodes": [
"node_modules/@storybook/addon-docs/node_modules/@jest/transform"
],
"fixAvailable": true
},
"@mdx-js/mdx": {
"name": "@mdx-js/mdx",
"severity": "high",
"isDirect": false,
"via": [
"remark-mdx",
"remark-parse"
],
"effects": [
"@storybook/mdx1-csf"
],
"range": "<=1.6.22",
"nodes": [
"node_modules/@mdx-js/mdx"
],
"fixAvailable": true
},
"@storybook/addon-controls": {
"name": "@storybook/addon-controls",
"severity": "moderate",
"isDirect": false,
"via": [
"@storybook/core-common"
],
"effects": [
"@storybook/addon-essentials"
],
"range": "6.4.0-alpha.0 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/addon-controls"
],
"fixAvailable": {
"name": "@storybook/addon-essentials",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@storybook/addon-docs": {
"name": "@storybook/addon-docs",
"severity": "high",
"isDirect": false,
"via": [
"@jest/transform",
"@storybook/core-common",
"@storybook/mdx1-csf"
],
"effects": [],
"range": "5.3.0-alpha.0 - 7.0.3 || 7.1.0-alpha.0 - 7.1.0-rc.2",
"nodes": [
"node_modules/@storybook/addon-docs"
],
"fixAvailable": true
},
"@storybook/addon-essentials": {
"name": "@storybook/addon-essentials",
"severity": "moderate",
"isDirect": true,
"via": [
"@storybook/addon-controls",
"@storybook/addon-docs",
"@storybook/core-common"
],
"effects": [],
"range": "6.4.0-alpha.0 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/addon-essentials"
],
"fixAvailable": {
"name": "@storybook/addon-essentials",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@storybook/addon-interactions": {
"name": "@storybook/addon-interactions",
"severity": "moderate",
"isDirect": true,
"via": [
"@devtools-ds/object-inspector",
"@storybook/core-common"
],
"effects": [],
"range": "<=7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/addon-interactions"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@storybook/builder-webpack4": {
"name": "@storybook/builder-webpack4",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core-common",
"autoprefixer",
"css-loader",
"fork-ts-checker-webpack-plugin",
"postcss",
"postcss-flexbugs-fixes",
"terser-webpack-plugin",
"webpack",
"webpack-dev-middleware"
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/@storybook/builder-webpack4"
],
"fixAvailable": false
},
"@storybook/core": {
"name": "@storybook/core",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/core-server"
],
"effects": [],
"range": "6.2.0-alpha.0 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/core"
],
"fixAvailable": true
},
"@storybook/core-common": {
"name": "@storybook/core-common",
"severity": "moderate",
"isDirect": false,
"via": [
"webpack"
],
"effects": [
"@storybook/addon-controls",
"@storybook/addon-docs",
"@storybook/addon-essentials",
"@storybook/addon-interactions",
"@storybook/telemetry",
"@storybook/vue3"
],
"range": "<=6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/core-common"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"@storybook/core-server": {
"name": "@storybook/core-server",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/builder-webpack4",
"@storybook/core-common",
"@storybook/csf-tools",
"@storybook/manager-webpack4",
"@storybook/telemetry",
"cpy",
"ip",
"webpack"
],
"effects": [
"@storybook/core"
],
"range": "<=7.6.19 || 8.0.0-alpha.0 - 8.1.5 || 8.2.0-alpha.0 - 8.2.0-beta.3",
"nodes": [
"node_modules/@storybook/core-server"
],
"fixAvailable": true
},
"@storybook/csf-tools": {
"name": "@storybook/csf-tools",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/mdx1-csf"
],
"effects": [],
"range": "6.5.0-alpha.1 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/csf-tools"
],
"fixAvailable": true
},
"@storybook/manager-webpack4": {
"name": "@storybook/manager-webpack4",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core-common",
"css-loader",
"terser-webpack-plugin",
"webpack",
"webpack-dev-middleware"
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/@storybook/manager-webpack4"
],
"fixAvailable": false
},
"@storybook/mdx1-csf": {
"name": "@storybook/mdx1-csf",
"severity": "high",
"isDirect": false,
"via": [
"@mdx-js/mdx"
],
"effects": [
"@storybook/addon-docs",
"@storybook/csf-tools"
],
"range": "*",
"nodes": [
"node_modules/@storybook/mdx1-csf"
],
"fixAvailable": true
},
"@storybook/telemetry": {
"name": "@storybook/telemetry",
"severity": "moderate",
"isDirect": false,
"via": [
"@storybook/core-common"
],
"effects": [
"@storybook/core-server"
],
"range": "<=6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/telemetry"
],
"fixAvailable": true
},
"@storybook/vue3": {
"name": "@storybook/vue3",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core",
"@storybook/core-common",
"vue-docgen-loader"
],
"effects": [],
"range": "<=6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/vue3"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "10.3.6",
"isSemVerMajor": true
}
},
"@tootallnate/once": {
"name": "@tootallnate/once",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1113977,
"name": "@tootallnate/once",
"dependency": "@tootallnate/once",
"title": "@tootallnate/once vulnerable to Incorrect Control Flow Scoping",
"url": "https://github.com/advisories/GHSA-vpq2-c234-7xj6",
"severity": "low",
"cwe": [
"CWE-705"
],
"cvss": {
"score": 3.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<3.0.1"
}
],
"effects": [
"http-proxy-agent"
],
"range": "<3.0.1",
"nodes": [
"node_modules/@tootallnate/once"
],
"fixAvailable": {
"name": "jest-environment-jsdom",
"version": "30.3.0",
"isSemVerMajor": true
}
},
"ajv": {
"name": "ajv",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1113714,
"name": "ajv",
"dependency": "ajv",
"title": "ajv has ReDoS when using `$data` option",
"url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6",
"severity": "moderate",
"cwe": [
"CWE-400",
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<6.14.0"
},
{
"source": 1113715,
"name": "ajv",
"dependency": "ajv",
"title": "ajv has ReDoS when using `$data` option",
"url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6",
"severity": "moderate",
"cwe": [
"CWE-400",
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": ">=7.0.0-alpha.0 <8.18.0"
}
],
"effects": [],
"range": "<6.14.0 || >=7.0.0-alpha.0 <8.18.0",
"nodes": [
"",
""
],
"fixAvailable": true
},
"anymatch": {
"name": "anymatch",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar",
"sane"
],
"range": "1.2.0 - 2.0.0",
"nodes": [
"node_modules/sane/node_modules/anymatch",
"node_modules/watchpack-chokidar2/node_modules/anymatch"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"autoprefixer": {
"name": "autoprefixer",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.0.20131222 - 9.8.8",
"nodes": [
"node_modules/autoprefixer"
],
"fixAvailable": true
},
"bn.js": {
"name": "bn.js",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1113441,
"name": "bn.js",
"dependency": "bn.js",
"title": "bn.js affected by an infinite loop",
"url": "https://github.com/advisories/GHSA-378v-28hj-76wf",
"severity": "moderate",
"cwe": [
"CWE-835"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=5.0.0 <5.2.3"
},
{
"source": 1113442,
"name": "bn.js",
"dependency": "bn.js",
"title": "bn.js affected by an infinite loop",
"url": "https://github.com/advisories/GHSA-378v-28hj-76wf",
"severity": "moderate",
"cwe": [
"CWE-835"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<4.12.3"
}
],
"effects": [],
"range": ">=5.0.0 <5.2.3 || <4.12.3",
"nodes": [
"",
"",
"",
"",
"",
"",
""
],
"fixAvailable": true
},
"body-parser": {
"name": "body-parser",
"severity": "low",
"isDirect": false,
"via": [
"qs"
],
"effects": [],
"range": "1.19.0 - 1.20.3 || 2.0.0-beta.1 - 2.0.2",
"nodes": [
""
],
"fixAvailable": true
},
"brace-expansion": {
"name": "brace-expansion",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1115540,
"name": "brace-expansion",
"dependency": "brace-expansion",
"title": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
"url": "https://github.com/advisories/GHSA-f886-m6hf-6m8v",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
"range": "<1.1.13"
},
{
"source": 1115541,
"name": "brace-expansion",
"dependency": "brace-expansion",
"title": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
"url": "https://github.com/advisories/GHSA-f886-m6hf-6m8v",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
"range": ">=2.0.0 <2.0.3"
}
],
"effects": [],
"range": "<1.1.13 || >=2.0.0 <2.0.3",
"nodes": [
"",
"",
"",
"",
""
],
"fixAvailable": true
},
"braces": {
"name": "braces",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098094,
"name": "braces",
"dependency": "braces",
"title": "Uncontrolled resource consumption in braces",
"url": "https://github.com/advisories/GHSA-grv7-fg5c-xmjg",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-1050"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.3"
}
],
"effects": [
"chokidar",
"micromatch"
],
"range": "<3.0.3",
"nodes": [
"node_modules/cpy/node_modules/braces",
"node_modules/fork-ts-checker-webpack-plugin/node_modules/braces",
"node_modules/jscodeshift/node_modules/braces",
"node_modules/sane/node_modules/braces",
"node_modules/watchpack-chokidar2/node_modules/braces",
"node_modules/webpack/node_modules/braces"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"browserify-sign": {
"name": "browserify-sign",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": ">=2.4.0",
"nodes": [
"",
"node_modules/browserify-sign"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"cacache": {
"name": "cacache",
"severity": "high",
"isDirect": false,
"via": [
"tar"
],
"effects": [
"terser-webpack-plugin"
],
"range": "14.0.0 - 18.0.4",
"nodes": [
"node_modules/cacache"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"chokidar": {
"name": "chokidar",
"severity": "high",
"isDirect": false,
"via": [
"anymatch",
"braces",
"readdirp"
],
"effects": [
"watchpack-chokidar2"
],
"range": "1.3.0 - 2.1.8",
"nodes": [
"node_modules/watchpack-chokidar2/node_modules/chokidar"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"cpy": {
"name": "cpy",
"severity": "moderate",
"isDirect": false,
"via": [
"globby"
],
"effects": [
"@storybook/core-server"
],
"range": "7.0.0 - 8.1.2",
"nodes": [
"node_modules/cpy"
],
"fixAvailable": true
},
"create-ecdh": {
"name": "create-ecdh",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": "*",
"nodes": [
"node_modules/create-ecdh"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"crypto-browserify": {
"name": "crypto-browserify",
"severity": "low",
"isDirect": false,
"via": [
"browserify-sign",
"create-ecdh"
],
"effects": [
"node-libs-browser"
],
"range": ">=3.4.0",
"nodes": [
""
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"css-loader": {
"name": "css-loader",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss",
"postcss-modules-extract-imports",
"postcss-modules-local-by-default",
"postcss-modules-scope",
"postcss-modules-values"
],
"effects": [],
"range": "0.15.0 - 4.3.0",
"nodes": [
"node_modules/css-loader"
],
"fixAvailable": true
},
"editorconfig": {
"name": "editorconfig",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [],
"range": "1.0.3 - 1.0.4 || 2.0.0",
"nodes": [
""
],
"fixAvailable": true
},
"elliptic": {
"name": "elliptic",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1112030,
"name": "elliptic",
"dependency": "elliptic",
"title": "Elliptic Uses a Cryptographic Primitive with a Risky Implementation",
"url": "https://github.com/advisories/GHSA-848j-6mx2-7j84",
"severity": "low",
"cwe": [
"CWE-1240"
],
"cvss": {
"score": 5.6,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
},
"range": "<=6.6.1"
}
],
"effects": [
"browserify-sign",
"create-ecdh"
],
"range": "*",
"nodes": [
"node_modules/elliptic"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"fast-glob": {
"name": "fast-glob",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"globby"
],
"range": "<=2.2.7",
"nodes": [
"node_modules/cpy/node_modules/fast-glob"
],
"fixAvailable": true
},
"flatted": {
"name": "flatted",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1114526,
"name": "flatted",
"dependency": "flatted",
"title": "flatted vulnerable to unbounded recursion DoS in parse() revive phase",
"url": "https://github.com/advisories/GHSA-25h7-pfq9-p65f",
"severity": "high",
"cwe": [
"CWE-674"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.4.0"
},
{
"source": 1115357,
"name": "flatted",
"dependency": "flatted",
"title": "Prototype Pollution via parse() in NodeJS flatted",
"url": "https://github.com/advisories/GHSA-rf6f-7fwh-wjgh",
"severity": "high",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=3.4.1"
}
],
"effects": [],
"range": "<=3.4.1",
"nodes": [
""
],
"fixAvailable": true
},
"fork-ts-checker-webpack-plugin": {
"name": "fork-ts-checker-webpack-plugin",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [],
"range": "0.4.14 - 4.1.6",
"nodes": [
"node_modules/fork-ts-checker-webpack-plugin"
],
"fixAvailable": true
},
"globby": {
"name": "globby",
"severity": "moderate",
"isDirect": false,
"via": [
"fast-glob"
],
"effects": [
"cpy"
],
"range": "8.0.0 - 9.2.0",
"nodes": [
"node_modules/cpy/node_modules/globby"
],
"fixAvailable": true
},
"handlebars": {
"name": "handlebars",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1115538,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block",
"url": "https://github.com/advisories/GHSA-3mfm-83xf-c92r",
"severity": "high",
"cwe": [
"CWE-94",
"CWE-843"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115539,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has JavaScript Injection via AST Type Confusion",
"url": "https://github.com/advisories/GHSA-2w6w-674q-4c4q",
"severity": "critical",
"cwe": [
"CWE-94",
"CWE-843"
],
"cvss": {
"score": 9.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115544,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection",
"url": "https://github.com/advisories/GHSA-2qvq-rjwj-gvw9",
"severity": "moderate",
"cwe": [
"CWE-79",
"CWE-1321"
],
"cvss": {
"score": 4.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": ">=4.0.0 <4.7.9"
},
{
"source": 1115588,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has a Prototype Method Access Control Gap via Missing __lookupSetter__ Blocklist Entry",
"url": "https://github.com/advisories/GHSA-7rx3-28cr-v5wh",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 4.8,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": ">=4.6.0 <=4.7.8"
},
{
"source": 1115589,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has a Property Access Validation Bypass in container.lookup",
"url": "https://github.com/advisories/GHSA-442j-39wm-28r2",
"severity": "low",
"cwe": [
"CWE-367"
],
"cvss": {
"score": 3.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115692,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options",
"url": "https://github.com/advisories/GHSA-xjpj-3mr7-gcpf",
"severity": "high",
"cwe": [
"CWE-79",
"CWE-94",
"CWE-116"
],
"cvss": {
"score": 8.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115693,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial",
"url": "https://github.com/advisories/GHSA-xhpv-hc6g-r9c6",
"severity": "high",
"cwe": [
"CWE-94",
"CWE-843"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.7.8"
},
{
"source": 1115694,
"name": "handlebars",
"dependency": "handlebars",
"title": "Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation",
"url": "https://github.com/advisories/GHSA-9cx6-37pm-9jff",
"severity": "high",
"cwe": [
"CWE-754"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=4.0.0 <=4.7.8"
}
],
"effects": [],
"range": "4.0.0 - 4.7.8",
"nodes": [
""
],
"fixAvailable": true
},
"http-proxy-agent": {
"name": "http-proxy-agent",
"severity": "low",
"isDirect": false,
"via": [
"@tootallnate/once"
],
"effects": [
"jsdom"
],
"range": "4.0.1 - 5.0.0",
"nodes": [
"node_modules/http-proxy-agent"
],
"fixAvailable": {
"name": "jest-environment-jsdom",
"version": "30.3.0",
"isSemVerMajor": true
}
},
"icss-utils": {
"name": "icss-utils",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"css-loader",
"postcss-modules-local-by-default",
"postcss-modules-values"
],
"range": "<=4.1.1",
"nodes": [
"node_modules/icss-utils"
],
"fixAvailable": true
},
"ip": {
"name": "ip",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1101851,
"name": "ip",
"dependency": "ip",
"title": "ip SSRF improper categorization in isPublic",
"url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp",
"severity": "high",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=2.0.1"
}
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/ip"
],
"fixAvailable": true
},
"jest-environment-jsdom": {
"name": "jest-environment-jsdom",
"severity": "low",
"isDirect": true,
"via": [
"jsdom"
],
"effects": [],
"range": "27.0.1 - 30.0.0-rc.1",
"nodes": [
"node_modules/jest-environment-jsdom"
],
"fixAvailable": {
"name": "jest-environment-jsdom",
"version": "30.3.0",
"isSemVerMajor": true
}
},
"jest-haste-map": {
"name": "jest-haste-map",
"severity": "moderate",
"isDirect": false,
"via": [
"sane"
],
"effects": [
"@jest/transform"
],
"range": "24.0.0-alpha.0 - 26.6.2",
"nodes": [
"node_modules/@storybook/addon-docs/node_modules/jest-haste-map"
],
"fixAvailable": true
},
"jscodeshift": {
"name": "jscodeshift",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"vue-docgen-loader"
],
"range": "0.3.20 - 0.13.1",
"nodes": [
"node_modules/jscodeshift"
],
"fixAvailable": true
},
"jsdom": {
"name": "jsdom",
"severity": "low",
"isDirect": false,
"via": [
"http-proxy-agent"
],
"effects": [
"jest-environment-jsdom"
],
"range": "16.6.0 - 22.1.0",
"nodes": [
"node_modules/jsdom"
],
"fixAvailable": {
"name": "jest-environment-jsdom",
"version": "30.3.0",
"isSemVerMajor": true
}
},
"lodash": {
"name": "lodash",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1112455,
"name": "lodash",
"dependency": "lodash",
"title": "Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions",
"url": "https://github.com/advisories/GHSA-xxjr-mmjv-4gpg",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
},
"range": ">=4.0.0 <=4.17.22"
},
{
"source": 1115806,
"name": "lodash",
"dependency": "lodash",
"title": "lodash vulnerable to Code Injection via `_.template` imports key names",
"url": "https://github.com/advisories/GHSA-r5fr-rjxr-66jc",
"severity": "high",
"cwe": [
"CWE-94"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=4.0.0 <=4.17.23"
},
{
"source": 1115810,
"name": "lodash",
"dependency": "lodash",
"title": "lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`",
"url": "https://github.com/advisories/GHSA-f23m-r3pf-42rh",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
},
"range": "<=4.17.23"
}
],
"effects": [],
"range": "<=4.17.23",
"nodes": [
""
],
"fixAvailable": true
},
"meow": {
"name": "meow",
"severity": "high",
"isDirect": false,
"via": [
"trim-newlines"
],
"effects": [],
"range": "3.4.0 - 5.0.0",
"nodes": [
"node_modules/default-browser-id/node_modules/meow"
],
"fixAvailable": true
},
"micromatch": {
"name": "micromatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098681,
"name": "micromatch",
"dependency": "micromatch",
"title": "Regular Expression Denial of Service (ReDoS) in micromatch",
"url": "https://github.com/advisories/GHSA-952p-6rrq-rcjv",
"severity": "moderate",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<4.0.8"
},
"braces"
],
"effects": [
"anymatch",
"fast-glob",
"fork-ts-checker-webpack-plugin",
"jscodeshift",
"readdirp",
"sane",
"webpack"
],
"range": "<=4.0.7",
"nodes": [
"node_modules/cpy/node_modules/micromatch",
"node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch",
"node_modules/jscodeshift/node_modules/micromatch",
"node_modules/sane/node_modules/micromatch",
"node_modules/watchpack-chokidar2/node_modules/micromatch",
"node_modules/webpack/node_modules/micromatch"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"minimatch": {
"name": "minimatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113459,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<3.1.3"
},
{
"source": 1113465,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": ">=9.0.0 <9.0.6"
},
{
"source": 1113538,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
"url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
"severity": "high",
"cwe": [
"CWE-407"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.3"
},
{
"source": 1113544,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
"url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
"severity": "high",
"cwe": [
"CWE-407"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=9.0.0 <9.0.7"
},
{
"source": 1113546,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
"url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.4"
},
{
"source": 1113552,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
"url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=9.0.0 <9.0.7"
}
],
"effects": [
"editorconfig"
],
"range": "<=3.1.3 || 9.0.0 - 9.0.6",
"nodes": [
"",
"",
"",
"",
""
],
"fixAvailable": true
},
"node-libs-browser": {
"name": "node-libs-browser",
"severity": "low",
"isDirect": false,
"via": [
"crypto-browserify"
],
"effects": [
"webpack"
],
"range": "0.4.2 || >=1.0.0",
"nodes": [
"node_modules/node-libs-browser"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"path-to-regexp": {
"name": "path-to-regexp",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1115527,
"name": "path-to-regexp",
"dependency": "path-to-regexp",
"title": "path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters",
"url": "https://github.com/advisories/GHSA-37ch-88jc-xwx2",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<0.1.13"
}
],
"effects": [],
"range": "<0.1.13",
"nodes": [
""
],
"fixAvailable": true
},
"picomatch": {
"name": "picomatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1115549,
"name": "picomatch",
"dependency": "picomatch",
"title": "Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching",
"url": "https://github.com/advisories/GHSA-3v7f-55p6-f55p",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<2.3.2"
},
{
"source": 1115552,
"name": "picomatch",
"dependency": "picomatch",
"title": "Picomatch has a ReDoS vulnerability via extglob quantifiers",
"url": "https://github.com/advisories/GHSA-c2c7-rcm5-vvqj",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<2.3.2"
}
],
"effects": [],
"range": "<=2.3.1",
"nodes": [
""
],
"fixAvailable": true
},
"postcss": {
"name": "postcss",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1109574,
"name": "postcss",
"dependency": "postcss",
"title": "PostCSS line return parsing error",
"url": "https://github.com/advisories/GHSA-7fh5-64p2-3v2j",
"severity": "moderate",
"cwe": [
"CWE-74",
"CWE-144"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<8.4.31"
},
{
"source": 1117015,
"name": "postcss",
"dependency": "postcss",
"title": "PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
"url": "https://github.com/advisories/GHSA-qx2v-qp2m-jg93",
"severity": "moderate",
"cwe": [
"CWE-79"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<8.5.10"
}
],
"effects": [
"@storybook/builder-webpack4",
"autoprefixer",
"css-loader",
"icss-utils",
"postcss-flexbugs-fixes",
"postcss-modules-extract-imports",
"postcss-modules-local-by-default",
"postcss-modules-scope",
"postcss-modules-values"
],
"range": "<=8.5.9",
"nodes": [
"",
"node_modules/@storybook/builder-webpack4/node_modules/postcss",
"node_modules/autoprefixer/node_modules/postcss",
"node_modules/css-loader/node_modules/postcss",
"node_modules/icss-utils/node_modules/postcss",
"node_modules/postcss-flexbugs-fixes/node_modules/postcss",
"node_modules/postcss-modules-extract-imports/node_modules/postcss",
"node_modules/postcss-modules-local-by-default/node_modules/postcss",
"node_modules/postcss-modules-scope/node_modules/postcss",
"node_modules/postcss-modules-values/node_modules/postcss"
],
"fixAvailable": false
},
"postcss-flexbugs-fixes": {
"name": "postcss-flexbugs-fixes",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.2.1",
"nodes": [
"node_modules/postcss-flexbugs-fixes"
],
"fixAvailable": true
},
"postcss-modules-extract-imports": {
"name": "postcss-modules-extract-imports",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.0.0",
"nodes": [
"node_modules/postcss-modules-extract-imports"
],
"fixAvailable": true
},
"postcss-modules-local-by-default": {
"name": "postcss-modules-local-by-default",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss"
],
"effects": [],
"range": "<=4.0.0-rc.4",
"nodes": [
"node_modules/postcss-modules-local-by-default"
],
"fixAvailable": true
},
"postcss-modules-scope": {
"name": "postcss-modules-scope",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.2.0",
"nodes": [
"node_modules/postcss-modules-scope"
],
"fixAvailable": true
},
"postcss-modules-values": {
"name": "postcss-modules-values",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss"
],
"effects": [
"css-loader"
],
"range": "<=4.0.0-rc.5",
"nodes": [
"node_modules/postcss-modules-values"
],
"fixAvailable": true
},
"qs": {
"name": "qs",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1113161,
"name": "qs",
"dependency": "qs",
"title": "qs's arrayLimit bypass in comma parsing allows denial of service",
"url": "https://github.com/advisories/GHSA-w7fw-mjwx-w883",
"severity": "low",
"cwe": [
"CWE-20"
],
"cvss": {
"score": 3.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=6.7.0 <=6.14.1"
},
{
"source": 1113719,
"name": "qs",
"dependency": "qs",
"title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion",
"url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p",
"severity": "moderate",
"cwe": [
"CWE-20"
],
"cvss": {
"score": 3.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<6.14.1"
}
],
"effects": [
"body-parser"
],
"range": "<=6.14.1",
"nodes": [
"",
"node_modules/qs"
],
"fixAvailable": true
},
"readdirp": {
"name": "readdirp",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar"
],
"range": "2.2.0 - 2.2.1",
"nodes": [
"node_modules/watchpack-chokidar2/node_modules/readdirp"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"remark-mdx": {
"name": "remark-mdx",
"severity": "high",
"isDirect": false,
"via": [
"remark-parse"
],
"effects": [
"@mdx-js/mdx"
],
"range": "<=1.6.22",
"nodes": [
"node_modules/remark-mdx"
],
"fixAvailable": true
},
"remark-parse": {
"name": "remark-parse",
"severity": "high",
"isDirect": false,
"via": [
"trim"
],
"effects": [
"@mdx-js/mdx",
"remark-mdx"
],
"range": "<=8.0.3",
"nodes": [
"node_modules/remark-parse"
],
"fixAvailable": true
},
"sane": {
"name": "sane",
"severity": "moderate",
"isDirect": false,
"via": [
"anymatch",
"micromatch"
],
"effects": [
"jest-haste-map"
],
"range": "1.5.0 - 4.1.0",
"nodes": [
"node_modules/sane"
],
"fixAvailable": true
},
"serialize-javascript": {
"name": "serialize-javascript",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113686,
"name": "serialize-javascript",
"dependency": "serialize-javascript",
"title": "Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()",
"url": "https://github.com/advisories/GHSA-5c6j-r48x-rmvq",
"severity": "high",
"cwe": [
"CWE-96"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=7.0.2"
},
{
"source": 1115723,
"name": "serialize-javascript",
"dependency": "serialize-javascript",
"title": "Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects",
"url": "https://github.com/advisories/GHSA-qj8w-gfj5-8c6v",
"severity": "moderate",
"cwe": [
"CWE-400",
"CWE-834"
],
"cvss": {
"score": 5.9,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<7.0.5"
}
],
"effects": [
"terser-webpack-plugin"
],
"range": "<=7.0.4",
"nodes": [
"node_modules/serialize-javascript",
"node_modules/webpack/node_modules/serialize-javascript"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"tar": {
"name": "tar",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1112659,
"name": "tar",
"dependency": "tar",
"title": "node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal",
"url": "https://github.com/advisories/GHSA-34x7-hfp2-rc4v",
"severity": "high",
"cwe": [
"CWE-22",
"CWE-59"
],
"cvss": {
"score": 8.2,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"
},
"range": "<7.5.7"
},
{
"source": 1113300,
"name": "tar",
"dependency": "tar",
"title": "node-tar is Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path Sanitization",
"url": "https://github.com/advisories/GHSA-8qq5-rm4j-mr97",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=7.5.2"
},
{
"source": 1113375,
"name": "tar",
"dependency": "tar",
"title": "Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in node-tar Extraction",
"url": "https://github.com/advisories/GHSA-83g3-92jg-28cx",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 7.1,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"
},
"range": "<7.5.8"
},
{
"source": 1114200,
"name": "tar",
"dependency": "tar",
"title": "tar has Hardlink Path Traversal via Drive-Relative Linkpath",
"url": "https://github.com/advisories/GHSA-qffp-2rhf-9h96",
"severity": "high",
"cwe": [
"CWE-22",
"CWE-59"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=7.5.9"
},
{
"source": 1114302,
"name": "tar",
"dependency": "tar",
"title": "node-tar Symlink Path Traversal via Drive-Relative Linkpath",
"url": "https://github.com/advisories/GHSA-9ppj-qmqm-q256",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=7.5.10"
},
{
"source": 1114680,
"name": "tar",
"dependency": "tar",
"title": "Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS",
"url": "https://github.com/advisories/GHSA-r6q2-hw4h-h46w",
"severity": "high",
"cwe": [
"CWE-176",
"CWE-367"
],
"cvss": {
"score": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L"
},
"range": "<=7.5.3"
}
],
"effects": [
"cacache"
],
"range": "<=7.5.10",
"nodes": [
"node_modules/tar"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"terser-webpack-plugin": {
"name": "terser-webpack-plugin",
"severity": "high",
"isDirect": false,
"via": [
"cacache",
"serialize-javascript"
],
"effects": [
"webpack"
],
"range": "<=5.3.16",
"nodes": [
"node_modules/terser-webpack-plugin",
"node_modules/webpack/node_modules/terser-webpack-plugin"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"trim": {
"name": "trim",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1089867,
"name": "trim",
"dependency": "trim",
"title": "Regular Expression Denial of Service in trim",
"url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<0.0.3"
}
],
"effects": [
"remark-parse"
],
"range": "<0.0.3",
"nodes": [
"node_modules/trim"
],
"fixAvailable": true
},
"trim-newlines": {
"name": "trim-newlines",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095100,
"name": "trim-newlines",
"dependency": "trim-newlines",
"title": "Uncontrolled Resource Consumption in trim-newlines",
"url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.1"
}
],
"effects": [
"meow"
],
"range": "<3.0.1",
"nodes": [
"node_modules/trim-newlines"
],
"fixAvailable": true
},
"uuid": {
"name": "uuid",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1116970,
"name": "uuid",
"dependency": "uuid",
"title": "uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided",
"url": "https://github.com/advisories/GHSA-w5hq-g745-h8pq",
"severity": "moderate",
"cwe": [
"CWE-787",
"CWE-1285"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<14.0.0"
}
],
"effects": [
"webpack-log"
],
"range": "<14.0.0",
"nodes": [
"node_modules/uuid"
],
"fixAvailable": false
},
"vue-docgen-loader": {
"name": "vue-docgen-loader",
"severity": "moderate",
"isDirect": false,
"via": [
"jscodeshift"
],
"effects": [],
"range": "1.3.0-beta.0 - 2.0.0",
"nodes": [
"node_modules/vue-docgen-loader"
],
"fixAvailable": true
},
"watchpack": {
"name": "watchpack",
"severity": "high",
"isDirect": false,
"via": [
"watchpack-chokidar2"
],
"effects": [
"webpack"
],
"range": "1.7.2 - 1.7.5",
"nodes": [
"node_modules/webpack/node_modules/watchpack"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"watchpack-chokidar2": {
"name": "watchpack-chokidar2",
"severity": "high",
"isDirect": false,
"via": [
"chokidar"
],
"effects": [
"watchpack"
],
"range": "*",
"nodes": [
"node_modules/watchpack-chokidar2"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"webpack": {
"name": "webpack",
"severity": "high",
"isDirect": false,
"via": [
"micromatch",
"node-libs-browser",
"terser-webpack-plugin",
"watchpack"
],
"effects": [
"@storybook/core-common"
],
"range": "2.0.0-beta - 5.1.0",
"nodes": [
"node_modules/webpack"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.6.14",
"isSemVerMajor": true
}
},
"webpack-dev-middleware": {
"name": "webpack-dev-middleware",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1096729,
"name": "webpack-dev-middleware",
"dependency": "webpack-dev-middleware",
"title": "Path traversal in webpack-dev-middleware",
"url": "https://github.com/advisories/GHSA-wr3j-pwj9-hqq6",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 7.4,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"
},
"range": "<=5.3.3"
},
"webpack-log"
],
"effects": [
"@storybook/manager-webpack4"
],
"range": "<=5.3.3",
"nodes": [
"node_modules/webpack-dev-middleware"
],
"fixAvailable": false
},
"webpack-log": {
"name": "webpack-log",
"severity": "moderate",
"isDirect": false,
"via": [
"uuid"
],
"effects": [
"webpack-dev-middleware"
],
"range": "1.1.0 - 2.0.0",
"nodes": [
"node_modules/webpack-log"
],
"fixAvailable": false
},
"yaml": {
"name": "yaml",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1115555,
"name": "yaml",
"dependency": "yaml",
"title": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections",
"url": "https://github.com/advisories/GHSA-48c2-rrv3-qjmp",
"severity": "moderate",
"cwe": [
"CWE-674"
],
"cvss": {
"score": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=1.0.0 <1.10.3"
},
{
"source": 1115556,
"name": "yaml",
"dependency": "yaml",
"title": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections",
"url": "https://github.com/advisories/GHSA-48c2-rrv3-qjmp",
"severity": "moderate",
"cwe": [
"CWE-674"
],
"cvss": {
"score": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=2.0.0 <2.8.3"
}
],
"effects": [],
"range": "1.0.0 - 1.10.2 || 2.0.0 - 2.8.2",
"nodes": [
"",
""
],
"fixAvailable": true
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 10,
"moderate": 37,
"high": 32,
"critical": 1,
"total": 80
},
"dependencies": {
"prod": 1,
"dev": 2428,
"optional": 66,
"peer": 0,
"peerOptional": 0,
"total": 2428
}
}
}
}
--- end ---
{"added": 2428, "removed": 0, "changed": 0, "audited": 2429, "funding": 339, "audit": {"auditReportVersion": 2, "vulnerabilities": {"@babel/runtime": {"name": "@babel/runtime", "severity": "moderate", "isDirect": false, "via": [{"source": 1104000, "name": "@babel/runtime", "dependency": "@babel/runtime", "title": "Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups", "url": "https://github.com/advisories/GHSA-968p-4wvh-cqc8", "severity": "moderate", "cwe": ["CWE-1333"], "cvss": {"score": 6.2, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<7.26.10"}], "effects": ["@devtools-ds/object-inspector", "@devtools-ds/object-parser", "@devtools-ds/themes", "@devtools-ds/tree"], "range": "<7.26.10", "nodes": ["node_modules/@devtools-ds/object-inspector/node_modules/@babel/runtime", "node_modules/@devtools-ds/object-parser/node_modules/@babel/runtime", "node_modules/@devtools-ds/themes/node_modules/@babel/runtime", "node_modules/@devtools-ds/tree/node_modules/@babel/runtime"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "@devtools-ds/object-inspector": {"name": "@devtools-ds/object-inspector", "severity": "moderate", "isDirect": false, "via": ["@babel/runtime", "@devtools-ds/object-parser", "@devtools-ds/themes", "@devtools-ds/tree"], "effects": ["@storybook/addon-interactions"], "range": "*", "nodes": ["node_modules/@devtools-ds/object-inspector"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "@devtools-ds/object-parser": {"name": "@devtools-ds/object-parser", "severity": "moderate", "isDirect": false, "via": ["@babel/runtime"], "effects": [], "range": "*", "nodes": ["node_modules/@devtools-ds/object-parser"], "fixAvailable": true}, "@devtools-ds/themes": {"name": "@devtools-ds/themes", "severity": "moderate", "isDirect": false, "via": ["@babel/runtime"], "effects": [], "range": "*", "nodes": ["node_modules/@devtools-ds/themes"], "fixAvailable": true}, "@devtools-ds/tree": {"name": "@devtools-ds/tree", "severity": "moderate", "isDirect": false, "via": ["@babel/runtime", "@devtools-ds/themes"], "effects": [], "range": "*", "nodes": ["node_modules/@devtools-ds/tree"], "fixAvailable": true}, "@jest/transform": {"name": "@jest/transform", "severity": "moderate", "isDirect": false, "via": ["jest-haste-map"], "effects": ["@storybook/addon-docs"], "range": "<=26.6.2", "nodes": ["node_modules/@storybook/addon-docs/node_modules/@jest/transform"], "fixAvailable": true}, "@mdx-js/mdx": {"name": "@mdx-js/mdx", "severity": "high", "isDirect": false, "via": ["remark-mdx", "remark-parse"], "effects": ["@storybook/mdx1-csf"], "range": "<=1.6.22", "nodes": ["node_modules/@mdx-js/mdx"], "fixAvailable": true}, "@storybook/addon-controls": {"name": "@storybook/addon-controls", "severity": "moderate", "isDirect": false, "via": ["@storybook/core-common"], "effects": ["@storybook/addon-essentials"], "range": "6.4.0-alpha.0 - 6.5.17-alpha.0", "nodes": ["node_modules/@storybook/addon-controls"], "fixAvailable": {"name": "@storybook/addon-essentials", "version": "8.6.14", "isSemVerMajor": true}}, "@storybook/addon-docs": {"name": "@storybook/addon-docs", "severity": "high", "isDirect": false, "via": ["@jest/transform", "@storybook/core-common", "@storybook/mdx1-csf"], "effects": [], "range": "5.3.0-alpha.0 - 7.0.3 || 7.1.0-alpha.0 - 7.1.0-rc.2", "nodes": ["node_modules/@storybook/addon-docs"], "fixAvailable": true}, "@storybook/addon-essentials": {"name": "@storybook/addon-essentials", "severity": "moderate", "isDirect": true, "via": ["@storybook/addon-controls", "@storybook/addon-docs", "@storybook/core-common"], "effects": [], "range": "6.4.0-alpha.0 - 6.5.17-alpha.0", "nodes": ["node_modules/@storybook/addon-essentials"], "fixAvailable": {"name": "@storybook/addon-essentials", "version": "8.6.14", "isSemVerMajor": true}}, "@storybook/addon-interactions": {"name": "@storybook/addon-interactions", "severity": "moderate", "isDirect": true, "via": ["@devtools-ds/object-inspector", "@storybook/core-common"], "effects": [], "range": "<=7.0.0-rc.11", "nodes": ["node_modules/@storybook/addon-interactions"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "@storybook/builder-webpack4": {"name": "@storybook/builder-webpack4", "severity": "high", "isDirect": true, "via": ["@storybook/core-common", "autoprefixer", "css-loader", "fork-ts-checker-webpack-plugin", "postcss", "postcss-flexbugs-fixes", "terser-webpack-plugin", "webpack", "webpack-dev-middleware"], "effects": ["@storybook/core-server"], "range": "*", "nodes": ["node_modules/@storybook/builder-webpack4"], "fixAvailable": false}, "@storybook/core": {"name": "@storybook/core", "severity": "high", "isDirect": false, "via": ["@storybook/core-server"], "effects": [], "range": "6.2.0-alpha.0 - 6.5.17-alpha.0", "nodes": ["node_modules/@storybook/core"], "fixAvailable": true}, "@storybook/core-common": {"name": "@storybook/core-common", "severity": "moderate", "isDirect": false, "via": ["webpack"], "effects": ["@storybook/addon-controls", "@storybook/addon-docs", "@storybook/addon-essentials", "@storybook/addon-interactions", "@storybook/telemetry", "@storybook/vue3"], "range": "<=6.5.17-alpha.0", "nodes": ["node_modules/@storybook/core-common"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "@storybook/core-server": {"name": "@storybook/core-server", "severity": "high", "isDirect": false, "via": ["@storybook/builder-webpack4", "@storybook/core-common", "@storybook/csf-tools", "@storybook/manager-webpack4", "@storybook/telemetry", "cpy", "ip", "webpack"], "effects": ["@storybook/core"], "range": "<=7.6.19 || 8.0.0-alpha.0 - 8.1.5 || 8.2.0-alpha.0 - 8.2.0-beta.3", "nodes": ["node_modules/@storybook/core-server"], "fixAvailable": true}, "@storybook/csf-tools": {"name": "@storybook/csf-tools", "severity": "high", "isDirect": false, "via": ["@storybook/mdx1-csf"], "effects": [], "range": "6.5.0-alpha.1 - 6.5.17-alpha.0", "nodes": ["node_modules/@storybook/csf-tools"], "fixAvailable": true}, "@storybook/manager-webpack4": {"name": "@storybook/manager-webpack4", "severity": "high", "isDirect": true, "via": ["@storybook/core-common", "css-loader", "terser-webpack-plugin", "webpack", "webpack-dev-middleware"], "effects": ["@storybook/core-server"], "range": "*", "nodes": ["node_modules/@storybook/manager-webpack4"], "fixAvailable": false}, "@storybook/mdx1-csf": {"name": "@storybook/mdx1-csf", "severity": "high", "isDirect": false, "via": ["@mdx-js/mdx"], "effects": ["@storybook/addon-docs", "@storybook/csf-tools"], "range": "*", "nodes": ["node_modules/@storybook/mdx1-csf"], "fixAvailable": true}, "@storybook/telemetry": {"name": "@storybook/telemetry", "severity": "moderate", "isDirect": false, "via": ["@storybook/core-common"], "effects": ["@storybook/core-server"], "range": "<=6.5.17-alpha.0", "nodes": ["node_modules/@storybook/telemetry"], "fixAvailable": true}, "@storybook/vue3": {"name": "@storybook/vue3", "severity": "high", "isDirect": true, "via": ["@storybook/core", "@storybook/core-common", "vue-docgen-loader"], "effects": [], "range": "<=6.5.17-alpha.0", "nodes": ["node_modules/@storybook/vue3"], "fixAvailable": {"name": "@storybook/vue3", "version": "10.3.6", "isSemVerMajor": true}}, "@tootallnate/once": {"name": "@tootallnate/once", "severity": "low", "isDirect": false, "via": [{"source": 1113977, "name": "@tootallnate/once", "dependency": "@tootallnate/once", "title": "@tootallnate/once vulnerable to Incorrect Control Flow Scoping", "url": "https://github.com/advisories/GHSA-vpq2-c234-7xj6", "severity": "low", "cwe": ["CWE-705"], "cvss": {"score": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}, "range": "<3.0.1"}], "effects": ["http-proxy-agent"], "range": "<3.0.1", "nodes": ["node_modules/@tootallnate/once"], "fixAvailable": {"name": "jest-environment-jsdom", "version": "30.3.0", "isSemVerMajor": true}}, "ajv": {"name": "ajv", "severity": "moderate", "isDirect": false, "via": [{"source": 1113714, "name": "ajv", "dependency": "ajv", "title": "ajv has ReDoS when using `$data` option", "url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6", "severity": "moderate", "cwe": ["CWE-400", "CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": "<6.14.0"}, {"source": 1113715, "name": "ajv", "dependency": "ajv", "title": "ajv has ReDoS when using `$data` option", "url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6", "severity": "moderate", "cwe": ["CWE-400", "CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": ">=7.0.0-alpha.0 <8.18.0"}], "effects": [], "range": "<6.14.0 || >=7.0.0-alpha.0 <8.18.0", "nodes": ["", ""], "fixAvailable": true}, "anymatch": {"name": "anymatch", "severity": "moderate", "isDirect": false, "via": ["micromatch"], "effects": ["chokidar", "sane"], "range": "1.2.0 - 2.0.0", "nodes": ["node_modules/sane/node_modules/anymatch", "node_modules/watchpack-chokidar2/node_modules/anymatch"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "autoprefixer": {"name": "autoprefixer", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "1.0.20131222 - 9.8.8", "nodes": ["node_modules/autoprefixer"], "fixAvailable": true}, "bn.js": {"name": "bn.js", "severity": "moderate", "isDirect": false, "via": [{"source": 1113441, "name": "bn.js", "dependency": "bn.js", "title": "bn.js affected by an infinite loop", "url": "https://github.com/advisories/GHSA-378v-28hj-76wf", "severity": "moderate", "cwe": ["CWE-835"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": ">=5.0.0 <5.2.3"}, {"source": 1113442, "name": "bn.js", "dependency": "bn.js", "title": "bn.js affected by an infinite loop", "url": "https://github.com/advisories/GHSA-378v-28hj-76wf", "severity": "moderate", "cwe": ["CWE-835"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<4.12.3"}], "effects": [], "range": ">=5.0.0 <5.2.3 || <4.12.3", "nodes": ["", "", "", "", "", "", ""], "fixAvailable": true}, "body-parser": {"name": "body-parser", "severity": "low", "isDirect": false, "via": ["qs"], "effects": [], "range": "1.19.0 - 1.20.3 || 2.0.0-beta.1 - 2.0.2", "nodes": [""], "fixAvailable": true}, "brace-expansion": {"name": "brace-expansion", "severity": "moderate", "isDirect": false, "via": [{"source": 1115540, "name": "brace-expansion", "dependency": "brace-expansion", "title": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion", "url": "https://github.com/advisories/GHSA-f886-m6hf-6m8v", "severity": "moderate", "cwe": ["CWE-400"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "range": "<1.1.13"}, {"source": 1115541, "name": "brace-expansion", "dependency": "brace-expansion", "title": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion", "url": "https://github.com/advisories/GHSA-f886-m6hf-6m8v", "severity": "moderate", "cwe": ["CWE-400"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "range": ">=2.0.0 <2.0.3"}], "effects": [], "range": "<1.1.13 || >=2.0.0 <2.0.3", "nodes": ["", "", "", "", ""], "fixAvailable": true}, "braces": {"name": "braces", "severity": "high", "isDirect": false, "via": [{"source": 1098094, "name": "braces", "dependency": "braces", "title": "Uncontrolled resource consumption in braces", "url": "https://github.com/advisories/GHSA-grv7-fg5c-xmjg", "severity": "high", "cwe": ["CWE-400", "CWE-1050"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.3"}], "effects": ["chokidar", "micromatch"], "range": "<3.0.3", "nodes": ["node_modules/cpy/node_modules/braces", "node_modules/fork-ts-checker-webpack-plugin/node_modules/braces", "node_modules/jscodeshift/node_modules/braces", "node_modules/sane/node_modules/braces", "node_modules/watchpack-chokidar2/node_modules/braces", "node_modules/webpack/node_modules/braces"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "browserify-sign": {"name": "browserify-sign", "severity": "low", "isDirect": false, "via": ["elliptic"], "effects": ["crypto-browserify"], "range": ">=2.4.0", "nodes": ["", "node_modules/browserify-sign"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "cacache": {"name": "cacache", "severity": "high", "isDirect": false, "via": ["tar"], "effects": ["terser-webpack-plugin"], "range": "14.0.0 - 18.0.4", "nodes": ["node_modules/cacache"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "chokidar": {"name": "chokidar", "severity": "high", "isDirect": false, "via": ["anymatch", "braces", "readdirp"], "effects": ["watchpack-chokidar2"], "range": "1.3.0 - 2.1.8", "nodes": ["node_modules/watchpack-chokidar2/node_modules/chokidar"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "cpy": {"name": "cpy", "severity": "moderate", "isDirect": false, "via": ["globby"], "effects": ["@storybook/core-server"], "range": "7.0.0 - 8.1.2", "nodes": ["node_modules/cpy"], "fixAvailable": true}, "create-ecdh": {"name": "create-ecdh", "severity": "low", "isDirect": false, "via": ["elliptic"], "effects": ["crypto-browserify"], "range": "*", "nodes": ["node_modules/create-ecdh"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "crypto-browserify": {"name": "crypto-browserify", "severity": "low", "isDirect": false, "via": ["browserify-sign", "create-ecdh"], "effects": ["node-libs-browser"], "range": ">=3.4.0", "nodes": [""], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "css-loader": {"name": "css-loader", "severity": "moderate", "isDirect": false, "via": ["icss-utils", "postcss", "postcss-modules-extract-imports", "postcss-modules-local-by-default", "postcss-modules-scope", "postcss-modules-values"], "effects": [], "range": "0.15.0 - 4.3.0", "nodes": ["node_modules/css-loader"], "fixAvailable": true}, "editorconfig": {"name": "editorconfig", "severity": "high", "isDirect": false, "via": ["minimatch"], "effects": [], "range": "1.0.3 - 1.0.4 || 2.0.0", "nodes": [""], "fixAvailable": true}, "elliptic": {"name": "elliptic", "severity": "low", "isDirect": false, "via": [{"source": 1112030, "name": "elliptic", "dependency": "elliptic", "title": "Elliptic Uses a Cryptographic Primitive with a Risky Implementation", "url": "https://github.com/advisories/GHSA-848j-6mx2-7j84", "severity": "low", "cwe": ["CWE-1240"], "cvss": {"score": 5.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "range": "<=6.6.1"}], "effects": ["browserify-sign", "create-ecdh"], "range": "*", "nodes": ["node_modules/elliptic"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "fast-glob": {"name": "fast-glob", "severity": "moderate", "isDirect": false, "via": ["micromatch"], "effects": ["globby"], "range": "<=2.2.7", "nodes": ["node_modules/cpy/node_modules/fast-glob"], "fixAvailable": true}, "flatted": {"name": "flatted", "severity": "high", "isDirect": false, "via": [{"source": 1114526, "name": "flatted", "dependency": "flatted", "title": "flatted vulnerable to unbounded recursion DoS in parse() revive phase", "url": "https://github.com/advisories/GHSA-25h7-pfq9-p65f", "severity": "high", "cwe": ["CWE-674"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.4.0"}, {"source": 1115357, "name": "flatted", "dependency": "flatted", "title": "Prototype Pollution via parse() in NodeJS flatted", "url": "https://github.com/advisories/GHSA-rf6f-7fwh-wjgh", "severity": "high", "cwe": ["CWE-1321"], "cvss": {"score": 0, "vectorString": null}, "range": "<=3.4.1"}], "effects": [], "range": "<=3.4.1", "nodes": [""], "fixAvailable": true}, "fork-ts-checker-webpack-plugin": {"name": "fork-ts-checker-webpack-plugin", "severity": "moderate", "isDirect": false, "via": ["micromatch"], "effects": [], "range": "0.4.14 - 4.1.6", "nodes": ["node_modules/fork-ts-checker-webpack-plugin"], "fixAvailable": true}, "globby": {"name": "globby", "severity": "moderate", "isDirect": false, "via": ["fast-glob"], "effects": ["cpy"], "range": "8.0.0 - 9.2.0", "nodes": ["node_modules/cpy/node_modules/globby"], "fixAvailable": true}, "handlebars": {"name": "handlebars", "severity": "critical", "isDirect": false, "via": [{"source": 1115538, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block", "url": "https://github.com/advisories/GHSA-3mfm-83xf-c92r", "severity": "high", "cwe": ["CWE-94", "CWE-843"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": ">=4.0.0 <=4.7.8"}, {"source": 1115539, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has JavaScript Injection via AST Type Confusion", "url": "https://github.com/advisories/GHSA-2w6w-674q-4c4q", "severity": "critical", "cwe": ["CWE-94", "CWE-843"], "cvss": {"score": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": ">=4.0.0 <=4.7.8"}, {"source": 1115544, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection", "url": "https://github.com/advisories/GHSA-2qvq-rjwj-gvw9", "severity": "moderate", "cwe": ["CWE-79", "CWE-1321"], "cvss": {"score": 4.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "range": ">=4.0.0 <4.7.9"}, {"source": 1115588, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has a Prototype Method Access Control Gap via Missing __lookupSetter__ Blocklist Entry", "url": "https://github.com/advisories/GHSA-7rx3-28cr-v5wh", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 4.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}, "range": ">=4.6.0 <=4.7.8"}, {"source": 1115589, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has a Property Access Validation Bypass in container.lookup", "url": "https://github.com/advisories/GHSA-442j-39wm-28r2", "severity": "low", "cwe": ["CWE-367"], "cvss": {"score": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "range": ">=4.0.0 <=4.7.8"}, {"source": 1115692, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options", "url": "https://github.com/advisories/GHSA-xjpj-3mr7-gcpf", "severity": "high", "cwe": ["CWE-79", "CWE-94", "CWE-116"], "cvss": {"score": 8.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}, "range": ">=4.0.0 <=4.7.8"}, {"source": 1115693, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial", "url": "https://github.com/advisories/GHSA-xhpv-hc6g-r9c6", "severity": "high", "cwe": ["CWE-94", "CWE-843"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": ">=4.0.0 <=4.7.8"}, {"source": 1115694, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation", "url": "https://github.com/advisories/GHSA-9cx6-37pm-9jff", "severity": "high", "cwe": ["CWE-754"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=4.0.0 <=4.7.8"}], "effects": [], "range": "4.0.0 - 4.7.8", "nodes": [""], "fixAvailable": true}, "http-proxy-agent": {"name": "http-proxy-agent", "severity": "low", "isDirect": false, "via": ["@tootallnate/once"], "effects": ["jsdom"], "range": "4.0.1 - 5.0.0", "nodes": ["node_modules/http-proxy-agent"], "fixAvailable": {"name": "jest-environment-jsdom", "version": "30.3.0", "isSemVerMajor": true}}, "icss-utils": {"name": "icss-utils", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["css-loader", "postcss-modules-local-by-default", "postcss-modules-values"], "range": "<=4.1.1", "nodes": ["node_modules/icss-utils"], "fixAvailable": true}, "ip": {"name": "ip", "severity": "high", "isDirect": false, "via": [{"source": 1101851, "name": "ip", "dependency": "ip", "title": "ip SSRF improper categorization in isPublic", "url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp", "severity": "high", "cwe": ["CWE-918"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": "<=2.0.1"}], "effects": ["@storybook/core-server"], "range": "*", "nodes": ["node_modules/ip"], "fixAvailable": true}, "jest-environment-jsdom": {"name": "jest-environment-jsdom", "severity": "low", "isDirect": true, "via": ["jsdom"], "effects": [], "range": "27.0.1 - 30.0.0-rc.1", "nodes": ["node_modules/jest-environment-jsdom"], "fixAvailable": {"name": "jest-environment-jsdom", "version": "30.3.0", "isSemVerMajor": true}}, "jest-haste-map": {"name": "jest-haste-map", "severity": "moderate", "isDirect": false, "via": ["sane"], "effects": ["@jest/transform"], "range": "24.0.0-alpha.0 - 26.6.2", "nodes": ["node_modules/@storybook/addon-docs/node_modules/jest-haste-map"], "fixAvailable": true}, "jscodeshift": {"name": "jscodeshift", "severity": "moderate", "isDirect": false, "via": ["micromatch"], "effects": ["vue-docgen-loader"], "range": "0.3.20 - 0.13.1", "nodes": ["node_modules/jscodeshift"], "fixAvailable": true}, "jsdom": {"name": "jsdom", "severity": "low", "isDirect": false, "via": ["http-proxy-agent"], "effects": ["jest-environment-jsdom"], "range": "16.6.0 - 22.1.0", "nodes": ["node_modules/jsdom"], "fixAvailable": {"name": "jest-environment-jsdom", "version": "30.3.0", "isSemVerMajor": true}}, "lodash": {"name": "lodash", "severity": "high", "isDirect": false, "via": [{"source": 1112455, "name": "lodash", "dependency": "lodash", "title": "Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions", "url": "https://github.com/advisories/GHSA-xxjr-mmjv-4gpg", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "range": ">=4.0.0 <=4.17.22"}, {"source": 1115806, "name": "lodash", "dependency": "lodash", "title": "lodash vulnerable to Code Injection via `_.template` imports key names", "url": "https://github.com/advisories/GHSA-r5fr-rjxr-66jc", "severity": "high", "cwe": ["CWE-94"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": ">=4.0.0 <=4.17.23"}, {"source": 1115810, "name": "lodash", "dependency": "lodash", "title": "lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`", "url": "https://github.com/advisories/GHSA-f23m-r3pf-42rh", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "range": "<=4.17.23"}], "effects": [], "range": "<=4.17.23", "nodes": [""], "fixAvailable": true}, "meow": {"name": "meow", "severity": "high", "isDirect": false, "via": ["trim-newlines"], "effects": [], "range": "3.4.0 - 5.0.0", "nodes": ["node_modules/default-browser-id/node_modules/meow"], "fixAvailable": true}, "micromatch": {"name": "micromatch", "severity": "high", "isDirect": false, "via": [{"source": 1098681, "name": "micromatch", "dependency": "micromatch", "title": "Regular Expression Denial of Service (ReDoS) in micromatch", "url": "https://github.com/advisories/GHSA-952p-6rrq-rcjv", "severity": "moderate", "cwe": ["CWE-1333"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<4.0.8"}, "braces"], "effects": ["anymatch", "fast-glob", "fork-ts-checker-webpack-plugin", "jscodeshift", "readdirp", "sane", "webpack"], "range": "<=4.0.7", "nodes": ["node_modules/cpy/node_modules/micromatch", "node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch", "node_modules/jscodeshift/node_modules/micromatch", "node_modules/sane/node_modules/micromatch", "node_modules/watchpack-chokidar2/node_modules/micromatch", "node_modules/webpack/node_modules/micromatch"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "minimatch": {"name": "minimatch", "severity": "high", "isDirect": false, "via": [{"source": 1113459, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern", "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": "<3.1.3"}, {"source": 1113465, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern", "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": ">=9.0.0 <9.0.6"}, {"source": 1113538, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments", "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj", "severity": "high", "cwe": ["CWE-407"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.1.3"}, {"source": 1113544, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments", "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj", "severity": "high", "cwe": ["CWE-407"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=9.0.0 <9.0.7"}, {"source": 1113546, "name": "minimatch", "dependency": "minimatch", "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions", "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.1.4"}, {"source": 1113552, "name": "minimatch", "dependency": "minimatch", "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions", "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=9.0.0 <9.0.7"}], "effects": ["editorconfig"], "range": "<=3.1.3 || 9.0.0 - 9.0.6", "nodes": ["", "", "", "", ""], "fixAvailable": true}, "node-libs-browser": {"name": "node-libs-browser", "severity": "low", "isDirect": false, "via": ["crypto-browserify"], "effects": ["webpack"], "range": "0.4.2 || >=1.0.0", "nodes": ["node_modules/node-libs-browser"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "path-to-regexp": {"name": "path-to-regexp", "severity": "high", "isDirect": false, "via": [{"source": 1115527, "name": "path-to-regexp", "dependency": "path-to-regexp", "title": "path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters", "url": "https://github.com/advisories/GHSA-37ch-88jc-xwx2", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.1.13"}], "effects": [], "range": "<0.1.13", "nodes": [""], "fixAvailable": true}, "picomatch": {"name": "picomatch", "severity": "high", "isDirect": false, "via": [{"source": 1115549, "name": "picomatch", "dependency": "picomatch", "title": "Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching", "url": "https://github.com/advisories/GHSA-3v7f-55p6-f55p", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "range": "<2.3.2"}, {"source": 1115552, "name": "picomatch", "dependency": "picomatch", "title": "Picomatch has a ReDoS vulnerability via extglob quantifiers", "url": "https://github.com/advisories/GHSA-c2c7-rcm5-vvqj", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<2.3.2"}], "effects": [], "range": "<=2.3.1", "nodes": [""], "fixAvailable": true}, "postcss": {"name": "postcss", "severity": "moderate", "isDirect": false, "via": [{"source": 1109574, "name": "postcss", "dependency": "postcss", "title": "PostCSS line return parsing error", "url": "https://github.com/advisories/GHSA-7fh5-64p2-3v2j", "severity": "moderate", "cwe": ["CWE-74", "CWE-144"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "range": "<8.4.31"}, {"source": 1117015, "name": "postcss", "dependency": "postcss", "title": "PostCSS has XSS via Unescaped </style> in its CSS Stringify Output", "url": "https://github.com/advisories/GHSA-qx2v-qp2m-jg93", "severity": "moderate", "cwe": ["CWE-79"], "cvss": {"score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "range": "<8.5.10"}], "effects": ["@storybook/builder-webpack4", "autoprefixer", "css-loader", "icss-utils", "postcss-flexbugs-fixes", "postcss-modules-extract-imports", "postcss-modules-local-by-default", "postcss-modules-scope", "postcss-modules-values"], "range": "<=8.5.9", "nodes": ["", "node_modules/@storybook/builder-webpack4/node_modules/postcss", "node_modules/autoprefixer/node_modules/postcss", "node_modules/css-loader/node_modules/postcss", "node_modules/icss-utils/node_modules/postcss", "node_modules/postcss-flexbugs-fixes/node_modules/postcss", "node_modules/postcss-modules-extract-imports/node_modules/postcss", "node_modules/postcss-modules-local-by-default/node_modules/postcss", "node_modules/postcss-modules-scope/node_modules/postcss", "node_modules/postcss-modules-values/node_modules/postcss"], "fixAvailable": false}, "postcss-flexbugs-fixes": {"name": "postcss-flexbugs-fixes", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.2.1", "nodes": ["node_modules/postcss-flexbugs-fixes"], "fixAvailable": true}, "postcss-modules-extract-imports": {"name": "postcss-modules-extract-imports", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=2.0.0", "nodes": ["node_modules/postcss-modules-extract-imports"], "fixAvailable": true}, "postcss-modules-local-by-default": {"name": "postcss-modules-local-by-default", "severity": "moderate", "isDirect": false, "via": ["icss-utils", "postcss"], "effects": [], "range": "<=4.0.0-rc.4", "nodes": ["node_modules/postcss-modules-local-by-default"], "fixAvailable": true}, "postcss-modules-scope": {"name": "postcss-modules-scope", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=2.2.0", "nodes": ["node_modules/postcss-modules-scope"], "fixAvailable": true}, "postcss-modules-values": {"name": "postcss-modules-values", "severity": "moderate", "isDirect": false, "via": ["icss-utils", "postcss"], "effects": ["css-loader"], "range": "<=4.0.0-rc.5", "nodes": ["node_modules/postcss-modules-values"], "fixAvailable": true}, "qs": {"name": "qs", "severity": "moderate", "isDirect": false, "via": [{"source": 1113161, "name": "qs", "dependency": "qs", "title": "qs's arrayLimit bypass in comma parsing allows denial of service", "url": "https://github.com/advisories/GHSA-w7fw-mjwx-w883", "severity": "low", "cwe": ["CWE-20"], "cvss": {"score": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": ">=6.7.0 <=6.14.1"}, {"source": 1113719, "name": "qs", "dependency": "qs", "title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion", "url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p", "severity": "moderate", "cwe": ["CWE-20"], "cvss": {"score": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<6.14.1"}], "effects": ["body-parser"], "range": "<=6.14.1", "nodes": ["", "node_modules/qs"], "fixAvailable": true}, "readdirp": {"name": "readdirp", "severity": "moderate", "isDirect": false, "via": ["micromatch"], "effects": ["chokidar"], "range": "2.2.0 - 2.2.1", "nodes": ["node_modules/watchpack-chokidar2/node_modules/readdirp"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "remark-mdx": {"name": "remark-mdx", "severity": "high", "isDirect": false, "via": ["remark-parse"], "effects": ["@mdx-js/mdx"], "range": "<=1.6.22", "nodes": ["node_modules/remark-mdx"], "fixAvailable": true}, "remark-parse": {"name": "remark-parse", "severity": "high", "isDirect": false, "via": ["trim"], "effects": ["@mdx-js/mdx", "remark-mdx"], "range": "<=8.0.3", "nodes": ["node_modules/remark-parse"], "fixAvailable": true}, "sane": {"name": "sane", "severity": "moderate", "isDirect": false, "via": ["anymatch", "micromatch"], "effects": ["jest-haste-map"], "range": "1.5.0 - 4.1.0", "nodes": ["node_modules/sane"], "fixAvailable": true}, "serialize-javascript": {"name": "serialize-javascript", "severity": "high", "isDirect": false, "via": [{"source": 1113686, "name": "serialize-javascript", "dependency": "serialize-javascript", "title": "Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()", "url": "https://github.com/advisories/GHSA-5c6j-r48x-rmvq", "severity": "high", "cwe": ["CWE-96"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": "<=7.0.2"}, {"source": 1115723, "name": "serialize-javascript", "dependency": "serialize-javascript", "title": "Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects", "url": "https://github.com/advisories/GHSA-qj8w-gfj5-8c6v", "severity": "moderate", "cwe": ["CWE-400", "CWE-834"], "cvss": {"score": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<7.0.5"}], "effects": ["terser-webpack-plugin"], "range": "<=7.0.4", "nodes": ["node_modules/serialize-javascript", "node_modules/webpack/node_modules/serialize-javascript"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "tar": {"name": "tar", "severity": "high", "isDirect": false, "via": [{"source": 1112659, "name": "tar", "dependency": "tar", "title": "node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal", "url": "https://github.com/advisories/GHSA-34x7-hfp2-rc4v", "severity": "high", "cwe": ["CWE-22", "CWE-59"], "cvss": {"score": 8.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"}, "range": "<7.5.7"}, {"source": 1113300, "name": "tar", "dependency": "tar", "title": "node-tar is Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path Sanitization", "url": "https://github.com/advisories/GHSA-8qq5-rm4j-mr97", "severity": "high", "cwe": ["CWE-22"], "cvss": {"score": 0, "vectorString": null}, "range": "<=7.5.2"}, {"source": 1113375, "name": "tar", "dependency": "tar", "title": "Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in node-tar Extraction", "url": "https://github.com/advisories/GHSA-83g3-92jg-28cx", "severity": "high", "cwe": ["CWE-22"], "cvss": {"score": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}, "range": "<7.5.8"}, {"source": 1114200, "name": "tar", "dependency": "tar", "title": "tar has Hardlink Path Traversal via Drive-Relative Linkpath", "url": "https://github.com/advisories/GHSA-qffp-2rhf-9h96", "severity": "high", "cwe": ["CWE-22", "CWE-59"], "cvss": {"score": 0, "vectorString": null}, "range": "<=7.5.9"}, {"source": 1114302, "name": "tar", "dependency": "tar", "title": "node-tar Symlink Path Traversal via Drive-Relative Linkpath", "url": "https://github.com/advisories/GHSA-9ppj-qmqm-q256", "severity": "high", "cwe": ["CWE-22"], "cvss": {"score": 0, "vectorString": null}, "range": "<=7.5.10"}, {"source": 1114680, "name": "tar", "dependency": "tar", "title": "Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS", "url": "https://github.com/advisories/GHSA-r6q2-hw4h-h46w", "severity": "high", "cwe": ["CWE-176", "CWE-367"], "cvss": {"score": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L"}, "range": "<=7.5.3"}], "effects": ["cacache"], "range": "<=7.5.10", "nodes": ["node_modules/tar"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "terser-webpack-plugin": {"name": "terser-webpack-plugin", "severity": "high", "isDirect": false, "via": ["cacache", "serialize-javascript"], "effects": ["webpack"], "range": "<=5.3.16", "nodes": ["node_modules/terser-webpack-plugin", "node_modules/webpack/node_modules/terser-webpack-plugin"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "trim": {"name": "trim", "severity": "high", "isDirect": false, "via": [{"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}], "effects": ["remark-parse"], "range": "<0.0.3", "nodes": ["node_modules/trim"], "fixAvailable": true}, "trim-newlines": {"name": "trim-newlines", "severity": "high", "isDirect": false, "via": [{"source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.1"}], "effects": ["meow"], "range": "<3.0.1", "nodes": ["node_modules/trim-newlines"], "fixAvailable": true}, "uuid": {"name": "uuid", "severity": "moderate", "isDirect": false, "via": [{"source": 1116970, "name": "uuid", "dependency": "uuid", "title": "uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided", "url": "https://github.com/advisories/GHSA-w5hq-g745-h8pq", "severity": "moderate", "cwe": ["CWE-787", "CWE-1285"], "cvss": {"score": 0, "vectorString": null}, "range": "<14.0.0"}], "effects": ["webpack-log"], "range": "<14.0.0", "nodes": ["node_modules/uuid"], "fixAvailable": false}, "vue-docgen-loader": {"name": "vue-docgen-loader", "severity": "moderate", "isDirect": false, "via": ["jscodeshift"], "effects": [], "range": "1.3.0-beta.0 - 2.0.0", "nodes": ["node_modules/vue-docgen-loader"], "fixAvailable": true}, "watchpack": {"name": "watchpack", "severity": "high", "isDirect": false, "via": ["watchpack-chokidar2"], "effects": ["webpack"], "range": "1.7.2 - 1.7.5", "nodes": ["node_modules/webpack/node_modules/watchpack"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "watchpack-chokidar2": {"name": "watchpack-chokidar2", "severity": "high", "isDirect": false, "via": ["chokidar"], "effects": ["watchpack"], "range": "*", "nodes": ["node_modules/watchpack-chokidar2"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "webpack": {"name": "webpack", "severity": "high", "isDirect": false, "via": ["micromatch", "node-libs-browser", "terser-webpack-plugin", "watchpack"], "effects": ["@storybook/core-common"], "range": "2.0.0-beta - 5.1.0", "nodes": ["node_modules/webpack"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.6.14", "isSemVerMajor": true}}, "webpack-dev-middleware": {"name": "webpack-dev-middleware", "severity": "high", "isDirect": false, "via": [{"source": 1096729, "name": "webpack-dev-middleware", "dependency": "webpack-dev-middleware", "title": "Path traversal in webpack-dev-middleware", "url": "https://github.com/advisories/GHSA-wr3j-pwj9-hqq6", "severity": "high", "cwe": ["CWE-22"], "cvss": {"score": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"}, "range": "<=5.3.3"}, "webpack-log"], "effects": ["@storybook/manager-webpack4"], "range": "<=5.3.3", "nodes": ["node_modules/webpack-dev-middleware"], "fixAvailable": false}, "webpack-log": {"name": "webpack-log", "severity": "moderate", "isDirect": false, "via": ["uuid"], "effects": ["webpack-dev-middleware"], "range": "1.1.0 - 2.0.0", "nodes": ["node_modules/webpack-log"], "fixAvailable": false}, "yaml": {"name": "yaml", "severity": "moderate", "isDirect": false, "via": [{"source": 1115555, "name": "yaml", "dependency": "yaml", "title": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections", "url": "https://github.com/advisories/GHSA-48c2-rrv3-qjmp", "severity": "moderate", "cwe": ["CWE-674"], "cvss": {"score": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}, "range": ">=1.0.0 <1.10.3"}, {"source": 1115556, "name": "yaml", "dependency": "yaml", "title": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections", "url": "https://github.com/advisories/GHSA-48c2-rrv3-qjmp", "severity": "moderate", "cwe": ["CWE-674"], "cvss": {"score": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}, "range": ">=2.0.0 <2.8.3"}], "effects": [], "range": "1.0.0 - 1.10.2 || 2.0.0 - 2.8.2", "nodes": ["", ""], "fixAvailable": true}}, "metadata": {"vulnerabilities": {"info": 0, "low": 10, "moderate": 37, "high": 32, "critical": 1, "total": 80}, "dependencies": {"prod": 1, "dev": 2428, "optional": 66, "peer": 0, "peerOptional": 0, "total": 2428}}}}
$ /usr/bin/npm audit fix --only=dev
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
npm WARN deprecated @npmcli/move-file@1.1.2: This functionality has been moved to @npmcli/fs
npm WARN deprecated stable@0.1.8: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility
npm WARN deprecated source-map-url@0.4.1: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated trim@0.0.1: Use String.prototype.trim() instead
npm WARN deprecated abab@2.0.6: Use your platform's native atob() and btoa() methods instead
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated uuid-browser@3.1.0: Package no longer supported and required. Use the uuid package or crypto.randomUUID instead
npm WARN deprecated source-map-resolve@0.5.3: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated querystring@0.2.1: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated domexception@4.0.0: Use your platform's native DOMException instead
npm WARN deprecated sane@4.1.0: some dependency vulnerabilities fixed, support for node < 10 dropped, and newer ECMAScript syntax/features added
npm WARN deprecated chokidar@2.1.8: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
--- stdout ---
added 2423 packages, and audited 2424 packages in 52s
339 packages are looking for funding
run `npm fund` for details
# npm audit report
@babel/runtime <7.26.10
Severity: moderate
Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups - https://github.com/advisories/GHSA-968p-4wvh-cqc8
fix available via `npm audit fix --force`
Will install @storybook/addon-interactions@8.6.14, which is a breaking change
node_modules/@devtools-ds/object-inspector/node_modules/@babel/runtime
node_modules/@devtools-ds/object-parser/node_modules/@babel/runtime
node_modules/@devtools-ds/themes/node_modules/@babel/runtime
node_modules/@devtools-ds/tree/node_modules/@babel/runtime
@devtools-ds/object-inspector *
Depends on vulnerable versions of @babel/runtime
Depends on vulnerable versions of @devtools-ds/object-parser
Depends on vulnerable versions of @devtools-ds/themes
Depends on vulnerable versions of @devtools-ds/tree
node_modules/@devtools-ds/object-inspector
@storybook/addon-interactions <=7.0.0-rc.11
Depends on vulnerable versions of @devtools-ds/object-inspector
Depends on vulnerable versions of @storybook/core-common
node_modules/@storybook/addon-interactions
@devtools-ds/object-parser *
Depends on vulnerable versions of @babel/runtime
node_modules/@devtools-ds/object-parser
@devtools-ds/themes *
Depends on vulnerable versions of @babel/runtime
node_modules/@devtools-ds/themes
@devtools-ds/tree *
Depends on vulnerable versions of @babel/runtime
Depends on vulnerable versions of @devtools-ds/themes
node_modules/@devtools-ds/tree
@tootallnate/once <3.0.1
@tootallnate/once vulnerable to Incorrect Control Flow Scoping - https://github.com/advisories/GHSA-vpq2-c234-7xj6
fix available via `npm audit fix --force`
Will install jest-environment-jsdom@30.3.0, which is a breaking change
node_modules/@tootallnate/once
http-proxy-agent 4.0.1 - 5.0.0
Depends on vulnerable versions of @tootallnate/once
node_modules/http-proxy-agent
jsdom 16.6.0 - 22.1.0
Depends on vulnerable versions of http-proxy-agent
node_modules/jsdom
jest-environment-jsdom 27.0.1 - 30.0.0-rc.1
Depends on vulnerable versions of jsdom
node_modules/jest-environment-jsdom
braces <3.0.3
Severity: high
Uncontrolled resource consumption in braces - https://github.com/advisories/GHSA-grv7-fg5c-xmjg
fix available via `npm audit fix --force`
Will install @storybook/addon-essentials@8.6.14, which is a breaking change
node_modules/cpy/node_modules/braces
node_modules/fork-ts-checker-webpack-plugin/node_modules/braces
node_modules/jscodeshift/node_modules/braces
node_modules/sane/node_modules/braces
node_modules/watchpack-chokidar2/node_modules/braces
node_modules/webpack/node_modules/braces
chokidar 1.3.0 - 2.1.8
Depends on vulnerable versions of anymatch
Depends on vulnerable versions of braces
Depends on vulnerable versions of readdirp
node_modules/watchpack-chokidar2/node_modules/chokidar
watchpack-chokidar2 *
Depends on vulnerable versions of chokidar
node_modules/watchpack-chokidar2
watchpack 1.7.2 - 1.7.5
Depends on vulnerable versions of watchpack-chokidar2
node_modules/webpack/node_modules/watchpack
webpack 2.0.0-beta - 5.1.0
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of node-libs-browser
Depends on vulnerable versions of terser-webpack-plugin
Depends on vulnerable versions of watchpack
node_modules/webpack
@storybook/core-common <=6.5.17-alpha.0
Depends on vulnerable versions of webpack
node_modules/@storybook/core-common
@storybook/addon-controls 6.4.0-alpha.0 - 6.5.17-alpha.0
Depends on vulnerable versions of @storybook/core-common
node_modules/@storybook/addon-controls
@storybook/addon-essentials 6.4.0-alpha.0 - 6.5.17-alpha.0
Depends on vulnerable versions of @storybook/addon-controls
Depends on vulnerable versions of @storybook/addon-docs
Depends on vulnerable versions of @storybook/core-common
node_modules/@storybook/addon-essentials
@storybook/addon-docs 5.3.0-alpha.0 - 7.0.3 || 7.1.0-alpha.0 - 7.1.0-rc.2
Depends on vulnerable versions of @jest/transform
Depends on vulnerable versions of @storybook/core-common
Depends on vulnerable versions of @storybook/mdx1-csf
node_modules/@storybook/addon-docs
@storybook/telemetry <=6.5.17-alpha.0
Depends on vulnerable versions of @storybook/core-common
node_modules/@storybook/telemetry
@storybook/core-server <=7.6.19 || 8.0.0-alpha.0 - 8.1.5 || 8.2.0-alpha.0 - 8.2.0-beta.3
Depends on vulnerable versions of @storybook/builder-webpack4
Depends on vulnerable versions of @storybook/core-common
Depends on vulnerable versions of @storybook/csf-tools
Depends on vulnerable versions of @storybook/manager-webpack4
Depends on vulnerable versions of @storybook/telemetry
Depends on vulnerable versions of cpy
Depends on vulnerable versions of ip
Depends on vulnerable versions of webpack
node_modules/@storybook/core-server
@storybook/core 6.2.0-alpha.0 - 6.5.17-alpha.0
Depends on vulnerable versions of @storybook/core-server
node_modules/@storybook/core
@storybook/vue3 <=6.5.17-alpha.0
Depends on vulnerable versions of @storybook/core
Depends on vulnerable versions of @storybook/core-common
Depends on vulnerable versions of vue-docgen-loader
node_modules/@storybook/vue3
micromatch <=4.0.7
Depends on vulnerable versions of braces
node_modules/cpy/node_modules/micromatch
node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch
node_modules/jscodeshift/node_modules/micromatch
node_modules/sane/node_modules/micromatch
node_modules/watchpack-chokidar2/node_modules/micromatch
node_modules/webpack/node_modules/micromatch
anymatch 1.2.0 - 2.0.0
Depends on vulnerable versions of micromatch
node_modules/sane/node_modules/anymatch
node_modules/watchpack-chokidar2/node_modules/anymatch
sane 1.5.0 - 4.1.0
Depends on vulnerable versions of anymatch
Depends on vulnerable versions of micromatch
node_modules/sane
jest-haste-map 24.0.0-alpha.0 - 26.6.2
Depends on vulnerable versions of sane
node_modules/@storybook/addon-docs/node_modules/jest-haste-map
@jest/transform <=26.6.2
Depends on vulnerable versions of jest-haste-map
node_modules/@storybook/addon-docs/node_modules/@jest/transform
fast-glob <=2.2.7
Depends on vulnerable versions of micromatch
node_modules/cpy/node_modules/fast-glob
globby 8.0.0 - 9.2.0
Depends on vulnerable versions of fast-glob
node_modules/cpy/node_modules/globby
cpy 7.0.0 - 8.1.2
Depends on vulnerable versions of globby
node_modules/cpy
fork-ts-checker-webpack-plugin 0.4.14 - 4.1.6
Depends on vulnerable versions of micromatch
node_modules/fork-ts-checker-webpack-plugin
jscodeshift 0.3.20 - 0.13.1
Depends on vulnerable versions of micromatch
node_modules/jscodeshift
vue-docgen-loader 1.3.0-beta.0 - 2.0.0
Depends on vulnerable versions of jscodeshift
node_modules/vue-docgen-loader
readdirp 2.2.0 - 2.2.1
Depends on vulnerable versions of micromatch
node_modules/watchpack-chokidar2/node_modules/readdirp
elliptic *
Elliptic Uses a Cryptographic Primitive with a Risky Implementation - https://github.com/advisories/GHSA-848j-6mx2-7j84
fix available via `npm audit fix --force`
Will install @storybook/addon-essentials@8.6.14, which is a breaking change
node_modules/elliptic
browserify-sign >=2.4.0
Depends on vulnerable versions of elliptic
node_modules/browserify-sign
crypto-browserify >=3.4.0
Depends on vulnerable versions of browserify-sign
Depends on vulnerable versions of create-ecdh
node_modules/crypto-browserify
node-libs-browser 0.4.2 || >=1.0.0
Depends on vulnerable versions of crypto-browserify
node_modules/node-libs-browser
create-ecdh *
Depends on vulnerable versions of elliptic
node_modules/create-ecdh
ip *
Severity: high
ip SSRF improper categorization in isPublic - https://github.com/advisories/GHSA-2p57-rm9w-gvfp
fix available via `npm audit fix`
node_modules/ip
postcss <=8.5.9
Severity: moderate
PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j
PostCSS has XSS via Unescaped </style> in its CSS Stringify Output - https://github.com/advisories/GHSA-qx2v-qp2m-jg93
No fix available
node_modules/@storybook/builder-webpack4/node_modules/postcss
node_modules/autoprefixer/node_modules/postcss
node_modules/css-loader/node_modules/postcss
node_modules/icss-utils/node_modules/postcss
node_modules/postcss-flexbugs-fixes/node_modules/postcss
node_modules/postcss-modules-extract-imports/node_modules/postcss
node_modules/postcss-modules-local-by-default/node_modules/postcss
node_modules/postcss-modules-scope/node_modules/postcss
node_modules/postcss-modules-values/node_modules/postcss
@storybook/builder-webpack4 *
Depends on vulnerable versions of @storybook/core-common
Depends on vulnerable versions of autoprefixer
Depends on vulnerable versions of css-loader
Depends on vulnerable versions of fork-ts-checker-webpack-plugin
Depends on vulnerable versions of postcss
Depends on vulnerable versions of postcss-flexbugs-fixes
Depends on vulnerable versions of terser-webpack-plugin
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-middleware
node_modules/@storybook/builder-webpack4
autoprefixer 1.0.20131222 - 9.8.8
Depends on vulnerable versions of postcss
node_modules/autoprefixer
css-loader 0.15.0 - 4.3.0
Depends on vulnerable versions of icss-utils
Depends on vulnerable versions of postcss
Depends on vulnerable versions of postcss-modules-extract-imports
Depends on vulnerable versions of postcss-modules-local-by-default
Depends on vulnerable versions of postcss-modules-scope
Depends on vulnerable versions of postcss-modules-values
node_modules/css-loader
icss-utils <=4.1.1
Depends on vulnerable versions of postcss
node_modules/icss-utils
postcss-modules-local-by-default <=4.0.0-rc.4
Depends on vulnerable versions of icss-utils
Depends on vulnerable versions of postcss
node_modules/postcss-modules-local-by-default
postcss-modules-values <=4.0.0-rc.5
Depends on vulnerable versions of icss-utils
Depends on vulnerable versions of postcss
node_modules/postcss-modules-values
postcss-flexbugs-fixes <=4.2.1
Depends on vulnerable versions of postcss
node_modules/postcss-flexbugs-fixes
postcss-modules-extract-imports <=2.0.0
Depends on vulnerable versions of postcss
node_modules/postcss-modules-extract-imports
postcss-modules-scope <=2.2.0
Depends on vulnerable versions of postcss
node_modules/postcss-modules-scope
qs <=6.14.1
Severity: moderate
qs's arrayLimit bypass in comma parsing allows denial of service - https://github.com/advisories/GHSA-w7fw-mjwx-w883
qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion - https://github.com/advisories/GHSA-6rw7-vpxm-498p
fix available via `npm audit fix`
node_modules/qs
serialize-javascript <=7.0.4
Severity: high
Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString() - https://github.com/advisories/GHSA-5c6j-r48x-rmvq
Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects - https://github.com/advisories/GHSA-qj8w-gfj5-8c6v
fix available via `npm audit fix --force`
Will install @storybook/addon-essentials@8.6.14, which is a breaking change
node_modules/serialize-javascript
node_modules/webpack/node_modules/serialize-javascript
terser-webpack-plugin <=5.3.16
Depends on vulnerable versions of cacache
Depends on vulnerable versions of serialize-javascript
node_modules/terser-webpack-plugin
node_modules/webpack/node_modules/terser-webpack-plugin
tar <=7.5.10
Severity: high
node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal - https://github.com/advisories/GHSA-34x7-hfp2-rc4v
node-tar is Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path Sanitization - https://github.com/advisories/GHSA-8qq5-rm4j-mr97
Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in node-tar Extraction - https://github.com/advisories/GHSA-83g3-92jg-28cx
tar has Hardlink Path Traversal via Drive-Relative Linkpath - https://github.com/advisories/GHSA-qffp-2rhf-9h96
node-tar Symlink Path Traversal via Drive-Relative Linkpath - https://github.com/advisories/GHSA-9ppj-qmqm-q256
Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS - https://github.com/advisories/GHSA-r6q2-hw4h-h46w
fix available via `npm audit fix --force`
Will install @storybook/addon-essentials@8.6.14, which is a breaking change
node_modules/tar
cacache 14.0.0 - 18.0.4
Depends on vulnerable versions of tar
node_modules/cacache
trim <0.0.3
Severity: high
Regular Expression Denial of Service in trim - https://github.com/advisories/GHSA-w5p7-h5w8-2hfq
fix available via `npm audit fix`
node_modules/trim
remark-parse <=8.0.3
Depends on vulnerable versions of trim
node_modules/remark-parse
@mdx-js/mdx <=1.6.22
Depends on vulnerable versions of remark-mdx
Depends on vulnerable versions of remark-parse
node_modules/@mdx-js/mdx
@storybook/mdx1-csf *
Depends on vulnerable versions of @mdx-js/mdx
node_modules/@storybook/mdx1-csf
@storybook/csf-tools 6.5.0-alpha.1 - 6.5.17-alpha.0
Depends on vulnerable versions of @storybook/mdx1-csf
node_modules/@storybook/csf-tools
remark-mdx <=1.6.22
Depends on vulnerable versions of remark-parse
node_modules/remark-mdx
trim-newlines <3.0.1
Severity: high
Uncontrolled Resource Consumption in trim-newlines - https://github.com/advisories/GHSA-7p7h-4mm5-852v
fix available via `npm audit fix`
node_modules/trim-newlines
meow 3.4.0 - 5.0.0
Depends on vulnerable versions of trim-newlines
node_modules/default-browser-id/node_modules/meow
uuid <14.0.0
Severity: moderate
uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided - https://github.com/advisories/GHSA-w5hq-g745-h8pq
No fix available
node_modules/uuid
webpack-log 1.1.0 - 2.0.0
Depends on vulnerable versions of uuid
node_modules/webpack-log
webpack-dev-middleware <=5.3.3
Depends on vulnerable versions of webpack-log
node_modules/webpack-dev-middleware
@storybook/manager-webpack4 *
Depends on vulnerable versions of @storybook/core-common
Depends on vulnerable versions of css-loader
Depends on vulnerable versions of terser-webpack-plugin
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-middleware
node_modules/@storybook/manager-webpack4
68 vulnerabilities (9 low, 33 moderate, 26 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
--- end ---
Verifying that tests still pass
$ /usr/bin/npm ci
--- stderr ---
npm WARN deprecated @npmcli/move-file@1.1.2: This functionality has been moved to @npmcli/fs
npm WARN deprecated source-map-url@0.4.1: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated stable@0.1.8: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated trim@0.0.1: Use String.prototype.trim() instead
npm WARN deprecated abab@2.0.6: Use your platform's native atob() and btoa() methods instead
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated uuid-browser@3.1.0: Package no longer supported and required. Use the uuid package or crypto.randomUUID instead
npm WARN deprecated source-map-resolve@0.5.3: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated querystring@0.2.1: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated domexception@4.0.0: Use your platform's native DOMException instead
npm WARN deprecated sane@4.1.0: some dependency vulnerabilities fixed, support for node < 10 dropped, and newer ECMAScript syntax/features added
npm WARN deprecated chokidar@2.1.8: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
--- stdout ---
added 2423 packages, and audited 2424 packages in 49s
339 packages are looking for funding
run `npm fund` for details
68 vulnerabilities (9 low, 33 moderate, 26 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
--- end ---
$ /usr/bin/npm test
--- stderr ---
PASS tests/jest/discover/util/convertUrlToThumbnail.test.js
PASS tests/jest/builder/util/safeAssignString.test.js
PASS tests/jest/builder/util/splitSentences.test.js
PASS tests/jest/builder/util/convertUrlToMobile.test.js
PASS tests/jest/builder/store/story.test.js
Test Suites: 5 passed, 5 total
Tests: 19 passed, 19 total
Snapshots: 0 total
Time: 6.397 s
Ran all test suites.
--- stdout ---
> test
> npm run lint:js && npm run lint:css && jest
> lint:js
> eslint --cache .
> lint:css
> stylelint --cache **/*.{vue,less}
------------------------------------|---------|----------|---------|---------|------------------------------------------
File | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s
------------------------------------|---------|----------|---------|---------|------------------------------------------
All files | 7.88 | 6.76 | 1.98 | 7.9 |
components | 0 | 0 | 0 | 0 |
ConfirmDialog.vue | 0 | 0 | 0 | 0 | 33-44
DotsMenu.vue | 0 | 100 | 0 | 0 | 17-29
DotsMenuItem.vue | 0 | 100 | 0 | 0 | 16-32
StoryImage.vue | 0 | 0 | 0 | 0 | 25-260
ext.wikistories.builder | 0 | 0 | 0 | 0 |
App.vue | 0 | 0 | 0 | 0 | 8-37
index.js | 0 | 0 | 100 | 0 | 1-19
ext.wikistories.builder/api | 12.5 | 0 | 0 | 12.74 |
getPageInfo.js | 0 | 0 | 0 | 0 | 6-19
saveStory.js | 0 | 0 | 0 | 0 | 10-38
searchImages.js | 14.94 | 0 | 0 | 15.29 | 17-18,28-54,63-74,78-113,125-176,187-206
ext.wikistories.builder/components | 0 | 0 | 0 | 0 |
Alert.vue | 0 | 100 | 100 | 0 | 24
CurrentFrame.vue | 0 | 0 | 0 | 0 | 21-57
Frames.vue | 0 | 0 | 0 | 0 | 32-80
ImageAttribution.vue | 0 | 0 | 0 | 0 | 27-41
ImageListView.vue | 0 | 0 | 0 | 0 | 27-72
ListImage.vue | 0 | 0 | 0 | 0 | 12-61
Navigator.vue | 0 | 0 | 0 | 0 | 27-38
Notice.vue | 0 | 100 | 100 | 0 | 15
Popup.vue | 0 | 100 | 100 | 0 | 12
PrimaryButton.vue | 0 | 100 | 100 | 0 | 9
RouterView.vue | 0 | 100 | 100 | 0 | 6-9
StoryTextbox.vue | 0 | 0 | 0 | 0 | 37-93
Toast.vue | 0 | 100 | 0 | 0 | 8-33
ext.wikistories.builder/mixins | 0 | 0 | 0 | 0 |
observer.js | 0 | 0 | 0 | 0 | 10-115
ext.wikistories.builder/plugins | 0 | 100 | 0 | 0 |
config.js | 0 | 100 | 0 | 0 | 5-20
ext.wikistories.builder/store | 6.27 | 0 | 0 | 6.34 |
article.js | 0 | 0 | 0 | 0 | 1-106
index.js | 0 | 100 | 100 | 0 | 1-7
router.js | 0 | 0 | 0 | 0 | 1-62
search.js | 0 | 0 | 0 | 0 | 1-72
story.js | 11.11 | 0 | 0 | 11.34 | 40-325
ext.wikistories.builder/util | 33 | 21.48 | 24.13 | 32.68 |
beforeUnloadListener.js | 0 | 100 | 0 | 0 | 4-9
calculateUnmodifiedContent.js | 16.66 | 0 | 0 | 16.66 | 2-12,26-53
convertUrlToMobile.js | 100 | 100 | 100 | 100 |
safeAssignString.js | 93.33 | 87.5 | 100 | 93.33 | 26
sortableFrames.js | 0 | 0 | 0 | 0 | 5-221
splitSentences.js | 91.48 | 80 | 100 | 91.3 | 40,94,101-102
strip.js | 22.22 | 0 | 0 | 22.22 | 6-16
validateTitle.js | 0 | 0 | 0 | 0 | 1-43
ext.wikistories.builder/views | 0 | 0 | 0 | 0 |
Article.vue | 0 | 0 | 0 | 0 | 46-123
PublishForm.vue | 0 | 0 | 0 | 0 | 114-273
Search.vue | 0 | 0 | 0 | 0 | 44-136
Story.vue | 0 | 0 | 0 | 0 | 69-248
ext.wikistories.discover | 0 | 0 | 0 | 0 |
Discover.js | 0 | 0 | 0 | 0 | 1-103
index.js | 0 | 0 | 0 | 0 | 1-44
ext.wikistories.discover/api | 0 | 100 | 0 | 0 |
getStories.js | 0 | 100 | 0 | 0 | 5-13
ext.wikistories.discover/util | 100 | 100 | 100 | 100 |
convertUrlToThumbnail.js | 100 | 100 | 100 | 100 |
ext.wikistories.viewaction | 0 | 100 | 100 | 0 |
index.js | 0 | 100 | 100 | 0 | 1-3
ext.wikistories.viewer | 0 | 0 | 0 | 0 |
StoryViewer.vue | 0 | 0 | 0 | 0 | 187-385
index.js | 0 | 0 | 0 | 0 | 1-38
ext.wikistories.viewer/components | 0 | 0 | 0 | 0 |
ImageAttribution.vue | 0 | 100 | 100 | 0 | 31
Textbox.vue | 0 | 0 | 0 | 0 | 18-100
ext.wikistories.viewer/store | 0 | 0 | 0 | 0 |
index.js | 0 | 100 | 100 | 0 | 1-4
story.js | 0 | 0 | 0 | 0 | 1-207
ext.wikistories.viewer/util | 0 | 0 | 0 | 0 |
isTouchDevice.js | 0 | 0 | 100 | 0 | 1-7
timer.js | 0 | 0 | 0 | 0 | 4-38
instrumentation | 0 | 0 | 0 | 0 |
consumptionEvents.js | 0 | 0 | 0 | 0 | 1-52
contributionEvents.js | 0 | 0 | 0 | 0 | 1-64
------------------------------------|---------|----------|---------|---------|------------------------------------------
--- end ---
{}
{}
{}
{}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}, "1101851": {"source": 1101851, "name": "ip", "dependency": "ip", "title": "ip SSRF improper categorization in isPublic", "url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp", "severity": "high", "cwe": ["CWE-918"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": "<=2.0.1"}}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}, "1101851": {"source": 1101851, "name": "ip", "dependency": "ip", "title": "ip SSRF improper categorization in isPublic", "url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp", "severity": "high", "cwe": ["CWE-918"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": "<=2.0.1"}}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{}
{"1113714": {"source": 1113714, "name": "ajv", "dependency": "ajv", "title": "ajv has ReDoS when using `$data` option", "url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6", "severity": "moderate", "cwe": ["CWE-400", "CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": "<6.14.0"}, "1113715": {"source": 1113715, "name": "ajv", "dependency": "ajv", "title": "ajv has ReDoS when using `$data` option", "url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6", "severity": "moderate", "cwe": ["CWE-400", "CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": ">=7.0.0-alpha.0 <8.18.0"}}
Upgrading n:ajv from 6.12.6, 8.17.1 -> 6.15.0, 8.20.0
{}
{"1113441": {"source": 1113441, "name": "bn.js", "dependency": "bn.js", "title": "bn.js affected by an infinite loop", "url": "https://github.com/advisories/GHSA-378v-28hj-76wf", "severity": "moderate", "cwe": ["CWE-835"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": ">=5.0.0 <5.2.3"}, "1113442": {"source": 1113442, "name": "bn.js", "dependency": "bn.js", "title": "bn.js affected by an infinite loop", "url": "https://github.com/advisories/GHSA-378v-28hj-76wf", "severity": "moderate", "cwe": ["CWE-835"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<4.12.3"}}
Upgrading n:bn.js from 4.12.0, 5.2.1 -> 4.12.3, 5.2.3
{"1113161": {"source": 1113161, "name": "qs", "dependency": "qs", "title": "qs's arrayLimit bypass in comma parsing allows denial of service", "url": "https://github.com/advisories/GHSA-w7fw-mjwx-w883", "severity": "low", "cwe": ["CWE-20"], "cvss": {"score": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": ">=6.7.0 <=6.14.1"}, "1113719": {"source": 1113719, "name": "qs", "dependency": "qs", "title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion", "url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p", "severity": "moderate", "cwe": ["CWE-20"], "cvss": {"score": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<6.14.1"}}
Upgrading n:body-parser from 1.20.3 -> 1.20.5
{"1115540": {"source": 1115540, "name": "brace-expansion", "dependency": "brace-expansion", "title": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion", "url": "https://github.com/advisories/GHSA-f886-m6hf-6m8v", "severity": "moderate", "cwe": ["CWE-400"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "range": "<1.1.13"}, "1115541": {"source": 1115541, "name": "brace-expansion", "dependency": "brace-expansion", "title": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion", "url": "https://github.com/advisories/GHSA-f886-m6hf-6m8v", "severity": "moderate", "cwe": ["CWE-400"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "range": ">=2.0.0 <2.0.3"}}
Upgrading n:brace-expansion from 1.1.12, 2.0.2 -> 1.1.14, 2.1.0
{}
{}
{"1113459": {"source": 1113459, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern", "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": "<3.1.3"}, "1113465": {"source": 1113465, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern", "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": ">=9.0.0 <9.0.6"}, "1113538": {"source": 1113538, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments", "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj", "severity": "high", "cwe": ["CWE-407"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.1.3"}, "1113544": {"source": 1113544, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments", "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj", "severity": "high", "cwe": ["CWE-407"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=9.0.0 <9.0.7"}, "1113546": {"source": 1113546, "name": "minimatch", "dependency": "minimatch", "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions", "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.1.4"}, "1113552": {"source": 1113552, "name": "minimatch", "dependency": "minimatch", "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions", "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=9.0.0 <9.0.7"}}
Upgrading n:editorconfig from 1.0.4 -> 1.0.7
{}
{"1114526": {"source": 1114526, "name": "flatted", "dependency": "flatted", "title": "flatted vulnerable to unbounded recursion DoS in parse() revive phase", "url": "https://github.com/advisories/GHSA-25h7-pfq9-p65f", "severity": "high", "cwe": ["CWE-674"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.4.0"}, "1115357": {"source": 1115357, "name": "flatted", "dependency": "flatted", "title": "Prototype Pollution via parse() in NodeJS flatted", "url": "https://github.com/advisories/GHSA-rf6f-7fwh-wjgh", "severity": "high", "cwe": ["CWE-1321"], "cvss": {"score": 0, "vectorString": null}, "range": "<=3.4.1"}}
Upgrading n:flatted from 3.3.1 -> 3.4.2
{}
{}
{"1115538": {"source": 1115538, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block", "url": "https://github.com/advisories/GHSA-3mfm-83xf-c92r", "severity": "high", "cwe": ["CWE-94", "CWE-843"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": ">=4.0.0 <=4.7.8"}, "1115539": {"source": 1115539, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has JavaScript Injection via AST Type Confusion", "url": "https://github.com/advisories/GHSA-2w6w-674q-4c4q", "severity": "critical", "cwe": ["CWE-94", "CWE-843"], "cvss": {"score": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": ">=4.0.0 <=4.7.8"}, "1115544": {"source": 1115544, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection", "url": "https://github.com/advisories/GHSA-2qvq-rjwj-gvw9", "severity": "moderate", "cwe": ["CWE-79", "CWE-1321"], "cvss": {"score": 4.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "range": ">=4.0.0 <4.7.9"}, "1115588": {"source": 1115588, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has a Prototype Method Access Control Gap via Missing __lookupSetter__ Blocklist Entry", "url": "https://github.com/advisories/GHSA-7rx3-28cr-v5wh", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 4.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}, "range": ">=4.6.0 <=4.7.8"}, "1115589": {"source": 1115589, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has a Property Access Validation Bypass in container.lookup", "url": "https://github.com/advisories/GHSA-442j-39wm-28r2", "severity": "low", "cwe": ["CWE-367"], "cvss": {"score": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "range": ">=4.0.0 <=4.7.8"}, "1115692": {"source": 1115692, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options", "url": "https://github.com/advisories/GHSA-xjpj-3mr7-gcpf", "severity": "high", "cwe": ["CWE-79", "CWE-94", "CWE-116"], "cvss": {"score": 8.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}, "range": ">=4.0.0 <=4.7.8"}, "1115693": {"source": 1115693, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial", "url": "https://github.com/advisories/GHSA-xhpv-hc6g-r9c6", "severity": "high", "cwe": ["CWE-94", "CWE-843"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": ">=4.0.0 <=4.7.8"}, "1115694": {"source": 1115694, "name": "handlebars", "dependency": "handlebars", "title": "Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation", "url": "https://github.com/advisories/GHSA-9cx6-37pm-9jff", "severity": "high", "cwe": ["CWE-754"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=4.0.0 <=4.7.8"}}
Upgrading n:handlebars from 4.7.7 -> 4.7.9
{}
{"1101851": {"source": 1101851, "name": "ip", "dependency": "ip", "title": "ip SSRF improper categorization in isPublic", "url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp", "severity": "high", "cwe": ["CWE-918"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": "<=2.0.1"}}
{}
{}
{"1112455": {"source": 1112455, "name": "lodash", "dependency": "lodash", "title": "Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions", "url": "https://github.com/advisories/GHSA-xxjr-mmjv-4gpg", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "range": ">=4.0.0 <=4.17.22"}, "1115806": {"source": 1115806, "name": "lodash", "dependency": "lodash", "title": "lodash vulnerable to Code Injection via `_.template` imports key names", "url": "https://github.com/advisories/GHSA-r5fr-rjxr-66jc", "severity": "high", "cwe": ["CWE-94"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": ">=4.0.0 <=4.17.23"}, "1115810": {"source": 1115810, "name": "lodash", "dependency": "lodash", "title": "lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`", "url": "https://github.com/advisories/GHSA-f23m-r3pf-42rh", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "range": "<=4.17.23"}}
Upgrading n:lodash from 4.17.21 -> 4.18.1
{"1095100": {"source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.1"}}
{"1113459": {"source": 1113459, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern", "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": "<3.1.3"}, "1113465": {"source": 1113465, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern", "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": ">=9.0.0 <9.0.6"}, "1113538": {"source": 1113538, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments", "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj", "severity": "high", "cwe": ["CWE-407"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.1.3"}, "1113544": {"source": 1113544, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments", "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj", "severity": "high", "cwe": ["CWE-407"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=9.0.0 <9.0.7"}, "1113546": {"source": 1113546, "name": "minimatch", "dependency": "minimatch", "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions", "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.1.4"}, "1113552": {"source": 1113552, "name": "minimatch", "dependency": "minimatch", "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions", "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=9.0.0 <9.0.7"}}
Upgrading n:minimatch from 3.1.2, 9.0.1, 9.0.4, 9.0.5 -> 3.1.5, 9.0.9
{"1115527": {"source": 1115527, "name": "path-to-regexp", "dependency": "path-to-regexp", "title": "path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters", "url": "https://github.com/advisories/GHSA-37ch-88jc-xwx2", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.1.13"}}
Upgrading n:path-to-regexp from 0.1.12 -> 0.1.13
{"1115549": {"source": 1115549, "name": "picomatch", "dependency": "picomatch", "title": "Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching", "url": "https://github.com/advisories/GHSA-3v7f-55p6-f55p", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "range": "<2.3.2"}, "1115552": {"source": 1115552, "name": "picomatch", "dependency": "picomatch", "title": "Picomatch has a ReDoS vulnerability via extglob quantifiers", "url": "https://github.com/advisories/GHSA-c2c7-rcm5-vvqj", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<2.3.2"}}
Upgrading n:picomatch from 2.3.1 -> 2.3.2
{}
{}
{}
{}
{}
{"1113161": {"source": 1113161, "name": "qs", "dependency": "qs", "title": "qs's arrayLimit bypass in comma parsing allows denial of service", "url": "https://github.com/advisories/GHSA-w7fw-mjwx-w883", "severity": "low", "cwe": ["CWE-20"], "cvss": {"score": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": ">=6.7.0 <=6.14.1"}, "1113719": {"source": 1113719, "name": "qs", "dependency": "qs", "title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion", "url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p", "severity": "moderate", "cwe": ["CWE-20"], "cvss": {"score": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<6.14.1"}}
Upgrading n:qs from 6.13.0, 6.14.0 -> 6.14.0, 6.15.1
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{"1095100": {"source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.1"}}
{}
{"1115555": {"source": 1115555, "name": "yaml", "dependency": "yaml", "title": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections", "url": "https://github.com/advisories/GHSA-48c2-rrv3-qjmp", "severity": "moderate", "cwe": ["CWE-674"], "cvss": {"score": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}, "range": ">=1.0.0 <1.10.3"}, "1115556": {"source": 1115556, "name": "yaml", "dependency": "yaml", "title": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections", "url": "https://github.com/advisories/GHSA-48c2-rrv3-qjmp", "severity": "moderate", "cwe": ["CWE-674"], "cvss": {"score": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}, "range": ">=2.0.0 <2.8.3"}}
Upgrading n:yaml from 1.10.2, 2.4.1 -> 1.10.3, 2.8.3
$ package-lock-lint /src/repo/package-lock.json
--- stdout ---
Checking /src/repo/package-lock.json
--- end ---
build: Updating npm dependencies
* ajv: 6.12.6, 8.17.1 → 6.15.0, 8.20.0
* https://github.com/advisories/GHSA-2g4f-4pwh-qvx6
* bn.js: 4.12.0, 5.2.1 → 4.12.3, 5.2.3
* https://github.com/advisories/GHSA-378v-28hj-76wf
* body-parser: 1.20.3 → 1.20.5
* https://github.com/advisories/GHSA-6rw7-vpxm-498p
* https://github.com/advisories/GHSA-w7fw-mjwx-w883
* brace-expansion: 1.1.12, 2.0.2 → 1.1.14, 2.1.0
* https://github.com/advisories/GHSA-f886-m6hf-6m8v
* editorconfig: 1.0.4 → 1.0.7
* https://github.com/advisories/GHSA-23c5-xmqv-rm74
* https://github.com/advisories/GHSA-3ppc-4f35-3m26
* https://github.com/advisories/GHSA-7r86-cg39-jmmj
* flatted: 3.3.1 → 3.4.2
* https://github.com/advisories/GHSA-25h7-pfq9-p65f
* https://github.com/advisories/GHSA-rf6f-7fwh-wjgh
* handlebars: 4.7.7 → 4.7.9
* https://github.com/advisories/GHSA-2qvq-rjwj-gvw9
* https://github.com/advisories/GHSA-2w6w-674q-4c4q
* https://github.com/advisories/GHSA-3mfm-83xf-c92r
* https://github.com/advisories/GHSA-442j-39wm-28r2
* https://github.com/advisories/GHSA-7rx3-28cr-v5wh
* https://github.com/advisories/GHSA-9cx6-37pm-9jff
* https://github.com/advisories/GHSA-xhpv-hc6g-r9c6
* https://github.com/advisories/GHSA-xjpj-3mr7-gcpf
* lodash: 4.17.21 → 4.18.1
* https://github.com/advisories/GHSA-f23m-r3pf-42rh
* https://github.com/advisories/GHSA-r5fr-rjxr-66jc
* https://github.com/advisories/GHSA-xxjr-mmjv-4gpg
* minimatch: 3.1.2, 9.0.1, 9.0.4, 9.0.5 → 3.1.5, 9.0.9
* https://github.com/advisories/GHSA-23c5-xmqv-rm74
* https://github.com/advisories/GHSA-3ppc-4f35-3m26
* https://github.com/advisories/GHSA-7r86-cg39-jmmj
* path-to-regexp: 0.1.12 → 0.1.13
* https://github.com/advisories/GHSA-37ch-88jc-xwx2
* picomatch: 2.3.1 → 2.3.2
* https://github.com/advisories/GHSA-3v7f-55p6-f55p
* https://github.com/advisories/GHSA-c2c7-rcm5-vvqj
* qs: 6.13.0, 6.14.0 → 6.14.0, 6.15.1
* https://github.com/advisories/GHSA-6rw7-vpxm-498p
* https://github.com/advisories/GHSA-w7fw-mjwx-w883
* yaml: 1.10.2, 2.4.1 → 1.10.3, 2.8.3
* https://github.com/advisories/GHSA-48c2-rrv3-qjmp
$ git add .
--- stdout ---
--- end ---
$ git commit -F /tmp/tmpcmpx88ci
--- stdout ---
[REL1_46 c36e386] build: Updating npm dependencies
1 file changed, 594 insertions(+), 466 deletions(-)
--- end ---
$ git format-patch HEAD~1 --stdout
--- stdout ---
From c36e386e8216b5fd4fc3b82139042cb6dd1b5bef Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Fri, 1 May 2026 02:10:04 +0000
Subject: [PATCH] build: Updating npm dependencies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* ajv: 6.12.6, 8.17.1 → 6.15.0, 8.20.0
* https://github.com/advisories/GHSA-2g4f-4pwh-qvx6
* bn.js: 4.12.0, 5.2.1 → 4.12.3, 5.2.3
* https://github.com/advisories/GHSA-378v-28hj-76wf
* body-parser: 1.20.3 → 1.20.5
* https://github.com/advisories/GHSA-6rw7-vpxm-498p
* https://github.com/advisories/GHSA-w7fw-mjwx-w883
* brace-expansion: 1.1.12, 2.0.2 → 1.1.14, 2.1.0
* https://github.com/advisories/GHSA-f886-m6hf-6m8v
* editorconfig: 1.0.4 → 1.0.7
* https://github.com/advisories/GHSA-23c5-xmqv-rm74
* https://github.com/advisories/GHSA-3ppc-4f35-3m26
* https://github.com/advisories/GHSA-7r86-cg39-jmmj
* flatted: 3.3.1 → 3.4.2
* https://github.com/advisories/GHSA-25h7-pfq9-p65f
* https://github.com/advisories/GHSA-rf6f-7fwh-wjgh
* handlebars: 4.7.7 → 4.7.9
* https://github.com/advisories/GHSA-2qvq-rjwj-gvw9
* https://github.com/advisories/GHSA-2w6w-674q-4c4q
* https://github.com/advisories/GHSA-3mfm-83xf-c92r
* https://github.com/advisories/GHSA-442j-39wm-28r2
* https://github.com/advisories/GHSA-7rx3-28cr-v5wh
* https://github.com/advisories/GHSA-9cx6-37pm-9jff
* https://github.com/advisories/GHSA-xhpv-hc6g-r9c6
* https://github.com/advisories/GHSA-xjpj-3mr7-gcpf
* lodash: 4.17.21 → 4.18.1
* https://github.com/advisories/GHSA-f23m-r3pf-42rh
* https://github.com/advisories/GHSA-r5fr-rjxr-66jc
* https://github.com/advisories/GHSA-xxjr-mmjv-4gpg
* minimatch: 3.1.2, 9.0.1, 9.0.4, 9.0.5 → 3.1.5, 9.0.9
* https://github.com/advisories/GHSA-23c5-xmqv-rm74
* https://github.com/advisories/GHSA-3ppc-4f35-3m26
* https://github.com/advisories/GHSA-7r86-cg39-jmmj
* path-to-regexp: 0.1.12 → 0.1.13
* https://github.com/advisories/GHSA-37ch-88jc-xwx2
* picomatch: 2.3.1 → 2.3.2
* https://github.com/advisories/GHSA-3v7f-55p6-f55p
* https://github.com/advisories/GHSA-c2c7-rcm5-vvqj
* qs: 6.13.0, 6.14.0 → 6.14.0, 6.15.1
* https://github.com/advisories/GHSA-6rw7-vpxm-498p
* https://github.com/advisories/GHSA-w7fw-mjwx-w883
* yaml: 1.10.2, 2.4.1 → 1.10.3, 2.8.3
* https://github.com/advisories/GHSA-48c2-rrv3-qjmp
Change-Id: If18086ca8d9404e0897e88bb01f5057541c37fee
---
package-lock.json | 1060 +++++++++++++++++++++++++--------------------
1 file changed, 594 insertions(+), 466 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 2ecbdec..c9e3e86 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -7790,9 +7790,9 @@
}
},
"node_modules/ajv": {
- "version": "6.12.6",
- "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
- "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
+ "version": "6.15.0",
+ "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.15.0.tgz",
+ "integrity": "sha512-fgFx7Hfoq60ytK2c7DhnF8jIvzYgOMxfugjLOSMHjLIPgenqa7S7oaagATUq99mV6IYvN2tRmC0wnTYX6iPbMw==",
"dev": true,
"dependencies": {
"fast-deep-equal": "^3.1.1",
@@ -8224,9 +8224,9 @@
}
},
"node_modules/asn1.js/node_modules/bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
},
"node_modules/assert": {
@@ -8875,29 +8875,29 @@
"dev": true
},
"node_modules/bn.js": {
- "version": "5.2.1",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.1.tgz",
- "integrity": "sha512-eXRvHzWyYPBuB4NBy0cmYQjGitUrtqwbvlzP3G6VFnNRbsZQIxQ10PbKKHt8gZ/HW/D/747aDl+QkDqg3KQLMQ==",
+ "version": "5.2.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.3.tgz",
+ "integrity": "sha512-EAcmnPkxpntVL+DS7bO1zhcZNvCkxqtkd0ZY53h06GNQ3DEkkGZ/gKgmDv6DdZQGj9BgfSPKtJJ7Dp1GPP8f7w==",
"dev": true
},
"node_modules/body-parser": {
- "version": "1.20.3",
- "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz",
- "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==",
+ "version": "1.20.5",
+ "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.5.tgz",
+ "integrity": "sha512-3grm+/2tUOvu2cjJkvsIxrv/wVpfXQW4PsQHYm7yk4vfpu7Ekl6nEsYBoJUL6qDwZUx8wUhQ8tR2qz+ad9c9OA==",
"dev": true,
"dependencies": {
- "bytes": "3.1.2",
+ "bytes": "~3.1.2",
"content-type": "~1.0.5",
"debug": "2.6.9",
"depd": "2.0.0",
- "destroy": "1.2.0",
- "http-errors": "2.0.0",
- "iconv-lite": "0.4.24",
- "on-finished": "2.4.1",
- "qs": "6.13.0",
- "raw-body": "2.5.2",
+ "destroy": "~1.2.0",
+ "http-errors": "~2.0.1",
+ "iconv-lite": "~0.4.24",
+ "on-finished": "~2.4.1",
+ "qs": "~6.15.1",
+ "raw-body": "~2.5.3",
"type-is": "~1.6.18",
- "unpipe": "1.0.0"
+ "unpipe": "~1.0.0"
},
"engines": {
"node": ">= 0.8",
@@ -8913,6 +8913,26 @@
"ms": "2.0.0"
}
},
+ "node_modules/body-parser/node_modules/http-errors": {
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz",
+ "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==",
+ "dev": true,
+ "dependencies": {
+ "depd": "~2.0.0",
+ "inherits": "~2.0.4",
+ "setprototypeof": "~1.2.0",
+ "statuses": "~2.0.2",
+ "toidentifier": "~1.0.1"
+ },
+ "engines": {
+ "node": ">= 0.8"
+ },
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
"node_modules/body-parser/node_modules/ms": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
@@ -8920,12 +8940,12 @@
"dev": true
},
"node_modules/body-parser/node_modules/qs": {
- "version": "6.13.0",
- "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz",
- "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==",
+ "version": "6.15.1",
+ "resolved": "https://registry.npmjs.org/qs/-/qs-6.15.1.tgz",
+ "integrity": "sha512-6YHEFRL9mfgcAvql/XhwTvf5jKcOiiupt2FiJxHkiX1z4j7WL8J/jRHYLluORvc1XxB5rV20KoeK00gVJamspg==",
"dev": true,
"dependencies": {
- "side-channel": "^1.0.6"
+ "side-channel": "^1.1.0"
},
"engines": {
"node": ">=0.6"
@@ -8934,6 +8954,15 @@
"url": "https://github.com/sponsors/ljharb"
}
},
+ "node_modules/body-parser/node_modules/statuses": {
+ "version": "2.0.2",
+ "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
+ "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==",
+ "dev": true,
+ "engines": {
+ "node": ">= 0.8"
+ }
+ },
"node_modules/boolbase": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/boolbase/-/boolbase-1.0.0.tgz",
@@ -9067,9 +9096,9 @@
}
},
"node_modules/brace-expansion": {
- "version": "1.1.12",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
- "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
+ "version": "1.1.14",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.14.tgz",
+ "integrity": "sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==",
"dev": true,
"dependencies": {
"balanced-match": "^1.0.0",
@@ -9132,47 +9161,57 @@
}
},
"node_modules/browserify-rsa": {
- "version": "4.1.0",
- "resolved": "https://registry.npmjs.org/browserify-rsa/-/browserify-rsa-4.1.0.tgz",
- "integrity": "sha512-AdEER0Hkspgno2aR97SAf6vi0y0k8NuOpGnVH3O99rcA5Q6sh8QxcngtHuJ6uXwnfAXNM4Gn1Gb7/MV1+Ymbog==",
+ "version": "4.1.1",
+ "resolved": "https://registry.npmjs.org/browserify-rsa/-/browserify-rsa-4.1.1.tgz",
+ "integrity": "sha512-YBjSAiTqM04ZVei6sXighu679a3SqWORA3qZTEqZImnlkDIFtKc6pNutpjyZ8RJTjQtuYfeetkxM11GwoYXMIQ==",
"dev": true,
"dependencies": {
- "bn.js": "^5.0.0",
- "randombytes": "^2.0.1"
+ "bn.js": "^5.2.1",
+ "randombytes": "^2.1.0",
+ "safe-buffer": "^5.2.1"
+ },
+ "engines": {
+ "node": ">= 0.10"
}
},
+ "node_modules/browserify-rsa/node_modules/safe-buffer": {
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+ "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+ "dev": true,
+ "funding": [
+ {
+ "type": "github",
+ "url": "https://github.com/sponsors/feross"
+ },
+ {
+ "type": "patreon",
+ "url": "https://www.patreon.com/feross"
+ },
+ {
+ "type": "consulting",
+ "url": "https://feross.org/support"
+ }
+ ]
+ },
"node_modules/browserify-sign": {
- "version": "4.2.3",
- "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.3.tgz",
- "integrity": "sha512-JWCZW6SKhfhjJxO8Tyiiy+XYB7cqd2S5/+WeYHsKdNKFlCBhKbblba1A/HN/90YwtxKc8tCErjffZl++UNmGiw==",
+ "version": "4.2.5",
+ "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.5.tgz",
+ "integrity": "sha512-C2AUdAJg6rlM2W5QMp2Q4KGQMVBwR1lIimTsUnutJ8bMpW5B52pGpR2gEnNBNwijumDo5FojQ0L9JrXA8m4YEw==",
"dev": true,
"dependencies": {
- "bn.js": "^5.2.1",
- "browserify-rsa": "^4.1.0",
+ "bn.js": "^5.2.2",
+ "browserify-rsa": "^4.1.1",
"create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
- "elliptic": "^6.5.5",
- "hash-base": "~3.0",
+ "elliptic": "^6.6.1",
"inherits": "^2.0.4",
- "parse-asn1": "^5.1.7",
+ "parse-asn1": "^5.1.9",
"readable-stream": "^2.3.8",
"safe-buffer": "^5.2.1"
},
"engines": {
- "node": ">= 0.12"
- }
- },
- "node_modules/browserify-sign/node_modules/hash-base": {
- "version": "3.0.4",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
- "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
- "dev": true,
- "dependencies": {
- "inherits": "^2.0.1",
- "safe-buffer": "^5.0.1"
- },
- "engines": {
- "node": ">=4"
+ "node": ">= 0.10"
}
},
"node_modules/browserify-sign/node_modules/isarray": {
@@ -10728,9 +10767,9 @@
}
},
"node_modules/create-ecdh/node_modules/bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
},
"node_modules/create-hash": {
@@ -10910,27 +10949,64 @@
}
},
"node_modules/crypto-browserify": {
- "version": "3.12.0",
- "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.0.tgz",
- "integrity": "sha512-fz4spIh+znjO2VjL+IdhEpRJ3YN6sMzITSBijk6FK2UvTqruSQW+/cCZTSNsMiZNvUeq0CqurF+dAbyiGOY6Wg==",
+ "version": "3.12.1",
+ "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.1.tgz",
+ "integrity": "sha512-r4ESw/IlusD17lgQi1O20Fa3qNnsckR126TdUuBgAu7GBYSIPvdNyONd3Zrxh0xCwA4+6w/TDArBPsMvhur+KQ==",
"dev": true,
"dependencies": {
- "browserify-cipher": "^1.0.0",
- "browserify-sign": "^4.0.0",
- "create-ecdh": "^4.0.0",
- "create-hash": "^1.1.0",
- "create-hmac": "^1.1.0",
- "diffie-hellman": "^5.0.0",
- "inherits": "^2.0.1",
- "pbkdf2": "^3.0.3",
- "public-encrypt": "^4.0.0",
- "randombytes": "^2.0.0",
- "randomfill": "^1.0.3"
+ "browserify-cipher": "^1.0.1",
+ "browserify-sign": "^4.2.3",
+ "create-ecdh": "^4.0.4",
+ "create-hash": "^1.2.0",
+ "create-hmac": "^1.1.7",
+ "diffie-hellman": "^5.0.3",
+ "hash-base": "~3.0.4",
+ "inherits": "^2.0.4",
+ "pbkdf2": "^3.1.2",
+ "public-encrypt": "^4.0.3",
+ "randombytes": "^2.1.0",
+ "randomfill": "^1.0.4"
},
"engines": {
- "node": "*"
+ "node": ">= 0.10"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/ljharb"
}
},
+ "node_modules/crypto-browserify/node_modules/hash-base": {
+ "version": "3.0.5",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.5.tgz",
+ "integrity": "sha512-vXm0l45VbcHEVlTCzs8M+s0VeYsB2lnlAaThoLKGXr3bE/VWDOelNUnycUPEhKEaXARL2TEFjBOyUiM6+55KBg==",
+ "dev": true,
+ "dependencies": {
+ "inherits": "^2.0.4",
+ "safe-buffer": "^5.2.1"
+ },
+ "engines": {
+ "node": ">= 0.10"
+ }
+ },
+ "node_modules/crypto-browserify/node_modules/safe-buffer": {
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+ "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+ "dev": true,
+ "funding": [
+ {
+ "type": "github",
+ "url": "https://github.com/sponsors/feross"
+ },
+ {
+ "type": "patreon",
+ "url": "https://www.patreon.com/feross"
+ },
+ {
+ "type": "consulting",
+ "url": "https://feross.org/support"
+ }
+ ]
+ },
"node_modules/css-functions-list": {
"version": "3.2.3",
"resolved": "https://registry.npmjs.org/css-functions-list/-/css-functions-list-3.2.3.tgz",
@@ -11643,9 +11719,9 @@
}
},
"node_modules/diffie-hellman/node_modules/bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
},
"node_modules/dir-glob": {
@@ -11998,14 +12074,14 @@
"dev": true
},
"node_modules/editorconfig": {
- "version": "1.0.4",
- "resolved": "https://registry.npmjs.org/editorconfig/-/editorconfig-1.0.4.tgz",
- "integrity": "sha512-L9Qe08KWTlqYMVvMcTIvMAdl1cDUubzRNYL+WfA4bLDMHe4nemKkpmYzkznE1FwLKu0EEmy6obgQKzMJrg4x9Q==",
+ "version": "1.0.7",
+ "resolved": "https://registry.npmjs.org/editorconfig/-/editorconfig-1.0.7.tgz",
+ "integrity": "sha512-e0GOtq/aTQhVdNyDU9e02+wz9oDDM+SIOQxWME2QRjzRX5yyLAuHDE+0aE8vHb9XRC8XD37eO2u57+F09JqFhw==",
"dev": true,
"dependencies": {
"@one-ini/wasm": "0.1.1",
"commander": "^10.0.0",
- "minimatch": "9.0.1",
+ "minimatch": "^9.0.1",
"semver": "^7.5.3"
},
"bin": {
@@ -12016,9 +12092,9 @@
}
},
"node_modules/editorconfig/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"dependencies": {
"balanced-match": "^1.0.0"
@@ -12034,12 +12110,12 @@
}
},
"node_modules/editorconfig/node_modules/minimatch": {
- "version": "9.0.1",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.1.tgz",
- "integrity": "sha512-0jWhJpD/MdhPXwPuiRkCbfYfSKp2qnn2eOc279qI7f+osl/l+prKSrvhg157zSYvx/1nmgn2NqdT6k2Z7zSH9w==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"dependencies": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
},
"engines": {
"node": ">=16 || 14 >=14.17"
@@ -12088,9 +12164,9 @@
}
},
"node_modules/elliptic/node_modules/bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
},
"node_modules/emittery": {
@@ -12641,9 +12717,9 @@
}
},
"node_modules/eslint-config-wikimedia/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"dependencies": {
"balanced-match": "^1.0.0"
@@ -12687,12 +12763,12 @@
}
},
"node_modules/eslint-config-wikimedia/node_modules/minimatch": {
- "version": "9.0.4",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz",
- "integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"dependencies": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
},
"engines": {
"node": ">=16 || 14 >=14.17"
@@ -13020,9 +13096,9 @@
}
},
"node_modules/eslint-plugin-n/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"dependencies": {
"balanced-match": "^1.0.0"
@@ -13054,12 +13130,12 @@
}
},
"node_modules/eslint-plugin-n/node_modules/minimatch": {
- "version": "9.0.4",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz",
- "integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"dependencies": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
},
"engines": {
"node": ">=16 || 14 >=14.17"
@@ -14532,9 +14608,9 @@
}
},
"node_modules/flatted": {
- "version": "3.3.1",
- "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz",
- "integrity": "sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw==",
+ "version": "3.4.2",
+ "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.4.2.tgz",
+ "integrity": "sha512-PjDse7RzhcPkIJwy5t7KPWQSZ9cAbzQXcafsetQoD7sOJRQlGikNbx7yZp2OotDnJyrDcbyRq3Ttb18iYOqkxA==",
"dev": true
},
"node_modules/flow-parser": {
@@ -15343,13 +15419,13 @@
"dev": true
},
"node_modules/handlebars": {
- "version": "4.7.7",
- "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.7.tgz",
- "integrity": "sha512-aAcXm5OAfE/8IXkcZvCepKU3VzW1/39Fb5ZuqMtgI/hT8X2YgoMvBY5dLhq/cpOvw7Lk1nK/UF71aLG/ZnVYRA==",
+ "version": "4.7.9",
+ "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.9.tgz",
+ "integrity": "sha512-4E71E0rpOaQuJR2A3xDZ+GM1HyWYv1clR58tC8emQNeQe3RH7MAzSbat+V0wG78LQBo6m6bzSG/L4pBuCsgnUQ==",
"dev": true,
"dependencies": {
"minimist": "^1.2.5",
- "neo-async": "^2.6.0",
+ "neo-async": "^2.6.2",
"source-map": "^0.6.1",
"wordwrap": "^1.0.0"
},
@@ -15562,33 +15638,47 @@
}
},
"node_modules/hash-base": {
- "version": "3.1.0",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.1.0.tgz",
- "integrity": "sha512-1nmYp/rhMDiE7AYkDw+lLwlAzz0AntGIe51F3RfFfEqyQ3feY2eI/NcwC6umIQVOASPMsWJLJScWKSSvzL9IVA==",
+ "version": "3.1.2",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.1.2.tgz",
+ "integrity": "sha512-Bb33KbowVTIj5s7Ked1OsqHUeCpz//tPwR+E2zJgJKo9Z5XolZ9b6bdUgjmYlwnWhoOQKoTd1TYToZGn5mAYOg==",
"dev": true,
"dependencies": {
"inherits": "^2.0.4",
- "readable-stream": "^3.6.0",
- "safe-buffer": "^5.2.0"
+ "readable-stream": "^2.3.8",
+ "safe-buffer": "^5.2.1",
+ "to-buffer": "^1.2.1"
},
"engines": {
- "node": ">=4"
+ "node": ">= 0.8"
}
},
+ "node_modules/hash-base/node_modules/isarray": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
+ "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==",
+ "dev": true
+ },
"node_modules/hash-base/node_modules/readable-stream": {
- "version": "3.6.2",
- "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
- "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
+ "version": "2.3.8",
+ "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
+ "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
"dev": true,
"dependencies": {
- "inherits": "^2.0.3",
- "string_decoder": "^1.1.1",
- "util-deprecate": "^1.0.1"
- },
- "engines": {
- "node": ">= 6"
+ "core-util-is": "~1.0.0",
+ "inherits": "~2.0.3",
+ "isarray": "~1.0.0",
+ "process-nextick-args": "~2.0.0",
+ "safe-buffer": "~5.1.1",
+ "string_decoder": "~1.1.1",
+ "util-deprecate": "~1.0.1"
}
},
+ "node_modules/hash-base/node_modules/readable-stream/node_modules/safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ },
"node_modules/hash-base/node_modules/safe-buffer": {
"version": "5.2.1",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
@@ -15610,14 +15700,20 @@
]
},
"node_modules/hash-base/node_modules/string_decoder": {
- "version": "1.3.0",
- "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
- "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==",
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
+ "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
"dev": true,
"dependencies": {
- "safe-buffer": "~5.2.0"
+ "safe-buffer": "~5.1.0"
}
},
+ "node_modules/hash-base/node_modules/string_decoder/node_modules/safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ },
"node_modules/hash-sum": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/hash-sum/-/hash-sum-2.0.0.tgz",
@@ -20113,9 +20209,9 @@
}
},
"node_modules/js-beautify/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"dependencies": {
"balanced-match": "^1.0.0"
@@ -20142,12 +20238,12 @@
}
},
"node_modules/js-beautify/node_modules/minimatch": {
- "version": "9.0.5",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
- "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"dependencies": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
},
"engines": {
"node": ">=16 || 14 >=14.17"
@@ -20864,9 +20960,9 @@
}
},
"node_modules/lodash": {
- "version": "4.17.21",
- "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
- "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
+ "version": "4.18.1",
+ "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.18.1.tgz",
+ "integrity": "sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==",
"dev": true
},
"node_modules/lodash.debounce": {
@@ -21280,9 +21376,9 @@
}
},
"node_modules/miller-rabin/node_modules/bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
},
"node_modules/mime": {
@@ -21358,9 +21454,9 @@
"dev": true
},
"node_modules/minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.5",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+ "integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
"dev": true,
"dependencies": {
"brace-expansion": "^1.1.7"
@@ -21599,9 +21695,9 @@
"optional": true
},
"node_modules/nanoid": {
- "version": "3.3.8",
- "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.8.tgz",
- "integrity": "sha512-WNLf5Sd8oZxOm+TzppcYk8gVOgP+l58xNy58D0nbUnOxOWRWvlcCV4kUF7ltmI6PsrLl/BgKEyS4mqsGChFN0w==",
+ "version": "3.3.12",
+ "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.12.tgz",
+ "integrity": "sha512-ZB9RH/39qpq5Vu6Y+NmUaFhQR6pp+M2Xt76XBnEwDaGcVAqhlvxrl3B2bKS5D3NH3QR76v3aSrKaF/Kiy7lEtQ==",
"dev": true,
"funding": [
{
@@ -22569,35 +22665,21 @@
}
},
"node_modules/parse-asn1": {
- "version": "5.1.7",
- "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.7.tgz",
- "integrity": "sha512-CTM5kuWR3sx9IFamcl5ErfPl6ea/N8IYwiJ+vpeB2g+1iknv7zBl5uPwbMbRVznRVbrNY6lGuDoE5b30grmbqg==",
+ "version": "5.1.9",
+ "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.9.tgz",
+ "integrity": "sha512-fIYNuZ/HastSb80baGOuPRo1O9cf4baWw5WsAp7dBuUzeTD/BoaG8sVTdlPFksBE2lF21dN+A1AnrpIjSWqHHg==",
"dev": true,
"dependencies": {
"asn1.js": "^4.10.1",
"browserify-aes": "^1.2.0",
"evp_bytestokey": "^1.0.3",
- "hash-base": "~3.0",
- "pbkdf2": "^3.1.2",
+ "pbkdf2": "^3.1.5",
"safe-buffer": "^5.2.1"
},
"engines": {
"node": ">= 0.10"
}
},
- "node_modules/parse-asn1/node_modules/hash-base": {
- "version": "3.0.4",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
- "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
- "dev": true,
- "dependencies": {
- "inherits": "^2.0.1",
- "safe-buffer": "^5.0.1"
- },
- "engines": {
- "node": ">=4"
- }
- },
"node_modules/parse-asn1/node_modules/safe-buffer": {
"version": "5.2.1",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
@@ -22771,9 +22853,9 @@
}
},
"node_modules/path-to-regexp": {
- "version": "0.1.12",
- "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz",
- "integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==",
+ "version": "0.1.13",
+ "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.13.tgz",
+ "integrity": "sha512-A/AGNMFN3c8bOlvV9RreMdrv7jsmF9XIfDeCd87+I8RNg6s78BhJxMu69NEMHBSJFxKidViTEdruRwEk/WIKqA==",
"dev": true
},
"node_modules/path-type": {
@@ -22786,51 +22868,20 @@
}
},
"node_modules/pbkdf2": {
- "version": "3.1.3",
- "resolved": "https://registry.npmjs.org/pbkdf2/-/pbkdf2-3.1.3.tgz",
- "integrity": "sha512-wfRLBZ0feWRhCIkoMB6ete7czJcnNnqRpcoWQBLqatqXXmelSRqfdDK4F3u9T2s2cXas/hQJcryI/4lAL+XTlA==",
+ "version": "3.1.5",
+ "resolved": "https://registry.npmjs.org/pbkdf2/-/pbkdf2-3.1.5.tgz",
+ "integrity": "sha512-Q3CG/cYvCO1ye4QKkuH7EXxs3VC/rI1/trd+qX2+PolbaKG0H+bgcZzrTt96mMyRtejk+JMCiLUn3y29W8qmFQ==",
"dev": true,
"dependencies": {
- "create-hash": "~1.1.3",
+ "create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
- "ripemd160": "=2.0.1",
+ "ripemd160": "^2.0.3",
"safe-buffer": "^5.2.1",
- "sha.js": "^2.4.11",
- "to-buffer": "^1.2.0"
+ "sha.js": "^2.4.12",
+ "to-buffer": "^1.2.1"
},
"engines": {
- "node": ">=0.12"
- }
- },
- "node_modules/pbkdf2/node_modules/create-hash": {
- "version": "1.1.3",
- "resolved": "https://registry.npmjs.org/create-hash/-/create-hash-1.1.3.tgz",
- "integrity": "sha512-snRpch/kwQhcdlnZKYanNF1m0RDlrCdSKQaH87w1FCFPVPNCQ/Il9QJKAX2jVBZddRdaHBMC+zXa9Gw9tmkNUA==",
- "dev": true,
- "dependencies": {
- "cipher-base": "^1.0.1",
- "inherits": "^2.0.1",
- "ripemd160": "^2.0.0",
- "sha.js": "^2.4.0"
- }
- },
- "node_modules/pbkdf2/node_modules/hash-base": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-2.0.2.tgz",
- "integrity": "sha512-0TROgQ1/SxE6KmxWSvXHvRj90/Xo1JvZShofnYF+f6ZsGtR4eES7WfrQzPalmyagfKZCXpVnitiRebZulWsbiw==",
- "dev": true,
- "dependencies": {
- "inherits": "^2.0.1"
- }
- },
- "node_modules/pbkdf2/node_modules/ripemd160": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.1.tgz",
- "integrity": "sha512-J7f4wutN8mdbV08MJnXibYpCOPHR+yzy+iQ/AsjMv2j8cLavQ8VGagDFUwwTAdF8FmRKVeNpbTTEwNHCW1g94w==",
- "dev": true,
- "dependencies": {
- "hash-base": "^2.0.0",
- "inherits": "^2.0.1"
+ "node": ">= 0.10"
}
},
"node_modules/pbkdf2/node_modules/safe-buffer": {
@@ -22860,9 +22911,9 @@
"dev": true
},
"node_modules/picomatch": {
- "version": "2.3.1",
- "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
- "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
+ "version": "2.3.2",
+ "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.2.tgz",
+ "integrity": "sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==",
"dev": true,
"engines": {
"node": ">=8.6"
@@ -22977,9 +23028,9 @@
}
},
"node_modules/postcss": {
- "version": "8.4.49",
- "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.49.tgz",
- "integrity": "sha512-OCVPnIObs4N29kxTjzLfUryOkvZEq+pf8jTF0lg8E7uETuWHA+v7j3c/xJmiqpX450191LlmZfUKkXxkTry7nA==",
+ "version": "8.5.13",
+ "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.13.tgz",
+ "integrity": "sha512-qif0+jGGZoLWdHey3UFHHWP0H7Gbmsk8T5VEqyYFbWqPr1XqvLGBbk/sl8V5exGmcYJklJOhOQq1pV9IcsiFag==",
"dev": true,
"funding": [
{
@@ -22996,7 +23047,7 @@
}
],
"dependencies": {
- "nanoid": "^3.3.7",
+ "nanoid": "^3.3.11",
"picocolors": "^1.1.1",
"source-map-js": "^1.2.1"
},
@@ -23576,9 +23627,9 @@
}
},
"node_modules/public-encrypt/node_modules/bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
},
"node_modules/pug": {
@@ -23856,16 +23907,45 @@
}
},
"node_modules/raw-body": {
- "version": "2.5.2",
- "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz",
- "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==",
+ "version": "2.5.3",
+ "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.3.tgz",
+ "integrity": "sha512-s4VSOf6yN0rvbRZGxs8Om5CWj6seneMwK3oDb4lWDH0UPhWcxwOWw5+qk24bxq87szX1ydrwylIOp2uG1ojUpA==",
"dev": true,
"dependencies": {
- "bytes": "3.1.2",
- "http-errors": "2.0.0",
- "iconv-lite": "0.4.24",
- "unpipe": "1.0.0"
+ "bytes": "~3.1.2",
+ "http-errors": "~2.0.1",
+ "iconv-lite": "~0.4.24",
+ "unpipe": "~1.0.0"
+ },
+ "engines": {
+ "node": ">= 0.8"
+ }
+ },
+ "node_modules/raw-body/node_modules/http-errors": {
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz",
+ "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==",
+ "dev": true,
+ "dependencies": {
+ "depd": "~2.0.0",
+ "inherits": "~2.0.4",
+ "setprototypeof": "~1.2.0",
+ "statuses": "~2.0.2",
+ "toidentifier": "~1.0.1"
},
+ "engines": {
+ "node": ">= 0.8"
+ },
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
+ "node_modules/raw-body/node_modules/statuses": {
+ "version": "2.0.2",
+ "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
+ "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==",
+ "dev": true,
"engines": {
"node": ">= 0.8"
}
@@ -24654,13 +24734,16 @@
}
},
"node_modules/ripemd160": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.2.tgz",
- "integrity": "sha512-ii4iagi25WusVoiC4B4lq7pbXfAp3D9v5CwfkY33vffw2+pkDjY1D8GaN7spsxvCSx8dkPqOZCEZyfxcmJG2IA==",
+ "version": "2.0.3",
+ "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.3.tgz",
+ "integrity": "sha512-5Di9UC0+8h1L6ZD2d7awM7E/T4uA1fJRlx6zk/NvdCCVEoAnFqvHmCuNeIKoCeIixBX/q8uM+6ycDvF8woqosA==",
"dev": true,
"dependencies": {
- "hash-base": "^3.0.0",
- "inherits": "^2.0.1"
+ "hash-base": "^3.1.2",
+ "inherits": "^2.0.4"
+ },
+ "engines": {
+ "node": ">= 0.8"
}
},
"node_modules/rsvp": {
@@ -26904,9 +26987,9 @@
}
},
"node_modules/table/node_modules/ajv": {
- "version": "8.17.1",
- "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz",
- "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==",
+ "version": "8.20.0",
+ "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.20.0.tgz",
+ "integrity": "sha512-Thbli+OlOj+iMPYFBVBfJ3OmCAnaSyNn4M1vz9T6Gka5Jt9ba/HIR56joy65tY6kx/FCF5VXNB819Y7/GUrBGA==",
"dev": true,
"dependencies": {
"fast-deep-equal": "^3.1.3",
@@ -30013,9 +30096,9 @@
"dev": true
},
"node_modules/yaml": {
- "version": "1.10.2",
- "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz",
- "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==",
+ "version": "1.10.3",
+ "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.3.tgz",
+ "integrity": "sha512-vIYeF1u3CjlhAFekPPAk2h/Kv4T3mAkMox5OymRiJQB0spDP10LHvt+K7G9Ny6NuuMAb25/6n1qyUjAcGNf/AA==",
"dev": true,
"engines": {
"node": ">= 6"
@@ -30051,15 +30134,18 @@
}
},
"node_modules/yaml-eslint-parser/node_modules/yaml": {
- "version": "2.4.1",
- "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.4.1.tgz",
- "integrity": "sha512-pIXzoImaqmfOrL7teGUBt/T7ZDnyeGBWyXQBvOVhLkWLN37GXv8NMLK406UY6dS51JfcQHsmcW5cJ441bHg6Lg==",
+ "version": "2.8.3",
+ "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.8.3.tgz",
+ "integrity": "sha512-AvbaCLOO2Otw/lW5bmh9d/WEdcDFdQp2Z2ZUH3pX9U2ihyUY0nvLv7J6TrWowklRGPYbB/IuIMfYgxaCPg5Bpg==",
"dev": true,
"bin": {
"yaml": "bin.mjs"
},
"engines": {
- "node": ">= 14"
+ "node": ">= 14.6"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/eemeli"
}
},
"node_modules/yocto-queue": {
@@ -35810,9 +35896,9 @@
}
},
"ajv": {
- "version": "6.12.6",
- "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
- "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
+ "version": "6.15.0",
+ "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.15.0.tgz",
+ "integrity": "sha512-fgFx7Hfoq60ytK2c7DhnF8jIvzYgOMxfugjLOSMHjLIPgenqa7S7oaagATUq99mV6IYvN2tRmC0wnTYX6iPbMw==",
"dev": true,
"requires": {
"fast-deep-equal": "^3.1.1",
@@ -36122,9 +36208,9 @@
},
"dependencies": {
"bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
}
}
@@ -36614,29 +36700,29 @@
"dev": true
},
"bn.js": {
- "version": "5.2.1",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.1.tgz",
- "integrity": "sha512-eXRvHzWyYPBuB4NBy0cmYQjGitUrtqwbvlzP3G6VFnNRbsZQIxQ10PbKKHt8gZ/HW/D/747aDl+QkDqg3KQLMQ==",
+ "version": "5.2.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.3.tgz",
+ "integrity": "sha512-EAcmnPkxpntVL+DS7bO1zhcZNvCkxqtkd0ZY53h06GNQ3DEkkGZ/gKgmDv6DdZQGj9BgfSPKtJJ7Dp1GPP8f7w==",
"dev": true
},
"body-parser": {
- "version": "1.20.3",
- "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz",
- "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==",
+ "version": "1.20.5",
+ "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.5.tgz",
+ "integrity": "sha512-3grm+/2tUOvu2cjJkvsIxrv/wVpfXQW4PsQHYm7yk4vfpu7Ekl6nEsYBoJUL6qDwZUx8wUhQ8tR2qz+ad9c9OA==",
"dev": true,
"requires": {
- "bytes": "3.1.2",
+ "bytes": "~3.1.2",
"content-type": "~1.0.5",
"debug": "2.6.9",
"depd": "2.0.0",
- "destroy": "1.2.0",
- "http-errors": "2.0.0",
- "iconv-lite": "0.4.24",
- "on-finished": "2.4.1",
- "qs": "6.13.0",
- "raw-body": "2.5.2",
+ "destroy": "~1.2.0",
+ "http-errors": "~2.0.1",
+ "iconv-lite": "~0.4.24",
+ "on-finished": "~2.4.1",
+ "qs": "~6.15.1",
+ "raw-body": "~2.5.3",
"type-is": "~1.6.18",
- "unpipe": "1.0.0"
+ "unpipe": "~1.0.0"
},
"dependencies": {
"debug": {
@@ -36648,6 +36734,19 @@
"ms": "2.0.0"
}
},
+ "http-errors": {
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz",
+ "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==",
+ "dev": true,
+ "requires": {
+ "depd": "~2.0.0",
+ "inherits": "~2.0.4",
+ "setprototypeof": "~1.2.0",
+ "statuses": "~2.0.2",
+ "toidentifier": "~1.0.1"
+ }
+ },
"ms": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
@@ -36655,13 +36754,19 @@
"dev": true
},
"qs": {
- "version": "6.13.0",
- "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz",
- "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==",
+ "version": "6.15.1",
+ "resolved": "https://registry.npmjs.org/qs/-/qs-6.15.1.tgz",
+ "integrity": "sha512-6YHEFRL9mfgcAvql/XhwTvf5jKcOiiupt2FiJxHkiX1z4j7WL8J/jRHYLluORvc1XxB5rV20KoeK00gVJamspg==",
"dev": true,
"requires": {
- "side-channel": "^1.0.6"
+ "side-channel": "^1.1.0"
}
+ },
+ "statuses": {
+ "version": "2.0.2",
+ "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
+ "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==",
+ "dev": true
}
}
},
@@ -36761,9 +36866,9 @@
}
},
"brace-expansion": {
- "version": "1.1.12",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
- "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
+ "version": "1.1.14",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.14.tgz",
+ "integrity": "sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==",
"dev": true,
"requires": {
"balanced-match": "^1.0.0",
@@ -36823,43 +36928,41 @@
}
},
"browserify-rsa": {
- "version": "4.1.0",
- "resolved": "https://registry.npmjs.org/browserify-rsa/-/browserify-rsa-4.1.0.tgz",
- "integrity": "sha512-AdEER0Hkspgno2aR97SAf6vi0y0k8NuOpGnVH3O99rcA5Q6sh8QxcngtHuJ6uXwnfAXNM4Gn1Gb7/MV1+Ymbog==",
+ "version": "4.1.1",
+ "resolved": "https://registry.npmjs.org/browserify-rsa/-/browserify-rsa-4.1.1.tgz",
+ "integrity": "sha512-YBjSAiTqM04ZVei6sXighu679a3SqWORA3qZTEqZImnlkDIFtKc6pNutpjyZ8RJTjQtuYfeetkxM11GwoYXMIQ==",
"dev": true,
"requires": {
- "bn.js": "^5.0.0",
- "randombytes": "^2.0.1"
+ "bn.js": "^5.2.1",
+ "randombytes": "^2.1.0",
+ "safe-buffer": "^5.2.1"
+ },
+ "dependencies": {
+ "safe-buffer": {
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+ "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+ "dev": true
+ }
}
},
"browserify-sign": {
- "version": "4.2.3",
- "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.3.tgz",
- "integrity": "sha512-JWCZW6SKhfhjJxO8Tyiiy+XYB7cqd2S5/+WeYHsKdNKFlCBhKbblba1A/HN/90YwtxKc8tCErjffZl++UNmGiw==",
+ "version": "4.2.5",
+ "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.5.tgz",
+ "integrity": "sha512-C2AUdAJg6rlM2W5QMp2Q4KGQMVBwR1lIimTsUnutJ8bMpW5B52pGpR2gEnNBNwijumDo5FojQ0L9JrXA8m4YEw==",
"dev": true,
"requires": {
- "bn.js": "^5.2.1",
- "browserify-rsa": "^4.1.0",
+ "bn.js": "^5.2.2",
+ "browserify-rsa": "^4.1.1",
"create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
- "elliptic": "^6.5.5",
- "hash-base": "~3.0",
+ "elliptic": "^6.6.1",
"inherits": "^2.0.4",
- "parse-asn1": "^5.1.7",
+ "parse-asn1": "^5.1.9",
"readable-stream": "^2.3.8",
"safe-buffer": "^5.2.1"
},
"dependencies": {
- "hash-base": {
- "version": "3.0.4",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
- "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
- "dev": true,
- "requires": {
- "inherits": "^2.0.1",
- "safe-buffer": "^5.0.1"
- }
- },
"isarray": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
@@ -38068,9 +38171,9 @@
},
"dependencies": {
"bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
}
}
@@ -38218,22 +38321,41 @@
}
},
"crypto-browserify": {
- "version": "3.12.0",
- "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.0.tgz",
- "integrity": "sha512-fz4spIh+znjO2VjL+IdhEpRJ3YN6sMzITSBijk6FK2UvTqruSQW+/cCZTSNsMiZNvUeq0CqurF+dAbyiGOY6Wg==",
+ "version": "3.12.1",
+ "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.1.tgz",
+ "integrity": "sha512-r4ESw/IlusD17lgQi1O20Fa3qNnsckR126TdUuBgAu7GBYSIPvdNyONd3Zrxh0xCwA4+6w/TDArBPsMvhur+KQ==",
"dev": true,
"requires": {
- "browserify-cipher": "^1.0.0",
- "browserify-sign": "^4.0.0",
- "create-ecdh": "^4.0.0",
- "create-hash": "^1.1.0",
- "create-hmac": "^1.1.0",
- "diffie-hellman": "^5.0.0",
- "inherits": "^2.0.1",
- "pbkdf2": "^3.0.3",
- "public-encrypt": "^4.0.0",
- "randombytes": "^2.0.0",
- "randomfill": "^1.0.3"
+ "browserify-cipher": "^1.0.1",
+ "browserify-sign": "^4.2.3",
+ "create-ecdh": "^4.0.4",
+ "create-hash": "^1.2.0",
+ "create-hmac": "^1.1.7",
+ "diffie-hellman": "^5.0.3",
+ "hash-base": "~3.0.4",
+ "inherits": "^2.0.4",
+ "pbkdf2": "^3.1.2",
+ "public-encrypt": "^4.0.3",
+ "randombytes": "^2.1.0",
+ "randomfill": "^1.0.4"
+ },
+ "dependencies": {
+ "hash-base": {
+ "version": "3.0.5",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.5.tgz",
+ "integrity": "sha512-vXm0l45VbcHEVlTCzs8M+s0VeYsB2lnlAaThoLKGXr3bE/VWDOelNUnycUPEhKEaXARL2TEFjBOyUiM6+55KBg==",
+ "dev": true,
+ "requires": {
+ "inherits": "^2.0.4",
+ "safe-buffer": "^5.2.1"
+ }
+ },
+ "safe-buffer": {
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+ "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+ "dev": true
+ }
}
},
"css-functions-list": {
@@ -38769,9 +38891,9 @@
},
"dependencies": {
"bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
}
}
@@ -39059,21 +39181,21 @@
"dev": true
},
"editorconfig": {
- "version": "1.0.4",
- "resolved": "https://registry.npmjs.org/editorconfig/-/editorconfig-1.0.4.tgz",
- "integrity": "sha512-L9Qe08KWTlqYMVvMcTIvMAdl1cDUubzRNYL+WfA4bLDMHe4nemKkpmYzkznE1FwLKu0EEmy6obgQKzMJrg4x9Q==",
+ "version": "1.0.7",
+ "resolved": "https://registry.npmjs.org/editorconfig/-/editorconfig-1.0.7.tgz",
+ "integrity": "sha512-e0GOtq/aTQhVdNyDU9e02+wz9oDDM+SIOQxWME2QRjzRX5yyLAuHDE+0aE8vHb9XRC8XD37eO2u57+F09JqFhw==",
"dev": true,
"requires": {
"@one-ini/wasm": "0.1.1",
"commander": "^10.0.0",
- "minimatch": "9.0.1",
+ "minimatch": "^9.0.1",
"semver": "^7.5.3"
},
"dependencies": {
"brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"requires": {
"balanced-match": "^1.0.0"
@@ -39086,12 +39208,12 @@
"dev": true
},
"minimatch": {
- "version": "9.0.1",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.1.tgz",
- "integrity": "sha512-0jWhJpD/MdhPXwPuiRkCbfYfSKp2qnn2eOc279qI7f+osl/l+prKSrvhg157zSYvx/1nmgn2NqdT6k2Z7zSH9w==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"requires": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
}
},
"semver": {
@@ -39130,9 +39252,9 @@
},
"dependencies": {
"bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
}
}
@@ -39701,9 +39823,9 @@
}
},
"brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"requires": {
"balanced-match": "^1.0.0"
@@ -39725,12 +39847,12 @@
"dev": true
},
"minimatch": {
- "version": "9.0.4",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz",
- "integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"requires": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
}
},
"semver": {
@@ -39938,9 +40060,9 @@
},
"dependencies": {
"brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"requires": {
"balanced-match": "^1.0.0"
@@ -39963,12 +40085,12 @@
"dev": true
},
"minimatch": {
- "version": "9.0.4",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz",
- "integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"requires": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
}
},
"semver": {
@@ -40888,9 +41010,9 @@
}
},
"flatted": {
- "version": "3.3.1",
- "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz",
- "integrity": "sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw==",
+ "version": "3.4.2",
+ "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.4.2.tgz",
+ "integrity": "sha512-PjDse7RzhcPkIJwy5t7KPWQSZ9cAbzQXcafsetQoD7sOJRQlGikNbx7yZp2OotDnJyrDcbyRq3Ttb18iYOqkxA==",
"dev": true
},
"flow-parser": {
@@ -41526,13 +41648,13 @@
"dev": true
},
"handlebars": {
- "version": "4.7.7",
- "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.7.tgz",
- "integrity": "sha512-aAcXm5OAfE/8IXkcZvCepKU3VzW1/39Fb5ZuqMtgI/hT8X2YgoMvBY5dLhq/cpOvw7Lk1nK/UF71aLG/ZnVYRA==",
+ "version": "4.7.9",
+ "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.9.tgz",
+ "integrity": "sha512-4E71E0rpOaQuJR2A3xDZ+GM1HyWYv1clR58tC8emQNeQe3RH7MAzSbat+V0wG78LQBo6m6bzSG/L4pBuCsgnUQ==",
"dev": true,
"requires": {
"minimist": "^1.2.5",
- "neo-async": "^2.6.0",
+ "neo-async": "^2.6.2",
"source-map": "^0.6.1",
"uglify-js": "^3.1.4",
"wordwrap": "^1.0.0"
@@ -41690,25 +41812,44 @@
}
},
"hash-base": {
- "version": "3.1.0",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.1.0.tgz",
- "integrity": "sha512-1nmYp/rhMDiE7AYkDw+lLwlAzz0AntGIe51F3RfFfEqyQ3feY2eI/NcwC6umIQVOASPMsWJLJScWKSSvzL9IVA==",
+ "version": "3.1.2",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.1.2.tgz",
+ "integrity": "sha512-Bb33KbowVTIj5s7Ked1OsqHUeCpz//tPwR+E2zJgJKo9Z5XolZ9b6bdUgjmYlwnWhoOQKoTd1TYToZGn5mAYOg==",
"dev": true,
"requires": {
"inherits": "^2.0.4",
- "readable-stream": "^3.6.0",
- "safe-buffer": "^5.2.0"
+ "readable-stream": "^2.3.8",
+ "safe-buffer": "^5.2.1",
+ "to-buffer": "^1.2.1"
},
"dependencies": {
+ "isarray": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
+ "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==",
+ "dev": true
+ },
"readable-stream": {
- "version": "3.6.2",
- "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
- "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
+ "version": "2.3.8",
+ "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
+ "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
"dev": true,
"requires": {
- "inherits": "^2.0.3",
- "string_decoder": "^1.1.1",
- "util-deprecate": "^1.0.1"
+ "core-util-is": "~1.0.0",
+ "inherits": "~2.0.3",
+ "isarray": "~1.0.0",
+ "process-nextick-args": "~2.0.0",
+ "safe-buffer": "~5.1.1",
+ "string_decoder": "~1.1.1",
+ "util-deprecate": "~1.0.1"
+ },
+ "dependencies": {
+ "safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ }
}
},
"safe-buffer": {
@@ -41718,12 +41859,20 @@
"dev": true
},
"string_decoder": {
- "version": "1.3.0",
- "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
- "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==",
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
+ "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
"dev": true,
"requires": {
- "safe-buffer": "~5.2.0"
+ "safe-buffer": "~5.1.0"
+ },
+ "dependencies": {
+ "safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ }
}
}
}
@@ -45118,9 +45267,9 @@
},
"dependencies": {
"brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+ "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
"dev": true,
"requires": {
"balanced-match": "^1.0.0"
@@ -45141,12 +45290,12 @@
}
},
"minimatch": {
- "version": "9.0.5",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
- "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+ "version": "9.0.9",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+ "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
"dev": true,
"requires": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^2.0.2"
}
},
"minipass": {
@@ -45711,9 +45860,9 @@
}
},
"lodash": {
- "version": "4.17.21",
- "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
- "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
+ "version": "4.18.1",
+ "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.18.1.tgz",
+ "integrity": "sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==",
"dev": true
},
"lodash.debounce": {
@@ -46050,9 +46199,9 @@
},
"dependencies": {
"bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
}
}
@@ -46112,9 +46261,9 @@
"dev": true
},
"minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.5",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+ "integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
"dev": true,
"requires": {
"brace-expansion": "^1.1.7"
@@ -46315,9 +46464,9 @@
"optional": true
},
"nanoid": {
- "version": "3.3.8",
- "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.8.tgz",
- "integrity": "sha512-WNLf5Sd8oZxOm+TzppcYk8gVOgP+l58xNy58D0nbUnOxOWRWvlcCV4kUF7ltmI6PsrLl/BgKEyS4mqsGChFN0w==",
+ "version": "3.3.12",
+ "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.12.tgz",
+ "integrity": "sha512-ZB9RH/39qpq5Vu6Y+NmUaFhQR6pp+M2Xt76XBnEwDaGcVAqhlvxrl3B2bKS5D3NH3QR76v3aSrKaF/Kiy7lEtQ==",
"dev": true
},
"nanomatch": {
@@ -47104,29 +47253,18 @@
}
},
"parse-asn1": {
- "version": "5.1.7",
- "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.7.tgz",
- "integrity": "sha512-CTM5kuWR3sx9IFamcl5ErfPl6ea/N8IYwiJ+vpeB2g+1iknv7zBl5uPwbMbRVznRVbrNY6lGuDoE5b30grmbqg==",
+ "version": "5.1.9",
+ "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.9.tgz",
+ "integrity": "sha512-fIYNuZ/HastSb80baGOuPRo1O9cf4baWw5WsAp7dBuUzeTD/BoaG8sVTdlPFksBE2lF21dN+A1AnrpIjSWqHHg==",
"dev": true,
"requires": {
"asn1.js": "^4.10.1",
"browserify-aes": "^1.2.0",
"evp_bytestokey": "^1.0.3",
- "hash-base": "~3.0",
- "pbkdf2": "^3.1.2",
+ "pbkdf2": "^3.1.5",
"safe-buffer": "^5.2.1"
},
"dependencies": {
- "hash-base": {
- "version": "3.0.4",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
- "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
- "dev": true,
- "requires": {
- "inherits": "^2.0.1",
- "safe-buffer": "^5.0.1"
- }
- },
"safe-buffer": {
"version": "5.2.1",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
@@ -47258,9 +47396,9 @@
}
},
"path-to-regexp": {
- "version": "0.1.12",
- "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz",
- "integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==",
+ "version": "0.1.13",
+ "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.13.tgz",
+ "integrity": "sha512-A/AGNMFN3c8bOlvV9RreMdrv7jsmF9XIfDeCd87+I8RNg6s78BhJxMu69NEMHBSJFxKidViTEdruRwEk/WIKqA==",
"dev": true
},
"path-type": {
@@ -47270,50 +47408,19 @@
"dev": true
},
"pbkdf2": {
- "version": "3.1.3",
- "resolved": "https://registry.npmjs.org/pbkdf2/-/pbkdf2-3.1.3.tgz",
- "integrity": "sha512-wfRLBZ0feWRhCIkoMB6ete7czJcnNnqRpcoWQBLqatqXXmelSRqfdDK4F3u9T2s2cXas/hQJcryI/4lAL+XTlA==",
+ "version": "3.1.5",
+ "resolved": "https://registry.npmjs.org/pbkdf2/-/pbkdf2-3.1.5.tgz",
+ "integrity": "sha512-Q3CG/cYvCO1ye4QKkuH7EXxs3VC/rI1/trd+qX2+PolbaKG0H+bgcZzrTt96mMyRtejk+JMCiLUn3y29W8qmFQ==",
"dev": true,
"requires": {
- "create-hash": "~1.1.3",
+ "create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
- "ripemd160": "=2.0.1",
+ "ripemd160": "^2.0.3",
"safe-buffer": "^5.2.1",
- "sha.js": "^2.4.11",
- "to-buffer": "^1.2.0"
+ "sha.js": "^2.4.12",
+ "to-buffer": "^1.2.1"
},
"dependencies": {
- "create-hash": {
- "version": "1.1.3",
- "resolved": "https://registry.npmjs.org/create-hash/-/create-hash-1.1.3.tgz",
- "integrity": "sha512-snRpch/kwQhcdlnZKYanNF1m0RDlrCdSKQaH87w1FCFPVPNCQ/Il9QJKAX2jVBZddRdaHBMC+zXa9Gw9tmkNUA==",
- "dev": true,
- "requires": {
- "cipher-base": "^1.0.1",
- "inherits": "^2.0.1",
- "ripemd160": "^2.0.0",
- "sha.js": "^2.4.0"
- }
- },
- "hash-base": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-2.0.2.tgz",
- "integrity": "sha512-0TROgQ1/SxE6KmxWSvXHvRj90/Xo1JvZShofnYF+f6ZsGtR4eES7WfrQzPalmyagfKZCXpVnitiRebZulWsbiw==",
- "dev": true,
- "requires": {
- "inherits": "^2.0.1"
- }
- },
- "ripemd160": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.1.tgz",
- "integrity": "sha512-J7f4wutN8mdbV08MJnXibYpCOPHR+yzy+iQ/AsjMv2j8cLavQ8VGagDFUwwTAdF8FmRKVeNpbTTEwNHCW1g94w==",
- "dev": true,
- "requires": {
- "hash-base": "^2.0.0",
- "inherits": "^2.0.1"
- }
- },
"safe-buffer": {
"version": "5.2.1",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
@@ -47329,9 +47436,9 @@
"dev": true
},
"picomatch": {
- "version": "2.3.1",
- "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
- "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
+ "version": "2.3.2",
+ "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.2.tgz",
+ "integrity": "sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==",
"dev": true
},
"pify": {
@@ -47410,12 +47517,12 @@
"dev": true
},
"postcss": {
- "version": "8.4.49",
- "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.49.tgz",
- "integrity": "sha512-OCVPnIObs4N29kxTjzLfUryOkvZEq+pf8jTF0lg8E7uETuWHA+v7j3c/xJmiqpX450191LlmZfUKkXxkTry7nA==",
+ "version": "8.5.13",
+ "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.13.tgz",
+ "integrity": "sha512-qif0+jGGZoLWdHey3UFHHWP0H7Gbmsk8T5VEqyYFbWqPr1XqvLGBbk/sl8V5exGmcYJklJOhOQq1pV9IcsiFag==",
"dev": true,
"requires": {
- "nanoid": "^3.3.7",
+ "nanoid": "^3.3.11",
"picocolors": "^1.1.1",
"source-map-js": "^1.2.1"
}
@@ -47859,9 +47966,9 @@
},
"dependencies": {
"bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
+ "version": "4.12.3",
+ "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+ "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
"dev": true
}
}
@@ -48100,15 +48207,36 @@
"dev": true
},
"raw-body": {
- "version": "2.5.2",
- "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz",
- "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==",
+ "version": "2.5.3",
+ "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.3.tgz",
+ "integrity": "sha512-s4VSOf6yN0rvbRZGxs8Om5CWj6seneMwK3oDb4lWDH0UPhWcxwOWw5+qk24bxq87szX1ydrwylIOp2uG1ojUpA==",
"dev": true,
"requires": {
- "bytes": "3.1.2",
- "http-errors": "2.0.0",
- "iconv-lite": "0.4.24",
- "unpipe": "1.0.0"
+ "bytes": "~3.1.2",
+ "http-errors": "~2.0.1",
+ "iconv-lite": "~0.4.24",
+ "unpipe": "~1.0.0"
+ },
+ "dependencies": {
+ "http-errors": {
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz",
+ "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==",
+ "dev": true,
+ "requires": {
+ "depd": "~2.0.0",
+ "inherits": "~2.0.4",
+ "setprototypeof": "~1.2.0",
+ "statuses": "~2.0.2",
+ "toidentifier": "~1.0.1"
+ }
+ },
+ "statuses": {
+ "version": "2.0.2",
+ "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
+ "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==",
+ "dev": true
+ }
}
},
"raw-loader": {
@@ -48712,13 +48840,13 @@
}
},
"ripemd160": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.2.tgz",
- "integrity": "sha512-ii4iagi25WusVoiC4B4lq7pbXfAp3D9v5CwfkY33vffw2+pkDjY1D8GaN7spsxvCSx8dkPqOZCEZyfxcmJG2IA==",
+ "version": "2.0.3",
+ "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.3.tgz",
+ "integrity": "sha512-5Di9UC0+8h1L6ZD2d7awM7E/T4uA1fJRlx6zk/NvdCCVEoAnFqvHmCuNeIKoCeIixBX/q8uM+6ycDvF8woqosA==",
"dev": true,
"requires": {
- "hash-base": "^3.0.0",
- "inherits": "^2.0.1"
+ "hash-base": "^3.1.2",
+ "inherits": "^2.0.4"
}
},
"rsvp": {
@@ -50446,9 +50574,9 @@
},
"dependencies": {
"ajv": {
- "version": "8.17.1",
- "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz",
- "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==",
+ "version": "8.20.0",
+ "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.20.0.tgz",
+ "integrity": "sha512-Thbli+OlOj+iMPYFBVBfJ3OmCAnaSyNn4M1vz9T6Gka5Jt9ba/HIR56joy65tY6kx/FCF5VXNB819Y7/GUrBGA==",
"dev": true,
"requires": {
"fast-deep-equal": "^3.1.3",
@@ -52858,9 +52986,9 @@
"dev": true
},
"yaml": {
- "version": "1.10.2",
- "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz",
- "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==",
+ "version": "1.10.3",
+ "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.3.tgz",
+ "integrity": "sha512-vIYeF1u3CjlhAFekPPAk2h/Kv4T3mAkMox5OymRiJQB0spDP10LHvt+K7G9Ny6NuuMAb25/6n1qyUjAcGNf/AA==",
"dev": true
},
"yaml-eslint-parser": {
@@ -52881,9 +53009,9 @@
"dev": true
},
"yaml": {
- "version": "2.4.1",
- "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.4.1.tgz",
- "integrity": "sha512-pIXzoImaqmfOrL7teGUBt/T7ZDnyeGBWyXQBvOVhLkWLN37GXv8NMLK406UY6dS51JfcQHsmcW5cJ441bHg6Lg==",
+ "version": "2.8.3",
+ "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.8.3.tgz",
+ "integrity": "sha512-AvbaCLOO2Otw/lW5bmh9d/WEdcDFdQp2Z2ZUH3pX9U2ihyUY0nvLv7J6TrWowklRGPYbB/IuIMfYgxaCPg5Bpg==",
"dev": true
}
}
--
2.47.3
--- end ---