From 102325784f8800d3fa1825d7d063ee8b5e90d1c8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 24 May 2024 23:28:05 +0000 Subject: [PATCH] fix: upgrade @cyclonedx/cyclonedx-npm from 1.16.1 to 1.17.0 Snyk has created this PR to upgrade @cyclonedx/cyclonedx-npm from 1.16.1 to 1.17.0. See this package in npm: @cyclonedx/cyclonedx-npm See this project in Snyk: https://app.snyk.io/org/mihikanigam/project/47fb0e1b-bb33-4c1d-a88e-84fce84eeb43?utm_source=github&utm_medium=referral&page=upgrade-pr --- expressjs-backend/package-lock.json | 75 ++++++++++++++++++++--------- expressjs-backend/package.json | 2 +- 2 files changed, 53 insertions(+), 24 deletions(-) diff --git a/expressjs-backend/package-lock.json b/expressjs-backend/package-lock.json index 53f3dcc..9d7ea7e 100644 --- a/expressjs-backend/package-lock.json +++ b/expressjs-backend/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "license": "ISC", "dependencies": { - "@cyclonedx/cyclonedx-npm": "^1.16.1", + "@cyclonedx/cyclonedx-npm": "^1.17.0", "bcrypt": "^5.1.1", "cookie-session": "^2.1.0", "cors": "^2.8.5", @@ -26,19 +26,16 @@ } }, "node_modules/@cyclonedx/cyclonedx-library": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/@cyclonedx/cyclonedx-library/-/cyclonedx-library-6.3.1.tgz", - "integrity": "sha512-OyEd5TXHi6qQ1BQs8XoADXHpRPe6sMVgrA+ANE7DtZDlQWSkZN97Q3QphHnt8q6fb9MNJT18XVfL45/IDKLmqQ==", + "version": "6.9.5", + "resolved": "https://registry.npmjs.org/@cyclonedx/cyclonedx-library/-/cyclonedx-library-6.9.5.tgz", + "integrity": "sha512-6xXbnPZ8adpsNipkT1gqeTMDjYNoxDEP7yVc+OaLibDOAnkyFAxWHxbXpKXWykhuBIw22B8GFE5XbCnbiNvSBg==", "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/jkowalleck" - }, { "type": "individual", "url": "https://owasp.org/donate/?reponame=www-project-cyclonedx&title=OWASP+CycloneDX" } ], + "license": "Apache-2.0", "dependencies": { "packageurl-js": ">=0.0.6 <0.0.8 || ^1", "spdx-expression-parse": "^3.0.1 || ^4" @@ -48,24 +45,25 @@ }, "optionalDependencies": { "ajv": "^8.12.0", - "ajv-formats": "^2.1.1", + "ajv-formats": "^3.0.1", "ajv-formats-draft2019": "^1.6.1", "libxmljs2": "^0.31 || ^0.32 || ^0.33", "xmlbuilder2": "^3.0.2" } }, "node_modules/@cyclonedx/cyclonedx-npm": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/@cyclonedx/cyclonedx-npm/-/cyclonedx-npm-1.16.1.tgz", - "integrity": "sha512-6FoyLWCe5Ca8Rhbd5o5g08IRvaBFEcoNy6RRglcOVAV2dU+fqsm2tY9woAttpRb81LxW6F17QEmV0CH1LkQtAg==", + "version": "1.17.0", + "resolved": "https://registry.npmjs.org/@cyclonedx/cyclonedx-npm/-/cyclonedx-npm-1.17.0.tgz", + "integrity": "sha512-GXCR/Fzn6tun4PQuX2/l0Lh8xJKDFBC0fOh5oHZrXRb+ghQw++Q4fJOvqzcx6jYxNdPM03MAldcd2ROhjwMyvA==", "funding": [ { "type": "individual", "url": "https://owasp.org/donate/?reponame=www-project-cyclonedx&title=OWASP+CycloneDX" } ], + "license": "Apache-2.0", "dependencies": { - "@cyclonedx/cyclonedx-library": "^6.1.0", + "@cyclonedx/cyclonedx-library": "^6.5.0", "commander": "^10.0.0", "normalize-package-data": "^3||^4||^5||^6", "packageurl-js": "^1.2.1", @@ -110,6 +108,7 @@ "version": "1.15.10", "resolved": "https://registry.npmjs.org/@oozcitak/dom/-/dom-1.15.10.tgz", "integrity": "sha512-0JT29/LaxVgRcGKvHmSrUTEvZ8BXvZhGl2LASRUgHqDTC1M5g1pLmVv56IYNyt3bG2CUjDkc67wnyZC14pbQrQ==", + "license": "MIT", "dependencies": { "@oozcitak/infra": "1.0.8", "@oozcitak/url": "1.0.4", @@ -123,6 +122,7 @@ "version": "1.0.8", "resolved": "https://registry.npmjs.org/@oozcitak/infra/-/infra-1.0.8.tgz", "integrity": "sha512-JRAUc9VR6IGHOL7OGF+yrvs0LO8SlqGnPAMqyzOuFZPSZSXI7Xf2O9+awQPSMXgIWGtgUf/dA6Hs6X6ySEaWTg==", + "license": "MIT", "dependencies": { "@oozcitak/util": "8.3.8" }, @@ -134,6 +134,7 @@ "version": "1.0.4", "resolved": "https://registry.npmjs.org/@oozcitak/url/-/url-1.0.4.tgz", "integrity": "sha512-kDcD8y+y3FCSOvnBI6HJgl00viO/nGbQoCINmQ0h98OhnGITrWR3bOGfwYCthgcrV8AnTJz8MzslTQbC3SOAmw==", + "license": "MIT", "dependencies": { "@oozcitak/infra": "1.0.8", "@oozcitak/util": "8.3.8" @@ -146,6 +147,7 @@ "version": "8.3.8", "resolved": "https://registry.npmjs.org/@oozcitak/util/-/util-8.3.8.tgz", "integrity": "sha512-T8TbSnGsxo6TDBJx/Sgv/BlVJL3tshxZP7Aq5R1mSnM5OcHY2dQaxLMu2+E8u3gN0MLOzdjurqN4ZRVuzQycOQ==", + "license": "MIT", "engines": { "node": ">=8.0" } @@ -213,15 +215,16 @@ "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" }, "node_modules/ajv": { - "version": "8.12.0", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.12.0.tgz", - "integrity": "sha512-sRu1kpcO9yLtYxBKvqfTeh9KzZEwO3STyX1HT+4CaDzC6HpTGYhIhPIzj9XuKU7KYDwnaeh5hcOwjy1QuJzBPA==", + "version": "8.13.0", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.13.0.tgz", + "integrity": "sha512-PRA911Blj99jR5RMeTunVbNXMF6Lp4vZXnk5GQjcnUWUTsrXtekg/pnmFFI2u/I36Y/2bITGS30GZCXei6uNkA==", + "license": "MIT", "optional": true, "dependencies": { - "fast-deep-equal": "^3.1.1", + "fast-deep-equal": "^3.1.3", "json-schema-traverse": "^1.0.0", "require-from-string": "^2.0.2", - "uri-js": "^4.2.2" + "uri-js": "^4.4.1" }, "funding": { "type": "github", @@ -229,9 +232,10 @@ } }, "node_modules/ajv-formats": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/ajv-formats/-/ajv-formats-2.1.1.tgz", - "integrity": "sha512-Wx0Kx52hxE7C18hkMEggYlEifqWZtYaRgouJor+WMdPnQyEK13vgEWyVNup7SoeeoLMsr4kf5h6dOW11I15MUA==", + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/ajv-formats/-/ajv-formats-3.0.1.tgz", + "integrity": "sha512-8iUql50EUR+uUcdRQ3HDqa6EVyo3docL8g5WJ3FNcWmu62IbkGUue/pEyLBW8VGKKucTPgqeks4fIU1DA4yowQ==", + "license": "MIT", "optional": true, "dependencies": { "ajv": "^8.0.0" @@ -249,6 +253,7 @@ "version": "1.6.1", "resolved": "https://registry.npmjs.org/ajv-formats-draft2019/-/ajv-formats-draft2019-1.6.1.tgz", "integrity": "sha512-JQPvavpkWDvIsBp2Z33UkYCtXCSpW4HD3tAZ+oL4iEFOk9obQZffx0yANwECt6vzr6ET+7HN5czRyqXbnq/u0Q==", + "license": "MIT", "optional": true, "dependencies": { "punycode": "^2.1.1", @@ -289,6 +294,7 @@ "version": "1.0.10", "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "license": "MIT", "dependencies": { "sprintf-js": "~1.0.2" } @@ -355,6 +361,7 @@ "version": "1.5.0", "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz", "integrity": "sha512-p2q/t/mhvuOj/UeLlV6566GD/guowlr0hHxClI0W9m7MWYkL1F0hLo+0Aexs9HSPCtR1SXQ0TD3MMKrXZajbiQ==", + "license": "MIT", "optional": true, "dependencies": { "file-uri-to-path": "1.0.0" @@ -598,6 +605,7 @@ "version": "1.0.0", "resolved": "https://registry.npmjs.org/discontinuous-range/-/discontinuous-range-1.0.0.tgz", "integrity": "sha512-c68LpLbO+7kP/b1Hr1qs8/BJ09F5khZGTxqxZuhzxpmwJKOgRFHJWIb9/KmqnqHhLdO55aOxFH/EGBvUQbL/RQ==", + "license": "MIT", "optional": true }, "node_modules/dotenv": { @@ -646,6 +654,7 @@ "version": "4.0.1", "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", + "license": "BSD-2-Clause", "bin": { "esparse": "bin/esparse.js", "esvalidate": "bin/esvalidate.js" @@ -726,12 +735,14 @@ "version": "3.1.3", "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==", + "license": "MIT", "optional": true }, "node_modules/file-uri-to-path": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz", "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==", + "license": "MIT", "optional": true }, "node_modules/finalhandler": { @@ -1219,6 +1230,7 @@ "version": "3.14.1", "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", + "license": "MIT", "dependencies": { "argparse": "^1.0.7", "esprima": "^4.0.0" @@ -1239,6 +1251,7 @@ "version": "1.0.0", "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==", + "license": "MIT", "optional": true }, "node_modules/jsonwebtoken": { @@ -1310,6 +1323,7 @@ "resolved": "https://registry.npmjs.org/libxmljs2/-/libxmljs2-0.33.0.tgz", "integrity": "sha512-Hw74f2/3rbpxc6tkTqe3yrs4v2Tx0rEukrYxaNkXSVKK540i2eqlQxzf1jjG+RlwMuv66WxkkuZHM/OQq6km4w==", "hasInstallScript": true, + "license": "MIT", "optional": true, "dependencies": { "@mapbox/node-pre-gyp": "^1.0.11", @@ -1586,6 +1600,7 @@ "version": "0.5.2", "resolved": "https://registry.npmjs.org/moo/-/moo-0.5.2.tgz", "integrity": "sha512-iSAJLHYKnX41mKcJKjqvnAN9sf0LMDTXDEvFv+ffuRR9a1MIuXLjMNL6EsnDHSkKLTWNqQQ5uo61P4EbU4NU+Q==", + "license": "BSD-3-Clause", "optional": true }, "node_modules/mpath": { @@ -1637,12 +1652,14 @@ "version": "2.18.0", "resolved": "https://registry.npmjs.org/nan/-/nan-2.18.0.tgz", "integrity": "sha512-W7tfG7vMOGtD30sHoZSSc/JVYiyDPEyQVso/Zz+/uQd0B0L46gtC+pHha5FFMRpil6fm/AoEcRWyOVi4+E/f8w==", + "license": "MIT", "optional": true }, "node_modules/nearley": { "version": "2.20.1", "resolved": "https://registry.npmjs.org/nearley/-/nearley-2.20.1.tgz", "integrity": "sha512-+Mc8UaAebFzgV+KpI5n7DasuuQCHA89dmwm7JXw3TV43ukfNQ9DnBH3Mdb2g/I4Fdxc26pwimBWvjIw0UAILSQ==", + "license": "MIT", "optional": true, "dependencies": { "commander": "^2.19.0", @@ -1665,6 +1682,7 @@ "version": "2.20.3", "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz", "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==", + "license": "MIT", "optional": true }, "node_modules/negotiator": { @@ -1808,7 +1826,8 @@ "node_modules/packageurl-js": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/packageurl-js/-/packageurl-js-1.2.1.tgz", - "integrity": "sha512-cZ6/MzuXaoFd16/k0WnwtI298UCaDHe/XlSh85SeOKbGZ1hq0xvNbx3ILyCMyk7uFQxl6scF3Aucj6/EO9NwcA==" + "integrity": "sha512-cZ6/MzuXaoFd16/k0WnwtI298UCaDHe/XlSh85SeOKbGZ1hq0xvNbx3ILyCMyk7uFQxl6scF3Aucj6/EO9NwcA==", + "license": "MIT" }, "node_modules/parseurl": { "version": "1.3.3", @@ -1929,12 +1948,14 @@ "version": "1.0.0", "resolved": "https://registry.npmjs.org/railroad-diagrams/-/railroad-diagrams-1.0.0.tgz", "integrity": "sha512-cz93DjNeLY0idrCNOH6PviZGRN9GJhsdm9hpn1YCS879fj4W+x5IFJhhkRZcwVgMmFF7R82UA/7Oh+R8lLZg6A==", + "license": "CC0-1.0", "optional": true }, "node_modules/randexp": { "version": "0.4.6", "resolved": "https://registry.npmjs.org/randexp/-/randexp-0.4.6.tgz", "integrity": "sha512-80WNmd9DA0tmZrw9qQa62GPPWfuXJknrmVmLcxvq4uZBdYqb1wYoKTmnlGUchvVWe0XiLupYkBoXVOxz3C8DYQ==", + "license": "MIT", "optional": true, "dependencies": { "discontinuous-range": "1.0.0", @@ -1983,6 +2004,7 @@ "version": "2.0.2", "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==", + "license": "MIT", "optional": true, "engines": { "node": ">=0.10.0" @@ -1992,6 +2014,7 @@ "version": "0.1.15", "resolved": "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz", "integrity": "sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg==", + "license": "MIT", "optional": true, "engines": { "node": ">=0.12" @@ -2039,6 +2062,7 @@ "version": "1.4.0", "resolved": "https://registry.npmjs.org/schemes/-/schemes-1.4.0.tgz", "integrity": "sha512-ImFy9FbCsQlVgnE3TCWmLPCFnVzx0lHL/l+umHplDqAKd0dzFpnS6lFZIpagBlYhKwzVmlV36ec0Y1XTu8JBAQ==", + "license": "MIT", "optional": true, "dependencies": { "extend": "^3.0.0" @@ -2151,6 +2175,7 @@ "version": "1.0.10", "resolved": "https://registry.npmjs.org/smtp-address-parser/-/smtp-address-parser-1.0.10.tgz", "integrity": "sha512-Osg9LmvGeAG/hyao4mldbflLOkkr3a+h4m1lwKCK5U8M6ZAr7tdXEz/+/vr752TSGE4MNUlUl9cIK2cB8cgzXg==", + "license": "MIT", "optional": true, "dependencies": { "nearley": "^2.20.1" @@ -2194,6 +2219,7 @@ "version": "4.0.0", "resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-4.0.0.tgz", "integrity": "sha512-Clya5JIij/7C6bRR22+tnGXbc4VKlibKSVj2iHvVeX5iMW7s1SIQlqu699JkODJJIhh/pUu8L0/VLh8xflD+LQ==", + "license": "MIT", "dependencies": { "spdx-exceptions": "^2.1.0", "spdx-license-ids": "^3.0.0" @@ -2207,7 +2233,8 @@ "node_modules/sprintf-js": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==" + "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", + "license": "BSD-3-Clause" }, "node_modules/statuses": { "version": "2.0.1", @@ -2321,6 +2348,7 @@ "version": "4.4.1", "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", + "license": "BSD-2-Clause", "optional": true, "dependencies": { "punycode": "^2.1.0" @@ -2402,6 +2430,7 @@ "version": "3.1.1", "resolved": "https://registry.npmjs.org/xmlbuilder2/-/xmlbuilder2-3.1.1.tgz", "integrity": "sha512-WCSfbfZnQDdLQLiMdGUQpMxxckeQ4oZNMNhLVkcekTu7xhD4tuUDyAPoY8CwXvBYE6LwBHd6QW2WZXlOWr1vCw==", + "license": "MIT", "dependencies": { "@oozcitak/dom": "1.15.10", "@oozcitak/infra": "1.0.8", diff --git a/expressjs-backend/package.json b/expressjs-backend/package.json index 50e370c..2941d5b 100644 --- a/expressjs-backend/package.json +++ b/expressjs-backend/package.json @@ -10,7 +10,7 @@ "author": "", "license": "ISC", "dependencies": { - "@cyclonedx/cyclonedx-npm": "^1.16.1", + "@cyclonedx/cyclonedx-npm": "^1.17.0", "bcrypt": "^5.1.1", "cookie-session": "^2.1.0", "cors": "^2.8.5",