diff --git a/.snyk b/.snyk index e452a22..1bb7420 100644 --- a/.snyk +++ b/.snyk @@ -10,3 +10,8 @@ patch: patched: '2019-09-07T18:00:39.647Z' - react-scripts > jest > jest-cli > jest-config > jest-environment-jsdom > jsdom > request > extend: patched: '2019-09-07T18:00:39.647Z' + SNYK-JS-HTTPSPROXYAGENT-469131: + - snyk > proxy-agent > https-proxy-agent: + patched: '2019-10-03T22:36:41.594Z' + - snyk > proxy-agent > pac-proxy-agent > https-proxy-agent: + patched: '2019-10-03T22:36:41.594Z' diff --git a/package-lock.json b/package-lock.json index ab213a2..0706fc9 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1219,13 +1219,34 @@ "integrity": "sha512-shAmDyaQC4H92APFoIaVDHCx5bStIocgvbwQyxPRrbUY20V1EYTbSDchWbuwlMG3V17cprZhA6+78JfB+3DTPw==" }, "@snyk/cli-interface": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@snyk/cli-interface/-/cli-interface-2.0.3.tgz", - "integrity": "sha512-tQxCCEdX8+r71fYoOZB4jaPYUxrhWsdPAuQkbbsge9Vd22Gzy6iCVpLX2Ai0JKkqZ0tLU3cgNB7gulzce6fdAg==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/@snyk/cli-interface/-/cli-interface-2.1.0.tgz", + "integrity": "sha512-b/magC8iNQP9QhSDeV9RQDSaY3sNy57k0UH1Y/sMOSvVLHLsA7dOi/HrPWTiLouyGqcuYzwjkz7bNbu8cwmVDQ==", "requires": { "tslib": "^1.9.3" } }, + "@snyk/cocoapods-lockfile-parser": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@snyk/cocoapods-lockfile-parser/-/cocoapods-lockfile-parser-2.0.2.tgz", + "integrity": "sha512-DSSlljXGhSECdx7KhK7QlBiGC82fM2dZMzhcWxOsqyUVqzjArRGS9i4CRl/WMK5WDlLgc5bn5Xmpmp/g5Hf9YQ==", + "requires": { + "@snyk/dep-graph": "^1.11.0", + "@snyk/ruby-semver": "^2.0.4", + "@types/js-yaml": "^3.12.1", + "core-js": "^3.2.0", + "js-yaml": "^3.13.1", + "source-map-support": "^0.5.7", + "tslib": "^1.9.3" + }, + "dependencies": { + "core-js": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/core-js/-/core-js-3.2.1.tgz", + "integrity": "sha512-Qa5XSVefSVPRxy2XfUC13WbvqkxhkwB3ve+pgCQveNgYzbM/UxZeu1dcOX/xr4UmfUd+muuvsaxilQzCyUurMw==" + } + } + }, "@snyk/composer-lockfile-parser": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/@snyk/composer-lockfile-parser/-/composer-lockfile-parser-1.0.3.tgz", @@ -1252,6 +1273,49 @@ "resolved": "https://registry.npmjs.org/@snyk/gemfile/-/gemfile-1.2.0.tgz", "integrity": "sha512-nI7ELxukf7pT4/VraL4iabtNNMz8mUo7EXlqCFld8O5z6mIMLX9llps24iPpaIZOwArkY3FWA+4t+ixyvtTSIA==" }, + "@snyk/ruby-semver": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/@snyk/ruby-semver/-/ruby-semver-2.0.4.tgz", + "integrity": "sha512-ceMD4CBS3qtAg+O0BUvkKdsheUNCqi+/+Rju243Ul8PsUgZnXmGiqfk/2z7DCprRQnxUTra4+IyeDQT7wAheCQ==", + "requires": { + "lodash": "^4.17.14" + } + }, + "@snyk/snyk-cocoapods-plugin": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/@snyk/snyk-cocoapods-plugin/-/snyk-cocoapods-plugin-1.0.2.tgz", + "integrity": "sha512-eb8cawvz2vDLg/DRyzDDgv7+oZhsojNXxF8anX2Iq4ws8GZjd9CrMMMaSU7QehcT4h7jH5ITzbB1HOp+XHm3rw==", + "requires": { + "@snyk/cli-interface": "1.5.0", + "@snyk/cocoapods-lockfile-parser": "2.0.2", + "@snyk/dep-graph": "1.13.0", + "source-map-support": "^0.5.7", + "tslib": "^1.9.3" + }, + "dependencies": { + "@snyk/cli-interface": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/@snyk/cli-interface/-/cli-interface-1.5.0.tgz", + "integrity": "sha512-+Qo+IO3YOXWgazlo+CKxOuWFLQQdaNCJ9cSfhFQd687/FuesaIxWdInaAdfpsLScq0c6M1ieZslXgiZELSzxbg==", + "requires": { + "tslib": "^1.9.3" + } + }, + "@snyk/dep-graph": { + "version": "1.13.0", + "resolved": "https://registry.npmjs.org/@snyk/dep-graph/-/dep-graph-1.13.0.tgz", + "integrity": "sha512-e0XcLH6Kgs/lunf6iDjbxEnm9+JYFEJn6eo/PlEUW+SMWBZ2uEXHBTDNp9oxjJou48PngzWMveEkniBAN+ulOQ==", + "requires": { + "graphlib": "^2.1.5", + "lodash": "^4.7.14", + "object-hash": "^1.3.1", + "semver": "^6.0.0", + "source-map-support": "^0.5.11", + "tslib": "^1.9.3" + } + } + } + }, "@svgr/babel-plugin-add-jsx-attribute": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/@svgr/babel-plugin-add-jsx-attribute/-/babel-plugin-add-jsx-attribute-4.2.0.tgz", @@ -1480,10 +1544,15 @@ "@types/istanbul-lib-report": "*" } }, + "@types/js-yaml": { + "version": "3.12.1", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-3.12.1.tgz", + "integrity": "sha512-SGGAhXLHDx+PK4YLNcNGa6goPf9XRWQNAUUbffkwVGGXIxmDKWyGGL4inzq2sPmExu431Ekb9aEMn9BkPqEYFA==" + }, "@types/node": { - "version": "12.7.4", - "resolved": "https://registry.npmjs.org/@types/node/-/node-12.7.4.tgz", - "integrity": "sha512-W0+n1Y+gK/8G2P/piTkBBN38Qc5Q1ZSO6B5H3QmPCUewaiXOo2GCAWZ4ElZCcNhjJuBSUSLGFUJnmlCn5+nxOQ==" + "version": "12.7.11", + "resolved": "https://registry.npmjs.org/@types/node/-/node-12.7.11.tgz", + "integrity": "sha512-Otxmr2rrZLKRYIybtdG/sgeO+tHY20GxeDjcGmUnmmlCWyEnv2a2x1ZXBo3BTec4OiTXMQCiazB8NMBf0iRlFw==" }, "@types/q": { "version": "1.5.2", @@ -4237,19 +4306,9 @@ } }, "data-uri-to-buffer": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-2.0.1.tgz", - "integrity": "sha512-OkVVLrerfAKZlW2ZZ3Ve2y65jgiWqBKsTfUIAFbn8nVbPcCZg6l6gikKlEYv0kXcmzqGm6mFq/Jf2vriuEkv8A==", - "requires": { - "@types/node": "^8.0.7" - }, - "dependencies": { - "@types/node": { - "version": "8.10.53", - "resolved": "https://registry.npmjs.org/@types/node/-/node-8.10.53.tgz", - "integrity": "sha512-aOmXdv1a1/vYUn1OT1CED8ftbkmmYbKhKGSyMDeJiidLvKRKvZUQOdXwG/wcNY7T1Qb0XTlVdiYjIq00U7pLrQ==" - } - } + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-2.0.2.tgz", + "integrity": "sha512-ND9qDTLc6diwj+Xe5cdAgVTbLVdXbtxTJRXRhli8Mowuaan+0EJOtdqJ0QCHNSSPyoXGx9HX2/VMnKeC34AChA==" }, "data-urls": { "version": "1.1.0", @@ -6658,10 +6717,9 @@ "resolved": "https://registry.npmjs.org/https-browserify/-/https-browserify-1.0.0.tgz", "integrity": "sha1-7AbBDgo0wPL68Zn3/X/Hj//QPHM=" }, - "https-proxy-agent": { - "version": "2.2.2", - "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-2.2.2.tgz", - "integrity": "sha512-c8Ndjc9Bkpfx/vCJueCPy0jlP4ccCCSNDp8xwCZzPjKJUm+B+u9WX2x98Qx4n1PiMNTWo3D7KK5ifNV/yJyRzg==", + "https-proxy-agent-snyk-fork": { + "version": "git://github.com/snyk/node-https-proxy-agent.git#5e86ccb682d0c833c8daa25ee6f91c670161cd66", + "from": "git://github.com/snyk/node-https-proxy-agent.git#fix/https-agent-vuln", "requires": { "agent-base": "^4.3.0", "debug": "^3.1.0" @@ -7081,9 +7139,9 @@ "integrity": "sha512-qgDYXFSR5WvEfuS5dMj6oTMEbrrSaM0CrFk2Yiq/gXnBvD9pMa2jGXxyhGLfvhZpuMZe18CJpFxAt3CRs42NMg==" }, "is-retry-allowed": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.1.0.tgz", - "integrity": "sha1-EaBgVotnM5REAz0BJaYaINVk+zQ=" + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.2.0.tgz", + "integrity": "sha512-RUbUeKwvm3XG2VYamhJL1xFktgjvPzL0Hq8C+6yrWIswDy3BIXGqCxhxkc30N9jqK311gVU137K8Ei55/zVJRg==" }, "is-root": { "version": "2.1.0", @@ -9798,15 +9856,14 @@ "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==" }, "pac-proxy-agent": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/pac-proxy-agent/-/pac-proxy-agent-3.0.0.tgz", - "integrity": "sha512-AOUX9jES/EkQX2zRz0AW7lSx9jD//hQS8wFXBvcnd/J2Py9KaMJMqV/LPqJssj1tgGufotb2mmopGPR15ODv1Q==", + "version": "git://github.com/snyk/node-pac-proxy-agent.git#e962ea0fe8db650a55e349e1b422e3ac99bfe451", + "from": "git://github.com/snyk/node-pac-proxy-agent.git#fix/https-proxy-agent-vuln", "requires": { "agent-base": "^4.2.0", "debug": "^3.1.0", "get-uri": "^2.0.0", "http-proxy-agent": "^2.1.0", - "https-proxy-agent": "^2.2.1", + "https-proxy-agent-snyk-fork": "git://github.com/snyk/node-https-proxy-agent.git#fix/https-agent-vuln", "pac-resolver": "^3.0.0", "raw-body": "^2.2.0", "socks-proxy-agent": "^4.0.1" @@ -11099,16 +11156,15 @@ } }, "proxy-agent": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/proxy-agent/-/proxy-agent-3.1.0.tgz", - "integrity": "sha512-IkbZL4ClW3wwBL/ABFD2zJ8iP84CY0uKMvBPk/OceQe/cEjrxzN1pMHsLwhbzUoRhG9QbSxYC+Z7LBkTiBNvrA==", + "version": "git://github.com/snyk/node-proxy-agent.git#c25ef74cbe593a4d60a71ff3053466e4b3171711", + "from": "git://github.com/snyk/node-proxy-agent.git#fix/https-agent-vuln", "requires": { "agent-base": "^4.2.0", "debug": "^3.1.0", "http-proxy-agent": "^2.1.0", - "https-proxy-agent": "^2.2.1", + "https-proxy-agent-snyk-fork": "git://github.com/snyk/node-https-proxy-agent.git#fix/https-agent-vuln", "lru-cache": "^4.1.2", - "pac-proxy-agent": "^3.0.0", + "pac-proxy-agent": "git://github.com/snyk/node-pac-proxy-agent.git#fix/https-proxy-agent-vuln", "proxy-from-env": "^1.0.0", "socks-proxy-agent": "^4.0.1" }, @@ -12485,12 +12541,14 @@ } }, "snyk": { - "version": "1.226.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.226.0.tgz", - "integrity": "sha512-AzzHr8kZKTfK20aC7M4t9NYw2uq+oZg6v8sPZ2lbvrrPwh2fGPaHZeFebRJbSZm1eCgFef4wHGO5Uu4lp9yEWg==", + "version": "1.230.5", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.230.5.tgz", + "integrity": "sha512-kzy6FHMyneVXcezBVO0xRbEDSZSPj9Z/fDH4HFwOm5cpm/HErQ8B86fO6KtfSNIsruWUFcobEzP1q41nOdleAQ==", "requires": { + "@snyk/cli-interface": "^2.0.3", "@snyk/dep-graph": "1.12.0", "@snyk/gemfile": "1.2.0", + "@snyk/snyk-cocoapods-plugin": "1.0.2", "@types/agent-base": "^4.2.0", "@types/restify": "^4.3.6", "abbrev": "^1.1.1", @@ -12506,20 +12564,20 @@ "needle": "^2.2.4", "opn": "^5.5.0", "os-name": "^3.0.0", - "proxy-agent": "^3.1.0", + "proxy-agent": "git://github.com/snyk/node-proxy-agent.git#fix/https-agent-vuln", "proxy-from-env": "^1.0.0", "semver": "^6.0.0", "snyk-config": "^2.2.1", "snyk-docker-plugin": "1.29.1", "snyk-go-plugin": "1.11.0", - "snyk-gradle-plugin": "^3.0.2", + "snyk-gradle-plugin": "3.1.0", "snyk-module": "1.9.1", "snyk-mvn-plugin": "2.4.0", "snyk-nodejs-lockfile-parser": "1.16.0", "snyk-nuget-plugin": "1.12.1", "snyk-php-plugin": "1.6.4", "snyk-policy": "1.13.5", - "snyk-python-plugin": "^1.13.2", + "snyk-python-plugin": "^1.13.3", "snyk-resolve": "1.0.1", "snyk-resolve-deps": "4.4.0", "snyk-sbt-plugin": "2.8.0", @@ -12617,10 +12675,11 @@ } }, "snyk-gradle-plugin": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/snyk-gradle-plugin/-/snyk-gradle-plugin-3.0.2.tgz", - "integrity": "sha512-9nyR03kHmePqBGaQiUeo3RD1YJ4qE5/V4tOmDQ8LNjHTQ54Xr8OXFC5xlJMV8FCtXrRXY0/WX8RMUPEUAm4c9g==", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/snyk-gradle-plugin/-/snyk-gradle-plugin-3.1.0.tgz", + "integrity": "sha512-789Rqyhv1+WYbfy1Qilgsw0FMccedSaCO5n+54CXXGVUZWMsVvqJj3T8k7+vis+9Eq+Sgbdzti8vDtApz6rWWQ==", "requires": { + "@snyk/cli-interface": "^2.1.0", "@types/debug": "^4.1.4", "chalk": "^2.4.2", "clone-deep": "^0.3.0", @@ -12773,11 +12832,11 @@ } }, "snyk-python-plugin": { - "version": "1.13.2", - "resolved": "https://registry.npmjs.org/snyk-python-plugin/-/snyk-python-plugin-1.13.2.tgz", - "integrity": "sha512-G9R1cYHw0E/VSx9tFa5nZp+653FIMXheteidrF3hjUe71jRdJELEUV/z5jxqYEWEFemcwGhMfW87De91GChVIQ==", + "version": "1.13.3", + "resolved": "https://registry.npmjs.org/snyk-python-plugin/-/snyk-python-plugin-1.13.3.tgz", + "integrity": "sha512-Ud7mHmpMG4uCChvYLx5jA8HwOV/FNpT65xTxSt+6wsOjIUTuLiqM86mbvgzgk3pir8vMP9yQEsCi1i0zYLBArw==", "requires": { - "@snyk/cli-interface": "^2.0.2", + "@snyk/cli-interface": "^2.0.3", "tmp": "0.0.33" } }, diff --git a/package.json b/package.json index 83c573f..523f654 100644 --- a/package.json +++ b/package.json @@ -8,7 +8,7 @@ "react-dom": "^16.4.2", "react-router-dom": "^4.3.1", "react-scripts": "3.0.0", - "snyk": "^1.226.0" + "snyk": "^1.230.5" }, "scripts": { "start": "react-scripts start",