This run took 155 seconds.
From e825afff0b1d14d9d02ddae92b781f22e0243512 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Sun, 27 Oct 2024 14:04:58 +0000
Subject: [PATCH] [DNM] there are no updates
Change-Id: Ib8f522682740e5b09a5b8bec7e80a9539d6feb45
---
package-lock.json | 372 ++++++++++++++++++++++++++++++++--------------
1 file changed, 263 insertions(+), 109 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 4df5a09..f7a323d 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -8302,15 +8302,14 @@
}
},
"node_modules/asn1.js": {
- "version": "5.4.1",
- "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-5.4.1.tgz",
- "integrity": "sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==",
+ "version": "4.10.1",
+ "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-4.10.1.tgz",
+ "integrity": "sha512-p32cOF5q0Zqs9uBiONKYLm6BClCoBCM5O9JfeUSlnQLBTxYdTK+pW+nXflm8UkKd2UYlEbYz5qEi0JuZR9ckSw==",
"dev": true,
"dependencies": {
"bn.js": "^4.0.0",
"inherits": "^2.0.1",
- "minimalistic-assert": "^1.0.0",
- "safer-buffer": "^2.1.0"
+ "minimalistic-assert": "^1.0.0"
}
},
"node_modules/asn1.js/node_modules/bn.js": {
@@ -9350,39 +9349,66 @@
}
},
"node_modules/browserify-sign": {
- "version": "4.2.2",
- "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.2.tgz",
- "integrity": "sha512-1rudGyeYY42Dk6texmv7c4VcQ0EsvVbLwZkA+AQB7SxvXxmcD93jcHie8bzecJ+ChDlmAm2Qyu0+Ccg5uhZXCg==",
+ "version": "4.2.3",
+ "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.3.tgz",
+ "integrity": "sha512-JWCZW6SKhfhjJxO8Tyiiy+XYB7cqd2S5/+WeYHsKdNKFlCBhKbblba1A/HN/90YwtxKc8tCErjffZl++UNmGiw==",
"dev": true,
"dependencies": {
"bn.js": "^5.2.1",
"browserify-rsa": "^4.1.0",
"create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
- "elliptic": "^6.5.4",
+ "elliptic": "^6.5.5",
+ "hash-base": "~3.0",
"inherits": "^2.0.4",
- "parse-asn1": "^5.1.6",
- "readable-stream": "^3.6.2",
+ "parse-asn1": "^5.1.7",
+ "readable-stream": "^2.3.8",
"safe-buffer": "^5.2.1"
},
"engines": {
- "node": ">= 4"
+ "node": ">= 0.12"
}
},
- "node_modules/browserify-sign/node_modules/readable-stream": {
- "version": "3.6.2",
- "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
- "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
+ "node_modules/browserify-sign/node_modules/hash-base": {
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
+ "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
"dev": true,
"dependencies": {
- "inherits": "^2.0.3",
- "string_decoder": "^1.1.1",
- "util-deprecate": "^1.0.1"
+ "inherits": "^2.0.1",
+ "safe-buffer": "^5.0.1"
},
"engines": {
- "node": ">= 6"
+ "node": ">=4"
+ }
+ },
+ "node_modules/browserify-sign/node_modules/isarray": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
+ "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==",
+ "dev": true
+ },
+ "node_modules/browserify-sign/node_modules/readable-stream": {
+ "version": "2.3.8",
+ "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
+ "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
+ "dev": true,
+ "dependencies": {
+ "core-util-is": "~1.0.0",
+ "inherits": "~2.0.3",
+ "isarray": "~1.0.0",
+ "process-nextick-args": "~2.0.0",
+ "safe-buffer": "~5.1.1",
+ "string_decoder": "~1.1.1",
+ "util-deprecate": "~1.0.1"
}
},
+ "node_modules/browserify-sign/node_modules/readable-stream/node_modules/safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ },
"node_modules/browserify-sign/node_modules/safe-buffer": {
"version": "5.2.1",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
@@ -9404,14 +9430,20 @@
]
},
"node_modules/browserify-sign/node_modules/string_decoder": {
- "version": "1.3.0",
- "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
- "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==",
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
+ "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
"dev": true,
"dependencies": {
- "safe-buffer": "~5.2.0"
+ "safe-buffer": "~5.1.0"
}
},
+ "node_modules/browserify-sign/node_modules/string_decoder/node_modules/safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ },
"node_modules/browserify-zlib": {
"version": "0.2.0",
"resolved": "https://registry.npmjs.org/browserify-zlib/-/browserify-zlib-0.2.0.tgz",
@@ -10836,9 +10868,9 @@
}
},
"node_modules/cookie": {
- "version": "0.6.0",
- "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
- "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==",
+ "version": "0.7.1",
+ "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.1.tgz",
+ "integrity": "sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w==",
"dev": true,
"engines": {
"node": ">= 0.6"
@@ -11425,25 +11457,42 @@
}
},
"node_modules/crypto-browserify": {
- "version": "3.12.0",
- "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.0.tgz",
- "integrity": "sha512-fz4spIh+znjO2VjL+IdhEpRJ3YN6sMzITSBijk6FK2UvTqruSQW+/cCZTSNsMiZNvUeq0CqurF+dAbyiGOY6Wg==",
+ "version": "3.12.1",
+ "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.1.tgz",
+ "integrity": "sha512-r4ESw/IlusD17lgQi1O20Fa3qNnsckR126TdUuBgAu7GBYSIPvdNyONd3Zrxh0xCwA4+6w/TDArBPsMvhur+KQ==",
+ "dev": true,
+ "dependencies": {
+ "browserify-cipher": "^1.0.1",
+ "browserify-sign": "^4.2.3",
+ "create-ecdh": "^4.0.4",
+ "create-hash": "^1.2.0",
+ "create-hmac": "^1.1.7",
+ "diffie-hellman": "^5.0.3",
+ "hash-base": "~3.0.4",
+ "inherits": "^2.0.4",
+ "pbkdf2": "^3.1.2",
+ "public-encrypt": "^4.0.3",
+ "randombytes": "^2.1.0",
+ "randomfill": "^1.0.4"
+ },
+ "engines": {
+ "node": ">= 0.10"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/ljharb"
+ }
+ },
+ "node_modules/crypto-browserify/node_modules/hash-base": {
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
+ "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
"dev": true,
"dependencies": {
- "browserify-cipher": "^1.0.0",
- "browserify-sign": "^4.0.0",
- "create-ecdh": "^4.0.0",
- "create-hash": "^1.1.0",
- "create-hmac": "^1.1.0",
- "diffie-hellman": "^5.0.0",
"inherits": "^2.0.1",
- "pbkdf2": "^3.0.3",
- "public-encrypt": "^4.0.0",
- "randombytes": "^2.0.0",
- "randomfill": "^1.0.3"
+ "safe-buffer": "^5.0.1"
},
"engines": {
- "node": "*"
+ "node": ">=4"
}
},
"node_modules/css-functions-list": {
@@ -12661,9 +12710,9 @@
"dev": true
},
"node_modules/elliptic": {
- "version": "6.5.7",
- "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.7.tgz",
- "integrity": "sha512-ESVCtTwiA+XhY3wyh24QqRGBoP3rEdDUl3EDUUo9tft074fi19IrdpH7hLCMMP3CIj7jb3W96rn8lt/BqIlt5Q==",
+ "version": "6.6.0",
+ "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.6.0.tgz",
+ "integrity": "sha512-dpwoQcLc/2WLQvJvLRHKZ+f9FgOdjnq11rurqwekGQygGPsYSK29OMMD2WalatiqQ+XGFDglTNixpPfI+lpaAA==",
"dev": true,
"dependencies": {
"bn.js": "^4.11.9",
@@ -14489,9 +14538,9 @@
}
},
"node_modules/express": {
- "version": "4.21.0",
- "resolved": "https://registry.npmjs.org/express/-/express-4.21.0.tgz",
- "integrity": "sha512-VqcNGcj/Id5ZT1LZ/cfihi3ttTn+NJmkli2eZADigjq29qTlWi/hAQ43t/VLPq8+UX06FCEx3ByOYet6ZFblng==",
+ "version": "4.21.1",
+ "resolved": "https://registry.npmjs.org/express/-/express-4.21.1.tgz",
+ "integrity": "sha512-YSFlK1Ee0/GC8QaO91tHcDxJiE/X4FbpAyQWkxAvG6AXCuR65YzK8ua6D9hvi/TzUfZMpc+BwuM1IPw8fmQBiQ==",
"dev": true,
"dependencies": {
"accepts": "~1.3.8",
@@ -14499,7 +14548,7 @@
"body-parser": "1.20.3",
"content-disposition": "0.5.4",
"content-type": "~1.0.4",
- "cookie": "0.6.0",
+ "cookie": "0.7.1",
"cookie-signature": "1.0.6",
"debug": "2.6.9",
"depd": "2.0.0",
@@ -22969,18 +23018,55 @@
}
},
"node_modules/parse-asn1": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.6.tgz",
- "integrity": "sha512-RnZRo1EPU6JBnra2vGHj0yhp6ebyjBZpmUCLHWiFhxlzvBCCpAuZ7elsBp1PVAbQN0/04VD/19rfzlBSwLstMw==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.7.tgz",
+ "integrity": "sha512-CTM5kuWR3sx9IFamcl5ErfPl6ea/N8IYwiJ+vpeB2g+1iknv7zBl5uPwbMbRVznRVbrNY6lGuDoE5b30grmbqg==",
"dev": true,
"dependencies": {
- "asn1.js": "^5.2.0",
- "browserify-aes": "^1.0.0",
- "evp_bytestokey": "^1.0.0",
- "pbkdf2": "^3.0.3",
- "safe-buffer": "^5.1.1"
+ "asn1.js": "^4.10.1",
+ "browserify-aes": "^1.2.0",
+ "evp_bytestokey": "^1.0.3",
+ "hash-base": "~3.0",
+ "pbkdf2": "^3.1.2",
+ "safe-buffer": "^5.2.1"
+ },
+ "engines": {
+ "node": ">= 0.10"
}
},
+ "node_modules/parse-asn1/node_modules/hash-base": {
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
+ "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
+ "dev": true,
+ "dependencies": {
+ "inherits": "^2.0.1",
+ "safe-buffer": "^5.0.1"
+ },
+ "engines": {
+ "node": ">=4"
+ }
+ },
+ "node_modules/parse-asn1/node_modules/safe-buffer": {
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+ "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+ "dev": true,
+ "funding": [
+ {
+ "type": "github",
+ "url": "https://github.com/sponsors/feross"
+ },
+ {
+ "type": "patreon",
+ "url": "https://www.patreon.com/feross"
+ },
+ {
+ "type": "consulting",
+ "url": "https://feross.org/support"
+ }
+ ]
+ },
"node_modules/parse-entities": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/parse-entities/-/parse-entities-2.0.0.tgz",
@@ -37227,15 +37313,14 @@
}
},
"asn1.js": {
- "version": "5.4.1",
- "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-5.4.1.tgz",
- "integrity": "sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==",
+ "version": "4.10.1",
+ "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-4.10.1.tgz",
+ "integrity": "sha512-p32cOF5q0Zqs9uBiONKYLm6BClCoBCM5O9JfeUSlnQLBTxYdTK+pW+nXflm8UkKd2UYlEbYz5qEi0JuZR9ckSw==",
"dev": true,
"requires": {
"bn.js": "^4.0.0",
"inherits": "^2.0.1",
- "minimalistic-assert": "^1.0.0",
- "safer-buffer": "^2.1.0"
+ "minimalistic-assert": "^1.0.0"
},
"dependencies": {
"bn.js": {
@@ -38041,31 +38126,60 @@
}
},
"browserify-sign": {
- "version": "4.2.2",
- "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.2.tgz",
- "integrity": "sha512-1rudGyeYY42Dk6texmv7c4VcQ0EsvVbLwZkA+AQB7SxvXxmcD93jcHie8bzecJ+ChDlmAm2Qyu0+Ccg5uhZXCg==",
+ "version": "4.2.3",
+ "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.3.tgz",
+ "integrity": "sha512-JWCZW6SKhfhjJxO8Tyiiy+XYB7cqd2S5/+WeYHsKdNKFlCBhKbblba1A/HN/90YwtxKc8tCErjffZl++UNmGiw==",
"dev": true,
"requires": {
"bn.js": "^5.2.1",
"browserify-rsa": "^4.1.0",
"create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
- "elliptic": "^6.5.4",
+ "elliptic": "^6.5.5",
+ "hash-base": "~3.0",
"inherits": "^2.0.4",
- "parse-asn1": "^5.1.6",
- "readable-stream": "^3.6.2",
+ "parse-asn1": "^5.1.7",
+ "readable-stream": "^2.3.8",
"safe-buffer": "^5.2.1"
},
"dependencies": {
+ "hash-base": {
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
+ "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
+ "dev": true,
+ "requires": {
+ "inherits": "^2.0.1",
+ "safe-buffer": "^5.0.1"
+ }
+ },
+ "isarray": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
+ "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==",
+ "dev": true
+ },
"readable-stream": {
- "version": "3.6.2",
- "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
- "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
+ "version": "2.3.8",
+ "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
+ "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
"dev": true,
"requires": {
- "inherits": "^2.0.3",
- "string_decoder": "^1.1.1",
- "util-deprecate": "^1.0.1"
+ "core-util-is": "~1.0.0",
+ "inherits": "~2.0.3",
+ "isarray": "~1.0.0",
+ "process-nextick-args": "~2.0.0",
+ "safe-buffer": "~5.1.1",
+ "string_decoder": "~1.1.1",
+ "util-deprecate": "~1.0.1"
+ },
+ "dependencies": {
+ "safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ }
}
},
"safe-buffer": {
@@ -38075,12 +38189,20 @@
"dev": true
},
"string_decoder": {
- "version": "1.3.0",
- "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
- "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==",
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
+ "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
"dev": true,
"requires": {
- "safe-buffer": "~5.2.0"
+ "safe-buffer": "~5.1.0"
+ },
+ "dependencies": {
+ "safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ }
}
}
}
@@ -39160,9 +39282,9 @@
}
},
"cookie": {
- "version": "0.6.0",
- "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
- "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==",
+ "version": "0.7.1",
+ "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.1.tgz",
+ "integrity": "sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w==",
"dev": true
},
"cookie-signature": {
@@ -39639,22 +39761,35 @@
}
},
"crypto-browserify": {
- "version": "3.12.0",
- "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.0.tgz",
- "integrity": "sha512-fz4spIh+znjO2VjL+IdhEpRJ3YN6sMzITSBijk6FK2UvTqruSQW+/cCZTSNsMiZNvUeq0CqurF+dAbyiGOY6Wg==",
+ "version": "3.12.1",
+ "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.1.tgz",
+ "integrity": "sha512-r4ESw/IlusD17lgQi1O20Fa3qNnsckR126TdUuBgAu7GBYSIPvdNyONd3Zrxh0xCwA4+6w/TDArBPsMvhur+KQ==",
"dev": true,
"requires": {
- "browserify-cipher": "^1.0.0",
- "browserify-sign": "^4.0.0",
- "create-ecdh": "^4.0.0",
- "create-hash": "^1.1.0",
- "create-hmac": "^1.1.0",
- "diffie-hellman": "^5.0.0",
- "inherits": "^2.0.1",
- "pbkdf2": "^3.0.3",
- "public-encrypt": "^4.0.0",
- "randombytes": "^2.0.0",
- "randomfill": "^1.0.3"
+ "browserify-cipher": "^1.0.1",
+ "browserify-sign": "^4.2.3",
+ "create-ecdh": "^4.0.4",
+ "create-hash": "^1.2.0",
+ "create-hmac": "^1.1.7",
+ "diffie-hellman": "^5.0.3",
+ "hash-base": "~3.0.4",
+ "inherits": "^2.0.4",
+ "pbkdf2": "^3.1.2",
+ "public-encrypt": "^4.0.3",
+ "randombytes": "^2.1.0",
+ "randomfill": "^1.0.4"
+ },
+ "dependencies": {
+ "hash-base": {
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
+ "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
+ "dev": true,
+ "requires": {
+ "inherits": "^2.0.1",
+ "safe-buffer": "^5.0.1"
+ }
+ }
}
},
"css-functions-list": {
@@ -40623,9 +40758,9 @@
"dev": true
},
"elliptic": {
- "version": "6.5.7",
- "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.7.tgz",
- "integrity": "sha512-ESVCtTwiA+XhY3wyh24QqRGBoP3rEdDUl3EDUUo9tft074fi19IrdpH7hLCMMP3CIj7jb3W96rn8lt/BqIlt5Q==",
+ "version": "6.6.0",
+ "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.6.0.tgz",
+ "integrity": "sha512-dpwoQcLc/2WLQvJvLRHKZ+f9FgOdjnq11rurqwekGQygGPsYSK29OMMD2WalatiqQ+XGFDglTNixpPfI+lpaAA==",
"dev": true,
"requires": {
"bn.js": "^4.11.9",
@@ -41970,9 +42105,9 @@
}
},
"express": {
- "version": "4.21.0",
- "resolved": "https://registry.npmjs.org/express/-/express-4.21.0.tgz",
- "integrity": "sha512-VqcNGcj/Id5ZT1LZ/cfihi3ttTn+NJmkli2eZADigjq29qTlWi/hAQ43t/VLPq8+UX06FCEx3ByOYet6ZFblng==",
+ "version": "4.21.1",
+ "resolved": "https://registry.npmjs.org/express/-/express-4.21.1.tgz",
+ "integrity": "sha512-YSFlK1Ee0/GC8QaO91tHcDxJiE/X4FbpAyQWkxAvG6AXCuR65YzK8ua6D9hvi/TzUfZMpc+BwuM1IPw8fmQBiQ==",
"dev": true,
"requires": {
"accepts": "~1.3.8",
@@ -41980,7 +42115,7 @@
"body-parser": "1.20.3",
"content-disposition": "0.5.4",
"content-type": "~1.0.4",
- "cookie": "0.6.0",
+ "cookie": "0.7.1",
"cookie-signature": "1.0.6",
"debug": "2.6.9",
"depd": "2.0.0",
@@ -48507,16 +48642,35 @@
}
},
"parse-asn1": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.6.tgz",
- "integrity": "sha512-RnZRo1EPU6JBnra2vGHj0yhp6ebyjBZpmUCLHWiFhxlzvBCCpAuZ7elsBp1PVAbQN0/04VD/19rfzlBSwLstMw==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.7.tgz",
+ "integrity": "sha512-CTM5kuWR3sx9IFamcl5ErfPl6ea/N8IYwiJ+vpeB2g+1iknv7zBl5uPwbMbRVznRVbrNY6lGuDoE5b30grmbqg==",
"dev": true,
"requires": {
- "asn1.js": "^5.2.0",
- "browserify-aes": "^1.0.0",
- "evp_bytestokey": "^1.0.0",
- "pbkdf2": "^3.0.3",
- "safe-buffer": "^5.1.1"
+ "asn1.js": "^4.10.1",
+ "browserify-aes": "^1.2.0",
+ "evp_bytestokey": "^1.0.3",
+ "hash-base": "~3.0",
+ "pbkdf2": "^3.1.2",
+ "safe-buffer": "^5.2.1"
+ },
+ "dependencies": {
+ "hash-base": {
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
+ "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
+ "dev": true,
+ "requires": {
+ "inherits": "^2.0.1",
+ "safe-buffer": "^5.0.1"
+ }
+ },
+ "safe-buffer": {
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+ "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+ "dev": true
+ }
}
},
"parse-entities": {
--
2.39.2
$ date
--- stdout ---
Sun Oct 27 14:02:30 UTC 2024
--- end ---
$ git clone file:///srv/git/mediawiki-extensions-Wikistories.git repo --depth=1 -b REL1_42
--- stderr ---
Cloning into 'repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stdout ---
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/REL1_42
--- stdout ---
8795b3f3d1419467a33972b0b5dd0cbb8b7aaf3d refs/heads/REL1_42
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"@jest/transform": {
"name": "@jest/transform",
"severity": "moderate",
"isDirect": false,
"via": [
"jest-haste-map"
],
"effects": [
"@storybook/addon-docs"
],
"range": "<=26.6.2",
"nodes": [
"node_modules/@storybook/addon-docs/node_modules/@jest/transform"
],
"fixAvailable": true
},
"@mdx-js/mdx": {
"name": "@mdx-js/mdx",
"severity": "high",
"isDirect": false,
"via": [
"remark-mdx",
"remark-parse"
],
"effects": [
"@storybook/mdx1-csf"
],
"range": "<=1.6.22",
"nodes": [
"node_modules/@mdx-js/mdx"
],
"fixAvailable": true
},
"@storybook/addon-controls": {
"name": "@storybook/addon-controls",
"severity": "low",
"isDirect": false,
"via": [
"@storybook/core-common"
],
"effects": [
"@storybook/addon-essentials"
],
"range": "6.4.0-alpha.0 - 7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/addon-controls"
],
"fixAvailable": {
"name": "@storybook/addon-essentials",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@storybook/addon-docs": {
"name": "@storybook/addon-docs",
"severity": "high",
"isDirect": false,
"via": [
"@jest/transform",
"@storybook/core-common",
"@storybook/mdx1-csf"
],
"effects": [],
"range": "5.3.0-alpha.0 - 7.0.3 || 7.1.0-alpha.0 - 7.1.0-rc.2",
"nodes": [
"node_modules/@storybook/addon-docs"
],
"fixAvailable": true
},
"@storybook/addon-essentials": {
"name": "@storybook/addon-essentials",
"severity": "low",
"isDirect": true,
"via": [
"@storybook/addon-controls",
"@storybook/addon-docs",
"@storybook/core-common"
],
"effects": [],
"range": "6.4.0-alpha.0 - 7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/addon-essentials"
],
"fixAvailable": {
"name": "@storybook/addon-essentials",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@storybook/addon-interactions": {
"name": "@storybook/addon-interactions",
"severity": "low",
"isDirect": true,
"via": [
"@storybook/core-common"
],
"effects": [],
"range": "<=7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/addon-interactions"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@storybook/builder-webpack4": {
"name": "@storybook/builder-webpack4",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core-common",
"autoprefixer",
"css-loader",
"fork-ts-checker-webpack-plugin",
"postcss",
"postcss-flexbugs-fixes",
"webpack",
"webpack-dev-middleware"
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/@storybook/builder-webpack4"
],
"fixAvailable": false
},
"@storybook/core": {
"name": "@storybook/core",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/core-server"
],
"effects": [],
"range": "6.2.0-alpha.0 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/core"
],
"fixAvailable": true
},
"@storybook/core-common": {
"name": "@storybook/core-common",
"severity": "moderate",
"isDirect": false,
"via": [
"express",
"webpack"
],
"effects": [
"@storybook/addon-controls",
"@storybook/addon-docs",
"@storybook/addon-essentials",
"@storybook/addon-interactions",
"@storybook/core-server",
"@storybook/telemetry",
"@storybook/vue3"
],
"range": "<=7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/core-common"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@storybook/core-server": {
"name": "@storybook/core-server",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/builder-webpack4",
"@storybook/core-common",
"@storybook/csf-tools",
"@storybook/manager-webpack4",
"@storybook/telemetry",
"cpy",
"express",
"ip",
"webpack"
],
"effects": [
"@storybook/core"
],
"range": "<=8.2.0-beta.3",
"nodes": [
"node_modules/@storybook/core-server"
],
"fixAvailable": true
},
"@storybook/csf-tools": {
"name": "@storybook/csf-tools",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/mdx1-csf"
],
"effects": [
"@storybook/core-server"
],
"range": "6.5.0-alpha.1 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/csf-tools"
],
"fixAvailable": true
},
"@storybook/manager-webpack4": {
"name": "@storybook/manager-webpack4",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core-common",
"css-loader",
"express",
"webpack",
"webpack-dev-middleware"
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/@storybook/manager-webpack4"
],
"fixAvailable": false
},
"@storybook/mdx1-csf": {
"name": "@storybook/mdx1-csf",
"severity": "high",
"isDirect": false,
"via": [
"@mdx-js/mdx"
],
"effects": [
"@storybook/addon-docs",
"@storybook/csf-tools"
],
"range": "*",
"nodes": [
"node_modules/@storybook/mdx1-csf"
],
"fixAvailable": true
},
"@storybook/telemetry": {
"name": "@storybook/telemetry",
"severity": "low",
"isDirect": false,
"via": [
"@storybook/core-common"
],
"effects": [
"@storybook/core-server"
],
"range": "<=7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/telemetry"
],
"fixAvailable": true
},
"@storybook/vue3": {
"name": "@storybook/vue3",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core",
"@storybook/core-common",
"vue-docgen-loader"
],
"effects": [],
"range": "<=6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/vue3"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@wdio/cli": {
"name": "@wdio/cli",
"severity": "high",
"isDirect": true,
"via": [
"webdriverio"
],
"effects": [],
"range": "7.16.5 - 8.40.6",
"nodes": [
"node_modules/@wdio/cli"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"@wdio/local-runner": {
"name": "@wdio/local-runner",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/runner"
],
"effects": [],
"range": "7.16.5 - 8.40.6",
"nodes": [
"node_modules/@wdio/local-runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"@wdio/runner": {
"name": "@wdio/runner",
"severity": "high",
"isDirect": false,
"via": [
"webdriverio"
],
"effects": [
"@wdio/local-runner"
],
"range": "7.16.5 - 8.40.6",
"nodes": [
"node_modules/@wdio/runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"anymatch": {
"name": "anymatch",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar",
"sane"
],
"range": "1.2.0 - 2.0.0",
"nodes": [
"node_modules/sane/node_modules/anymatch",
"node_modules/watchpack-chokidar2/node_modules/anymatch"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"autoprefixer": {
"name": "autoprefixer",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.0.20131222 - 9.8.8",
"nodes": [
"node_modules/autoprefixer"
],
"fixAvailable": true
},
"braces": {
"name": "braces",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098094,
"name": "braces",
"dependency": "braces",
"title": "Uncontrolled resource consumption in braces",
"url": "https://github.com/advisories/GHSA-grv7-fg5c-xmjg",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-1050"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.3"
}
],
"effects": [
"chokidar",
"micromatch"
],
"range": "<3.0.3",
"nodes": [
"node_modules/cpy/node_modules/braces",
"node_modules/fork-ts-checker-webpack-plugin/node_modules/braces",
"node_modules/jscodeshift/node_modules/braces",
"node_modules/sane/node_modules/braces",
"node_modules/watchpack-chokidar2/node_modules/braces",
"node_modules/webpack/node_modules/braces"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"browserify-sign": {
"name": "browserify-sign",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": ">=2.4.0",
"nodes": [
"node_modules/browserify-sign"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"chokidar": {
"name": "chokidar",
"severity": "high",
"isDirect": false,
"via": [
"anymatch",
"braces",
"readdirp"
],
"effects": [
"watchpack-chokidar2"
],
"range": "1.3.0 - 2.1.8",
"nodes": [
"node_modules/watchpack-chokidar2/node_modules/chokidar"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"cookie": {
"name": "cookie",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1099846,
"name": "cookie",
"dependency": "cookie",
"title": "cookie accepts cookie name, path, and domain with out of bounds characters",
"url": "https://github.com/advisories/GHSA-pxg6-pf52-xh8x",
"severity": "low",
"cwe": [
"CWE-74"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<0.7.0"
}
],
"effects": [
"express"
],
"range": "<0.7.0",
"nodes": [
"node_modules/cookie"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"cpy": {
"name": "cpy",
"severity": "moderate",
"isDirect": false,
"via": [
"globby"
],
"effects": [],
"range": "7.0.0 - 8.1.2",
"nodes": [
"node_modules/cpy"
],
"fixAvailable": true
},
"create-ecdh": {
"name": "create-ecdh",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": "*",
"nodes": [
"node_modules/create-ecdh"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"crypto-browserify": {
"name": "crypto-browserify",
"severity": "low",
"isDirect": false,
"via": [
"browserify-sign",
"create-ecdh"
],
"effects": [
"node-libs-browser"
],
"range": ">=3.4.0",
"nodes": [
"node_modules/crypto-browserify"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"css-loader": {
"name": "css-loader",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss",
"postcss-modules-extract-imports",
"postcss-modules-local-by-default",
"postcss-modules-scope",
"postcss-modules-values"
],
"effects": [],
"range": "0.15.0 - 4.3.0",
"nodes": [
"node_modules/css-loader"
],
"fixAvailable": true
},
"devtools": {
"name": "devtools",
"severity": "high",
"isDirect": false,
"via": [
"puppeteer-core"
],
"effects": [],
"range": ">=7.16.5",
"nodes": [
"node_modules/devtools"
],
"fixAvailable": true
},
"elliptic": {
"name": "elliptic",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1100186,
"name": "elliptic",
"dependency": "elliptic",
"title": "Valid ECDSA signatures erroneously rejected in Elliptic",
"url": "https://github.com/advisories/GHSA-fc9h-whq2-v747",
"severity": "low",
"cwe": [
"CWE-347"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=6.5.7"
}
],
"effects": [
"browserify-sign",
"create-ecdh"
],
"range": "<=6.5.7",
"nodes": [
"node_modules/elliptic"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"express": {
"name": "express",
"severity": "low",
"isDirect": false,
"via": [
"cookie"
],
"effects": [
"@storybook/core-common",
"@storybook/core-server"
],
"range": "3.0.0-alpha1 - 4.21.0 || 5.0.0-alpha.1 - 5.0.0",
"nodes": [
"node_modules/express"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"fast-glob": {
"name": "fast-glob",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"globby"
],
"range": "<=2.2.7",
"nodes": [
"node_modules/cpy/node_modules/fast-glob"
],
"fixAvailable": true
},
"fork-ts-checker-webpack-plugin": {
"name": "fork-ts-checker-webpack-plugin",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [],
"range": "0.4.14 - 4.1.6",
"nodes": [
"node_modules/fork-ts-checker-webpack-plugin"
],
"fixAvailable": true
},
"globby": {
"name": "globby",
"severity": "moderate",
"isDirect": false,
"via": [
"fast-glob"
],
"effects": [
"cpy"
],
"range": "8.0.0 - 9.2.0",
"nodes": [
"node_modules/cpy/node_modules/globby"
],
"fixAvailable": true
},
"icss-utils": {
"name": "icss-utils",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"css-loader",
"postcss-modules-local-by-default",
"postcss-modules-values"
],
"range": "<=4.1.1",
"nodes": [
"node_modules/icss-utils"
],
"fixAvailable": true
},
"ip": {
"name": "ip",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1099357,
"name": "ip",
"dependency": "ip",
"title": "ip SSRF improper categorization in isPublic",
"url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp",
"severity": "high",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=2.0.1"
}
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/ip"
],
"fixAvailable": true
},
"jest-haste-map": {
"name": "jest-haste-map",
"severity": "moderate",
"isDirect": false,
"via": [
"sane"
],
"effects": [
"@jest/transform"
],
"range": "24.0.0-alpha.0 - 26.6.2",
"nodes": [
"node_modules/@storybook/addon-docs/node_modules/jest-haste-map"
],
"fixAvailable": true
},
"jscodeshift": {
"name": "jscodeshift",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"vue-docgen-loader"
],
"range": "0.3.20 - 0.13.1",
"nodes": [
"node_modules/jscodeshift"
],
"fixAvailable": true
},
"meow": {
"name": "meow",
"severity": "high",
"isDirect": false,
"via": [
"trim-newlines"
],
"effects": [],
"range": "3.4.0 - 5.0.0",
"nodes": [
"node_modules/default-browser-id/node_modules/meow"
],
"fixAvailable": true
},
"micromatch": {
"name": "micromatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098681,
"name": "micromatch",
"dependency": "micromatch",
"title": "Regular Expression Denial of Service (ReDoS) in micromatch",
"url": "https://github.com/advisories/GHSA-952p-6rrq-rcjv",
"severity": "moderate",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<4.0.8"
},
"braces"
],
"effects": [
"anymatch",
"fast-glob",
"fork-ts-checker-webpack-plugin",
"jscodeshift",
"readdirp",
"sane",
"webpack"
],
"range": "<=4.0.7",
"nodes": [
"node_modules/cpy/node_modules/micromatch",
"node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch",
"node_modules/jscodeshift/node_modules/micromatch",
"node_modules/sane/node_modules/micromatch",
"node_modules/watchpack-chokidar2/node_modules/micromatch",
"node_modules/webpack/node_modules/micromatch"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"mwbot": {
"name": "mwbot",
"severity": "moderate",
"isDirect": false,
"via": [
"request"
],
"effects": [
"wdio-mediawiki"
],
"range": ">=0.1.6",
"nodes": [
"node_modules/mwbot"
],
"fixAvailable": false
},
"node-libs-browser": {
"name": "node-libs-browser",
"severity": "low",
"isDirect": false,
"via": [
"crypto-browserify"
],
"effects": [
"webpack"
],
"range": "0.4.2 || >=1.0.0",
"nodes": [
"node_modules/node-libs-browser"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"postcss": {
"name": "postcss",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1094544,
"name": "postcss",
"dependency": "postcss",
"title": "PostCSS line return parsing error",
"url": "https://github.com/advisories/GHSA-7fh5-64p2-3v2j",
"severity": "moderate",
"cwe": [
"CWE-74",
"CWE-144"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<8.4.31"
}
],
"effects": [
"@storybook/builder-webpack4",
"autoprefixer",
"css-loader",
"icss-utils",
"postcss-flexbugs-fixes",
"postcss-modules-extract-imports",
"postcss-modules-local-by-default",
"postcss-modules-scope",
"postcss-modules-values"
],
"range": "<8.4.31",
"nodes": [
"node_modules/@storybook/builder-webpack4/node_modules/postcss",
"node_modules/autoprefixer/node_modules/postcss",
"node_modules/css-loader/node_modules/postcss",
"node_modules/icss-utils/node_modules/postcss",
"node_modules/postcss-flexbugs-fixes/node_modules/postcss",
"node_modules/postcss-modules-extract-imports/node_modules/postcss",
"node_modules/postcss-modules-local-by-default/node_modules/postcss",
"node_modules/postcss-modules-scope/node_modules/postcss",
"node_modules/postcss-modules-values/node_modules/postcss"
],
"fixAvailable": false
},
"postcss-flexbugs-fixes": {
"name": "postcss-flexbugs-fixes",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.2.1",
"nodes": [
"node_modules/postcss-flexbugs-fixes"
],
"fixAvailable": true
},
"postcss-modules-extract-imports": {
"name": "postcss-modules-extract-imports",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.0.0",
"nodes": [
"node_modules/postcss-modules-extract-imports"
],
"fixAvailable": true
},
"postcss-modules-local-by-default": {
"name": "postcss-modules-local-by-default",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss"
],
"effects": [],
"range": "<=4.0.0-rc.4",
"nodes": [
"node_modules/postcss-modules-local-by-default"
],
"fixAvailable": true
},
"postcss-modules-scope": {
"name": "postcss-modules-scope",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.2.0",
"nodes": [
"node_modules/postcss-modules-scope"
],
"fixAvailable": true
},
"postcss-modules-values": {
"name": "postcss-modules-values",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss"
],
"effects": [
"css-loader"
],
"range": "<=4.0.0-rc.5",
"nodes": [
"node_modules/postcss-modules-values"
],
"fixAvailable": true
},
"puppeteer-core": {
"name": "puppeteer-core",
"severity": "high",
"isDirect": false,
"via": [
"ws"
],
"effects": [
"devtools",
"webdriverio"
],
"range": "11.0.0 - 22.11.1",
"nodes": [
"node_modules/puppeteer-core"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"readdirp": {
"name": "readdirp",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar"
],
"range": "2.2.0 - 2.2.1",
"nodes": [
"node_modules/watchpack-chokidar2/node_modules/readdirp"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"remark-mdx": {
"name": "remark-mdx",
"severity": "high",
"isDirect": false,
"via": [
"remark-parse"
],
"effects": [
"@mdx-js/mdx"
],
"range": "<=1.6.22",
"nodes": [
"node_modules/remark-mdx"
],
"fixAvailable": true
},
"remark-parse": {
"name": "remark-parse",
"severity": "high",
"isDirect": false,
"via": [
"trim"
],
"effects": [
"@mdx-js/mdx",
"remark-mdx"
],
"range": "<=8.0.3",
"nodes": [
"node_modules/remark-parse"
],
"fixAvailable": true
},
"request": {
"name": "request",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"tough-cookie"
],
"effects": [
"mwbot"
],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": false
},
"sane": {
"name": "sane",
"severity": "moderate",
"isDirect": false,
"via": [
"anymatch",
"micromatch"
],
"effects": [
"jest-haste-map"
],
"range": "1.5.0 - 4.1.0",
"nodes": [
"node_modules/sane"
],
"fixAvailable": true
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097682,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/request/node_modules/tough-cookie"
],
"fixAvailable": false
},
"trim": {
"name": "trim",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1089867,
"name": "trim",
"dependency": "trim",
"title": "Regular Expression Denial of Service in trim",
"url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<0.0.3"
}
],
"effects": [
"remark-parse"
],
"range": "<0.0.3",
"nodes": [
"node_modules/trim"
],
"fixAvailable": true
},
"trim-newlines": {
"name": "trim-newlines",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095100,
"name": "trim-newlines",
"dependency": "trim-newlines",
"title": "Uncontrolled Resource Consumption in trim-newlines",
"url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.1"
}
],
"effects": [
"meow"
],
"range": "<3.0.1",
"nodes": [
"node_modules/default-browser-id/node_modules/trim-newlines"
],
"fixAvailable": true
},
"vue-docgen-loader": {
"name": "vue-docgen-loader",
"severity": "moderate",
"isDirect": false,
"via": [
"jscodeshift"
],
"effects": [],
"range": ">=1.3.0-beta.0",
"nodes": [
"node_modules/vue-docgen-loader"
],
"fixAvailable": true
},
"watchpack": {
"name": "watchpack",
"severity": "high",
"isDirect": false,
"via": [
"watchpack-chokidar2"
],
"effects": [
"webpack"
],
"range": "1.7.2 - 1.7.5",
"nodes": [
"node_modules/webpack/node_modules/watchpack"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"watchpack-chokidar2": {
"name": "watchpack-chokidar2",
"severity": "high",
"isDirect": false,
"via": [
"chokidar"
],
"effects": [
"watchpack"
],
"range": "*",
"nodes": [
"node_modules/watchpack-chokidar2"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"wdio-mediawiki": {
"name": "wdio-mediawiki",
"severity": "moderate",
"isDirect": true,
"via": [
"mwbot"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/wdio-mediawiki"
],
"fixAvailable": false
},
"webdriverio": {
"name": "webdriverio",
"severity": "high",
"isDirect": false,
"via": [
"devtools",
"puppeteer-core"
],
"effects": [
"@wdio/cli",
"@wdio/runner"
],
"range": "7.16.5 - 8.40.6",
"nodes": [
"node_modules/webdriverio"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"webpack": {
"name": "webpack",
"severity": "high",
"isDirect": false,
"via": [
"micromatch",
"node-libs-browser",
"watchpack"
],
"effects": [
"@storybook/core-common"
],
"range": "2.0.0-beta - 5.0.0-rc.6",
"nodes": [
"node_modules/webpack"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"webpack-dev-middleware": {
"name": "webpack-dev-middleware",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1096729,
"name": "webpack-dev-middleware",
"dependency": "webpack-dev-middleware",
"title": "Path traversal in webpack-dev-middleware",
"url": "https://github.com/advisories/GHSA-wr3j-pwj9-hqq6",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 7.4,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"
},
"range": "<=5.3.3"
}
],
"effects": [
"@storybook/manager-webpack4"
],
"range": "<=5.3.3",
"nodes": [
"node_modules/webpack-dev-middleware"
],
"fixAvailable": false
},
"ws": {
"name": "ws",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098392,
"name": "ws",
"dependency": "ws",
"title": "ws affected by a DoS when handling a request with many HTTP headers",
"url": "https://github.com/advisories/GHSA-3h5v-q93c-6h6q",
"severity": "high",
"cwe": [
"CWE-476"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=8.0.0 <8.17.1"
}
],
"effects": [
"puppeteer-core"
],
"range": "8.0.0 - 8.17.0",
"nodes": [
"node_modules/puppeteer-core/node_modules/ws"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.2.1",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 11,
"moderate": 25,
"high": 29,
"critical": 0,
"total": 65
},
"dependencies": {
"prod": 1,
"dev": 2522,
"optional": 58,
"peer": 0,
"peerOptional": 0,
"total": 2522
}
}
}
--- end ---
$ /usr/bin/composer install
--- stderr ---
No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information.
Loading composer repositories with package information
Updating dependencies
Lock file operations: 39 installs, 0 updates, 0 removals
- Locking composer/pcre (3.3.1)
- Locking composer/semver (3.4.0)
- Locking composer/spdx-licenses (1.5.8)
- Locking composer/xdebug-handler (3.0.5)
- Locking dealerdirect/phpcodesniffer-composer-installer (v1.0.0)
- Locking doctrine/deprecations (1.1.3)
- Locking felixfbecker/advanced-json-rpc (v3.2.1)
- Locking mediawiki/mediawiki-codesniffer (v43.0.0)
- Locking mediawiki/mediawiki-phan-config (0.14.0)
- Locking mediawiki/minus-x (1.1.1)
- Locking mediawiki/phan-taint-check-plugin (6.0.0)
- Locking microsoft/tolerant-php-parser (v0.1.2)
- Locking netresearch/jsonmapper (v4.5.0)
- Locking phan/phan (5.4.3)
- Locking php-parallel-lint/php-console-color (v1.0.1)
- Locking php-parallel-lint/php-console-highlighter (v1.0.0)
- Locking php-parallel-lint/php-parallel-lint (v1.3.2)
- Locking phpcsstandards/phpcsextra (1.1.2)
- Locking phpcsstandards/phpcsutils (1.0.9)
- Locking phpdocumentor/reflection-common (2.2.0)
- Locking phpdocumentor/reflection-docblock (5.4.1)
- Locking phpdocumentor/type-resolver (1.8.2)
- Locking phpstan/phpdoc-parser (1.33.0)
- Locking psr/container (2.0.2)
- Locking psr/log (2.0.0)
- Locking sabre/event (5.1.7)
- Locking squizlabs/php_codesniffer (3.8.1)
- Locking symfony/console (v5.4.45)
- Locking symfony/deprecation-contracts (v3.5.0)
- Locking symfony/polyfill-ctype (v1.31.0)
- Locking symfony/polyfill-intl-grapheme (v1.31.0)
- Locking symfony/polyfill-intl-normalizer (v1.31.0)
- Locking symfony/polyfill-mbstring (v1.31.0)
- Locking symfony/polyfill-php73 (v1.31.0)
- Locking symfony/polyfill-php80 (v1.31.0)
- Locking symfony/service-contracts (v3.5.0)
- Locking symfony/string (v6.4.13)
- Locking tysonandre/var_representation_polyfill (0.1.3)
- Locking webmozart/assert (1.11.0)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 39 installs, 0 updates, 0 removals
0 [>---------------------------] 0 [->--------------------------]
- Installing squizlabs/php_codesniffer (3.8.1): Extracting archive
- Installing dealerdirect/phpcodesniffer-composer-installer (v1.0.0): Extracting archive
- Installing composer/pcre (3.3.1): Extracting archive
- Installing symfony/polyfill-php80 (v1.31.0): Extracting archive
- Installing phpcsstandards/phpcsutils (1.0.9): Extracting archive
- Installing phpcsstandards/phpcsextra (1.1.2): Extracting archive
- Installing symfony/polyfill-mbstring (v1.31.0): Extracting archive
- Installing composer/spdx-licenses (1.5.8): Extracting archive
- Installing composer/semver (3.4.0): Extracting archive
- Installing mediawiki/mediawiki-codesniffer (v43.0.0): Extracting archive
- Installing tysonandre/var_representation_polyfill (0.1.3): Extracting archive
- Installing symfony/polyfill-intl-normalizer (v1.31.0): Extracting archive
- Installing symfony/polyfill-intl-grapheme (v1.31.0): Extracting archive
- Installing symfony/polyfill-ctype (v1.31.0): Extracting archive
- Installing symfony/string (v6.4.13): Extracting archive
- Installing symfony/deprecation-contracts (v3.5.0): Extracting archive
- Installing psr/container (2.0.2): Extracting archive
- Installing symfony/service-contracts (v3.5.0): Extracting archive
- Installing symfony/polyfill-php73 (v1.31.0): Extracting archive
- Installing symfony/console (v5.4.45): Extracting archive
- Installing sabre/event (5.1.7): Extracting archive
- Installing netresearch/jsonmapper (v4.5.0): Extracting archive
- Installing microsoft/tolerant-php-parser (v0.1.2): Extracting archive
- Installing webmozart/assert (1.11.0): Extracting archive
- Installing phpstan/phpdoc-parser (1.33.0): Extracting archive
- Installing phpdocumentor/reflection-common (2.2.0): Extracting archive
- Installing doctrine/deprecations (1.1.3): Extracting archive
- Installing phpdocumentor/type-resolver (1.8.2): Extracting archive
- Installing phpdocumentor/reflection-docblock (5.4.1): Extracting archive
- Installing felixfbecker/advanced-json-rpc (v3.2.1): Extracting archive
- Installing psr/log (2.0.0): Extracting archive
- Installing composer/xdebug-handler (3.0.5): Extracting archive
- Installing phan/phan (5.4.3): Extracting archive
- Installing mediawiki/phan-taint-check-plugin (6.0.0): Extracting archive
- Installing mediawiki/mediawiki-phan-config (0.14.0): Extracting archive
- Installing mediawiki/minus-x (1.1.1): Extracting archive
- Installing php-parallel-lint/php-console-color (v1.0.1): Extracting archive
- Installing php-parallel-lint/php-console-highlighter (v1.0.0): Extracting archive
- Installing php-parallel-lint/php-parallel-lint (v1.3.2): Extracting archive
0/37 [>---------------------------] 0%
20/37 [===============>------------] 54%
34/37 [=========================>--] 91%
37/37 [============================] 100%
3 package suggestions were added by new dependencies, use `composer suggest` to see details.
Generating autoload files
16 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
--- stdout ---
PHP CodeSniffer Config installed_paths set to ../../mediawiki/mediawiki-codesniffer,../../phpcsstandards/phpcsextra,../../phpcsstandards/phpcsutils
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"@jest/transform": {
"name": "@jest/transform",
"severity": "moderate",
"isDirect": false,
"via": [
"jest-haste-map"
],
"effects": [
"@storybook/addon-docs"
],
"range": "<=26.6.2",
"nodes": [
"node_modules/@storybook/addon-docs/node_modules/@jest/transform"
],
"fixAvailable": true
},
"@mdx-js/mdx": {
"name": "@mdx-js/mdx",
"severity": "high",
"isDirect": false,
"via": [
"remark-mdx",
"remark-parse"
],
"effects": [
"@storybook/mdx1-csf"
],
"range": "<=1.6.22",
"nodes": [
"node_modules/@mdx-js/mdx"
],
"fixAvailable": true
},
"@storybook/addon-controls": {
"name": "@storybook/addon-controls",
"severity": "low",
"isDirect": false,
"via": [
"@storybook/core-common"
],
"effects": [
"@storybook/addon-essentials"
],
"range": "6.4.0-alpha.0 - 7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/addon-controls"
],
"fixAvailable": {
"name": "@storybook/addon-essentials",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@storybook/addon-docs": {
"name": "@storybook/addon-docs",
"severity": "high",
"isDirect": false,
"via": [
"@jest/transform",
"@storybook/core-common",
"@storybook/mdx1-csf"
],
"effects": [],
"range": "5.3.0-alpha.0 - 7.0.3 || 7.1.0-alpha.0 - 7.1.0-rc.2",
"nodes": [
"node_modules/@storybook/addon-docs"
],
"fixAvailable": true
},
"@storybook/addon-essentials": {
"name": "@storybook/addon-essentials",
"severity": "low",
"isDirect": true,
"via": [
"@storybook/addon-controls",
"@storybook/addon-docs",
"@storybook/core-common"
],
"effects": [],
"range": "6.4.0-alpha.0 - 7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/addon-essentials"
],
"fixAvailable": {
"name": "@storybook/addon-essentials",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@storybook/addon-interactions": {
"name": "@storybook/addon-interactions",
"severity": "low",
"isDirect": true,
"via": [
"@storybook/core-common"
],
"effects": [],
"range": "<=7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/addon-interactions"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@storybook/builder-webpack4": {
"name": "@storybook/builder-webpack4",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core-common",
"autoprefixer",
"css-loader",
"fork-ts-checker-webpack-plugin",
"postcss",
"postcss-flexbugs-fixes",
"webpack",
"webpack-dev-middleware"
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/@storybook/builder-webpack4"
],
"fixAvailable": false
},
"@storybook/core": {
"name": "@storybook/core",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/core-server"
],
"effects": [],
"range": "6.2.0-alpha.0 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/core"
],
"fixAvailable": true
},
"@storybook/core-common": {
"name": "@storybook/core-common",
"severity": "moderate",
"isDirect": false,
"via": [
"express",
"webpack"
],
"effects": [
"@storybook/addon-controls",
"@storybook/addon-docs",
"@storybook/addon-essentials",
"@storybook/addon-interactions",
"@storybook/core-server",
"@storybook/telemetry",
"@storybook/vue3"
],
"range": "<=7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/core-common"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@storybook/core-server": {
"name": "@storybook/core-server",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/builder-webpack4",
"@storybook/core-common",
"@storybook/csf-tools",
"@storybook/manager-webpack4",
"@storybook/telemetry",
"cpy",
"express",
"ip",
"webpack"
],
"effects": [
"@storybook/core"
],
"range": "<=8.2.0-beta.3",
"nodes": [
"node_modules/@storybook/core-server"
],
"fixAvailable": true
},
"@storybook/csf-tools": {
"name": "@storybook/csf-tools",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/mdx1-csf"
],
"effects": [
"@storybook/core-server"
],
"range": "6.5.0-alpha.1 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/csf-tools"
],
"fixAvailable": true
},
"@storybook/manager-webpack4": {
"name": "@storybook/manager-webpack4",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core-common",
"css-loader",
"express",
"webpack",
"webpack-dev-middleware"
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/@storybook/manager-webpack4"
],
"fixAvailable": false
},
"@storybook/mdx1-csf": {
"name": "@storybook/mdx1-csf",
"severity": "high",
"isDirect": false,
"via": [
"@mdx-js/mdx"
],
"effects": [
"@storybook/addon-docs",
"@storybook/csf-tools"
],
"range": "*",
"nodes": [
"node_modules/@storybook/mdx1-csf"
],
"fixAvailable": true
},
"@storybook/telemetry": {
"name": "@storybook/telemetry",
"severity": "low",
"isDirect": false,
"via": [
"@storybook/core-common"
],
"effects": [
"@storybook/core-server"
],
"range": "<=7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/telemetry"
],
"fixAvailable": true
},
"@storybook/vue3": {
"name": "@storybook/vue3",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core",
"@storybook/core-common",
"vue-docgen-loader"
],
"effects": [],
"range": "<=6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/vue3"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@wdio/cli": {
"name": "@wdio/cli",
"severity": "high",
"isDirect": true,
"via": [
"webdriverio"
],
"effects": [],
"range": "7.16.5 - 8.40.6",
"nodes": [
"node_modules/@wdio/cli"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"@wdio/local-runner": {
"name": "@wdio/local-runner",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/runner"
],
"effects": [],
"range": "7.16.5 - 8.40.6",
"nodes": [
"node_modules/@wdio/local-runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"@wdio/runner": {
"name": "@wdio/runner",
"severity": "high",
"isDirect": false,
"via": [
"webdriverio"
],
"effects": [
"@wdio/local-runner"
],
"range": "7.16.5 - 8.40.6",
"nodes": [
"node_modules/@wdio/runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"anymatch": {
"name": "anymatch",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar",
"sane"
],
"range": "1.2.0 - 2.0.0",
"nodes": [
"node_modules/sane/node_modules/anymatch",
"node_modules/watchpack-chokidar2/node_modules/anymatch"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"autoprefixer": {
"name": "autoprefixer",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.0.20131222 - 9.8.8",
"nodes": [
"node_modules/autoprefixer"
],
"fixAvailable": true
},
"braces": {
"name": "braces",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098094,
"name": "braces",
"dependency": "braces",
"title": "Uncontrolled resource consumption in braces",
"url": "https://github.com/advisories/GHSA-grv7-fg5c-xmjg",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-1050"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.3"
}
],
"effects": [
"chokidar",
"micromatch"
],
"range": "<3.0.3",
"nodes": [
"node_modules/cpy/node_modules/braces",
"node_modules/fork-ts-checker-webpack-plugin/node_modules/braces",
"node_modules/jscodeshift/node_modules/braces",
"node_modules/sane/node_modules/braces",
"node_modules/watchpack-chokidar2/node_modules/braces",
"node_modules/webpack/node_modules/braces"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"browserify-sign": {
"name": "browserify-sign",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": ">=2.4.0",
"nodes": [
"node_modules/browserify-sign"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"chokidar": {
"name": "chokidar",
"severity": "high",
"isDirect": false,
"via": [
"anymatch",
"braces",
"readdirp"
],
"effects": [
"watchpack-chokidar2"
],
"range": "1.3.0 - 2.1.8",
"nodes": [
"node_modules/watchpack-chokidar2/node_modules/chokidar"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"cookie": {
"name": "cookie",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1099846,
"name": "cookie",
"dependency": "cookie",
"title": "cookie accepts cookie name, path, and domain with out of bounds characters",
"url": "https://github.com/advisories/GHSA-pxg6-pf52-xh8x",
"severity": "low",
"cwe": [
"CWE-74"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<0.7.0"
}
],
"effects": [
"express"
],
"range": "<0.7.0",
"nodes": [
"node_modules/cookie"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"cpy": {
"name": "cpy",
"severity": "moderate",
"isDirect": false,
"via": [
"globby"
],
"effects": [],
"range": "7.0.0 - 8.1.2",
"nodes": [
"node_modules/cpy"
],
"fixAvailable": true
},
"create-ecdh": {
"name": "create-ecdh",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": "*",
"nodes": [
"node_modules/create-ecdh"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"crypto-browserify": {
"name": "crypto-browserify",
"severity": "low",
"isDirect": false,
"via": [
"browserify-sign",
"create-ecdh"
],
"effects": [
"node-libs-browser"
],
"range": ">=3.4.0",
"nodes": [
"node_modules/crypto-browserify"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"css-loader": {
"name": "css-loader",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss",
"postcss-modules-extract-imports",
"postcss-modules-local-by-default",
"postcss-modules-scope",
"postcss-modules-values"
],
"effects": [],
"range": "0.15.0 - 4.3.0",
"nodes": [
"node_modules/css-loader"
],
"fixAvailable": true
},
"devtools": {
"name": "devtools",
"severity": "high",
"isDirect": false,
"via": [
"puppeteer-core"
],
"effects": [],
"range": ">=7.16.5",
"nodes": [
"node_modules/devtools"
],
"fixAvailable": true
},
"elliptic": {
"name": "elliptic",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1100186,
"name": "elliptic",
"dependency": "elliptic",
"title": "Valid ECDSA signatures erroneously rejected in Elliptic",
"url": "https://github.com/advisories/GHSA-fc9h-whq2-v747",
"severity": "low",
"cwe": [
"CWE-347"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=6.5.7"
}
],
"effects": [
"browserify-sign",
"create-ecdh"
],
"range": "<=6.5.7",
"nodes": [
"node_modules/elliptic"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"express": {
"name": "express",
"severity": "low",
"isDirect": false,
"via": [
"cookie"
],
"effects": [
"@storybook/core-common",
"@storybook/core-server"
],
"range": "3.0.0-alpha1 - 4.21.0 || 5.0.0-alpha.1 - 5.0.0",
"nodes": [
"node_modules/express"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"fast-glob": {
"name": "fast-glob",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"globby"
],
"range": "<=2.2.7",
"nodes": [
"node_modules/cpy/node_modules/fast-glob"
],
"fixAvailable": true
},
"fork-ts-checker-webpack-plugin": {
"name": "fork-ts-checker-webpack-plugin",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [],
"range": "0.4.14 - 4.1.6",
"nodes": [
"node_modules/fork-ts-checker-webpack-plugin"
],
"fixAvailable": true
},
"globby": {
"name": "globby",
"severity": "moderate",
"isDirect": false,
"via": [
"fast-glob"
],
"effects": [
"cpy"
],
"range": "8.0.0 - 9.2.0",
"nodes": [
"node_modules/cpy/node_modules/globby"
],
"fixAvailable": true
},
"icss-utils": {
"name": "icss-utils",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"css-loader",
"postcss-modules-local-by-default",
"postcss-modules-values"
],
"range": "<=4.1.1",
"nodes": [
"node_modules/icss-utils"
],
"fixAvailable": true
},
"ip": {
"name": "ip",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1099357,
"name": "ip",
"dependency": "ip",
"title": "ip SSRF improper categorization in isPublic",
"url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp",
"severity": "high",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=2.0.1"
}
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/ip"
],
"fixAvailable": true
},
"jest-haste-map": {
"name": "jest-haste-map",
"severity": "moderate",
"isDirect": false,
"via": [
"sane"
],
"effects": [
"@jest/transform"
],
"range": "24.0.0-alpha.0 - 26.6.2",
"nodes": [
"node_modules/@storybook/addon-docs/node_modules/jest-haste-map"
],
"fixAvailable": true
},
"jscodeshift": {
"name": "jscodeshift",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"vue-docgen-loader"
],
"range": "0.3.20 - 0.13.1",
"nodes": [
"node_modules/jscodeshift"
],
"fixAvailable": true
},
"meow": {
"name": "meow",
"severity": "high",
"isDirect": false,
"via": [
"trim-newlines"
],
"effects": [],
"range": "3.4.0 - 5.0.0",
"nodes": [
"node_modules/default-browser-id/node_modules/meow"
],
"fixAvailable": true
},
"micromatch": {
"name": "micromatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098681,
"name": "micromatch",
"dependency": "micromatch",
"title": "Regular Expression Denial of Service (ReDoS) in micromatch",
"url": "https://github.com/advisories/GHSA-952p-6rrq-rcjv",
"severity": "moderate",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<4.0.8"
},
"braces"
],
"effects": [
"anymatch",
"fast-glob",
"fork-ts-checker-webpack-plugin",
"jscodeshift",
"readdirp",
"sane",
"webpack"
],
"range": "<=4.0.7",
"nodes": [
"node_modules/cpy/node_modules/micromatch",
"node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch",
"node_modules/jscodeshift/node_modules/micromatch",
"node_modules/sane/node_modules/micromatch",
"node_modules/watchpack-chokidar2/node_modules/micromatch",
"node_modules/webpack/node_modules/micromatch"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"mwbot": {
"name": "mwbot",
"severity": "moderate",
"isDirect": false,
"via": [
"request"
],
"effects": [
"wdio-mediawiki"
],
"range": ">=0.1.6",
"nodes": [
"node_modules/mwbot"
],
"fixAvailable": false
},
"node-libs-browser": {
"name": "node-libs-browser",
"severity": "low",
"isDirect": false,
"via": [
"crypto-browserify"
],
"effects": [
"webpack"
],
"range": "0.4.2 || >=1.0.0",
"nodes": [
"node_modules/node-libs-browser"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"postcss": {
"name": "postcss",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1094544,
"name": "postcss",
"dependency": "postcss",
"title": "PostCSS line return parsing error",
"url": "https://github.com/advisories/GHSA-7fh5-64p2-3v2j",
"severity": "moderate",
"cwe": [
"CWE-74",
"CWE-144"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<8.4.31"
}
],
"effects": [
"@storybook/builder-webpack4",
"autoprefixer",
"css-loader",
"icss-utils",
"postcss-flexbugs-fixes",
"postcss-modules-extract-imports",
"postcss-modules-local-by-default",
"postcss-modules-scope",
"postcss-modules-values"
],
"range": "<8.4.31",
"nodes": [
"node_modules/@storybook/builder-webpack4/node_modules/postcss",
"node_modules/autoprefixer/node_modules/postcss",
"node_modules/css-loader/node_modules/postcss",
"node_modules/icss-utils/node_modules/postcss",
"node_modules/postcss-flexbugs-fixes/node_modules/postcss",
"node_modules/postcss-modules-extract-imports/node_modules/postcss",
"node_modules/postcss-modules-local-by-default/node_modules/postcss",
"node_modules/postcss-modules-scope/node_modules/postcss",
"node_modules/postcss-modules-values/node_modules/postcss"
],
"fixAvailable": false
},
"postcss-flexbugs-fixes": {
"name": "postcss-flexbugs-fixes",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.2.1",
"nodes": [
"node_modules/postcss-flexbugs-fixes"
],
"fixAvailable": true
},
"postcss-modules-extract-imports": {
"name": "postcss-modules-extract-imports",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.0.0",
"nodes": [
"node_modules/postcss-modules-extract-imports"
],
"fixAvailable": true
},
"postcss-modules-local-by-default": {
"name": "postcss-modules-local-by-default",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss"
],
"effects": [],
"range": "<=4.0.0-rc.4",
"nodes": [
"node_modules/postcss-modules-local-by-default"
],
"fixAvailable": true
},
"postcss-modules-scope": {
"name": "postcss-modules-scope",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.2.0",
"nodes": [
"node_modules/postcss-modules-scope"
],
"fixAvailable": true
},
"postcss-modules-values": {
"name": "postcss-modules-values",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss"
],
"effects": [
"css-loader"
],
"range": "<=4.0.0-rc.5",
"nodes": [
"node_modules/postcss-modules-values"
],
"fixAvailable": true
},
"puppeteer-core": {
"name": "puppeteer-core",
"severity": "high",
"isDirect": false,
"via": [
"ws"
],
"effects": [
"devtools",
"webdriverio"
],
"range": "11.0.0 - 22.11.1",
"nodes": [
"node_modules/puppeteer-core"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"readdirp": {
"name": "readdirp",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar"
],
"range": "2.2.0 - 2.2.1",
"nodes": [
"node_modules/watchpack-chokidar2/node_modules/readdirp"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"remark-mdx": {
"name": "remark-mdx",
"severity": "high",
"isDirect": false,
"via": [
"remark-parse"
],
"effects": [
"@mdx-js/mdx"
],
"range": "<=1.6.22",
"nodes": [
"node_modules/remark-mdx"
],
"fixAvailable": true
},
"remark-parse": {
"name": "remark-parse",
"severity": "high",
"isDirect": false,
"via": [
"trim"
],
"effects": [
"@mdx-js/mdx",
"remark-mdx"
],
"range": "<=8.0.3",
"nodes": [
"node_modules/remark-parse"
],
"fixAvailable": true
},
"request": {
"name": "request",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"tough-cookie"
],
"effects": [
"mwbot"
],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": false
},
"sane": {
"name": "sane",
"severity": "moderate",
"isDirect": false,
"via": [
"anymatch",
"micromatch"
],
"effects": [
"jest-haste-map"
],
"range": "1.5.0 - 4.1.0",
"nodes": [
"node_modules/sane"
],
"fixAvailable": true
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097682,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/request/node_modules/tough-cookie"
],
"fixAvailable": false
},
"trim": {
"name": "trim",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1089867,
"name": "trim",
"dependency": "trim",
"title": "Regular Expression Denial of Service in trim",
"url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<0.0.3"
}
],
"effects": [
"remark-parse"
],
"range": "<0.0.3",
"nodes": [
"node_modules/trim"
],
"fixAvailable": true
},
"trim-newlines": {
"name": "trim-newlines",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095100,
"name": "trim-newlines",
"dependency": "trim-newlines",
"title": "Uncontrolled Resource Consumption in trim-newlines",
"url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.1"
}
],
"effects": [
"meow"
],
"range": "<3.0.1",
"nodes": [
"node_modules/default-browser-id/node_modules/trim-newlines"
],
"fixAvailable": true
},
"vue-docgen-loader": {
"name": "vue-docgen-loader",
"severity": "moderate",
"isDirect": false,
"via": [
"jscodeshift"
],
"effects": [],
"range": ">=1.3.0-beta.0",
"nodes": [
"node_modules/vue-docgen-loader"
],
"fixAvailable": true
},
"watchpack": {
"name": "watchpack",
"severity": "high",
"isDirect": false,
"via": [
"watchpack-chokidar2"
],
"effects": [
"webpack"
],
"range": "1.7.2 - 1.7.5",
"nodes": [
"node_modules/webpack/node_modules/watchpack"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"watchpack-chokidar2": {
"name": "watchpack-chokidar2",
"severity": "high",
"isDirect": false,
"via": [
"chokidar"
],
"effects": [
"watchpack"
],
"range": "*",
"nodes": [
"node_modules/watchpack-chokidar2"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"wdio-mediawiki": {
"name": "wdio-mediawiki",
"severity": "moderate",
"isDirect": true,
"via": [
"mwbot"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/wdio-mediawiki"
],
"fixAvailable": false
},
"webdriverio": {
"name": "webdriverio",
"severity": "high",
"isDirect": false,
"via": [
"devtools",
"puppeteer-core"
],
"effects": [
"@wdio/cli",
"@wdio/runner"
],
"range": "7.16.5 - 8.40.6",
"nodes": [
"node_modules/webdriverio"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"webpack": {
"name": "webpack",
"severity": "high",
"isDirect": false,
"via": [
"micromatch",
"node-libs-browser",
"watchpack"
],
"effects": [
"@storybook/core-common"
],
"range": "2.0.0-beta - 5.0.0-rc.6",
"nodes": [
"node_modules/webpack"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"webpack-dev-middleware": {
"name": "webpack-dev-middleware",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1096729,
"name": "webpack-dev-middleware",
"dependency": "webpack-dev-middleware",
"title": "Path traversal in webpack-dev-middleware",
"url": "https://github.com/advisories/GHSA-wr3j-pwj9-hqq6",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 7.4,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"
},
"range": "<=5.3.3"
}
],
"effects": [
"@storybook/manager-webpack4"
],
"range": "<=5.3.3",
"nodes": [
"node_modules/webpack-dev-middleware"
],
"fixAvailable": false
},
"ws": {
"name": "ws",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098392,
"name": "ws",
"dependency": "ws",
"title": "ws affected by a DoS when handling a request with many HTTP headers",
"url": "https://github.com/advisories/GHSA-3h5v-q93c-6h6q",
"severity": "high",
"cwe": [
"CWE-476"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=8.0.0 <8.17.1"
}
],
"effects": [
"puppeteer-core"
],
"range": "8.0.0 - 8.17.0",
"nodes": [
"node_modules/puppeteer-core/node_modules/ws"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.2.1",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 11,
"moderate": 25,
"high": 29,
"critical": 0,
"total": 65
},
"dependencies": {
"prod": 1,
"dev": 2522,
"optional": 58,
"peer": 0,
"peerOptional": 0,
"total": 2522
}
}
}
--- end ---
Attempting to npm audit fix
$ /usr/bin/npm audit fix --dry-run --only=dev --json
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: '@es-joy/jsdoccomment@0.23.6',
npm WARN EBADENGINE required: { node: '^12 || ^14 || ^16 || ^17' },
npm WARN EBADENGINE current: { node: 'v18.19.0', npm: '9.2.0' }
npm WARN EBADENGINE }
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: 'eslint-plugin-jsdoc@39.2.2',
npm WARN EBADENGINE required: { node: '^14 || ^16 || ^17' },
npm WARN EBADENGINE current: { node: 'v18.19.0', npm: '9.2.0' }
npm WARN EBADENGINE }
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: 'wdio-mediawiki@2.5.0',
npm WARN EBADENGINE required: { node: '>=18.17.0', npm: '>=9.6.7' },
npm WARN EBADENGINE current: { node: 'v18.19.0', npm: '9.2.0' }
npm WARN EBADENGINE }
--- stdout ---
{
"added": 2529,
"removed": 0,
"changed": 0,
"audited": 2530,
"funding": 334,
"audit": {
"auditReportVersion": 2,
"vulnerabilities": {
"@jest/transform": {
"name": "@jest/transform",
"severity": "moderate",
"isDirect": false,
"via": [
"jest-haste-map"
],
"effects": [
"@storybook/addon-docs"
],
"range": "<=26.6.2",
"nodes": [
"node_modules/@storybook/addon-docs/node_modules/@jest/transform"
],
"fixAvailable": true
},
"@mdx-js/mdx": {
"name": "@mdx-js/mdx",
"severity": "high",
"isDirect": false,
"via": [
"remark-mdx",
"remark-parse"
],
"effects": [
"@storybook/mdx1-csf"
],
"range": "<=1.6.22",
"nodes": [
"node_modules/@mdx-js/mdx"
],
"fixAvailable": true
},
"@storybook/addon-controls": {
"name": "@storybook/addon-controls",
"severity": "low",
"isDirect": false,
"via": [
"@storybook/core-common"
],
"effects": [
"@storybook/addon-essentials"
],
"range": "6.4.0-alpha.0 - 7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/addon-controls"
],
"fixAvailable": {
"name": "@storybook/addon-essentials",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@storybook/addon-docs": {
"name": "@storybook/addon-docs",
"severity": "high",
"isDirect": false,
"via": [
"@jest/transform",
"@storybook/core-common",
"@storybook/mdx1-csf"
],
"effects": [],
"range": "5.3.0-alpha.0 - 7.0.3 || 7.1.0-alpha.0 - 7.1.0-rc.2",
"nodes": [
"node_modules/@storybook/addon-docs"
],
"fixAvailable": true
},
"@storybook/addon-essentials": {
"name": "@storybook/addon-essentials",
"severity": "low",
"isDirect": true,
"via": [
"@storybook/addon-controls",
"@storybook/addon-docs",
"@storybook/core-common"
],
"effects": [],
"range": "6.4.0-alpha.0 - 7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/addon-essentials"
],
"fixAvailable": {
"name": "@storybook/addon-essentials",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@storybook/addon-interactions": {
"name": "@storybook/addon-interactions",
"severity": "low",
"isDirect": true,
"via": [
"@storybook/core-common"
],
"effects": [],
"range": "<=7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/addon-interactions"
],
"fixAvailable": {
"name": "@storybook/addon-interactions",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@storybook/builder-webpack4": {
"name": "@storybook/builder-webpack4",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core-common",
"autoprefixer",
"css-loader",
"fork-ts-checker-webpack-plugin",
"postcss",
"postcss-flexbugs-fixes",
"webpack",
"webpack-dev-middleware"
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/@storybook/builder-webpack4"
],
"fixAvailable": false
},
"@storybook/core": {
"name": "@storybook/core",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/core-server"
],
"effects": [],
"range": "6.2.0-alpha.0 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/core"
],
"fixAvailable": true
},
"@storybook/core-common": {
"name": "@storybook/core-common",
"severity": "moderate",
"isDirect": false,
"via": [
"express",
"webpack"
],
"effects": [
"@storybook/addon-controls",
"@storybook/addon-docs",
"@storybook/addon-essentials",
"@storybook/addon-interactions",
"@storybook/core-server",
"@storybook/telemetry",
"@storybook/vue3"
],
"range": "<=7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/core-common"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@storybook/core-server": {
"name": "@storybook/core-server",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/builder-webpack4",
"@storybook/core-common",
"@storybook/csf-tools",
"@storybook/manager-webpack4",
"@storybook/telemetry",
"cpy",
"express",
"ip",
"webpack"
],
"effects": [
"@storybook/core"
],
"range": "<=8.2.0-beta.3",
"nodes": [
"node_modules/@storybook/core-server"
],
"fixAvailable": true
},
"@storybook/csf-tools": {
"name": "@storybook/csf-tools",
"severity": "high",
"isDirect": false,
"via": [
"@storybook/mdx1-csf"
],
"effects": [
"@storybook/core-server"
],
"range": "6.5.0-alpha.1 - 6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/csf-tools"
],
"fixAvailable": true
},
"@storybook/manager-webpack4": {
"name": "@storybook/manager-webpack4",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core-common",
"css-loader",
"express",
"webpack",
"webpack-dev-middleware"
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/@storybook/manager-webpack4"
],
"fixAvailable": false
},
"@storybook/mdx1-csf": {
"name": "@storybook/mdx1-csf",
"severity": "high",
"isDirect": false,
"via": [
"@mdx-js/mdx"
],
"effects": [
"@storybook/addon-docs",
"@storybook/csf-tools"
],
"range": "*",
"nodes": [
"node_modules/@storybook/mdx1-csf"
],
"fixAvailable": true
},
"@storybook/telemetry": {
"name": "@storybook/telemetry",
"severity": "low",
"isDirect": false,
"via": [
"@storybook/core-common"
],
"effects": [
"@storybook/core-server"
],
"range": "<=7.0.0-rc.11",
"nodes": [
"node_modules/@storybook/telemetry"
],
"fixAvailable": true
},
"@storybook/vue3": {
"name": "@storybook/vue3",
"severity": "high",
"isDirect": true,
"via": [
"@storybook/core",
"@storybook/core-common",
"vue-docgen-loader"
],
"effects": [],
"range": "<=6.5.17-alpha.0",
"nodes": [
"node_modules/@storybook/vue3"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"@wdio/cli": {
"name": "@wdio/cli",
"severity": "high",
"isDirect": true,
"via": [
"webdriverio"
],
"effects": [],
"range": "7.16.5 - 8.40.6",
"nodes": [
"node_modules/@wdio/cli"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"@wdio/local-runner": {
"name": "@wdio/local-runner",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/runner"
],
"effects": [],
"range": "7.16.5 - 8.40.6",
"nodes": [
"node_modules/@wdio/local-runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"@wdio/runner": {
"name": "@wdio/runner",
"severity": "high",
"isDirect": false,
"via": [
"webdriverio"
],
"effects": [
"@wdio/local-runner"
],
"range": "7.16.5 - 8.40.6",
"nodes": [
"node_modules/@wdio/runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"anymatch": {
"name": "anymatch",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar",
"sane"
],
"range": "1.2.0 - 2.0.0",
"nodes": [
"node_modules/sane/node_modules/anymatch",
"node_modules/watchpack-chokidar2/node_modules/anymatch"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"autoprefixer": {
"name": "autoprefixer",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "1.0.20131222 - 9.8.8",
"nodes": [
"node_modules/autoprefixer"
],
"fixAvailable": true
},
"braces": {
"name": "braces",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098094,
"name": "braces",
"dependency": "braces",
"title": "Uncontrolled resource consumption in braces",
"url": "https://github.com/advisories/GHSA-grv7-fg5c-xmjg",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-1050"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.3"
}
],
"effects": [
"chokidar",
"micromatch"
],
"range": "<3.0.3",
"nodes": [
"node_modules/cpy/node_modules/braces",
"node_modules/fork-ts-checker-webpack-plugin/node_modules/braces",
"node_modules/jscodeshift/node_modules/braces",
"node_modules/sane/node_modules/braces",
"node_modules/watchpack-chokidar2/node_modules/braces",
"node_modules/webpack/node_modules/braces"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"browserify-sign": {
"name": "browserify-sign",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": ">=2.4.0",
"nodes": [
"",
"node_modules/browserify-sign"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"chokidar": {
"name": "chokidar",
"severity": "high",
"isDirect": false,
"via": [
"anymatch",
"braces",
"readdirp"
],
"effects": [
"watchpack-chokidar2"
],
"range": "1.3.0 - 2.1.8",
"nodes": [
"node_modules/watchpack-chokidar2/node_modules/chokidar"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"cookie": {
"name": "cookie",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1099846,
"name": "cookie",
"dependency": "cookie",
"title": "cookie accepts cookie name, path, and domain with out of bounds characters",
"url": "https://github.com/advisories/GHSA-pxg6-pf52-xh8x",
"severity": "low",
"cwe": [
"CWE-74"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<0.7.0"
}
],
"effects": [
"express"
],
"range": "<0.7.0",
"nodes": [
""
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"cpy": {
"name": "cpy",
"severity": "moderate",
"isDirect": false,
"via": [
"globby"
],
"effects": [],
"range": "7.0.0 - 8.1.2",
"nodes": [
"node_modules/cpy"
],
"fixAvailable": true
},
"create-ecdh": {
"name": "create-ecdh",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": "*",
"nodes": [
"node_modules/create-ecdh"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"crypto-browserify": {
"name": "crypto-browserify",
"severity": "low",
"isDirect": false,
"via": [
"browserify-sign",
"create-ecdh"
],
"effects": [
"node-libs-browser"
],
"range": ">=3.4.0",
"nodes": [
""
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"css-loader": {
"name": "css-loader",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss",
"postcss-modules-extract-imports",
"postcss-modules-local-by-default",
"postcss-modules-scope",
"postcss-modules-values"
],
"effects": [],
"range": "0.15.0 - 4.3.0",
"nodes": [
"node_modules/css-loader"
],
"fixAvailable": true
},
"devtools": {
"name": "devtools",
"severity": "high",
"isDirect": false,
"via": [
"puppeteer-core"
],
"effects": [],
"range": ">=7.16.5",
"nodes": [
"node_modules/devtools"
],
"fixAvailable": true
},
"elliptic": {
"name": "elliptic",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1100186,
"name": "elliptic",
"dependency": "elliptic",
"title": "Valid ECDSA signatures erroneously rejected in Elliptic",
"url": "https://github.com/advisories/GHSA-fc9h-whq2-v747",
"severity": "low",
"cwe": [
"CWE-347"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<=6.5.7"
}
],
"effects": [
"browserify-sign",
"create-ecdh"
],
"range": "<=6.5.7",
"nodes": [
""
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"express": {
"name": "express",
"severity": "low",
"isDirect": false,
"via": [
"cookie"
],
"effects": [
"@storybook/core-common",
"@storybook/core-server"
],
"range": "3.0.0-alpha1 - 4.21.0 || 5.0.0-alpha.1 - 5.0.0",
"nodes": [
""
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"fast-glob": {
"name": "fast-glob",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"globby"
],
"range": "<=2.2.7",
"nodes": [
"node_modules/cpy/node_modules/fast-glob"
],
"fixAvailable": true
},
"fork-ts-checker-webpack-plugin": {
"name": "fork-ts-checker-webpack-plugin",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [],
"range": "0.4.14 - 4.1.6",
"nodes": [
"node_modules/fork-ts-checker-webpack-plugin"
],
"fixAvailable": true
},
"globby": {
"name": "globby",
"severity": "moderate",
"isDirect": false,
"via": [
"fast-glob"
],
"effects": [
"cpy"
],
"range": "8.0.0 - 9.2.0",
"nodes": [
"node_modules/cpy/node_modules/globby"
],
"fixAvailable": true
},
"icss-utils": {
"name": "icss-utils",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [
"css-loader",
"postcss-modules-local-by-default",
"postcss-modules-values"
],
"range": "<=4.1.1",
"nodes": [
"node_modules/icss-utils"
],
"fixAvailable": true
},
"ip": {
"name": "ip",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1099357,
"name": "ip",
"dependency": "ip",
"title": "ip SSRF improper categorization in isPublic",
"url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp",
"severity": "high",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=2.0.1"
}
],
"effects": [
"@storybook/core-server"
],
"range": "*",
"nodes": [
"node_modules/ip"
],
"fixAvailable": true
},
"jest-haste-map": {
"name": "jest-haste-map",
"severity": "moderate",
"isDirect": false,
"via": [
"sane"
],
"effects": [
"@jest/transform"
],
"range": "24.0.0-alpha.0 - 26.6.2",
"nodes": [
"node_modules/@storybook/addon-docs/node_modules/jest-haste-map"
],
"fixAvailable": true
},
"jscodeshift": {
"name": "jscodeshift",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"vue-docgen-loader"
],
"range": "0.3.20 - 0.13.1",
"nodes": [
"node_modules/jscodeshift"
],
"fixAvailable": true
},
"meow": {
"name": "meow",
"severity": "high",
"isDirect": false,
"via": [
"trim-newlines"
],
"effects": [],
"range": "3.4.0 - 5.0.0",
"nodes": [
"node_modules/default-browser-id/node_modules/meow"
],
"fixAvailable": true
},
"micromatch": {
"name": "micromatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098681,
"name": "micromatch",
"dependency": "micromatch",
"title": "Regular Expression Denial of Service (ReDoS) in micromatch",
"url": "https://github.com/advisories/GHSA-952p-6rrq-rcjv",
"severity": "moderate",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<4.0.8"
},
"braces"
],
"effects": [
"anymatch",
"fast-glob",
"fork-ts-checker-webpack-plugin",
"jscodeshift",
"readdirp",
"sane",
"webpack"
],
"range": "<=4.0.7",
"nodes": [
"node_modules/cpy/node_modules/micromatch",
"node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch",
"node_modules/jscodeshift/node_modules/micromatch",
"node_modules/sane/node_modules/micromatch",
"node_modules/watchpack-chokidar2/node_modules/micromatch",
"node_modules/webpack/node_modules/micromatch"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"mwbot": {
"name": "mwbot",
"severity": "moderate",
"isDirect": false,
"via": [
"request"
],
"effects": [
"wdio-mediawiki"
],
"range": ">=0.1.6",
"nodes": [
"node_modules/mwbot"
],
"fixAvailable": false
},
"node-libs-browser": {
"name": "node-libs-browser",
"severity": "low",
"isDirect": false,
"via": [
"crypto-browserify"
],
"effects": [
"webpack"
],
"range": "0.4.2 || >=1.0.0",
"nodes": [
"node_modules/node-libs-browser"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"postcss": {
"name": "postcss",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1094544,
"name": "postcss",
"dependency": "postcss",
"title": "PostCSS line return parsing error",
"url": "https://github.com/advisories/GHSA-7fh5-64p2-3v2j",
"severity": "moderate",
"cwe": [
"CWE-74",
"CWE-144"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<8.4.31"
}
],
"effects": [
"@storybook/builder-webpack4",
"autoprefixer",
"css-loader",
"icss-utils",
"postcss-flexbugs-fixes",
"postcss-modules-extract-imports",
"postcss-modules-local-by-default",
"postcss-modules-scope",
"postcss-modules-values"
],
"range": "<8.4.31",
"nodes": [
"node_modules/@storybook/builder-webpack4/node_modules/postcss",
"node_modules/autoprefixer/node_modules/postcss",
"node_modules/css-loader/node_modules/postcss",
"node_modules/icss-utils/node_modules/postcss",
"node_modules/postcss-flexbugs-fixes/node_modules/postcss",
"node_modules/postcss-modules-extract-imports/node_modules/postcss",
"node_modules/postcss-modules-local-by-default/node_modules/postcss",
"node_modules/postcss-modules-scope/node_modules/postcss",
"node_modules/postcss-modules-values/node_modules/postcss"
],
"fixAvailable": false
},
"postcss-flexbugs-fixes": {
"name": "postcss-flexbugs-fixes",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=4.2.1",
"nodes": [
"node_modules/postcss-flexbugs-fixes"
],
"fixAvailable": true
},
"postcss-modules-extract-imports": {
"name": "postcss-modules-extract-imports",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.0.0",
"nodes": [
"node_modules/postcss-modules-extract-imports"
],
"fixAvailable": true
},
"postcss-modules-local-by-default": {
"name": "postcss-modules-local-by-default",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss"
],
"effects": [],
"range": "<=4.0.0-rc.4",
"nodes": [
"node_modules/postcss-modules-local-by-default"
],
"fixAvailable": true
},
"postcss-modules-scope": {
"name": "postcss-modules-scope",
"severity": "moderate",
"isDirect": false,
"via": [
"postcss"
],
"effects": [],
"range": "<=2.2.0",
"nodes": [
"node_modules/postcss-modules-scope"
],
"fixAvailable": true
},
"postcss-modules-values": {
"name": "postcss-modules-values",
"severity": "moderate",
"isDirect": false,
"via": [
"icss-utils",
"postcss"
],
"effects": [
"css-loader"
],
"range": "<=4.0.0-rc.5",
"nodes": [
"node_modules/postcss-modules-values"
],
"fixAvailable": true
},
"puppeteer-core": {
"name": "puppeteer-core",
"severity": "high",
"isDirect": false,
"via": [
"ws"
],
"effects": [
"devtools",
"webdriverio"
],
"range": "11.0.0 - 22.11.1",
"nodes": [
"node_modules/puppeteer-core"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"readdirp": {
"name": "readdirp",
"severity": "moderate",
"isDirect": false,
"via": [
"micromatch"
],
"effects": [
"chokidar"
],
"range": "2.2.0 - 2.2.1",
"nodes": [
"node_modules/watchpack-chokidar2/node_modules/readdirp"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"remark-mdx": {
"name": "remark-mdx",
"severity": "high",
"isDirect": false,
"via": [
"remark-parse"
],
"effects": [
"@mdx-js/mdx"
],
"range": "<=1.6.22",
"nodes": [
"node_modules/remark-mdx"
],
"fixAvailable": true
},
"remark-parse": {
"name": "remark-parse",
"severity": "high",
"isDirect": false,
"via": [
"trim"
],
"effects": [
"@mdx-js/mdx",
"remark-mdx"
],
"range": "<=8.0.3",
"nodes": [
"node_modules/remark-parse"
],
"fixAvailable": true
},
"request": {
"name": "request",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"tough-cookie"
],
"effects": [
"mwbot"
],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": false
},
"sane": {
"name": "sane",
"severity": "moderate",
"isDirect": false,
"via": [
"anymatch",
"micromatch"
],
"effects": [
"jest-haste-map"
],
"range": "1.5.0 - 4.1.0",
"nodes": [
"node_modules/sane"
],
"fixAvailable": true
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097682,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/request/node_modules/tough-cookie"
],
"fixAvailable": false
},
"trim": {
"name": "trim",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1089867,
"name": "trim",
"dependency": "trim",
"title": "Regular Expression Denial of Service in trim",
"url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<0.0.3"
}
],
"effects": [
"remark-parse"
],
"range": "<0.0.3",
"nodes": [
"node_modules/trim"
],
"fixAvailable": true
},
"trim-newlines": {
"name": "trim-newlines",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095100,
"name": "trim-newlines",
"dependency": "trim-newlines",
"title": "Uncontrolled Resource Consumption in trim-newlines",
"url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.1"
}
],
"effects": [
"meow"
],
"range": "<3.0.1",
"nodes": [
"node_modules/default-browser-id/node_modules/trim-newlines"
],
"fixAvailable": true
},
"vue-docgen-loader": {
"name": "vue-docgen-loader",
"severity": "moderate",
"isDirect": false,
"via": [
"jscodeshift"
],
"effects": [],
"range": ">=1.3.0-beta.0",
"nodes": [
"node_modules/vue-docgen-loader"
],
"fixAvailable": true
},
"watchpack": {
"name": "watchpack",
"severity": "high",
"isDirect": false,
"via": [
"watchpack-chokidar2"
],
"effects": [
"webpack"
],
"range": "1.7.2 - 1.7.5",
"nodes": [
"node_modules/webpack/node_modules/watchpack"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"watchpack-chokidar2": {
"name": "watchpack-chokidar2",
"severity": "high",
"isDirect": false,
"via": [
"chokidar"
],
"effects": [
"watchpack"
],
"range": "*",
"nodes": [
"node_modules/watchpack-chokidar2"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"wdio-mediawiki": {
"name": "wdio-mediawiki",
"severity": "moderate",
"isDirect": true,
"via": [
"mwbot"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/wdio-mediawiki"
],
"fixAvailable": false
},
"webdriverio": {
"name": "webdriverio",
"severity": "high",
"isDirect": false,
"via": [
"devtools",
"puppeteer-core"
],
"effects": [
"@wdio/cli",
"@wdio/runner"
],
"range": "7.16.5 - 8.40.6",
"nodes": [
"node_modules/webdriverio"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.2.1",
"isSemVerMajor": true
}
},
"webpack": {
"name": "webpack",
"severity": "high",
"isDirect": false,
"via": [
"micromatch",
"node-libs-browser",
"watchpack"
],
"effects": [
"@storybook/core-common"
],
"range": "2.0.0-beta - 5.0.0-rc.6",
"nodes": [
"node_modules/webpack"
],
"fixAvailable": {
"name": "@storybook/vue3",
"version": "8.3.6",
"isSemVerMajor": true
}
},
"webpack-dev-middleware": {
"name": "webpack-dev-middleware",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1096729,
"name": "webpack-dev-middleware",
"dependency": "webpack-dev-middleware",
"title": "Path traversal in webpack-dev-middleware",
"url": "https://github.com/advisories/GHSA-wr3j-pwj9-hqq6",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 7.4,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"
},
"range": "<=5.3.3"
}
],
"effects": [
"@storybook/manager-webpack4"
],
"range": "<=5.3.3",
"nodes": [
"node_modules/webpack-dev-middleware"
],
"fixAvailable": false
},
"ws": {
"name": "ws",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098392,
"name": "ws",
"dependency": "ws",
"title": "ws affected by a DoS when handling a request with many HTTP headers",
"url": "https://github.com/advisories/GHSA-3h5v-q93c-6h6q",
"severity": "high",
"cwe": [
"CWE-476"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=8.0.0 <8.17.1"
}
],
"effects": [
"puppeteer-core"
],
"range": "8.0.0 - 8.17.0",
"nodes": [
"node_modules/puppeteer-core/node_modules/ws"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.2.1",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 11,
"moderate": 25,
"high": 29,
"critical": 0,
"total": 65
},
"dependencies": {
"prod": 1,
"dev": 2529,
"optional": 58,
"peer": 0,
"peerOptional": 0,
"total": 2529
}
}
}
}
--- end ---
{"added": 2529, "removed": 0, "changed": 0, "audited": 2530, "funding": 334, "audit": {"auditReportVersion": 2, "vulnerabilities": {"@jest/transform": {"name": "@jest/transform", "severity": "moderate", "isDirect": false, "via": ["jest-haste-map"], "effects": ["@storybook/addon-docs"], "range": "<=26.6.2", "nodes": ["node_modules/@storybook/addon-docs/node_modules/@jest/transform"], "fixAvailable": true}, "@mdx-js/mdx": {"name": "@mdx-js/mdx", "severity": "high", "isDirect": false, "via": ["remark-mdx", "remark-parse"], "effects": ["@storybook/mdx1-csf"], "range": "<=1.6.22", "nodes": ["node_modules/@mdx-js/mdx"], "fixAvailable": true}, "@storybook/addon-controls": {"name": "@storybook/addon-controls", "severity": "low", "isDirect": false, "via": ["@storybook/core-common"], "effects": ["@storybook/addon-essentials"], "range": "6.4.0-alpha.0 - 7.0.0-rc.11", "nodes": ["node_modules/@storybook/addon-controls"], "fixAvailable": {"name": "@storybook/addon-essentials", "version": "8.3.6", "isSemVerMajor": true}}, "@storybook/addon-docs": {"name": "@storybook/addon-docs", "severity": "high", "isDirect": false, "via": ["@jest/transform", "@storybook/core-common", "@storybook/mdx1-csf"], "effects": [], "range": "5.3.0-alpha.0 - 7.0.3 || 7.1.0-alpha.0 - 7.1.0-rc.2", "nodes": ["node_modules/@storybook/addon-docs"], "fixAvailable": true}, "@storybook/addon-essentials": {"name": "@storybook/addon-essentials", "severity": "low", "isDirect": true, "via": ["@storybook/addon-controls", "@storybook/addon-docs", "@storybook/core-common"], "effects": [], "range": "6.4.0-alpha.0 - 7.0.0-rc.11", "nodes": ["node_modules/@storybook/addon-essentials"], "fixAvailable": {"name": "@storybook/addon-essentials", "version": "8.3.6", "isSemVerMajor": true}}, "@storybook/addon-interactions": {"name": "@storybook/addon-interactions", "severity": "low", "isDirect": true, "via": ["@storybook/core-common"], "effects": [], "range": "<=7.0.0-rc.11", "nodes": ["node_modules/@storybook/addon-interactions"], "fixAvailable": {"name": "@storybook/addon-interactions", "version": "8.3.6", "isSemVerMajor": true}}, "@storybook/builder-webpack4": {"name": "@storybook/builder-webpack4", "severity": "high", "isDirect": true, "via": ["@storybook/core-common", "autoprefixer", "css-loader", "fork-ts-checker-webpack-plugin", "postcss", "postcss-flexbugs-fixes", "webpack", "webpack-dev-middleware"], "effects": ["@storybook/core-server"], "range": "*", "nodes": ["node_modules/@storybook/builder-webpack4"], "fixAvailable": false}, "@storybook/core": {"name": "@storybook/core", "severity": "high", "isDirect": false, "via": ["@storybook/core-server"], "effects": [], "range": "6.2.0-alpha.0 - 6.5.17-alpha.0", "nodes": ["node_modules/@storybook/core"], "fixAvailable": true}, "@storybook/core-common": {"name": "@storybook/core-common", "severity": "moderate", "isDirect": false, "via": ["express", "webpack"], "effects": ["@storybook/addon-controls", "@storybook/addon-docs", "@storybook/addon-essentials", "@storybook/addon-interactions", "@storybook/core-server", "@storybook/telemetry", "@storybook/vue3"], "range": "<=7.0.0-rc.11", "nodes": ["node_modules/@storybook/core-common"], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "@storybook/core-server": {"name": "@storybook/core-server", "severity": "high", "isDirect": false, "via": ["@storybook/builder-webpack4", "@storybook/core-common", "@storybook/csf-tools", "@storybook/manager-webpack4", "@storybook/telemetry", "cpy", "express", "ip", "webpack"], "effects": ["@storybook/core"], "range": "<=8.2.0-beta.3", "nodes": ["node_modules/@storybook/core-server"], "fixAvailable": true}, "@storybook/csf-tools": {"name": "@storybook/csf-tools", "severity": "high", "isDirect": false, "via": ["@storybook/mdx1-csf"], "effects": ["@storybook/core-server"], "range": "6.5.0-alpha.1 - 6.5.17-alpha.0", "nodes": ["node_modules/@storybook/csf-tools"], "fixAvailable": true}, "@storybook/manager-webpack4": {"name": "@storybook/manager-webpack4", "severity": "high", "isDirect": true, "via": ["@storybook/core-common", "css-loader", "express", "webpack", "webpack-dev-middleware"], "effects": ["@storybook/core-server"], "range": "*", "nodes": ["node_modules/@storybook/manager-webpack4"], "fixAvailable": false}, "@storybook/mdx1-csf": {"name": "@storybook/mdx1-csf", "severity": "high", "isDirect": false, "via": ["@mdx-js/mdx"], "effects": ["@storybook/addon-docs", "@storybook/csf-tools"], "range": "*", "nodes": ["node_modules/@storybook/mdx1-csf"], "fixAvailable": true}, "@storybook/telemetry": {"name": "@storybook/telemetry", "severity": "low", "isDirect": false, "via": ["@storybook/core-common"], "effects": ["@storybook/core-server"], "range": "<=7.0.0-rc.11", "nodes": ["node_modules/@storybook/telemetry"], "fixAvailable": true}, "@storybook/vue3": {"name": "@storybook/vue3", "severity": "high", "isDirect": true, "via": ["@storybook/core", "@storybook/core-common", "vue-docgen-loader"], "effects": [], "range": "<=6.5.17-alpha.0", "nodes": ["node_modules/@storybook/vue3"], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "@wdio/cli": {"name": "@wdio/cli", "severity": "high", "isDirect": true, "via": ["webdriverio"], "effects": [], "range": "7.16.5 - 8.40.6", "nodes": ["node_modules/@wdio/cli"], "fixAvailable": {"name": "@wdio/cli", "version": "9.2.1", "isSemVerMajor": true}}, "@wdio/local-runner": {"name": "@wdio/local-runner", "severity": "high", "isDirect": true, "via": ["@wdio/runner"], "effects": [], "range": "7.16.5 - 8.40.6", "nodes": ["node_modules/@wdio/local-runner"], "fixAvailable": {"name": "@wdio/local-runner", "version": "9.2.1", "isSemVerMajor": true}}, "@wdio/runner": {"name": "@wdio/runner", "severity": "high", "isDirect": false, "via": ["webdriverio"], "effects": ["@wdio/local-runner"], "range": "7.16.5 - 8.40.6", "nodes": ["node_modules/@wdio/runner"], "fixAvailable": {"name": "@wdio/local-runner", "version": "9.2.1", "isSemVerMajor": true}}, "anymatch": {"name": "anymatch", "severity": "moderate", "isDirect": false, "via": ["micromatch"], "effects": ["chokidar", "sane"], "range": "1.2.0 - 2.0.0", "nodes": ["node_modules/sane/node_modules/anymatch", "node_modules/watchpack-chokidar2/node_modules/anymatch"], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "autoprefixer": {"name": "autoprefixer", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "1.0.20131222 - 9.8.8", "nodes": ["node_modules/autoprefixer"], "fixAvailable": true}, "braces": {"name": "braces", "severity": "high", "isDirect": false, "via": [{"source": 1098094, "name": "braces", "dependency": "braces", "title": "Uncontrolled resource consumption in braces", "url": "https://github.com/advisories/GHSA-grv7-fg5c-xmjg", "severity": "high", "cwe": ["CWE-400", "CWE-1050"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.3"}], "effects": ["chokidar", "micromatch"], "range": "<3.0.3", "nodes": ["node_modules/cpy/node_modules/braces", "node_modules/fork-ts-checker-webpack-plugin/node_modules/braces", "node_modules/jscodeshift/node_modules/braces", "node_modules/sane/node_modules/braces", "node_modules/watchpack-chokidar2/node_modules/braces", "node_modules/webpack/node_modules/braces"], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "browserify-sign": {"name": "browserify-sign", "severity": "low", "isDirect": false, "via": ["elliptic"], "effects": ["crypto-browserify"], "range": ">=2.4.0", "nodes": ["", "node_modules/browserify-sign"], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "chokidar": {"name": "chokidar", "severity": "high", "isDirect": false, "via": ["anymatch", "braces", "readdirp"], "effects": ["watchpack-chokidar2"], "range": "1.3.0 - 2.1.8", "nodes": ["node_modules/watchpack-chokidar2/node_modules/chokidar"], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "cookie": {"name": "cookie", "severity": "low", "isDirect": false, "via": [{"source": 1099846, "name": "cookie", "dependency": "cookie", "title": "cookie accepts cookie name, path, and domain with out of bounds characters", "url": "https://github.com/advisories/GHSA-pxg6-pf52-xh8x", "severity": "low", "cwe": ["CWE-74"], "cvss": {"score": 0, "vectorString": null}, "range": "<0.7.0"}], "effects": ["express"], "range": "<0.7.0", "nodes": [""], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "cpy": {"name": "cpy", "severity": "moderate", "isDirect": false, "via": ["globby"], "effects": [], "range": "7.0.0 - 8.1.2", "nodes": ["node_modules/cpy"], "fixAvailable": true}, "create-ecdh": {"name": "create-ecdh", "severity": "low", "isDirect": false, "via": ["elliptic"], "effects": ["crypto-browserify"], "range": "*", "nodes": ["node_modules/create-ecdh"], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "crypto-browserify": {"name": "crypto-browserify", "severity": "low", "isDirect": false, "via": ["browserify-sign", "create-ecdh"], "effects": ["node-libs-browser"], "range": ">=3.4.0", "nodes": [""], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "css-loader": {"name": "css-loader", "severity": "moderate", "isDirect": false, "via": ["icss-utils", "postcss", "postcss-modules-extract-imports", "postcss-modules-local-by-default", "postcss-modules-scope", "postcss-modules-values"], "effects": [], "range": "0.15.0 - 4.3.0", "nodes": ["node_modules/css-loader"], "fixAvailable": true}, "devtools": {"name": "devtools", "severity": "high", "isDirect": false, "via": ["puppeteer-core"], "effects": [], "range": ">=7.16.5", "nodes": ["node_modules/devtools"], "fixAvailable": true}, "elliptic": {"name": "elliptic", "severity": "low", "isDirect": false, "via": [{"source": 1100186, "name": "elliptic", "dependency": "elliptic", "title": "Valid ECDSA signatures erroneously rejected in Elliptic", "url": "https://github.com/advisories/GHSA-fc9h-whq2-v747", "severity": "low", "cwe": ["CWE-347"], "cvss": {"score": 0, "vectorString": null}, "range": "<=6.5.7"}], "effects": ["browserify-sign", "create-ecdh"], "range": "<=6.5.7", "nodes": [""], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "express": {"name": "express", "severity": "low", "isDirect": false, "via": ["cookie"], "effects": ["@storybook/core-common", "@storybook/core-server"], "range": "3.0.0-alpha1 - 4.21.0 || 5.0.0-alpha.1 - 5.0.0", "nodes": [""], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "fast-glob": {"name": "fast-glob", "severity": "moderate", "isDirect": false, "via": ["micromatch"], "effects": ["globby"], "range": "<=2.2.7", "nodes": ["node_modules/cpy/node_modules/fast-glob"], "fixAvailable": true}, "fork-ts-checker-webpack-plugin": {"name": "fork-ts-checker-webpack-plugin", "severity": "moderate", "isDirect": false, "via": ["micromatch"], "effects": [], "range": "0.4.14 - 4.1.6", "nodes": ["node_modules/fork-ts-checker-webpack-plugin"], "fixAvailable": true}, "globby": {"name": "globby", "severity": "moderate", "isDirect": false, "via": ["fast-glob"], "effects": ["cpy"], "range": "8.0.0 - 9.2.0", "nodes": ["node_modules/cpy/node_modules/globby"], "fixAvailable": true}, "icss-utils": {"name": "icss-utils", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": ["css-loader", "postcss-modules-local-by-default", "postcss-modules-values"], "range": "<=4.1.1", "nodes": ["node_modules/icss-utils"], "fixAvailable": true}, "ip": {"name": "ip", "severity": "high", "isDirect": false, "via": [{"source": 1099357, "name": "ip", "dependency": "ip", "title": "ip SSRF improper categorization in isPublic", "url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp", "severity": "high", "cwe": ["CWE-918"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": "<=2.0.1"}], "effects": ["@storybook/core-server"], "range": "*", "nodes": ["node_modules/ip"], "fixAvailable": true}, "jest-haste-map": {"name": "jest-haste-map", "severity": "moderate", "isDirect": false, "via": ["sane"], "effects": ["@jest/transform"], "range": "24.0.0-alpha.0 - 26.6.2", "nodes": ["node_modules/@storybook/addon-docs/node_modules/jest-haste-map"], "fixAvailable": true}, "jscodeshift": {"name": "jscodeshift", "severity": "moderate", "isDirect": false, "via": ["micromatch"], "effects": ["vue-docgen-loader"], "range": "0.3.20 - 0.13.1", "nodes": ["node_modules/jscodeshift"], "fixAvailable": true}, "meow": {"name": "meow", "severity": "high", "isDirect": false, "via": ["trim-newlines"], "effects": [], "range": "3.4.0 - 5.0.0", "nodes": ["node_modules/default-browser-id/node_modules/meow"], "fixAvailable": true}, "micromatch": {"name": "micromatch", "severity": "high", "isDirect": false, "via": [{"source": 1098681, "name": "micromatch", "dependency": "micromatch", "title": "Regular Expression Denial of Service (ReDoS) in micromatch", "url": "https://github.com/advisories/GHSA-952p-6rrq-rcjv", "severity": "moderate", "cwe": ["CWE-1333"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<4.0.8"}, "braces"], "effects": ["anymatch", "fast-glob", "fork-ts-checker-webpack-plugin", "jscodeshift", "readdirp", "sane", "webpack"], "range": "<=4.0.7", "nodes": ["node_modules/cpy/node_modules/micromatch", "node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch", "node_modules/jscodeshift/node_modules/micromatch", "node_modules/sane/node_modules/micromatch", "node_modules/watchpack-chokidar2/node_modules/micromatch", "node_modules/webpack/node_modules/micromatch"], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "mwbot": {"name": "mwbot", "severity": "moderate", "isDirect": false, "via": ["request"], "effects": ["wdio-mediawiki"], "range": ">=0.1.6", "nodes": ["node_modules/mwbot"], "fixAvailable": false}, "node-libs-browser": {"name": "node-libs-browser", "severity": "low", "isDirect": false, "via": ["crypto-browserify"], "effects": ["webpack"], "range": "0.4.2 || >=1.0.0", "nodes": ["node_modules/node-libs-browser"], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "postcss": {"name": "postcss", "severity": "moderate", "isDirect": false, "via": [{"source": 1094544, "name": "postcss", "dependency": "postcss", "title": "PostCSS line return parsing error", "url": "https://github.com/advisories/GHSA-7fh5-64p2-3v2j", "severity": "moderate", "cwe": ["CWE-74", "CWE-144"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "range": "<8.4.31"}], "effects": ["@storybook/builder-webpack4", "autoprefixer", "css-loader", "icss-utils", "postcss-flexbugs-fixes", "postcss-modules-extract-imports", "postcss-modules-local-by-default", "postcss-modules-scope", "postcss-modules-values"], "range": "<8.4.31", "nodes": ["node_modules/@storybook/builder-webpack4/node_modules/postcss", "node_modules/autoprefixer/node_modules/postcss", "node_modules/css-loader/node_modules/postcss", "node_modules/icss-utils/node_modules/postcss", "node_modules/postcss-flexbugs-fixes/node_modules/postcss", "node_modules/postcss-modules-extract-imports/node_modules/postcss", "node_modules/postcss-modules-local-by-default/node_modules/postcss", "node_modules/postcss-modules-scope/node_modules/postcss", "node_modules/postcss-modules-values/node_modules/postcss"], "fixAvailable": false}, "postcss-flexbugs-fixes": {"name": "postcss-flexbugs-fixes", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=4.2.1", "nodes": ["node_modules/postcss-flexbugs-fixes"], "fixAvailable": true}, "postcss-modules-extract-imports": {"name": "postcss-modules-extract-imports", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=2.0.0", "nodes": ["node_modules/postcss-modules-extract-imports"], "fixAvailable": true}, "postcss-modules-local-by-default": {"name": "postcss-modules-local-by-default", "severity": "moderate", "isDirect": false, "via": ["icss-utils", "postcss"], "effects": [], "range": "<=4.0.0-rc.4", "nodes": ["node_modules/postcss-modules-local-by-default"], "fixAvailable": true}, "postcss-modules-scope": {"name": "postcss-modules-scope", "severity": "moderate", "isDirect": false, "via": ["postcss"], "effects": [], "range": "<=2.2.0", "nodes": ["node_modules/postcss-modules-scope"], "fixAvailable": true}, "postcss-modules-values": {"name": "postcss-modules-values", "severity": "moderate", "isDirect": false, "via": ["icss-utils", "postcss"], "effects": ["css-loader"], "range": "<=4.0.0-rc.5", "nodes": ["node_modules/postcss-modules-values"], "fixAvailable": true}, "puppeteer-core": {"name": "puppeteer-core", "severity": "high", "isDirect": false, "via": ["ws"], "effects": ["devtools", "webdriverio"], "range": "11.0.0 - 22.11.1", "nodes": ["node_modules/puppeteer-core"], "fixAvailable": {"name": "@wdio/cli", "version": "9.2.1", "isSemVerMajor": true}}, "readdirp": {"name": "readdirp", "severity": "moderate", "isDirect": false, "via": ["micromatch"], "effects": ["chokidar"], "range": "2.2.0 - 2.2.1", "nodes": ["node_modules/watchpack-chokidar2/node_modules/readdirp"], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "remark-mdx": {"name": "remark-mdx", "severity": "high", "isDirect": false, "via": ["remark-parse"], "effects": ["@mdx-js/mdx"], "range": "<=1.6.22", "nodes": ["node_modules/remark-mdx"], "fixAvailable": true}, "remark-parse": {"name": "remark-parse", "severity": "high", "isDirect": false, "via": ["trim"], "effects": ["@mdx-js/mdx", "remark-mdx"], "range": "<=8.0.3", "nodes": ["node_modules/remark-parse"], "fixAvailable": true}, "request": {"name": "request", "severity": "moderate", "isDirect": false, "via": [{"source": 1096727, "name": "request", "dependency": "request", "title": "Server-Side Request Forgery in Request", "url": "https://github.com/advisories/GHSA-p8p7-x288-28g6", "severity": "moderate", "cwe": ["CWE-918"], "cvss": {"score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "range": "<=2.88.2"}, "tough-cookie"], "effects": ["mwbot"], "range": "*", "nodes": ["node_modules/request"], "fixAvailable": false}, "sane": {"name": "sane", "severity": "moderate", "isDirect": false, "via": ["anymatch", "micromatch"], "effects": ["jest-haste-map"], "range": "1.5.0 - 4.1.0", "nodes": ["node_modules/sane"], "fixAvailable": true}, "tough-cookie": {"name": "tough-cookie", "severity": "moderate", "isDirect": false, "via": [{"source": 1097682, "name": "tough-cookie", "dependency": "tough-cookie", "title": "tough-cookie Prototype Pollution vulnerability", "url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}, "range": "<4.1.3"}], "effects": ["request"], "range": "<4.1.3", "nodes": ["node_modules/request/node_modules/tough-cookie"], "fixAvailable": false}, "trim": {"name": "trim", "severity": "high", "isDirect": false, "via": [{"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}], "effects": ["remark-parse"], "range": "<0.0.3", "nodes": ["node_modules/trim"], "fixAvailable": true}, "trim-newlines": {"name": "trim-newlines", "severity": "high", "isDirect": false, "via": [{"source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.1"}], "effects": ["meow"], "range": "<3.0.1", "nodes": ["node_modules/default-browser-id/node_modules/trim-newlines"], "fixAvailable": true}, "vue-docgen-loader": {"name": "vue-docgen-loader", "severity": "moderate", "isDirect": false, "via": ["jscodeshift"], "effects": [], "range": ">=1.3.0-beta.0", "nodes": ["node_modules/vue-docgen-loader"], "fixAvailable": true}, "watchpack": {"name": "watchpack", "severity": "high", "isDirect": false, "via": ["watchpack-chokidar2"], "effects": ["webpack"], "range": "1.7.2 - 1.7.5", "nodes": ["node_modules/webpack/node_modules/watchpack"], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "watchpack-chokidar2": {"name": "watchpack-chokidar2", "severity": "high", "isDirect": false, "via": ["chokidar"], "effects": ["watchpack"], "range": "*", "nodes": ["node_modules/watchpack-chokidar2"], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "wdio-mediawiki": {"name": "wdio-mediawiki", "severity": "moderate", "isDirect": true, "via": ["mwbot"], "effects": [], "range": "*", "nodes": ["node_modules/wdio-mediawiki"], "fixAvailable": false}, "webdriverio": {"name": "webdriverio", "severity": "high", "isDirect": false, "via": ["devtools", "puppeteer-core"], "effects": ["@wdio/cli", "@wdio/runner"], "range": "7.16.5 - 8.40.6", "nodes": ["node_modules/webdriverio"], "fixAvailable": {"name": "@wdio/cli", "version": "9.2.1", "isSemVerMajor": true}}, "webpack": {"name": "webpack", "severity": "high", "isDirect": false, "via": ["micromatch", "node-libs-browser", "watchpack"], "effects": ["@storybook/core-common"], "range": "2.0.0-beta - 5.0.0-rc.6", "nodes": ["node_modules/webpack"], "fixAvailable": {"name": "@storybook/vue3", "version": "8.3.6", "isSemVerMajor": true}}, "webpack-dev-middleware": {"name": "webpack-dev-middleware", "severity": "high", "isDirect": false, "via": [{"source": 1096729, "name": "webpack-dev-middleware", "dependency": "webpack-dev-middleware", "title": "Path traversal in webpack-dev-middleware", "url": "https://github.com/advisories/GHSA-wr3j-pwj9-hqq6", "severity": "high", "cwe": ["CWE-22"], "cvss": {"score": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"}, "range": "<=5.3.3"}], "effects": ["@storybook/manager-webpack4"], "range": "<=5.3.3", "nodes": ["node_modules/webpack-dev-middleware"], "fixAvailable": false}, "ws": {"name": "ws", "severity": "high", "isDirect": false, "via": [{"source": 1098392, "name": "ws", "dependency": "ws", "title": "ws affected by a DoS when handling a request with many HTTP headers", "url": "https://github.com/advisories/GHSA-3h5v-q93c-6h6q", "severity": "high", "cwe": ["CWE-476"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=8.0.0 <8.17.1"}], "effects": ["puppeteer-core"], "range": "8.0.0 - 8.17.0", "nodes": ["node_modules/puppeteer-core/node_modules/ws"], "fixAvailable": {"name": "@wdio/cli", "version": "9.2.1", "isSemVerMajor": true}}}, "metadata": {"vulnerabilities": {"info": 0, "low": 11, "moderate": 25, "high": 29, "critical": 0, "total": 65}, "dependencies": {"prod": 1, "dev": 2529, "optional": 58, "peer": 0, "peerOptional": 0, "total": 2529}}}}
$ /usr/bin/npm audit fix --only=dev
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: '@es-joy/jsdoccomment@0.23.6',
npm WARN EBADENGINE required: { node: '^12 || ^14 || ^16 || ^17' },
npm WARN EBADENGINE current: { node: 'v18.19.0', npm: '9.2.0' }
npm WARN EBADENGINE }
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: 'eslint-plugin-jsdoc@39.2.2',
npm WARN EBADENGINE required: { node: '^14 || ^16 || ^17' },
npm WARN EBADENGINE current: { node: 'v18.19.0', npm: '9.2.0' }
npm WARN EBADENGINE }
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: 'wdio-mediawiki@2.5.0',
npm WARN EBADENGINE required: { node: '>=18.17.0', npm: '>=9.6.7' },
npm WARN EBADENGINE current: { node: 'v18.19.0', npm: '9.2.0' }
npm WARN EBADENGINE }
npm WARN deprecated @npmcli/move-file@1.1.2: This functionality has been moved to @npmcli/fs
npm WARN deprecated stable@0.1.8: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility
npm WARN deprecated source-map-url@0.4.1: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated trim@0.0.1: Use String.prototype.trim() instead
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated uuid-browser@3.1.0: Package no longer supported and required. Use the uuid package or crypto.randomUUID instead
npm WARN deprecated source-map-resolve@0.5.3: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated querystring@0.2.1: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated sane@4.1.0: some dependency vulnerabilities fixed, support for node < 10 dropped, and newer ECMAScript syntax/features added
npm WARN deprecated chokidar@2.1.8: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated stylelint-stylistic@0.4.3: This package has been deprecated in favor of @stylistic/stylelint-plugin
--- stdout ---
added 2524 packages, and audited 2525 packages in 38s
334 packages are looking for funding
run `npm fund` for details
# npm audit report
braces <3.0.3
Severity: high
Uncontrolled resource consumption in braces - https://github.com/advisories/GHSA-grv7-fg5c-xmjg
fix available via `npm audit fix --force`
Will install @storybook/vue3@8.3.6, which is a breaking change
node_modules/cpy/node_modules/braces
node_modules/fork-ts-checker-webpack-plugin/node_modules/braces
node_modules/jscodeshift/node_modules/braces
node_modules/sane/node_modules/braces
node_modules/watchpack-chokidar2/node_modules/braces
node_modules/webpack/node_modules/braces
chokidar 1.3.0 - 2.1.8
Depends on vulnerable versions of anymatch
Depends on vulnerable versions of braces
Depends on vulnerable versions of readdirp
node_modules/watchpack-chokidar2/node_modules/chokidar
watchpack-chokidar2 *
Depends on vulnerable versions of chokidar
node_modules/watchpack-chokidar2
watchpack 1.7.2 - 1.7.5
Depends on vulnerable versions of watchpack-chokidar2
node_modules/webpack/node_modules/watchpack
webpack 4.0.0-alpha.0 - 5.0.0-rc.6
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of watchpack
node_modules/webpack
@storybook/core-common <=6.5.17-alpha.0
Depends on vulnerable versions of webpack
node_modules/@storybook/core-common
@storybook/addon-controls 6.4.0-alpha.0 - 6.5.17-alpha.0
Depends on vulnerable versions of @storybook/core-common
node_modules/@storybook/addon-controls
@storybook/addon-essentials 6.4.0-alpha.0 - 6.5.17-alpha.0
Depends on vulnerable versions of @storybook/addon-controls
Depends on vulnerable versions of @storybook/addon-docs
Depends on vulnerable versions of @storybook/core-common
node_modules/@storybook/addon-essentials
@storybook/addon-docs 5.3.0-alpha.0 - 7.0.3 || 7.1.0-alpha.0 - 7.1.0-rc.2
Depends on vulnerable versions of @jest/transform
Depends on vulnerable versions of @storybook/core-common
Depends on vulnerable versions of @storybook/mdx1-csf
node_modules/@storybook/addon-docs
@storybook/addon-interactions <=6.5.17-alpha.0
Depends on vulnerable versions of @storybook/core-common
node_modules/@storybook/addon-interactions
@storybook/telemetry <=6.5.17-alpha.0
Depends on vulnerable versions of @storybook/core-common
node_modules/@storybook/telemetry
@storybook/core-server <=7.6.19 || 8.0.0-alpha.0 - 8.1.5 || 8.2.0-alpha.0 - 8.2.0-beta.3
Depends on vulnerable versions of @storybook/builder-webpack4
Depends on vulnerable versions of @storybook/core-common
Depends on vulnerable versions of @storybook/csf-tools
Depends on vulnerable versions of @storybook/manager-webpack4
Depends on vulnerable versions of @storybook/telemetry
Depends on vulnerable versions of cpy
Depends on vulnerable versions of ip
Depends on vulnerable versions of webpack
node_modules/@storybook/core-server
@storybook/core 6.2.0-alpha.0 - 6.5.17-alpha.0
Depends on vulnerable versions of @storybook/core-server
node_modules/@storybook/core
micromatch <=4.0.7
Depends on vulnerable versions of braces
node_modules/cpy/node_modules/micromatch
node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch
node_modules/jscodeshift/node_modules/micromatch
node_modules/sane/node_modules/micromatch
node_modules/watchpack-chokidar2/node_modules/micromatch
node_modules/webpack/node_modules/micromatch
anymatch 1.2.0 - 2.0.0
Depends on vulnerable versions of micromatch
node_modules/sane/node_modules/anymatch
node_modules/watchpack-chokidar2/node_modules/anymatch
sane 1.5.0 - 4.1.0
Depends on vulnerable versions of anymatch
Depends on vulnerable versions of micromatch
node_modules/sane
jest-haste-map 24.0.0-alpha.0 - 26.6.2
Depends on vulnerable versions of sane
node_modules/@storybook/addon-docs/node_modules/jest-haste-map
@jest/transform <=26.6.2
Depends on vulnerable versions of jest-haste-map
node_modules/@storybook/addon-docs/node_modules/@jest/transform
fast-glob <=2.2.7
Depends on vulnerable versions of micromatch
node_modules/cpy/node_modules/fast-glob
globby 8.0.0 - 9.2.0
Depends on vulnerable versions of fast-glob
node_modules/cpy/node_modules/globby
cpy 7.0.0 - 8.1.2
Depends on vulnerable versions of globby
node_modules/cpy
fork-ts-checker-webpack-plugin 0.4.14 - 4.1.6
Depends on vulnerable versions of micromatch
node_modules/fork-ts-checker-webpack-plugin
jscodeshift 0.3.20 - 0.13.1
Depends on vulnerable versions of micromatch
node_modules/jscodeshift
vue-docgen-loader >=1.3.0-beta.0
Depends on vulnerable versions of jscodeshift
node_modules/vue-docgen-loader
@storybook/vue3 <=6.5.17-alpha.0
Depends on vulnerable versions of @storybook/core
Depends on vulnerable versions of @storybook/core-common
Depends on vulnerable versions of vue-docgen-loader
node_modules/@storybook/vue3
readdirp 2.2.0 - 2.2.1
Depends on vulnerable versions of micromatch
node_modules/watchpack-chokidar2/node_modules/readdirp
ip *
Severity: high
ip SSRF improper categorization in isPublic - https://github.com/advisories/GHSA-2p57-rm9w-gvfp
fix available via `npm audit fix`
node_modules/ip
postcss <8.4.31
Severity: moderate
PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j
No fix available
node_modules/@storybook/builder-webpack4/node_modules/postcss
node_modules/autoprefixer/node_modules/postcss
node_modules/css-loader/node_modules/postcss
node_modules/icss-utils/node_modules/postcss
node_modules/postcss-flexbugs-fixes/node_modules/postcss
node_modules/postcss-modules-extract-imports/node_modules/postcss
node_modules/postcss-modules-local-by-default/node_modules/postcss
node_modules/postcss-modules-scope/node_modules/postcss
node_modules/postcss-modules-values/node_modules/postcss
@storybook/builder-webpack4 *
Depends on vulnerable versions of @storybook/core-common
Depends on vulnerable versions of autoprefixer
Depends on vulnerable versions of css-loader
Depends on vulnerable versions of fork-ts-checker-webpack-plugin
Depends on vulnerable versions of postcss
Depends on vulnerable versions of postcss-flexbugs-fixes
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-middleware
node_modules/@storybook/builder-webpack4
autoprefixer 1.0.20131222 - 9.8.8
Depends on vulnerable versions of postcss
node_modules/autoprefixer
css-loader 0.15.0 - 4.3.0
Depends on vulnerable versions of icss-utils
Depends on vulnerable versions of postcss
Depends on vulnerable versions of postcss-modules-extract-imports
Depends on vulnerable versions of postcss-modules-local-by-default
Depends on vulnerable versions of postcss-modules-scope
Depends on vulnerable versions of postcss-modules-values
node_modules/css-loader
icss-utils <=4.1.1
Depends on vulnerable versions of postcss
node_modules/icss-utils
postcss-modules-local-by-default <=4.0.0-rc.4
Depends on vulnerable versions of icss-utils
Depends on vulnerable versions of postcss
node_modules/postcss-modules-local-by-default
postcss-modules-values <=4.0.0-rc.5
Depends on vulnerable versions of icss-utils
Depends on vulnerable versions of postcss
node_modules/postcss-modules-values
postcss-flexbugs-fixes <=4.2.1
Depends on vulnerable versions of postcss
node_modules/postcss-flexbugs-fixes
postcss-modules-extract-imports <=2.0.0
Depends on vulnerable versions of postcss
node_modules/postcss-modules-extract-imports
postcss-modules-scope <=2.2.0
Depends on vulnerable versions of postcss
node_modules/postcss-modules-scope
request *
Severity: moderate
Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6
Depends on vulnerable versions of tough-cookie
No fix available
node_modules/request
mwbot >=0.1.6
Depends on vulnerable versions of request
node_modules/mwbot
wdio-mediawiki *
Depends on vulnerable versions of mwbot
node_modules/wdio-mediawiki
tough-cookie <4.1.3
Severity: moderate
tough-cookie Prototype Pollution vulnerability - https://github.com/advisories/GHSA-72xf-g2v4-qvf3
No fix available
node_modules/request/node_modules/tough-cookie
trim <0.0.3
Severity: high
Regular Expression Denial of Service in trim - https://github.com/advisories/GHSA-w5p7-h5w8-2hfq
fix available via `npm audit fix`
node_modules/trim
remark-parse <=8.0.3
Depends on vulnerable versions of trim
node_modules/remark-parse
@mdx-js/mdx <=1.6.22
Depends on vulnerable versions of remark-mdx
Depends on vulnerable versions of remark-parse
node_modules/@mdx-js/mdx
@storybook/mdx1-csf *
Depends on vulnerable versions of @mdx-js/mdx
node_modules/@storybook/mdx1-csf
@storybook/csf-tools 6.5.0-alpha.1 - 6.5.17-alpha.0
Depends on vulnerable versions of @storybook/mdx1-csf
node_modules/@storybook/csf-tools
remark-mdx <=1.6.22
Depends on vulnerable versions of remark-parse
node_modules/remark-mdx
trim-newlines <3.0.1
Severity: high
Uncontrolled Resource Consumption in trim-newlines - https://github.com/advisories/GHSA-7p7h-4mm5-852v
fix available via `npm audit fix`
node_modules/default-browser-id/node_modules/trim-newlines
meow 3.4.0 - 5.0.0
Depends on vulnerable versions of trim-newlines
node_modules/default-browser-id/node_modules/meow
webpack-dev-middleware <=5.3.3
Severity: high
Path traversal in webpack-dev-middleware - https://github.com/advisories/GHSA-wr3j-pwj9-hqq6
No fix available
node_modules/webpack-dev-middleware
@storybook/manager-webpack4 *
Depends on vulnerable versions of @storybook/core-common
Depends on vulnerable versions of css-loader
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-middleware
node_modules/@storybook/manager-webpack4
ws 8.0.0 - 8.17.0
Severity: high
ws affected by a DoS when handling a request with many HTTP headers - https://github.com/advisories/GHSA-3h5v-q93c-6h6q
fix available via `npm audit fix --force`
Will install @wdio/cli@9.2.1, which is a breaking change
node_modules/puppeteer-core/node_modules/ws
puppeteer-core 11.0.0 - 22.11.1
Depends on vulnerable versions of ws
node_modules/puppeteer-core
devtools >=7.16.5
Depends on vulnerable versions of puppeteer-core
node_modules/devtools
webdriverio 7.16.5 - 8.40.6
Depends on vulnerable versions of devtools
Depends on vulnerable versions of puppeteer-core
node_modules/webdriverio
@wdio/cli 7.16.5 - 8.40.6
Depends on vulnerable versions of webdriverio
node_modules/@wdio/cli
@wdio/runner 7.16.5 - 8.40.6
Depends on vulnerable versions of webdriverio
node_modules/@wdio/runner
@wdio/local-runner 7.16.5 - 8.40.6
Depends on vulnerable versions of @wdio/runner
node_modules/@wdio/local-runner
58 vulnerabilities (29 moderate, 29 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
--- end ---
Verifying that tests still pass
$ /usr/bin/npm ci
--- stderr ---
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: '@es-joy/jsdoccomment@0.23.6',
npm WARN EBADENGINE required: { node: '^12 || ^14 || ^16 || ^17' },
npm WARN EBADENGINE current: { node: 'v18.19.0', npm: '9.2.0' }
npm WARN EBADENGINE }
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: 'eslint-plugin-jsdoc@39.2.2',
npm WARN EBADENGINE required: { node: '^14 || ^16 || ^17' },
npm WARN EBADENGINE current: { node: 'v18.19.0', npm: '9.2.0' }
npm WARN EBADENGINE }
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: 'wdio-mediawiki@2.5.0',
npm WARN EBADENGINE required: { node: '>=18.17.0', npm: '>=9.6.7' },
npm WARN EBADENGINE current: { node: 'v18.19.0', npm: '9.2.0' }
npm WARN EBADENGINE }
npm WARN deprecated @npmcli/move-file@1.1.2: This functionality has been moved to @npmcli/fs
npm WARN deprecated stable@0.1.8: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility
npm WARN deprecated source-map-url@0.4.1: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated trim@0.0.1: Use String.prototype.trim() instead
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated uuid-browser@3.1.0: Package no longer supported and required. Use the uuid package or crypto.randomUUID instead
npm WARN deprecated source-map-resolve@0.5.3: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated querystring@0.2.1: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated sane@4.1.0: some dependency vulnerabilities fixed, support for node < 10 dropped, and newer ECMAScript syntax/features added
npm WARN deprecated chokidar@2.1.8: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated stylelint-stylistic@0.4.3: This package has been deprecated in favor of @stylistic/stylelint-plugin
--- stdout ---
added 2524 packages, and audited 2525 packages in 53s
334 packages are looking for funding
run `npm fund` for details
58 vulnerabilities (29 moderate, 29 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
--- end ---
$ /usr/bin/npm test
--- stderr ---
PASS tests/jest/discover/util/convertUrlToThumbnail.test.js
PASS tests/jest/builder/util/safeAssignString.test.js
PASS tests/jest/builder/util/splitSentences.test.js
PASS tests/jest/builder/util/convertUrlToMobile.test.js
PASS tests/jest/builder/store/story.test.js
Test Suites: 5 passed, 5 total
Tests: 19 passed, 19 total
Snapshots: 0 total
Time: 7.016 s
Ran all test suites.
--- stdout ---
> test
> npm run lint:js && npm run lint:css && jest
> lint:js
> eslint .
/src/repo/resources/components/StoryImage.vue
33:3 warning Prop 'error' requires default value to be set vue/require-default-prop
78:1 warning This line has a length of 101. Maximum allowed is 100 max-len
91:1 warning This line has a length of 123. Maximum allowed is 100 max-len
92:1 warning This line has a length of 123. Maximum allowed is 100 max-len
185:1 warning This line has a length of 101. Maximum allowed is 100 max-len
186:1 warning This line has a length of 103. Maximum allowed is 100 max-len
198:1 warning This line has a length of 103. Maximum allowed is 100 max-len
199:1 warning This line has a length of 104. Maximum allowed is 100 max-len
200:1 warning This line has a length of 104. Maximum allowed is 100 max-len
201:1 warning This line has a length of 106. Maximum allowed is 100 max-len
/src/repo/resources/ext.wikistories.builder/App.vue
29:41 warning Avoid queries which search the entire DOM. Keep DOM nodes in memory where possible no-jquery/no-global-selector
/src/repo/resources/ext.wikistories.builder/components/Frames.vue
11:1 warning This line has a length of 135. Maximum allowed is 100 max-len
127:1 warning This line has a length of 109. Maximum allowed is 100 max-len
128:1 warning This line has a length of 107. Maximum allowed is 100 max-len
176:1 warning This line has a length of 103. Maximum allowed is 100 max-len
/src/repo/resources/ext.wikistories.builder/components/Notice.vue
2:1 warning This line has a length of 102. Maximum allowed is 100 max-len
/src/repo/resources/ext.wikistories.builder/components/StoryTextbox.vue
14:1 warning This line has a length of 103. Maximum allowed is 100 max-len
/src/repo/resources/ext.wikistories.builder/mixins/observer.js
43:28 warning IntersectionObserverEntry is not supported in Safari 11, iOS Safari 11.0-11.2 compat/compat
94:19 warning IntersectionObserver is not supported in Safari 11 compat/compat
/src/repo/resources/ext.wikistories.builder/util/calculateUnmodifiedContent.js
23:0 warning Missing JSDoc @return type jsdoc/require-returns-type
50:1 warning This line has a length of 109. Maximum allowed is 100 max-len
/src/repo/resources/ext.wikistories.builder/util/sortableFrames.js
129:6 warning All possible CSS classes should be documented. See https://w.wiki/PS2 for details mediawiki/class-doc
139:4 warning All possible CSS classes should be documented. See https://w.wiki/PS2 for details mediawiki/class-doc
168:6 warning All possible CSS classes should be documented. See https://w.wiki/PS2 for details mediawiki/class-doc
/src/repo/resources/ext.wikistories.builder/views/Article.vue
93:5 warning All possible CSS classes should be documented. See https://w.wiki/PS2 for details mediawiki/class-doc
96:5 warning All possible CSS classes should be documented. See https://w.wiki/PS2 for details mediawiki/class-doc
/src/repo/resources/ext.wikistories.builder/views/PublishForm.vue
46:1 warning This line has a length of 110. Maximum allowed is 100 max-len
61:1 warning This line has a length of 114. Maximum allowed is 100 max-len
72:1 warning This line has a length of 110. Maximum allowed is 100 max-len
180:19 warning All possible message keys should be documented. See https://w.wiki/4r9a for details mediawiki/msg-doc
181:1 warning This line has a length of 106. Maximum allowed is 100 max-len
186:1 warning This line has a length of 138. Maximum allowed is 100 max-len
190:1 warning This line has a length of 102. Maximum allowed is 100 max-len
/src/repo/resources/ext.wikistories.discover/Discover.js
5:21 warning All possible CSS classes should be documented. See https://w.wiki/PS2 for details mediawiki/class-doc
9:17 warning All possible CSS classes should be documented. See https://w.wiki/PS2 for details mediawiki/class-doc
13:16 warning All possible CSS classes should be documented. See https://w.wiki/PS2 for details mediawiki/class-doc
27:9 warning All possible CSS classes should be documented. See https://w.wiki/PS2 for details mediawiki/class-doc
41:15 warning Avoid queries which search the entire DOM. Keep DOM nodes in memory where possible no-jquery/no-global-selector
42:16 warning Avoid queries which search the entire DOM. Keep DOM nodes in memory where possible no-jquery/no-global-selector
57:25 warning Avoid queries which search the entire DOM. Keep DOM nodes in memory where possible no-jquery/no-global-selector
57:25 warning Selector extensions are not allowed no-jquery/no-sizzle
/src/repo/resources/ext.wikistories.viewer/StoryViewer.vue
133:1 warning This line has a length of 106. Maximum allowed is 100 max-len
135:1 warning This line has a length of 105. Maximum allowed is 100 max-len
178:10 warning Dynamic message keys should not be used in templates. Use a computed property instead mediawiki/no-vue-dynamic-i18n
434:1 warning This line has a length of 101. Maximum allowed is 100 max-len
/src/repo/resources/ext.wikistories.viewer/index.js
13:32 warning All possible CSS classes should be documented. See https://w.wiki/PS2 for details mediawiki/class-doc
22:2 warning Avoid queries which search the entire DOM. Keep DOM nodes in memory where possible no-jquery/no-global-selector
/src/repo/resources/ext.wikistories.viewer/util/isTouchDevice.js
1:53 warning navigator.maxTouchPoints() is not supported in Safari 11, iOS Safari 11.0-11.2 compat/compat
/src/repo/resources/instrumentation/consumptionEvents.js
29:1 warning This line has a length of 106. Maximum allowed is 100 max-len
✖ 49 problems (0 errors, 49 warnings)
> lint:css
> stylelint **/*.{vue,less}
------------------------------------|---------|----------|---------|---------|------------------------------------------
File | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s
------------------------------------|---------|----------|---------|---------|------------------------------------------
All files | 7.8 | 6.73 | 1.97 | 7.8 |
components | 0 | 0 | 0 | 0 |
ConfirmDialog.vue | 0 | 0 | 0 | 0 | 33-44
DotsMenu.vue | 0 | 100 | 0 | 0 | 17-29
DotsMenuItem.vue | 0 | 100 | 0 | 0 | 13-29
StoryImage.vue | 0 | 0 | 0 | 0 | 25-245
ext.wikistories.builder | 0 | 0 | 0 | 0 |
App.vue | 0 | 0 | 0 | 0 | 8-42
index.js | 0 | 0 | 100 | 0 | 1-19
ext.wikistories.builder/api | 12.5 | 0 | 0 | 12.74 |
getPageInfo.js | 0 | 0 | 0 | 0 | 6-19
saveStory.js | 0 | 0 | 0 | 0 | 10-38
searchImages.js | 14.94 | 0 | 0 | 15.29 | 17-18,28-54,63-74,78-113,125-176,187-206
ext.wikistories.builder/components | 0 | 0 | 0 | 0 |
Alert.vue | 0 | 100 | 100 | 0 | 24
CurrentFrame.vue | 0 | 0 | 0 | 0 | 21-57
Frames.vue | 0 | 0 | 0 | 0 | 29-77
ImageAttribution.vue | 0 | 0 | 0 | 0 | 27-41
ImageListView.vue | 0 | 0 | 0 | 0 | 27-72
ListImage.vue | 0 | 0 | 0 | 0 | 12-61
Navigator.vue | 0 | 0 | 0 | 0 | 27-38
Notice.vue | 0 | 100 | 100 | 0 | 12
Popup.vue | 0 | 100 | 100 | 0 | 12
PrimaryButton.vue | 0 | 100 | 100 | 0 | 9
RouterView.vue | 0 | 100 | 100 | 0 | 6-9
StoryTextbox.vue | 0 | 0 | 0 | 0 | 32-88
Toast.vue | 0 | 100 | 0 | 0 | 8-33
ext.wikistories.builder/mixins | 0 | 0 | 0 | 0 |
observer.js | 0 | 0 | 0 | 0 | 10-110
ext.wikistories.builder/plugins | 0 | 100 | 0 | 0 |
config.js | 0 | 100 | 0 | 0 | 5-20
ext.wikistories.builder/store | 6.27 | 0 | 0 | 6.34 |
article.js | 0 | 0 | 0 | 0 | 1-106
index.js | 0 | 100 | 100 | 0 | 1-7
router.js | 0 | 0 | 0 | 0 | 1-62
search.js | 0 | 0 | 0 | 0 | 1-64
story.js | 11.11 | 0 | 0 | 11.34 | 40-324
ext.wikistories.builder/util | 33 | 21.48 | 24.13 | 32.68 |
beforeUnloadListener.js | 0 | 100 | 0 | 0 | 4-9
calculateUnmodifiedContent.js | 16.66 | 0 | 0 | 16.66 | 2-12,26-52
convertUrlToMobile.js | 100 | 100 | 100 | 100 |
safeAssignString.js | 93.33 | 87.5 | 100 | 93.33 | 26
sortableFrames.js | 0 | 0 | 0 | 0 | 5-215
splitSentences.js | 91.48 | 80 | 100 | 91.3 | 40,94,101-102
strip.js | 22.22 | 0 | 0 | 22.22 | 6-16
validateTitle.js | 0 | 0 | 0 | 0 | 1-43
ext.wikistories.builder/views | 0 | 0 | 0 | 0 |
Article.vue | 0 | 0 | 0 | 0 | 46-123
PublishForm.vue | 0 | 0 | 0 | 0 | 110-268
Search.vue | 0 | 0 | 0 | 0 | 44-134
Story.vue | 0 | 0 | 0 | 0 | 69-248
ext.wikistories.discover | 0 | 0 | 0 | 0 |
Discover.js | 0 | 0 | 0 | 0 | 1-92
index.js | 0 | 0 | 0 | 0 | 1-49
ext.wikistories.discover/api | 0 | 100 | 0 | 0 |
getStories.js | 0 | 100 | 0 | 0 | 5-13
ext.wikistories.discover/util | 100 | 100 | 100 | 100 |
convertUrlToThumbnail.js | 100 | 100 | 100 | 100 |
ext.wikistories.viewaction | 0 | 100 | 100 | 0 |
index.js | 0 | 100 | 100 | 0 | 1-3
ext.wikistories.viewer | 0 | 0 | 0 | 0 |
StoryViewer.vue | 0 | 0 | 0 | 0 | 188-391
index.js | 0 | 0 | 0 | 0 | 1-36
ext.wikistories.viewer/components | 0 | 0 | 0 | 0 |
ImageAttribution.vue | 0 | 100 | 100 | 0 | 31
Textbox.vue | 0 | 0 | 0 | 0 | 18-100
ext.wikistories.viewer/store | 0 | 0 | 0 | 0 |
index.js | 0 | 100 | 100 | 0 | 1-4
story.js | 0 | 0 | 0 | 0 | 1-207
ext.wikistories.viewer/util | 0 | 0 | 0 | 0 |
isTouchDevice.js | 0 | 0 | 100 | 0 | 1-4
timer.js | 0 | 0 | 0 | 0 | 4-38
instrumentation | 0 | 0 | 0 | 0 |
consumptionEvents.js | 0 | 0 | 0 | 0 | 1-49
contributionEvents.js | 0 | 0 | 0 | 0 | 1-64
------------------------------------|---------|----------|---------|---------|------------------------------------------
--- end ---
{}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}, "1099357": {"source": 1099357, "name": "ip", "dependency": "ip", "title": "ip SSRF improper categorization in isPublic", "url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp", "severity": "high", "cwe": ["CWE-918"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": "<=2.0.1"}}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}, "1099357": {"source": 1099357, "name": "ip", "dependency": "ip", "title": "ip SSRF improper categorization in isPublic", "url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp", "severity": "high", "cwe": ["CWE-918"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": "<=2.0.1"}}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{}
{}
{}
{}
{}
{}
{}
{}
{}
{"1099357": {"source": 1099357, "name": "ip", "dependency": "ip", "title": "ip SSRF improper categorization in isPublic", "url": "https://github.com/advisories/GHSA-2p57-rm9w-gvfp", "severity": "high", "cwe": ["CWE-918"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": "<=2.0.1"}}
{}
{}
{"1095100": {"source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.1"}}
{}
{}
{}
{}
{}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{}
{"1089867": {"source": 1089867, "name": "trim", "dependency": "trim", "title": "Regular Expression Denial of Service in trim", "url": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<0.0.3"}}
{"1095100": {"source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.1"}}
{}
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json
--- end ---
[DNM] there are no updates
$ git add .
--- stdout ---
--- end ---
$ git commit -F /tmp/tmpejjbbi1l
--- stdout ---
[REL1_42 e825aff] [DNM] there are no updates
1 file changed, 263 insertions(+), 109 deletions(-)
--- end ---
$ git format-patch HEAD~1 --stdout
--- stdout ---
From e825afff0b1d14d9d02ddae92b781f22e0243512 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Sun, 27 Oct 2024 14:04:58 +0000
Subject: [PATCH] [DNM] there are no updates
Change-Id: Ib8f522682740e5b09a5b8bec7e80a9539d6feb45
---
package-lock.json | 372 ++++++++++++++++++++++++++++++++--------------
1 file changed, 263 insertions(+), 109 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 4df5a09..f7a323d 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -8302,15 +8302,14 @@
}
},
"node_modules/asn1.js": {
- "version": "5.4.1",
- "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-5.4.1.tgz",
- "integrity": "sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==",
+ "version": "4.10.1",
+ "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-4.10.1.tgz",
+ "integrity": "sha512-p32cOF5q0Zqs9uBiONKYLm6BClCoBCM5O9JfeUSlnQLBTxYdTK+pW+nXflm8UkKd2UYlEbYz5qEi0JuZR9ckSw==",
"dev": true,
"dependencies": {
"bn.js": "^4.0.0",
"inherits": "^2.0.1",
- "minimalistic-assert": "^1.0.0",
- "safer-buffer": "^2.1.0"
+ "minimalistic-assert": "^1.0.0"
}
},
"node_modules/asn1.js/node_modules/bn.js": {
@@ -9350,39 +9349,66 @@
}
},
"node_modules/browserify-sign": {
- "version": "4.2.2",
- "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.2.tgz",
- "integrity": "sha512-1rudGyeYY42Dk6texmv7c4VcQ0EsvVbLwZkA+AQB7SxvXxmcD93jcHie8bzecJ+ChDlmAm2Qyu0+Ccg5uhZXCg==",
+ "version": "4.2.3",
+ "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.3.tgz",
+ "integrity": "sha512-JWCZW6SKhfhjJxO8Tyiiy+XYB7cqd2S5/+WeYHsKdNKFlCBhKbblba1A/HN/90YwtxKc8tCErjffZl++UNmGiw==",
"dev": true,
"dependencies": {
"bn.js": "^5.2.1",
"browserify-rsa": "^4.1.0",
"create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
- "elliptic": "^6.5.4",
+ "elliptic": "^6.5.5",
+ "hash-base": "~3.0",
"inherits": "^2.0.4",
- "parse-asn1": "^5.1.6",
- "readable-stream": "^3.6.2",
+ "parse-asn1": "^5.1.7",
+ "readable-stream": "^2.3.8",
"safe-buffer": "^5.2.1"
},
"engines": {
- "node": ">= 4"
+ "node": ">= 0.12"
}
},
- "node_modules/browserify-sign/node_modules/readable-stream": {
- "version": "3.6.2",
- "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
- "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
+ "node_modules/browserify-sign/node_modules/hash-base": {
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
+ "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
"dev": true,
"dependencies": {
- "inherits": "^2.0.3",
- "string_decoder": "^1.1.1",
- "util-deprecate": "^1.0.1"
+ "inherits": "^2.0.1",
+ "safe-buffer": "^5.0.1"
},
"engines": {
- "node": ">= 6"
+ "node": ">=4"
+ }
+ },
+ "node_modules/browserify-sign/node_modules/isarray": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
+ "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==",
+ "dev": true
+ },
+ "node_modules/browserify-sign/node_modules/readable-stream": {
+ "version": "2.3.8",
+ "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
+ "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
+ "dev": true,
+ "dependencies": {
+ "core-util-is": "~1.0.0",
+ "inherits": "~2.0.3",
+ "isarray": "~1.0.0",
+ "process-nextick-args": "~2.0.0",
+ "safe-buffer": "~5.1.1",
+ "string_decoder": "~1.1.1",
+ "util-deprecate": "~1.0.1"
}
},
+ "node_modules/browserify-sign/node_modules/readable-stream/node_modules/safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ },
"node_modules/browserify-sign/node_modules/safe-buffer": {
"version": "5.2.1",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
@@ -9404,14 +9430,20 @@
]
},
"node_modules/browserify-sign/node_modules/string_decoder": {
- "version": "1.3.0",
- "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
- "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==",
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
+ "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
"dev": true,
"dependencies": {
- "safe-buffer": "~5.2.0"
+ "safe-buffer": "~5.1.0"
}
},
+ "node_modules/browserify-sign/node_modules/string_decoder/node_modules/safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ },
"node_modules/browserify-zlib": {
"version": "0.2.0",
"resolved": "https://registry.npmjs.org/browserify-zlib/-/browserify-zlib-0.2.0.tgz",
@@ -10836,9 +10868,9 @@
}
},
"node_modules/cookie": {
- "version": "0.6.0",
- "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
- "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==",
+ "version": "0.7.1",
+ "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.1.tgz",
+ "integrity": "sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w==",
"dev": true,
"engines": {
"node": ">= 0.6"
@@ -11425,25 +11457,42 @@
}
},
"node_modules/crypto-browserify": {
- "version": "3.12.0",
- "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.0.tgz",
- "integrity": "sha512-fz4spIh+znjO2VjL+IdhEpRJ3YN6sMzITSBijk6FK2UvTqruSQW+/cCZTSNsMiZNvUeq0CqurF+dAbyiGOY6Wg==",
+ "version": "3.12.1",
+ "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.1.tgz",
+ "integrity": "sha512-r4ESw/IlusD17lgQi1O20Fa3qNnsckR126TdUuBgAu7GBYSIPvdNyONd3Zrxh0xCwA4+6w/TDArBPsMvhur+KQ==",
+ "dev": true,
+ "dependencies": {
+ "browserify-cipher": "^1.0.1",
+ "browserify-sign": "^4.2.3",
+ "create-ecdh": "^4.0.4",
+ "create-hash": "^1.2.0",
+ "create-hmac": "^1.1.7",
+ "diffie-hellman": "^5.0.3",
+ "hash-base": "~3.0.4",
+ "inherits": "^2.0.4",
+ "pbkdf2": "^3.1.2",
+ "public-encrypt": "^4.0.3",
+ "randombytes": "^2.1.0",
+ "randomfill": "^1.0.4"
+ },
+ "engines": {
+ "node": ">= 0.10"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/ljharb"
+ }
+ },
+ "node_modules/crypto-browserify/node_modules/hash-base": {
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
+ "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
"dev": true,
"dependencies": {
- "browserify-cipher": "^1.0.0",
- "browserify-sign": "^4.0.0",
- "create-ecdh": "^4.0.0",
- "create-hash": "^1.1.0",
- "create-hmac": "^1.1.0",
- "diffie-hellman": "^5.0.0",
"inherits": "^2.0.1",
- "pbkdf2": "^3.0.3",
- "public-encrypt": "^4.0.0",
- "randombytes": "^2.0.0",
- "randomfill": "^1.0.3"
+ "safe-buffer": "^5.0.1"
},
"engines": {
- "node": "*"
+ "node": ">=4"
}
},
"node_modules/css-functions-list": {
@@ -12661,9 +12710,9 @@
"dev": true
},
"node_modules/elliptic": {
- "version": "6.5.7",
- "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.7.tgz",
- "integrity": "sha512-ESVCtTwiA+XhY3wyh24QqRGBoP3rEdDUl3EDUUo9tft074fi19IrdpH7hLCMMP3CIj7jb3W96rn8lt/BqIlt5Q==",
+ "version": "6.6.0",
+ "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.6.0.tgz",
+ "integrity": "sha512-dpwoQcLc/2WLQvJvLRHKZ+f9FgOdjnq11rurqwekGQygGPsYSK29OMMD2WalatiqQ+XGFDglTNixpPfI+lpaAA==",
"dev": true,
"dependencies": {
"bn.js": "^4.11.9",
@@ -14489,9 +14538,9 @@
}
},
"node_modules/express": {
- "version": "4.21.0",
- "resolved": "https://registry.npmjs.org/express/-/express-4.21.0.tgz",
- "integrity": "sha512-VqcNGcj/Id5ZT1LZ/cfihi3ttTn+NJmkli2eZADigjq29qTlWi/hAQ43t/VLPq8+UX06FCEx3ByOYet6ZFblng==",
+ "version": "4.21.1",
+ "resolved": "https://registry.npmjs.org/express/-/express-4.21.1.tgz",
+ "integrity": "sha512-YSFlK1Ee0/GC8QaO91tHcDxJiE/X4FbpAyQWkxAvG6AXCuR65YzK8ua6D9hvi/TzUfZMpc+BwuM1IPw8fmQBiQ==",
"dev": true,
"dependencies": {
"accepts": "~1.3.8",
@@ -14499,7 +14548,7 @@
"body-parser": "1.20.3",
"content-disposition": "0.5.4",
"content-type": "~1.0.4",
- "cookie": "0.6.0",
+ "cookie": "0.7.1",
"cookie-signature": "1.0.6",
"debug": "2.6.9",
"depd": "2.0.0",
@@ -22969,18 +23018,55 @@
}
},
"node_modules/parse-asn1": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.6.tgz",
- "integrity": "sha512-RnZRo1EPU6JBnra2vGHj0yhp6ebyjBZpmUCLHWiFhxlzvBCCpAuZ7elsBp1PVAbQN0/04VD/19rfzlBSwLstMw==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.7.tgz",
+ "integrity": "sha512-CTM5kuWR3sx9IFamcl5ErfPl6ea/N8IYwiJ+vpeB2g+1iknv7zBl5uPwbMbRVznRVbrNY6lGuDoE5b30grmbqg==",
"dev": true,
"dependencies": {
- "asn1.js": "^5.2.0",
- "browserify-aes": "^1.0.0",
- "evp_bytestokey": "^1.0.0",
- "pbkdf2": "^3.0.3",
- "safe-buffer": "^5.1.1"
+ "asn1.js": "^4.10.1",
+ "browserify-aes": "^1.2.0",
+ "evp_bytestokey": "^1.0.3",
+ "hash-base": "~3.0",
+ "pbkdf2": "^3.1.2",
+ "safe-buffer": "^5.2.1"
+ },
+ "engines": {
+ "node": ">= 0.10"
}
},
+ "node_modules/parse-asn1/node_modules/hash-base": {
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
+ "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
+ "dev": true,
+ "dependencies": {
+ "inherits": "^2.0.1",
+ "safe-buffer": "^5.0.1"
+ },
+ "engines": {
+ "node": ">=4"
+ }
+ },
+ "node_modules/parse-asn1/node_modules/safe-buffer": {
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+ "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+ "dev": true,
+ "funding": [
+ {
+ "type": "github",
+ "url": "https://github.com/sponsors/feross"
+ },
+ {
+ "type": "patreon",
+ "url": "https://www.patreon.com/feross"
+ },
+ {
+ "type": "consulting",
+ "url": "https://feross.org/support"
+ }
+ ]
+ },
"node_modules/parse-entities": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/parse-entities/-/parse-entities-2.0.0.tgz",
@@ -37227,15 +37313,14 @@
}
},
"asn1.js": {
- "version": "5.4.1",
- "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-5.4.1.tgz",
- "integrity": "sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==",
+ "version": "4.10.1",
+ "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-4.10.1.tgz",
+ "integrity": "sha512-p32cOF5q0Zqs9uBiONKYLm6BClCoBCM5O9JfeUSlnQLBTxYdTK+pW+nXflm8UkKd2UYlEbYz5qEi0JuZR9ckSw==",
"dev": true,
"requires": {
"bn.js": "^4.0.0",
"inherits": "^2.0.1",
- "minimalistic-assert": "^1.0.0",
- "safer-buffer": "^2.1.0"
+ "minimalistic-assert": "^1.0.0"
},
"dependencies": {
"bn.js": {
@@ -38041,31 +38126,60 @@
}
},
"browserify-sign": {
- "version": "4.2.2",
- "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.2.tgz",
- "integrity": "sha512-1rudGyeYY42Dk6texmv7c4VcQ0EsvVbLwZkA+AQB7SxvXxmcD93jcHie8bzecJ+ChDlmAm2Qyu0+Ccg5uhZXCg==",
+ "version": "4.2.3",
+ "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.3.tgz",
+ "integrity": "sha512-JWCZW6SKhfhjJxO8Tyiiy+XYB7cqd2S5/+WeYHsKdNKFlCBhKbblba1A/HN/90YwtxKc8tCErjffZl++UNmGiw==",
"dev": true,
"requires": {
"bn.js": "^5.2.1",
"browserify-rsa": "^4.1.0",
"create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
- "elliptic": "^6.5.4",
+ "elliptic": "^6.5.5",
+ "hash-base": "~3.0",
"inherits": "^2.0.4",
- "parse-asn1": "^5.1.6",
- "readable-stream": "^3.6.2",
+ "parse-asn1": "^5.1.7",
+ "readable-stream": "^2.3.8",
"safe-buffer": "^5.2.1"
},
"dependencies": {
+ "hash-base": {
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
+ "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
+ "dev": true,
+ "requires": {
+ "inherits": "^2.0.1",
+ "safe-buffer": "^5.0.1"
+ }
+ },
+ "isarray": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
+ "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==",
+ "dev": true
+ },
"readable-stream": {
- "version": "3.6.2",
- "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
- "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
+ "version": "2.3.8",
+ "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
+ "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
"dev": true,
"requires": {
- "inherits": "^2.0.3",
- "string_decoder": "^1.1.1",
- "util-deprecate": "^1.0.1"
+ "core-util-is": "~1.0.0",
+ "inherits": "~2.0.3",
+ "isarray": "~1.0.0",
+ "process-nextick-args": "~2.0.0",
+ "safe-buffer": "~5.1.1",
+ "string_decoder": "~1.1.1",
+ "util-deprecate": "~1.0.1"
+ },
+ "dependencies": {
+ "safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ }
}
},
"safe-buffer": {
@@ -38075,12 +38189,20 @@
"dev": true
},
"string_decoder": {
- "version": "1.3.0",
- "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
- "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==",
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
+ "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
"dev": true,
"requires": {
- "safe-buffer": "~5.2.0"
+ "safe-buffer": "~5.1.0"
+ },
+ "dependencies": {
+ "safe-buffer": {
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+ "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+ "dev": true
+ }
}
}
}
@@ -39160,9 +39282,9 @@
}
},
"cookie": {
- "version": "0.6.0",
- "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
- "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==",
+ "version": "0.7.1",
+ "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.1.tgz",
+ "integrity": "sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w==",
"dev": true
},
"cookie-signature": {
@@ -39639,22 +39761,35 @@
}
},
"crypto-browserify": {
- "version": "3.12.0",
- "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.0.tgz",
- "integrity": "sha512-fz4spIh+znjO2VjL+IdhEpRJ3YN6sMzITSBijk6FK2UvTqruSQW+/cCZTSNsMiZNvUeq0CqurF+dAbyiGOY6Wg==",
+ "version": "3.12.1",
+ "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.1.tgz",
+ "integrity": "sha512-r4ESw/IlusD17lgQi1O20Fa3qNnsckR126TdUuBgAu7GBYSIPvdNyONd3Zrxh0xCwA4+6w/TDArBPsMvhur+KQ==",
"dev": true,
"requires": {
- "browserify-cipher": "^1.0.0",
- "browserify-sign": "^4.0.0",
- "create-ecdh": "^4.0.0",
- "create-hash": "^1.1.0",
- "create-hmac": "^1.1.0",
- "diffie-hellman": "^5.0.0",
- "inherits": "^2.0.1",
- "pbkdf2": "^3.0.3",
- "public-encrypt": "^4.0.0",
- "randombytes": "^2.0.0",
- "randomfill": "^1.0.3"
+ "browserify-cipher": "^1.0.1",
+ "browserify-sign": "^4.2.3",
+ "create-ecdh": "^4.0.4",
+ "create-hash": "^1.2.0",
+ "create-hmac": "^1.1.7",
+ "diffie-hellman": "^5.0.3",
+ "hash-base": "~3.0.4",
+ "inherits": "^2.0.4",
+ "pbkdf2": "^3.1.2",
+ "public-encrypt": "^4.0.3",
+ "randombytes": "^2.1.0",
+ "randomfill": "^1.0.4"
+ },
+ "dependencies": {
+ "hash-base": {
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
+ "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
+ "dev": true,
+ "requires": {
+ "inherits": "^2.0.1",
+ "safe-buffer": "^5.0.1"
+ }
+ }
}
},
"css-functions-list": {
@@ -40623,9 +40758,9 @@
"dev": true
},
"elliptic": {
- "version": "6.5.7",
- "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.7.tgz",
- "integrity": "sha512-ESVCtTwiA+XhY3wyh24QqRGBoP3rEdDUl3EDUUo9tft074fi19IrdpH7hLCMMP3CIj7jb3W96rn8lt/BqIlt5Q==",
+ "version": "6.6.0",
+ "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.6.0.tgz",
+ "integrity": "sha512-dpwoQcLc/2WLQvJvLRHKZ+f9FgOdjnq11rurqwekGQygGPsYSK29OMMD2WalatiqQ+XGFDglTNixpPfI+lpaAA==",
"dev": true,
"requires": {
"bn.js": "^4.11.9",
@@ -41970,9 +42105,9 @@
}
},
"express": {
- "version": "4.21.0",
- "resolved": "https://registry.npmjs.org/express/-/express-4.21.0.tgz",
- "integrity": "sha512-VqcNGcj/Id5ZT1LZ/cfihi3ttTn+NJmkli2eZADigjq29qTlWi/hAQ43t/VLPq8+UX06FCEx3ByOYet6ZFblng==",
+ "version": "4.21.1",
+ "resolved": "https://registry.npmjs.org/express/-/express-4.21.1.tgz",
+ "integrity": "sha512-YSFlK1Ee0/GC8QaO91tHcDxJiE/X4FbpAyQWkxAvG6AXCuR65YzK8ua6D9hvi/TzUfZMpc+BwuM1IPw8fmQBiQ==",
"dev": true,
"requires": {
"accepts": "~1.3.8",
@@ -41980,7 +42115,7 @@
"body-parser": "1.20.3",
"content-disposition": "0.5.4",
"content-type": "~1.0.4",
- "cookie": "0.6.0",
+ "cookie": "0.7.1",
"cookie-signature": "1.0.6",
"debug": "2.6.9",
"depd": "2.0.0",
@@ -48507,16 +48642,35 @@
}
},
"parse-asn1": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.6.tgz",
- "integrity": "sha512-RnZRo1EPU6JBnra2vGHj0yhp6ebyjBZpmUCLHWiFhxlzvBCCpAuZ7elsBp1PVAbQN0/04VD/19rfzlBSwLstMw==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.7.tgz",
+ "integrity": "sha512-CTM5kuWR3sx9IFamcl5ErfPl6ea/N8IYwiJ+vpeB2g+1iknv7zBl5uPwbMbRVznRVbrNY6lGuDoE5b30grmbqg==",
"dev": true,
"requires": {
- "asn1.js": "^5.2.0",
- "browserify-aes": "^1.0.0",
- "evp_bytestokey": "^1.0.0",
- "pbkdf2": "^3.0.3",
- "safe-buffer": "^5.1.1"
+ "asn1.js": "^4.10.1",
+ "browserify-aes": "^1.2.0",
+ "evp_bytestokey": "^1.0.3",
+ "hash-base": "~3.0",
+ "pbkdf2": "^3.1.2",
+ "safe-buffer": "^5.2.1"
+ },
+ "dependencies": {
+ "hash-base": {
+ "version": "3.0.4",
+ "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.0.4.tgz",
+ "integrity": "sha512-EeeoJKjTyt868liAlVmcv2ZsUfGHlE3Q+BICOXcZiwN3osr5Q/zFGYmTJpoIzuaSTAwndFy+GqhEwlU4L3j4Ow==",
+ "dev": true,
+ "requires": {
+ "inherits": "^2.0.1",
+ "safe-buffer": "^5.0.1"
+ }
+ },
+ "safe-buffer": {
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+ "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+ "dev": true
+ }
}
},
"parse-entities": {
--
2.39.2
--- end ---