mediawiki/extensions/Popups (REL1_37)

sourcepatches
$ date
--- stdout ---
Fri Apr 15 05:21:24 UTC 2022

--- end ---
$ git clone file:///srv/git/mediawiki-extensions-Popups.git repo --depth=1 -b REL1_37
--- stderr ---
Cloning into 'repo'...
--- stdout ---

--- end ---
$ git config user.name libraryupgrader
--- stdout ---

--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---

--- end ---
$ git submodule update --init
--- stdout ---

--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.

--- end ---
$ git show-ref refs/heads/REL1_37
--- stdout ---
000656e61d1091b5483bc665c7ca4fbd8bd6687a refs/heads/REL1_37

--- end ---
$ /usr/bin/npm audit --json --legacy-peer-deps
--- stdout ---
{
  "auditReportVersion": 2,
  "vulnerabilities": {
    "@storybook/builder-webpack4": {
      "name": "@storybook/builder-webpack4",
      "severity": "high",
      "via": [
        "@storybook/core-common",
        "react-dev-utils"
      ],
      "effects": [
        "@storybook/core-server"
      ],
      "range": "<=6.4.12 || 6.5.0-alpha.1 - 6.5.0-alpha.5",
      "nodes": [
        "node_modules/@storybook/builder-webpack4"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "@storybook/core": {
      "name": "@storybook/core",
      "severity": "moderate",
      "via": [
        "@storybook/core-server"
      ],
      "effects": [
        "@storybook/html"
      ],
      "range": "6.2.0-alpha.0 - 6.4.12 || 6.5.0-alpha.1 - 6.5.0-alpha.5",
      "nodes": [
        "node_modules/@storybook/core"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "@storybook/core-common": {
      "name": "@storybook/core-common",
      "severity": "high",
      "via": [
        "glob-base"
      ],
      "effects": [
        "@storybook/builder-webpack4",
        "@storybook/core-server",
        "@storybook/html"
      ],
      "range": "<=6.4.0-rc.11",
      "nodes": [
        "node_modules/@storybook/core-common"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "@storybook/core-server": {
      "name": "@storybook/core-server",
      "severity": "high",
      "via": [
        "@storybook/builder-webpack4",
        "@storybook/core-common",
        "cpy"
      ],
      "effects": [
        "@storybook/core"
      ],
      "range": "*",
      "nodes": [
        "node_modules/@storybook/core-server"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "@storybook/html": {
      "name": "@storybook/html",
      "severity": "high",
      "via": [
        "@storybook/core",
        "@storybook/core-common"
      ],
      "effects": [],
      "range": "6.2.0-alpha.0 - 6.4.12 || 6.5.0-alpha.1 - 6.5.0-alpha.5",
      "nodes": [
        "node_modules/@storybook/html"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "ansi-html": {
      "name": "ansi-html",
      "severity": "high",
      "via": [
        {
          "source": 1067382,
          "name": "ansi-html",
          "dependency": "ansi-html",
          "title": "Uncontrolled Resource Consumption in ansi-html",
          "url": "https://github.com/advisories/GHSA-whgm-jr23-g3j9",
          "severity": "high",
          "range": "<0.0.8"
        }
      ],
      "effects": [
        "webpack-hot-middleware"
      ],
      "range": "<0.0.8",
      "nodes": [
        "node_modules/ansi-html"
      ],
      "fixAvailable": true
    },
    "ansi-regex": {
      "name": "ansi-regex",
      "severity": "moderate",
      "via": [
        {
          "source": 1067300,
          "name": "ansi-regex",
          "dependency": "ansi-regex",
          "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex",
          "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
          "severity": "moderate",
          "range": ">=3.0.0 <3.0.1"
        },
        {
          "source": 1067301,
          "name": "ansi-regex",
          "dependency": "ansi-regex",
          "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex",
          "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
          "severity": "moderate",
          "range": ">=4.0.0 <4.1.1"
        },
        {
          "source": 1067302,
          "name": "ansi-regex",
          "dependency": "ansi-regex",
          "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex",
          "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
          "severity": "moderate",
          "range": ">=5.0.0 <5.0.1"
        }
      ],
      "effects": [],
      "range": "3.0.0 || 4.0.0 - 4.1.0 || 5.0.0",
      "nodes": [
        "node_modules/@wdio/cli/node_modules/ansi-regex",
        "node_modules/@wdio/logger/node_modules/ansi-regex",
        "node_modules/@wikimedia/mw-node-qunit/node_modules/strip-ansi/node_modules/ansi-regex",
        "node_modules/ansi-align/node_modules/ansi-regex",
        "node_modules/boxen/node_modules/ansi-regex",
        "node_modules/cli-table3/node_modules/ansi-regex",
        "node_modules/cliui/node_modules/ansi-regex",
        "node_modules/doiuse/node_modules/ansi-regex",
        "node_modules/eslint/node_modules/ansi-regex",
        "node_modules/inquirer/node_modules/ansi-regex",
        "node_modules/mocha/node_modules/ansi-regex",
        "node_modules/ora/node_modules/ansi-regex",
        "node_modules/pretty-format/node_modules/ansi-regex",
        "node_modules/react-dev-utils/node_modules/ansi-regex",
        "node_modules/stylelint/node_modules/ansi-regex",
        "node_modules/table/node_modules/ansi-regex",
        "node_modules/webpack-cli/node_modules/ansi-regex",
        "node_modules/widest-line/node_modules/ansi-regex",
        "node_modules/wrap-ansi/node_modules/ansi-regex",
        "node_modules/yargs/node_modules/ansi-regex"
      ],
      "fixAvailable": true
    },
    "async": {
      "name": "async",
      "severity": "high",
      "via": [
        {
          "source": 1069985,
          "name": "async",
          "dependency": "async",
          "title": "Prototype Pollution in async",
          "url": "https://github.com/advisories/GHSA-fwr7-v2mv-hh25",
          "severity": "high",
          "range": "<2.6.4"
        },
        {
          "source": 1069986,
          "name": "async",
          "dependency": "async",
          "title": "Prototype Pollution in async",
          "url": "https://github.com/advisories/GHSA-fwr7-v2mv-hh25",
          "severity": "high",
          "range": ">=3.0.0 <3.2.2"
        }
      ],
      "effects": [
        "jake"
      ],
      "range": ">=3.0.0 <3.2.2 || <2.6.4",
      "nodes": [
        "node_modules/archiver/node_modules/async",
        "node_modules/async"
      ],
      "fixAvailable": true
    },
    "axios": {
      "name": "axios",
      "severity": "high",
      "via": [
        {
          "source": 1067343,
          "name": "axios",
          "dependency": "axios",
          "title": "Incorrect Comparison in axios",
          "url": "https://github.com/advisories/GHSA-cph5-m8f7-6c5x",
          "severity": "high",
          "range": "<0.21.2"
        }
      ],
      "effects": [
        "github-build"
      ],
      "range": "<0.21.2",
      "nodes": [
        "node_modules/github-build/node_modules/axios"
      ],
      "fixAvailable": true
    },
    "browserslist": {
      "name": "browserslist",
      "severity": "moderate",
      "via": [
        {
          "source": 1067902,
          "name": "browserslist",
          "dependency": "browserslist",
          "title": "Regular Expression Denial of Service in browserslist",
          "url": "https://github.com/advisories/GHSA-w8qv-6jwh-64r5",
          "severity": "moderate",
          "range": ">=4.0.0 <4.16.5"
        }
      ],
      "effects": [
        "react-dev-utils"
      ],
      "range": "4.0.0 - 4.16.4",
      "nodes": [
        "node_modules/react-dev-utils/node_modules/browserslist"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "chokidar": {
      "name": "chokidar",
      "severity": "high",
      "via": [
        "glob-parent"
      ],
      "effects": [
        "watchpack-chokidar2"
      ],
      "range": "1.0.0-rc1 - 2.1.8",
      "nodes": [
        "node_modules/watchpack-chokidar2/node_modules/chokidar"
      ],
      "fixAvailable": {
        "name": "webpack",
        "version": "5.72.0",
        "isSemVerMajor": true
      }
    },
    "cpy": {
      "name": "cpy",
      "severity": "high",
      "via": [
        "globby"
      ],
      "effects": [
        "@storybook/core-server"
      ],
      "range": "7.0.0 - 8.1.2",
      "nodes": [
        "node_modules/cpy"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "ejs": {
      "name": "ejs",
      "severity": "high",
      "via": [
        "jake"
      ],
      "effects": [],
      "range": ">=3.1.2",
      "nodes": [
        "node_modules/ejs"
      ],
      "fixAvailable": true
    },
    "fast-glob": {
      "name": "fast-glob",
      "severity": "high",
      "via": [
        "glob-parent"
      ],
      "effects": [
        "globby"
      ],
      "range": "<=2.2.7",
      "nodes": [
        "node_modules/cpy/node_modules/fast-glob"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "follow-redirects": {
      "name": "follow-redirects",
      "severity": "high",
      "via": [
        {
          "source": 1067407,
          "name": "follow-redirects",
          "dependency": "follow-redirects",
          "title": "Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects",
          "url": "https://github.com/advisories/GHSA-pw2r-vq6v-hr8c",
          "severity": "moderate",
          "range": "<1.14.8"
        },
        {
          "source": 1067459,
          "name": "follow-redirects",
          "dependency": "follow-redirects",
          "title": "Exposure of sensitive information in follow-redirects",
          "url": "https://github.com/advisories/GHSA-74fj-2j2h-c42q",
          "severity": "high",
          "range": "<1.14.7"
        }
      ],
      "effects": [],
      "range": "<=1.14.7",
      "nodes": [
        "node_modules/follow-redirects"
      ],
      "fixAvailable": true
    },
    "github-build": {
      "name": "github-build",
      "severity": "high",
      "via": [
        "axios"
      ],
      "effects": [],
      "range": "<=1.2.2",
      "nodes": [
        "node_modules/github-build"
      ],
      "fixAvailable": true
    },
    "glob-base": {
      "name": "glob-base",
      "severity": "high",
      "via": [
        "glob-parent"
      ],
      "effects": [
        "@storybook/core-common"
      ],
      "range": "*",
      "nodes": [
        "node_modules/glob-base"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "glob-parent": {
      "name": "glob-parent",
      "severity": "high",
      "via": [
        {
          "source": 1067329,
          "name": "glob-parent",
          "dependency": "glob-parent",
          "title": "Regular expression denial of service in glob-parent",
          "url": "https://github.com/advisories/GHSA-ww39-953v-wcq6",
          "severity": "high",
          "range": "<5.1.2"
        }
      ],
      "effects": [
        "chokidar",
        "fast-glob",
        "glob-base"
      ],
      "range": "<5.1.2",
      "nodes": [
        "node_modules/cpy/node_modules/glob-parent",
        "node_modules/glob-base/node_modules/glob-parent",
        "node_modules/watchpack-chokidar2/node_modules/glob-parent"
      ],
      "fixAvailable": {
        "name": "webpack",
        "version": "5.72.0",
        "isSemVerMajor": true
      }
    },
    "globby": {
      "name": "globby",
      "severity": "high",
      "via": [
        "fast-glob"
      ],
      "effects": [
        "cpy"
      ],
      "range": "8.0.0 - 9.2.0",
      "nodes": [
        "node_modules/cpy/node_modules/globby"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "immer": {
      "name": "immer",
      "severity": "critical",
      "via": [
        {
          "source": 1067720,
          "name": "immer",
          "dependency": "immer",
          "title": "Prototype Pollution in immer",
          "url": "https://github.com/advisories/GHSA-33f9-j839-rf8h",
          "severity": "critical",
          "range": "<9.0.6"
        }
      ],
      "effects": [
        "react-dev-utils"
      ],
      "range": "<9.0.6",
      "nodes": [
        "node_modules/immer"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "jake": {
      "name": "jake",
      "severity": "high",
      "via": [
        "async"
      ],
      "effects": [
        "ejs"
      ],
      "range": ">=8.0.1",
      "nodes": [
        "node_modules/jake"
      ],
      "fixAvailable": true
    },
    "jsdoc": {
      "name": "jsdoc",
      "severity": "high",
      "via": [
        "markdown-it",
        "marked"
      ],
      "effects": [],
      "range": "3.2.0-dev - 3.6.7",
      "nodes": [
        "node_modules/jsdoc"
      ],
      "fixAvailable": {
        "name": "jsdoc",
        "version": "3.6.10",
        "isSemVerMajor": false
      }
    },
    "json-schema": {
      "name": "json-schema",
      "severity": "moderate",
      "via": [
        {
          "source": 1067524,
          "name": "json-schema",
          "dependency": "json-schema",
          "title": "json-schema is vulnerable to Prototype Pollution",
          "url": "https://github.com/advisories/GHSA-896r-f27r-55mw",
          "severity": "moderate",
          "range": "<0.4.0"
        }
      ],
      "effects": [
        "jsprim"
      ],
      "range": "<0.4.0",
      "nodes": [
        "node_modules/json-schema"
      ],
      "fixAvailable": true
    },
    "jsprim": {
      "name": "jsprim",
      "severity": "moderate",
      "via": [
        "json-schema"
      ],
      "effects": [],
      "range": "0.3.0 - 1.4.1 || 2.0.0 - 2.0.1",
      "nodes": [
        "node_modules/jsprim"
      ],
      "fixAvailable": true
    },
    "markdown-it": {
      "name": "markdown-it",
      "severity": "moderate",
      "via": [
        {
          "source": 1067456,
          "name": "markdown-it",
          "dependency": "markdown-it",
          "title": "Uncontrolled Resource Consumption in markdown-it",
          "url": "https://github.com/advisories/GHSA-6vfc-qv3f-vr6c",
          "severity": "moderate",
          "range": "<12.3.2"
        }
      ],
      "effects": [
        "jsdoc"
      ],
      "range": "<12.3.2",
      "nodes": [
        "node_modules/markdown-it"
      ],
      "fixAvailable": {
        "name": "jsdoc",
        "version": "3.6.10",
        "isSemVerMajor": false
      }
    },
    "marked": {
      "name": "marked",
      "severity": "high",
      "via": [
        {
          "source": 1067450,
          "name": "marked",
          "dependency": "marked",
          "title": "Inefficient Regular Expression Complexity in marked",
          "url": "https://github.com/advisories/GHSA-rrrm-qjm4-v8hf",
          "severity": "high",
          "range": "<4.0.10"
        }
      ],
      "effects": [
        "jsdoc"
      ],
      "range": "<4.0.10",
      "nodes": [
        "node_modules/marked"
      ],
      "fixAvailable": {
        "name": "jsdoc",
        "version": "3.6.10",
        "isSemVerMajor": false
      }
    },
    "minimist": {
      "name": "minimist",
      "severity": "critical",
      "via": [
        {
          "source": 1067342,
          "name": "minimist",
          "dependency": "minimist",
          "title": "Prototype Pollution in minimist",
          "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
          "severity": "critical",
          "range": "<1.2.6"
        }
      ],
      "effects": [],
      "range": "<1.2.6",
      "nodes": [
        "node_modules/minimist"
      ],
      "fixAvailable": true
    },
    "mocha": {
      "name": "mocha",
      "severity": "moderate",
      "via": [
        "nanoid"
      ],
      "effects": [],
      "range": "8.2.0 - 9.1.4",
      "nodes": [
        "node_modules/mocha"
      ],
      "fixAvailable": true
    },
    "nanoid": {
      "name": "nanoid",
      "severity": "moderate",
      "via": [
        {
          "source": 1067367,
          "name": "nanoid",
          "dependency": "nanoid",
          "title": "Exposure of Sensitive Information to an Unauthorized Actor in nanoid",
          "url": "https://github.com/advisories/GHSA-qrpm-p2h7-hrv2",
          "severity": "moderate",
          "range": ">=3.0.0 <3.1.31"
        }
      ],
      "effects": [
        "mocha"
      ],
      "range": "3.0.0 - 3.1.30",
      "nodes": [
        "node_modules/doiuse/node_modules/nanoid",
        "node_modules/nanoid",
        "node_modules/stylelint-no-unsupported-browser-features/node_modules/nanoid"
      ],
      "fixAvailable": true
    },
    "node-fetch": {
      "name": "node-fetch",
      "severity": "high",
      "via": [
        {
          "source": 1067442,
          "name": "node-fetch",
          "dependency": "node-fetch",
          "title": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor",
          "url": "https://github.com/advisories/GHSA-r683-j2x4-v87g",
          "severity": "high",
          "range": "<2.6.7"
        }
      ],
      "effects": [],
      "range": "<2.6.7",
      "nodes": [
        "node_modules/node-fetch"
      ],
      "fixAvailable": true
    },
    "nth-check": {
      "name": "nth-check",
      "severity": "moderate",
      "via": [
        {
          "source": 1067654,
          "name": "nth-check",
          "dependency": "nth-check",
          "title": "Inefficient Regular Expression Complexity in nth-check",
          "url": "https://github.com/advisories/GHSA-rp65-9cf3-cjxr",
          "severity": "moderate",
          "range": "<2.0.1"
        }
      ],
      "effects": [],
      "range": "<2.0.1",
      "nodes": [
        "node_modules/nth-check"
      ],
      "fixAvailable": true
    },
    "prismjs": {
      "name": "prismjs",
      "severity": "high",
      "via": [
        {
          "source": 1067401,
          "name": "prismjs",
          "dependency": "prismjs",
          "title": "Cross-site Scripting in Prism",
          "url": "https://github.com/advisories/GHSA-3949-f494-cm99",
          "severity": "high",
          "range": ">=1.14.0 <1.27.0"
        },
        {
          "source": 1067653,
          "name": "prismjs",
          "dependency": "prismjs",
          "title": "Regular Expression Denial of Service in prismjs",
          "url": "https://github.com/advisories/GHSA-hqhp-5p83-hx96",
          "severity": "moderate",
          "range": "<1.25.0"
        }
      ],
      "effects": [
        "refractor"
      ],
      "range": "<=1.26.0",
      "nodes": [
        "node_modules/prismjs"
      ],
      "fixAvailable": true
    },
    "react-dev-utils": {
      "name": "react-dev-utils",
      "severity": "critical",
      "via": [
        "browserslist",
        "immer"
      ],
      "effects": [
        "@storybook/builder-webpack4"
      ],
      "range": "6.0.0-next.03604a46 - 12.0.0-next.60",
      "nodes": [
        "node_modules/react-dev-utils"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "refractor": {
      "name": "refractor",
      "severity": "moderate",
      "via": [
        "prismjs"
      ],
      "effects": [],
      "range": "<=3.4.0 || 4.0.0 - 4.1.1",
      "nodes": [
        "node_modules/refractor"
      ],
      "fixAvailable": true
    },
    "simple-get": {
      "name": "simple-get",
      "severity": "high",
      "via": [
        {
          "source": 1067428,
          "name": "simple-get",
          "dependency": "simple-get",
          "title": "Exposure of Sensitive Information in simple-get",
          "url": "https://github.com/advisories/GHSA-wpg7-2c88-r8xv",
          "severity": "high",
          "range": ">=3.0.0 <3.1.1"
        }
      ],
      "effects": [],
      "range": "3.0.0 - 3.1.0",
      "nodes": [
        "node_modules/simple-get"
      ],
      "fixAvailable": true
    },
    "validator": {
      "name": "validator",
      "severity": "moderate",
      "via": [
        {
          "source": 1067532,
          "name": "validator",
          "dependency": "validator",
          "title": " Inefficient Regular Expression Complexity in Validator.js",
          "url": "https://github.com/advisories/GHSA-xx4c-jj58-r7x6",
          "severity": "moderate",
          "range": ">=11.1.0 <13.7.0"
        },
        {
          "source": 1067560,
          "name": "validator",
          "dependency": "validator",
          "title": "Inefficient Regular Expression Complexity in validator.js",
          "url": "https://github.com/advisories/GHSA-qgmg-gppg-76g5",
          "severity": "moderate",
          "range": "<13.7.0"
        }
      ],
      "effects": [],
      "range": "<=13.6.0",
      "nodes": [
        "node_modules/validator"
      ],
      "fixAvailable": true
    },
    "watchpack": {
      "name": "watchpack",
      "severity": "high",
      "via": [
        "watchpack-chokidar2"
      ],
      "effects": [
        "webpack"
      ],
      "range": "1.7.2 - 1.7.5",
      "nodes": [
        "node_modules/watchpack"
      ],
      "fixAvailable": {
        "name": "webpack",
        "version": "5.72.0",
        "isSemVerMajor": true
      }
    },
    "watchpack-chokidar2": {
      "name": "watchpack-chokidar2",
      "severity": "high",
      "via": [
        "chokidar"
      ],
      "effects": [
        "watchpack"
      ],
      "range": "*",
      "nodes": [
        "node_modules/watchpack-chokidar2"
      ],
      "fixAvailable": {
        "name": "webpack",
        "version": "5.72.0",
        "isSemVerMajor": true
      }
    },
    "webpack": {
      "name": "webpack",
      "severity": "high",
      "via": [
        "watchpack"
      ],
      "effects": [],
      "range": "4.44.0 - 4.46.0",
      "nodes": [
        "node_modules/webpack"
      ],
      "fixAvailable": {
        "name": "webpack",
        "version": "5.72.0",
        "isSemVerMajor": true
      }
    },
    "webpack-cli": {
      "name": "webpack-cli",
      "severity": "moderate",
      "via": [
        "yargs"
      ],
      "effects": [],
      "range": "<=0.0.8-development || 1.3.4 - 3.3.4",
      "nodes": [
        "node_modules/webpack-cli"
      ],
      "fixAvailable": {
        "name": "webpack-cli",
        "version": "3.3.12",
        "isSemVerMajor": false
      }
    },
    "webpack-hot-middleware": {
      "name": "webpack-hot-middleware",
      "severity": "high",
      "via": [
        "ansi-html"
      ],
      "effects": [],
      "range": "2.9.0 - 2.25.0",
      "nodes": [
        "node_modules/webpack-hot-middleware"
      ],
      "fixAvailable": true
    },
    "yargs": {
      "name": "yargs",
      "severity": "moderate",
      "via": [
        "yargs-parser"
      ],
      "effects": [
        "webpack-cli"
      ],
      "range": "8.0.0-candidate.0 - 12.0.5",
      "nodes": [
        "node_modules/webpack-cli/node_modules/yargs"
      ],
      "fixAvailable": {
        "name": "webpack-cli",
        "version": "3.3.12",
        "isSemVerMajor": false
      }
    },
    "yargs-parser": {
      "name": "yargs-parser",
      "severity": "moderate",
      "via": [
        {
          "source": 1068310,
          "name": "yargs-parser",
          "dependency": "yargs-parser",
          "title": "Prototype Pollution in yargs-parser",
          "url": "https://github.com/advisories/GHSA-p9pc-299p-vxgp",
          "severity": "moderate",
          "range": ">=6.0.0 <13.1.2"
        }
      ],
      "effects": [
        "yargs"
      ],
      "range": "6.0.0 - 13.1.1",
      "nodes": [
        "node_modules/webpack-cli/node_modules/yargs-parser"
      ],
      "fixAvailable": {
        "name": "webpack-cli",
        "version": "3.3.12",
        "isSemVerMajor": false
      }
    }
  },
  "metadata": {
    "vulnerabilities": {
      "info": 0,
      "low": 0,
      "moderate": 14,
      "high": 26,
      "critical": 3,
      "total": 43
    },
    "dependencies": {
      "prod": 1,
      "dev": 2455,
      "optional": 29,
      "peer": 0,
      "peerOptional": 0,
      "total": 2455
    }
  }
}

--- end ---
$ /usr/bin/composer install
--- stderr ---
No lock file found. Updating dependencies instead of installing from lock file. Use composer update over composer install if you do not have a lock file.
Loading composer repositories with package information
Info from https://repo.packagist.org: #StandWithUkraine
Updating dependencies
Lock file operations: 35 installs, 0 updates, 0 removals
  - Locking composer/pcre (1.0.1)
  - Locking composer/semver (3.3.2)
  - Locking composer/spdx-licenses (1.5.6)
  - Locking composer/xdebug-handler (2.0.5)
  - Locking felixfbecker/advanced-json-rpc (v3.2.1)
  - Locking mediawiki/mediawiki-codesniffer (v37.0.0)
  - Locking mediawiki/mediawiki-phan-config (0.11.0)
  - Locking mediawiki/minus-x (1.1.1)
  - Locking mediawiki/phan-taint-check-plugin (3.3.2)
  - Locking microsoft/tolerant-php-parser (v0.1.1)
  - Locking netresearch/jsonmapper (v4.0.0)
  - Locking phan/phan (5.2.0)
  - Locking php-parallel-lint/php-console-color (v0.3)
  - Locking php-parallel-lint/php-console-highlighter (v0.5)
  - Locking php-parallel-lint/php-parallel-lint (v1.3.1)
  - Locking phpdocumentor/reflection-common (2.2.0)
  - Locking phpdocumentor/reflection-docblock (5.3.0)
  - Locking phpdocumentor/type-resolver (1.6.1)
  - Locking psr/container (1.1.2)
  - Locking psr/log (1.1.4)
  - Locking sabre/event (5.1.4)
  - Locking sebastian/diff (3.0.3)
  - Locking squizlabs/php_codesniffer (3.6.0)
  - Locking symfony/console (v5.4.7)
  - Locking symfony/deprecation-contracts (v2.5.1)
  - Locking symfony/polyfill-ctype (v1.25.0)
  - Locking symfony/polyfill-intl-grapheme (v1.25.0)
  - Locking symfony/polyfill-intl-normalizer (v1.25.0)
  - Locking symfony/polyfill-mbstring (v1.25.0)
  - Locking symfony/polyfill-php73 (v1.25.0)
  - Locking symfony/polyfill-php80 (v1.25.0)
  - Locking symfony/service-contracts (v2.5.1)
  - Locking symfony/string (v5.4.3)
  - Locking tysonandre/var_representation_polyfill (0.1.1)
  - Locking webmozart/assert (1.10.0)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 35 installs, 0 updates, 0 removals
    0 [>---------------------------]    0 [->--------------------------]    0 [--->------------------------]  - Installing composer/pcre (1.0.1): Extracting archive
  - Installing squizlabs/php_codesniffer (3.6.0): Extracting archive
  - Installing sebastian/diff (3.0.3): Extracting archive
  - Installing symfony/polyfill-mbstring (v1.25.0): Extracting archive
  - Installing composer/spdx-licenses (1.5.6): Extracting archive
  - Installing composer/semver (3.3.2): Extracting archive
  - Installing mediawiki/mediawiki-codesniffer (v37.0.0): Extracting archive
  - Installing tysonandre/var_representation_polyfill (0.1.1): Extracting archive
  - Installing symfony/polyfill-php80 (v1.25.0): Extracting archive
  - Installing symfony/polyfill-intl-normalizer (v1.25.0): Extracting archive
  - Installing symfony/polyfill-intl-grapheme (v1.25.0): Extracting archive
  - Installing symfony/polyfill-ctype (v1.25.0): Extracting archive
  - Installing symfony/string (v5.4.3): Extracting archive
  - Installing symfony/deprecation-contracts (v2.5.1): Extracting archive
  - Installing psr/container (1.1.2): Extracting archive
  - Installing symfony/service-contracts (v2.5.1): Extracting archive
  - Installing symfony/polyfill-php73 (v1.25.0): Extracting archive
  - Installing symfony/console (v5.4.7): Extracting archive
  - Installing sabre/event (5.1.4): Extracting archive
  - Installing netresearch/jsonmapper (v4.0.0): Extracting archive
  - Installing microsoft/tolerant-php-parser (v0.1.1): Extracting archive
  - Installing webmozart/assert (1.10.0): Extracting archive
  - Installing phpdocumentor/reflection-common (2.2.0): Extracting archive
  - Installing phpdocumentor/type-resolver (1.6.1): Extracting archive
  - Installing phpdocumentor/reflection-docblock (5.3.0): Extracting archive
  - Installing felixfbecker/advanced-json-rpc (v3.2.1): Extracting archive
  - Installing psr/log (1.1.4): Extracting archive
  - Installing composer/xdebug-handler (2.0.5): Extracting archive
  - Installing phan/phan (5.2.0): Extracting archive
  - Installing mediawiki/phan-taint-check-plugin (3.3.2): Extracting archive
  - Installing mediawiki/mediawiki-phan-config (0.11.0): Extracting archive
  - Installing mediawiki/minus-x (1.1.1): Extracting archive
  - Installing php-parallel-lint/php-console-color (v0.3): Extracting archive
  - Installing php-parallel-lint/php-console-highlighter (v0.5): Extracting archive
  - Installing php-parallel-lint/php-parallel-lint (v1.3.1): Extracting archive
  0/26 [>---------------------------]   0%
 10/26 [==========>-----------------]  38%
 20/26 [=====================>------]  76%
 25/26 [==========================>-]  96%
 26/26 [============================] 100%7 package suggestions were added by new dependencies, use `composer suggest` to see details.
Generating autoload files
15 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
--- stdout ---

--- end ---
$ /usr/bin/npm audit --json --legacy-peer-deps
--- stdout ---
{
  "auditReportVersion": 2,
  "vulnerabilities": {
    "@storybook/builder-webpack4": {
      "name": "@storybook/builder-webpack4",
      "severity": "high",
      "via": [
        "@storybook/core-common",
        "react-dev-utils"
      ],
      "effects": [
        "@storybook/core-server"
      ],
      "range": "<=6.4.12 || 6.5.0-alpha.1 - 6.5.0-alpha.5",
      "nodes": [
        "node_modules/@storybook/builder-webpack4"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "@storybook/core": {
      "name": "@storybook/core",
      "severity": "moderate",
      "via": [
        "@storybook/core-server"
      ],
      "effects": [
        "@storybook/html"
      ],
      "range": "6.2.0-alpha.0 - 6.4.12 || 6.5.0-alpha.1 - 6.5.0-alpha.5",
      "nodes": [
        "node_modules/@storybook/core"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "@storybook/core-common": {
      "name": "@storybook/core-common",
      "severity": "high",
      "via": [
        "glob-base"
      ],
      "effects": [
        "@storybook/builder-webpack4",
        "@storybook/core-server",
        "@storybook/html"
      ],
      "range": "<=6.4.0-rc.11",
      "nodes": [
        "node_modules/@storybook/core-common"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "@storybook/core-server": {
      "name": "@storybook/core-server",
      "severity": "high",
      "via": [
        "@storybook/builder-webpack4",
        "@storybook/core-common",
        "cpy"
      ],
      "effects": [
        "@storybook/core"
      ],
      "range": "*",
      "nodes": [
        "node_modules/@storybook/core-server"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "@storybook/html": {
      "name": "@storybook/html",
      "severity": "high",
      "via": [
        "@storybook/core",
        "@storybook/core-common"
      ],
      "effects": [],
      "range": "6.2.0-alpha.0 - 6.4.12 || 6.5.0-alpha.1 - 6.5.0-alpha.5",
      "nodes": [
        "node_modules/@storybook/html"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "ansi-html": {
      "name": "ansi-html",
      "severity": "high",
      "via": [
        {
          "source": 1067382,
          "name": "ansi-html",
          "dependency": "ansi-html",
          "title": "Uncontrolled Resource Consumption in ansi-html",
          "url": "https://github.com/advisories/GHSA-whgm-jr23-g3j9",
          "severity": "high",
          "range": "<0.0.8"
        }
      ],
      "effects": [
        "webpack-hot-middleware"
      ],
      "range": "<0.0.8",
      "nodes": [
        "node_modules/ansi-html"
      ],
      "fixAvailable": true
    },
    "ansi-regex": {
      "name": "ansi-regex",
      "severity": "moderate",
      "via": [
        {
          "source": 1067300,
          "name": "ansi-regex",
          "dependency": "ansi-regex",
          "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex",
          "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
          "severity": "moderate",
          "range": ">=3.0.0 <3.0.1"
        },
        {
          "source": 1067301,
          "name": "ansi-regex",
          "dependency": "ansi-regex",
          "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex",
          "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
          "severity": "moderate",
          "range": ">=4.0.0 <4.1.1"
        },
        {
          "source": 1067302,
          "name": "ansi-regex",
          "dependency": "ansi-regex",
          "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex",
          "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
          "severity": "moderate",
          "range": ">=5.0.0 <5.0.1"
        }
      ],
      "effects": [],
      "range": "3.0.0 || 4.0.0 - 4.1.0 || 5.0.0",
      "nodes": [
        "node_modules/@wdio/cli/node_modules/ansi-regex",
        "node_modules/@wdio/logger/node_modules/ansi-regex",
        "node_modules/@wikimedia/mw-node-qunit/node_modules/strip-ansi/node_modules/ansi-regex",
        "node_modules/ansi-align/node_modules/ansi-regex",
        "node_modules/boxen/node_modules/ansi-regex",
        "node_modules/cli-table3/node_modules/ansi-regex",
        "node_modules/cliui/node_modules/ansi-regex",
        "node_modules/doiuse/node_modules/ansi-regex",
        "node_modules/eslint/node_modules/ansi-regex",
        "node_modules/inquirer/node_modules/ansi-regex",
        "node_modules/mocha/node_modules/ansi-regex",
        "node_modules/ora/node_modules/ansi-regex",
        "node_modules/pretty-format/node_modules/ansi-regex",
        "node_modules/react-dev-utils/node_modules/ansi-regex",
        "node_modules/stylelint/node_modules/ansi-regex",
        "node_modules/table/node_modules/ansi-regex",
        "node_modules/webpack-cli/node_modules/ansi-regex",
        "node_modules/widest-line/node_modules/ansi-regex",
        "node_modules/wrap-ansi/node_modules/ansi-regex",
        "node_modules/yargs/node_modules/ansi-regex"
      ],
      "fixAvailable": true
    },
    "async": {
      "name": "async",
      "severity": "high",
      "via": [
        {
          "source": 1069985,
          "name": "async",
          "dependency": "async",
          "title": "Prototype Pollution in async",
          "url": "https://github.com/advisories/GHSA-fwr7-v2mv-hh25",
          "severity": "high",
          "range": "<2.6.4"
        },
        {
          "source": 1069986,
          "name": "async",
          "dependency": "async",
          "title": "Prototype Pollution in async",
          "url": "https://github.com/advisories/GHSA-fwr7-v2mv-hh25",
          "severity": "high",
          "range": ">=3.0.0 <3.2.2"
        }
      ],
      "effects": [
        "jake"
      ],
      "range": ">=3.0.0 <3.2.2 || <2.6.4",
      "nodes": [
        "node_modules/archiver/node_modules/async",
        "node_modules/async"
      ],
      "fixAvailable": true
    },
    "axios": {
      "name": "axios",
      "severity": "high",
      "via": [
        {
          "source": 1067343,
          "name": "axios",
          "dependency": "axios",
          "title": "Incorrect Comparison in axios",
          "url": "https://github.com/advisories/GHSA-cph5-m8f7-6c5x",
          "severity": "high",
          "range": "<0.21.2"
        }
      ],
      "effects": [
        "github-build"
      ],
      "range": "<0.21.2",
      "nodes": [
        "node_modules/github-build/node_modules/axios"
      ],
      "fixAvailable": true
    },
    "browserslist": {
      "name": "browserslist",
      "severity": "moderate",
      "via": [
        {
          "source": 1067902,
          "name": "browserslist",
          "dependency": "browserslist",
          "title": "Regular Expression Denial of Service in browserslist",
          "url": "https://github.com/advisories/GHSA-w8qv-6jwh-64r5",
          "severity": "moderate",
          "range": ">=4.0.0 <4.16.5"
        }
      ],
      "effects": [
        "react-dev-utils"
      ],
      "range": "4.0.0 - 4.16.4",
      "nodes": [
        "node_modules/react-dev-utils/node_modules/browserslist"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "chokidar": {
      "name": "chokidar",
      "severity": "high",
      "via": [
        "glob-parent"
      ],
      "effects": [
        "watchpack-chokidar2"
      ],
      "range": "1.0.0-rc1 - 2.1.8",
      "nodes": [
        "node_modules/watchpack-chokidar2/node_modules/chokidar"
      ],
      "fixAvailable": {
        "name": "webpack",
        "version": "5.72.0",
        "isSemVerMajor": true
      }
    },
    "cpy": {
      "name": "cpy",
      "severity": "high",
      "via": [
        "globby"
      ],
      "effects": [
        "@storybook/core-server"
      ],
      "range": "7.0.0 - 8.1.2",
      "nodes": [
        "node_modules/cpy"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "ejs": {
      "name": "ejs",
      "severity": "high",
      "via": [
        "jake"
      ],
      "effects": [],
      "range": ">=3.1.2",
      "nodes": [
        "node_modules/ejs"
      ],
      "fixAvailable": true
    },
    "fast-glob": {
      "name": "fast-glob",
      "severity": "high",
      "via": [
        "glob-parent"
      ],
      "effects": [
        "globby"
      ],
      "range": "<=2.2.7",
      "nodes": [
        "node_modules/cpy/node_modules/fast-glob"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "follow-redirects": {
      "name": "follow-redirects",
      "severity": "high",
      "via": [
        {
          "source": 1067407,
          "name": "follow-redirects",
          "dependency": "follow-redirects",
          "title": "Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects",
          "url": "https://github.com/advisories/GHSA-pw2r-vq6v-hr8c",
          "severity": "moderate",
          "range": "<1.14.8"
        },
        {
          "source": 1067459,
          "name": "follow-redirects",
          "dependency": "follow-redirects",
          "title": "Exposure of sensitive information in follow-redirects",
          "url": "https://github.com/advisories/GHSA-74fj-2j2h-c42q",
          "severity": "high",
          "range": "<1.14.7"
        }
      ],
      "effects": [],
      "range": "<=1.14.7",
      "nodes": [
        "node_modules/follow-redirects"
      ],
      "fixAvailable": true
    },
    "github-build": {
      "name": "github-build",
      "severity": "high",
      "via": [
        "axios"
      ],
      "effects": [],
      "range": "<=1.2.2",
      "nodes": [
        "node_modules/github-build"
      ],
      "fixAvailable": true
    },
    "glob-base": {
      "name": "glob-base",
      "severity": "high",
      "via": [
        "glob-parent"
      ],
      "effects": [
        "@storybook/core-common"
      ],
      "range": "*",
      "nodes": [
        "node_modules/glob-base"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "glob-parent": {
      "name": "glob-parent",
      "severity": "high",
      "via": [
        {
          "source": 1067329,
          "name": "glob-parent",
          "dependency": "glob-parent",
          "title": "Regular expression denial of service in glob-parent",
          "url": "https://github.com/advisories/GHSA-ww39-953v-wcq6",
          "severity": "high",
          "range": "<5.1.2"
        }
      ],
      "effects": [
        "chokidar",
        "fast-glob",
        "glob-base"
      ],
      "range": "<5.1.2",
      "nodes": [
        "node_modules/cpy/node_modules/glob-parent",
        "node_modules/glob-base/node_modules/glob-parent",
        "node_modules/watchpack-chokidar2/node_modules/glob-parent"
      ],
      "fixAvailable": {
        "name": "webpack",
        "version": "5.72.0",
        "isSemVerMajor": true
      }
    },
    "globby": {
      "name": "globby",
      "severity": "high",
      "via": [
        "fast-glob"
      ],
      "effects": [
        "cpy"
      ],
      "range": "8.0.0 - 9.2.0",
      "nodes": [
        "node_modules/cpy/node_modules/globby"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "immer": {
      "name": "immer",
      "severity": "critical",
      "via": [
        {
          "source": 1067720,
          "name": "immer",
          "dependency": "immer",
          "title": "Prototype Pollution in immer",
          "url": "https://github.com/advisories/GHSA-33f9-j839-rf8h",
          "severity": "critical",
          "range": "<9.0.6"
        }
      ],
      "effects": [
        "react-dev-utils"
      ],
      "range": "<9.0.6",
      "nodes": [
        "node_modules/immer"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "jake": {
      "name": "jake",
      "severity": "high",
      "via": [
        "async"
      ],
      "effects": [
        "ejs"
      ],
      "range": ">=8.0.1",
      "nodes": [
        "node_modules/jake"
      ],
      "fixAvailable": true
    },
    "jsdoc": {
      "name": "jsdoc",
      "severity": "high",
      "via": [
        "markdown-it",
        "marked"
      ],
      "effects": [],
      "range": "3.2.0-dev - 3.6.7",
      "nodes": [
        "node_modules/jsdoc"
      ],
      "fixAvailable": {
        "name": "jsdoc",
        "version": "3.6.10",
        "isSemVerMajor": false
      }
    },
    "json-schema": {
      "name": "json-schema",
      "severity": "moderate",
      "via": [
        {
          "source": 1067524,
          "name": "json-schema",
          "dependency": "json-schema",
          "title": "json-schema is vulnerable to Prototype Pollution",
          "url": "https://github.com/advisories/GHSA-896r-f27r-55mw",
          "severity": "moderate",
          "range": "<0.4.0"
        }
      ],
      "effects": [
        "jsprim"
      ],
      "range": "<0.4.0",
      "nodes": [
        "node_modules/json-schema"
      ],
      "fixAvailable": true
    },
    "jsprim": {
      "name": "jsprim",
      "severity": "moderate",
      "via": [
        "json-schema"
      ],
      "effects": [],
      "range": "0.3.0 - 1.4.1 || 2.0.0 - 2.0.1",
      "nodes": [
        "node_modules/jsprim"
      ],
      "fixAvailable": true
    },
    "markdown-it": {
      "name": "markdown-it",
      "severity": "moderate",
      "via": [
        {
          "source": 1067456,
          "name": "markdown-it",
          "dependency": "markdown-it",
          "title": "Uncontrolled Resource Consumption in markdown-it",
          "url": "https://github.com/advisories/GHSA-6vfc-qv3f-vr6c",
          "severity": "moderate",
          "range": "<12.3.2"
        }
      ],
      "effects": [
        "jsdoc"
      ],
      "range": "<12.3.2",
      "nodes": [
        "node_modules/markdown-it"
      ],
      "fixAvailable": {
        "name": "jsdoc",
        "version": "3.6.10",
        "isSemVerMajor": false
      }
    },
    "marked": {
      "name": "marked",
      "severity": "high",
      "via": [
        {
          "source": 1067450,
          "name": "marked",
          "dependency": "marked",
          "title": "Inefficient Regular Expression Complexity in marked",
          "url": "https://github.com/advisories/GHSA-rrrm-qjm4-v8hf",
          "severity": "high",
          "range": "<4.0.10"
        }
      ],
      "effects": [
        "jsdoc"
      ],
      "range": "<4.0.10",
      "nodes": [
        "node_modules/marked"
      ],
      "fixAvailable": {
        "name": "jsdoc",
        "version": "3.6.10",
        "isSemVerMajor": false
      }
    },
    "minimist": {
      "name": "minimist",
      "severity": "critical",
      "via": [
        {
          "source": 1067342,
          "name": "minimist",
          "dependency": "minimist",
          "title": "Prototype Pollution in minimist",
          "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
          "severity": "critical",
          "range": "<1.2.6"
        }
      ],
      "effects": [],
      "range": "<1.2.6",
      "nodes": [
        "node_modules/minimist"
      ],
      "fixAvailable": true
    },
    "mocha": {
      "name": "mocha",
      "severity": "moderate",
      "via": [
        "nanoid"
      ],
      "effects": [],
      "range": "8.2.0 - 9.1.4",
      "nodes": [
        "node_modules/mocha"
      ],
      "fixAvailable": true
    },
    "nanoid": {
      "name": "nanoid",
      "severity": "moderate",
      "via": [
        {
          "source": 1067367,
          "name": "nanoid",
          "dependency": "nanoid",
          "title": "Exposure of Sensitive Information to an Unauthorized Actor in nanoid",
          "url": "https://github.com/advisories/GHSA-qrpm-p2h7-hrv2",
          "severity": "moderate",
          "range": ">=3.0.0 <3.1.31"
        }
      ],
      "effects": [
        "mocha"
      ],
      "range": "3.0.0 - 3.1.30",
      "nodes": [
        "node_modules/doiuse/node_modules/nanoid",
        "node_modules/nanoid",
        "node_modules/stylelint-no-unsupported-browser-features/node_modules/nanoid"
      ],
      "fixAvailable": true
    },
    "node-fetch": {
      "name": "node-fetch",
      "severity": "high",
      "via": [
        {
          "source": 1067442,
          "name": "node-fetch",
          "dependency": "node-fetch",
          "title": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor",
          "url": "https://github.com/advisories/GHSA-r683-j2x4-v87g",
          "severity": "high",
          "range": "<2.6.7"
        }
      ],
      "effects": [],
      "range": "<2.6.7",
      "nodes": [
        "node_modules/node-fetch"
      ],
      "fixAvailable": true
    },
    "nth-check": {
      "name": "nth-check",
      "severity": "moderate",
      "via": [
        {
          "source": 1067654,
          "name": "nth-check",
          "dependency": "nth-check",
          "title": "Inefficient Regular Expression Complexity in nth-check",
          "url": "https://github.com/advisories/GHSA-rp65-9cf3-cjxr",
          "severity": "moderate",
          "range": "<2.0.1"
        }
      ],
      "effects": [],
      "range": "<2.0.1",
      "nodes": [
        "node_modules/nth-check"
      ],
      "fixAvailable": true
    },
    "prismjs": {
      "name": "prismjs",
      "severity": "high",
      "via": [
        {
          "source": 1067401,
          "name": "prismjs",
          "dependency": "prismjs",
          "title": "Cross-site Scripting in Prism",
          "url": "https://github.com/advisories/GHSA-3949-f494-cm99",
          "severity": "high",
          "range": ">=1.14.0 <1.27.0"
        },
        {
          "source": 1067653,
          "name": "prismjs",
          "dependency": "prismjs",
          "title": "Regular Expression Denial of Service in prismjs",
          "url": "https://github.com/advisories/GHSA-hqhp-5p83-hx96",
          "severity": "moderate",
          "range": "<1.25.0"
        }
      ],
      "effects": [
        "refractor"
      ],
      "range": "<=1.26.0",
      "nodes": [
        "node_modules/prismjs"
      ],
      "fixAvailable": true
    },
    "react-dev-utils": {
      "name": "react-dev-utils",
      "severity": "critical",
      "via": [
        "browserslist",
        "immer"
      ],
      "effects": [
        "@storybook/builder-webpack4"
      ],
      "range": "6.0.0-next.03604a46 - 12.0.0-next.60",
      "nodes": [
        "node_modules/react-dev-utils"
      ],
      "fixAvailable": {
        "name": "@storybook/html",
        "version": "6.4.22",
        "isSemVerMajor": false
      }
    },
    "refractor": {
      "name": "refractor",
      "severity": "moderate",
      "via": [
        "prismjs"
      ],
      "effects": [],
      "range": "<=3.4.0 || 4.0.0 - 4.1.1",
      "nodes": [
        "node_modules/refractor"
      ],
      "fixAvailable": true
    },
    "simple-get": {
      "name": "simple-get",
      "severity": "high",
      "via": [
        {
          "source": 1067428,
          "name": "simple-get",
          "dependency": "simple-get",
          "title": "Exposure of Sensitive Information in simple-get",
          "url": "https://github.com/advisories/GHSA-wpg7-2c88-r8xv",
          "severity": "high",
          "range": ">=3.0.0 <3.1.1"
        }
      ],
      "effects": [],
      "range": "3.0.0 - 3.1.0",
      "nodes": [
        "node_modules/simple-get"
      ],
      "fixAvailable": true
    },
    "validator": {
      "name": "validator",
      "severity": "moderate",
      "via": [
        {
          "source": 1067532,
          "name": "validator",
          "dependency": "validator",
          "title": " Inefficient Regular Expression Complexity in Validator.js",
          "url": "https://github.com/advisories/GHSA-xx4c-jj58-r7x6",
          "severity": "moderate",
          "range": ">=11.1.0 <13.7.0"
        },
        {
          "source": 1067560,
          "name": "validator",
          "dependency": "validator",
          "title": "Inefficient Regular Expression Complexity in validator.js",
          "url": "https://github.com/advisories/GHSA-qgmg-gppg-76g5",
          "severity": "moderate",
          "range": "<13.7.0"
        }
      ],
      "effects": [],
      "range": "<=13.6.0",
      "nodes": [
        "node_modules/validator"
      ],
      "fixAvailable": true
    },
    "watchpack": {
      "name": "watchpack",
      "severity": "high",
      "via": [
        "watchpack-chokidar2"
      ],
      "effects": [
        "webpack"
      ],
      "range": "1.7.2 - 1.7.5",
      "nodes": [
        "node_modules/watchpack"
      ],
      "fixAvailable": {
        "name": "webpack",
        "version": "5.72.0",
        "isSemVerMajor": true
      }
    },
    "watchpack-chokidar2": {
      "name": "watchpack-chokidar2",
      "severity": "high",
      "via": [
        "chokidar"
      ],
      "effects": [
        "watchpack"
      ],
      "range": "*",
      "nodes": [
        "node_modules/watchpack-chokidar2"
      ],
      "fixAvailable": {
        "name": "webpack",
        "version": "5.72.0",
        "isSemVerMajor": true
      }
    },
    "webpack": {
      "name": "webpack",
      "severity": "high",
      "via": [
        "watchpack"
      ],
      "effects": [],
      "range": "4.44.0 - 4.46.0",
      "nodes": [
        "node_modules/webpack"
      ],
      "fixAvailable": {
        "name": "webpack",
        "version": "5.72.0",
        "isSemVerMajor": true
      }
    },
    "webpack-cli": {
      "name": "webpack-cli",
      "severity": "moderate",
      "via": [
        "yargs"
      ],
      "effects": [],
      "range": "<=0.0.8-development || 1.3.4 - 3.3.4",
      "nodes": [
        "node_modules/webpack-cli"
      ],
      "fixAvailable": {
        "name": "webpack-cli",
        "version": "3.3.12",
        "isSemVerMajor": false
      }
    },
    "webpack-hot-middleware": {
      "name": "webpack-hot-middleware",
      "severity": "high",
      "via": [
        "ansi-html"
      ],
      "effects": [],
      "range": "2.9.0 - 2.25.0",
      "nodes": [
        "node_modules/webpack-hot-middleware"
      ],
      "fixAvailable": true
    },
    "yargs": {
      "name": "yargs",
      "severity": "moderate",
      "via": [
        "yargs-parser"
      ],
      "effects": [
        "webpack-cli"
      ],
      "range": "8.0.0-candidate.0 - 12.0.5",
      "nodes": [
        "node_modules/webpack-cli/node_modules/yargs"
      ],
      "fixAvailable": {
        "name": "webpack-cli",
        "version": "3.3.12",
        "isSemVerMajor": false
      }
    },
    "yargs-parser": {
      "name": "yargs-parser",
      "severity": "moderate",
      "via": [
        {
          "source": 1068310,
          "name": "yargs-parser",
          "dependency": "yargs-parser",
          "title": "Prototype Pollution in yargs-parser",
          "url": "https://github.com/advisories/GHSA-p9pc-299p-vxgp",
          "severity": "moderate",
          "range": ">=6.0.0 <13.1.2"
        }
      ],
      "effects": [
        "yargs"
      ],
      "range": "6.0.0 - 13.1.1",
      "nodes": [
        "node_modules/webpack-cli/node_modules/yargs-parser"
      ],
      "fixAvailable": {
        "name": "webpack-cli",
        "version": "3.3.12",
        "isSemVerMajor": false
      }
    }
  },
  "metadata": {
    "vulnerabilities": {
      "info": 0,
      "low": 0,
      "moderate": 14,
      "high": 26,
      "critical": 3,
      "total": 43
    },
    "dependencies": {
      "prod": 1,
      "dev": 2455,
      "optional": 29,
      "peer": 0,
      "peerOptional": 0,
      "total": 2455
    }
  }
}

--- end ---
Attempting to npm audit fix
$ /usr/bin/npm audit fix --dry-run --only=dev --json --legacy-peer-deps
--- stderr ---
npm WARN old lockfile 
npm WARN old lockfile The package-lock.json file was created with an old version of npm,
npm WARN old lockfile so supplemental metadata must be fetched from the registry.
npm WARN old lockfile 
npm WARN old lockfile This is a one-time fix-up, please be patient...
npm WARN old lockfile 
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE   package: undefined,
npm WARN EBADENGINE   required: { node: '12.21.0' },
npm WARN EBADENGINE   current: { node: 'v12.22.5', npm: '7.5.2' }
npm WARN EBADENGINE }
--- stdout ---
{
  "added": 2466,
  "removed": 0,
  "changed": 0,
  "audited": 2467,
  "funding": 205,
  "audit": {
    "auditReportVersion": 2,
    "vulnerabilities": {
      "@storybook/builder-webpack4": {
        "name": "@storybook/builder-webpack4",
        "severity": "high",
        "via": [
          "@storybook/core-common",
          "react-dev-utils"
        ],
        "effects": [
          "@storybook/core-server"
        ],
        "range": "<=6.4.12 || 6.5.0-alpha.1 - 6.5.0-alpha.5",
        "nodes": [
          "node_modules/@storybook/builder-webpack4"
        ],
        "fixAvailable": {
          "name": "@storybook/html",
          "version": "6.4.22",
          "isSemVerMajor": false
        }
      },
      "@storybook/core": {
        "name": "@storybook/core",
        "severity": "moderate",
        "via": [
          "@storybook/core-server"
        ],
        "effects": [
          "@storybook/html"
        ],
        "range": "6.2.0-alpha.0 - 6.4.12 || 6.5.0-alpha.1 - 6.5.0-alpha.5",
        "nodes": [
          "node_modules/@storybook/core"
        ],
        "fixAvailable": {
          "name": "@storybook/html",
          "version": "6.4.22",
          "isSemVerMajor": false
        }
      },
      "@storybook/core-common": {
        "name": "@storybook/core-common",
        "severity": "high",
        "via": [
          "glob-base"
        ],
        "effects": [
          "@storybook/builder-webpack4",
          "@storybook/core-server",
          "@storybook/html"
        ],
        "range": "<=6.4.0-rc.11",
        "nodes": [
          "node_modules/@storybook/core-common"
        ],
        "fixAvailable": {
          "name": "@storybook/html",
          "version": "6.4.22",
          "isSemVerMajor": false
        }
      },
      "@storybook/core-server": {
        "name": "@storybook/core-server",
        "severity": "high",
        "via": [
          "@storybook/builder-webpack4",
          "@storybook/core-common",
          "cpy"
        ],
        "effects": [
          "@storybook/core"
        ],
        "range": "*",
        "nodes": [
          "node_modules/@storybook/core-server"
        ],
        "fixAvailable": {
          "name": "@storybook/html",
          "version": "6.4.22",
          "isSemVerMajor": false
        }
      },
      "@storybook/html": {
        "name": "@storybook/html",
        "severity": "high",
        "via": [
          "@storybook/core",
          "@storybook/core-common"
        ],
        "effects": [],
        "range": "6.2.0-alpha.0 - 6.4.12 || 6.5.0-alpha.1 - 6.5.0-alpha.5",
        "nodes": [
          "node_modules/@storybook/html"
        ],
        "fixAvailable": {
          "name": "@storybook/html",
          "version": "6.4.22",
          "isSemVerMajor": false
        }
      },
      "ansi-html": {
        "name": "ansi-html",
        "severity": "high",
        "via": [
          {
            "source": 1067382,
            "name": "ansi-html",
            "dependency": "ansi-html",
            "title": "Uncontrolled Resource Consumption in ansi-html",
            "url": "https://github.com/advisories/GHSA-whgm-jr23-g3j9",
            "severity": "high",
            "range": "<0.0.8"
          }
        ],
        "effects": [
          "webpack-hot-middleware"
        ],
        "range": "<0.0.8",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "ansi-regex": {
        "name": "ansi-regex",
        "severity": "moderate",
        "via": [
          {
            "source": 1067300,
            "name": "ansi-regex",
            "dependency": "ansi-regex",
            "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex",
            "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
            "severity": "moderate",
            "range": ">=3.0.0 <3.0.1"
          },
          {
            "source": 1067301,
            "name": "ansi-regex",
            "dependency": "ansi-regex",
            "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex",
            "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
            "severity": "moderate",
            "range": ">=4.0.0 <4.1.1"
          },
          {
            "source": 1067302,
            "name": "ansi-regex",
            "dependency": "ansi-regex",
            "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex",
            "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
            "severity": "moderate",
            "range": ">=5.0.0 <5.0.1"
          }
        ],
        "effects": [],
        "range": "3.0.0 || 4.0.0 - 4.1.0 || 5.0.0",
        "nodes": [
          "",
          "",
          "",
          "",
          "",
          "",
          "",
          "",
          "",
          "",
          "",
          "",
          "",
          "",
          "",
          "",
          "",
          "",
          "",
          ""
        ],
        "fixAvailable": true
      },
      "async": {
        "name": "async",
        "severity": "high",
        "via": [
          {
            "source": 1069985,
            "name": "async",
            "dependency": "async",
            "title": "Prototype Pollution in async",
            "url": "https://github.com/advisories/GHSA-fwr7-v2mv-hh25",
            "severity": "high",
            "range": "<2.6.4"
          },
          {
            "source": 1069986,
            "name": "async",
            "dependency": "async",
            "title": "Prototype Pollution in async",
            "url": "https://github.com/advisories/GHSA-fwr7-v2mv-hh25",
            "severity": "high",
            "range": ">=3.0.0 <3.2.2"
          }
        ],
        "effects": [
          "jake"
        ],
        "range": ">=3.0.0 <3.2.2 || <2.6.4",
        "nodes": [
          "",
          "node_modules/async"
        ],
        "fixAvailable": true
      },
      "axios": {
        "name": "axios",
        "severity": "high",
        "via": [
          {
            "source": 1067343,
            "name": "axios",
            "dependency": "axios",
            "title": "Incorrect Comparison in axios",
            "url": "https://github.com/advisories/GHSA-cph5-m8f7-6c5x",
            "severity": "high",
            "range": "<0.21.2"
          }
        ],
        "effects": [
          "github-build"
        ],
        "range": "<0.21.2",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "browserslist": {
        "name": "browserslist",
        "severity": "moderate",
        "via": [
          {
            "source": 1067902,
            "name": "browserslist",
            "dependency": "browserslist",
            "title": "Regular Expression Denial of Service in browserslist",
            "url": "https://github.com/advisories/GHSA-w8qv-6jwh-64r5",
            "severity": "moderate",
            "range": ">=4.0.0 <4.16.5"
          }
        ],
        "effects": [
          "react-dev-utils"
        ],
        "range": "4.0.0 - 4.16.4",
        "nodes": [
          "node_modules/react-dev-utils/node_modules/browserslist"
        ],
        "fixAvailable": {
          "name": "@storybook/html",
          "version": "6.4.22",
          "isSemVerMajor": false
        }
      },
      "chokidar": {
        "name": "chokidar",
        "severity": "high",
        "via": [
          "glob-parent"
        ],
        "effects": [
          "watchpack-chokidar2"
        ],
        "range": "1.0.0-rc1 - 2.1.8",
        "nodes": [
          "node_modules/watchpack-chokidar2/node_modules/chokidar"
        ],
        "fixAvailable": {
          "name": "webpack",
          "version": "5.72.0",
          "isSemVerMajor": true
        }
      },
      "cpy": {
        "name": "cpy",
        "severity": "high",
        "via": [
          "globby"
        ],
        "effects": [
          "@storybook/core-server"
        ],
        "range": "7.0.0 - 8.1.2",
        "nodes": [
          "node_modules/cpy"
        ],
        "fixAvailable": {
          "name": "@storybook/html",
          "version": "6.4.22",
          "isSemVerMajor": false
        }
      },
      "ejs": {
        "name": "ejs",
        "severity": "high",
        "via": [
          "jake"
        ],
        "effects": [],
        "range": ">=3.1.2",
        "nodes": [
          "node_modules/ejs"
        ],
        "fixAvailable": true
      },
      "fast-glob": {
        "name": "fast-glob",
        "severity": "high",
        "via": [
          "glob-parent"
        ],
        "effects": [
          "globby"
        ],
        "range": "<=2.2.7",
        "nodes": [
          "node_modules/cpy/node_modules/fast-glob"
        ],
        "fixAvailable": {
          "name": "@storybook/html",
          "version": "6.4.22",
          "isSemVerMajor": false
        }
      },
      "follow-redirects": {
        "name": "follow-redirects",
        "severity": "high",
        "via": [
          {
            "source": 1067407,
            "name": "follow-redirects",
            "dependency": "follow-redirects",
            "title": "Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects",
            "url": "https://github.com/advisories/GHSA-pw2r-vq6v-hr8c",
            "severity": "moderate",
            "range": "<1.14.8"
          },
          {
            "source": 1067459,
            "name": "follow-redirects",
            "dependency": "follow-redirects",
            "title": "Exposure of sensitive information in follow-redirects",
            "url": "https://github.com/advisories/GHSA-74fj-2j2h-c42q",
            "severity": "high",
            "range": "<1.14.7"
          }
        ],
        "effects": [],
        "range": "<=1.14.7",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "github-build": {
        "name": "github-build",
        "severity": "high",
        "via": [
          "axios"
        ],
        "effects": [],
        "range": "<=1.2.2",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "glob-base": {
        "name": "glob-base",
        "severity": "high",
        "via": [
          "glob-parent"
        ],
        "effects": [
          "@storybook/core-common"
        ],
        "range": "*",
        "nodes": [
          "node_modules/glob-base"
        ],
        "fixAvailable": {
          "name": "@storybook/html",
          "version": "6.4.22",
          "isSemVerMajor": false
        }
      },
      "glob-parent": {
        "name": "glob-parent",
        "severity": "high",
        "via": [
          {
            "source": 1067329,
            "name": "glob-parent",
            "dependency": "glob-parent",
            "title": "Regular expression denial of service in glob-parent",
            "url": "https://github.com/advisories/GHSA-ww39-953v-wcq6",
            "severity": "high",
            "range": "<5.1.2"
          }
        ],
        "effects": [
          "chokidar",
          "fast-glob",
          "glob-base"
        ],
        "range": "<5.1.2",
        "nodes": [
          "node_modules/cpy/node_modules/glob-parent",
          "node_modules/glob-base/node_modules/glob-parent",
          "node_modules/watchpack-chokidar2/node_modules/glob-parent"
        ],
        "fixAvailable": {
          "name": "webpack",
          "version": "5.72.0",
          "isSemVerMajor": true
        }
      },
      "globby": {
        "name": "globby",
        "severity": "high",
        "via": [
          "fast-glob"
        ],
        "effects": [
          "cpy"
        ],
        "range": "8.0.0 - 9.2.0",
        "nodes": [
          "node_modules/cpy/node_modules/globby"
        ],
        "fixAvailable": {
          "name": "@storybook/html",
          "version": "6.4.22",
          "isSemVerMajor": false
        }
      },
      "immer": {
        "name": "immer",
        "severity": "critical",
        "via": [
          {
            "source": 1067720,
            "name": "immer",
            "dependency": "immer",
            "title": "Prototype Pollution in immer",
            "url": "https://github.com/advisories/GHSA-33f9-j839-rf8h",
            "severity": "critical",
            "range": "<9.0.6"
          }
        ],
        "effects": [
          "react-dev-utils"
        ],
        "range": "<9.0.6",
        "nodes": [
          "node_modules/immer"
        ],
        "fixAvailable": {
          "name": "@storybook/html",
          "version": "6.4.22",
          "isSemVerMajor": false
        }
      },
      "jake": {
        "name": "jake",
        "severity": "high",
        "via": [
          "async"
        ],
        "effects": [
          "ejs"
        ],
        "range": ">=8.0.1",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "jsdoc": {
        "name": "jsdoc",
        "severity": "high",
        "via": [
          "markdown-it",
          "marked"
        ],
        "effects": [],
        "range": "3.2.0-dev - 3.6.7",
        "nodes": [
          "node_modules/jsdoc"
        ],
        "fixAvailable": {
          "name": "jsdoc",
          "version": "3.6.10",
          "isSemVerMajor": false
        }
      },
      "json-schema": {
        "name": "json-schema",
        "severity": "moderate",
        "via": [
          {
            "source": 1067524,
            "name": "json-schema",
            "dependency": "json-schema",
            "title": "json-schema is vulnerable to Prototype Pollution",
            "url": "https://github.com/advisories/GHSA-896r-f27r-55mw",
            "severity": "moderate",
            "range": "<0.4.0"
          }
        ],
        "effects": [
          "jsprim"
        ],
        "range": "<0.4.0",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "jsprim": {
        "name": "jsprim",
        "severity": "moderate",
        "via": [
          "json-schema"
        ],
        "effects": [],
        "range": "0.3.0 - 1.4.1 || 2.0.0 - 2.0.1",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "markdown-it": {
        "name": "markdown-it",
        "severity": "moderate",
        "via": [
          {
            "source": 1067456,
            "name": "markdown-it",
            "dependency": "markdown-it",
            "title": "Uncontrolled Resource Consumption in markdown-it",
            "url": "https://github.com/advisories/GHSA-6vfc-qv3f-vr6c",
            "severity": "moderate",
            "range": "<12.3.2"
          }
        ],
        "effects": [
          "jsdoc"
        ],
        "range": "<12.3.2",
        "nodes": [
          "node_modules/markdown-it"
        ],
        "fixAvailable": {
          "name": "jsdoc",
          "version": "3.6.10",
          "isSemVerMajor": false
        }
      },
      "marked": {
        "name": "marked",
        "severity": "high",
        "via": [
          {
            "source": 1067450,
            "name": "marked",
            "dependency": "marked",
            "title": "Inefficient Regular Expression Complexity in marked",
            "url": "https://github.com/advisories/GHSA-rrrm-qjm4-v8hf",
            "severity": "high",
            "range": "<4.0.10"
          }
        ],
        "effects": [
          "jsdoc"
        ],
        "range": "<4.0.10",
        "nodes": [
          "node_modules/marked"
        ],
        "fixAvailable": {
          "name": "jsdoc",
          "version": "3.6.10",
          "isSemVerMajor": false
        }
      },
      "minimist": {
        "name": "minimist",
        "severity": "critical",
        "via": [
          {
            "source": 1067342,
            "name": "minimist",
            "dependency": "minimist",
            "title": "Prototype Pollution in minimist",
            "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
            "severity": "critical",
            "range": "<1.2.6"
          }
        ],
        "effects": [],
        "range": "<1.2.6",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "mocha": {
        "name": "mocha",
        "severity": "moderate",
        "via": [
          "nanoid"
        ],
        "effects": [],
        "range": "8.2.0 - 9.1.4",
        "nodes": [
          "node_modules/mocha"
        ],
        "fixAvailable": true
      },
      "nanoid": {
        "name": "nanoid",
        "severity": "moderate",
        "via": [
          {
            "source": 1067367,
            "name": "nanoid",
            "dependency": "nanoid",
            "title": "Exposure of Sensitive Information to an Unauthorized Actor in nanoid",
            "url": "https://github.com/advisories/GHSA-qrpm-p2h7-hrv2",
            "severity": "moderate",
            "range": ">=3.0.0 <3.1.31"
          }
        ],
        "effects": [
          "mocha"
        ],
        "range": "3.0.0 - 3.1.30",
        "nodes": [
          "",
          "",
          "node_modules/nanoid"
        ],
        "fixAvailable": true
      },
      "node-fetch": {
        "name": "node-fetch",
        "severity": "high",
        "via": [
          {
            "source": 1067442,
            "name": "node-fetch",
            "dependency": "node-fetch",
            "title": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor",
            "url": "https://github.com/advisories/GHSA-r683-j2x4-v87g",
            "severity": "high",
            "range": "<2.6.7"
          }
        ],
        "effects": [],
        "range": "<2.6.7",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "nth-check": {
        "name": "nth-check",
        "severity": "moderate",
        "via": [
          {
            "source": 1067654,
            "name": "nth-check",
            "dependency": "nth-check",
            "title": "Inefficient Regular Expression Complexity in nth-check",
            "url": "https://github.com/advisories/GHSA-rp65-9cf3-cjxr",
            "severity": "moderate",
            "range": "<2.0.1"
          }
        ],
        "effects": [],
        "range": "<2.0.1",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "prismjs": {
        "name": "prismjs",
        "severity": "high",
        "via": [
          {
            "source": 1067401,
            "name": "prismjs",
            "dependency": "prismjs",
            "title": "Cross-site Scripting in Prism",
            "url": "https://github.com/advisories/GHSA-3949-f494-cm99",
            "severity": "high",
            "range": ">=1.14.0 <1.27.0"
          },
          {
            "source": 1067653,
            "name": "prismjs",
            "dependency": "prismjs",
            "title": "Regular Expression Denial of Service in prismjs",
            "url": "https://github.com/advisories/GHSA-hqhp-5p83-hx96",
            "severity": "moderate",
            "range": "<1.25.0"
          }
        ],
        "effects": [
          "refractor"
        ],
        "range": "<=1.26.0",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "react-dev-utils": {
        "name": "react-dev-utils",
        "severity": "critical",
        "via": [
          "browserslist",
          "immer"
        ],
        "effects": [
          "@storybook/builder-webpack4"
        ],
        "range": "6.0.0-next.03604a46 - 12.0.0-next.60",
        "nodes": [
          "node_modules/react-dev-utils"
        ],
        "fixAvailable": {
          "name": "@storybook/html",
          "version": "6.4.22",
          "isSemVerMajor": false
        }
      },
      "refractor": {
        "name": "refractor",
        "severity": "moderate",
        "via": [
          "prismjs"
        ],
        "effects": [],
        "range": "<=3.4.0 || 4.0.0 - 4.1.1",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "simple-get": {
        "name": "simple-get",
        "severity": "high",
        "via": [
          {
            "source": 1067428,
            "name": "simple-get",
            "dependency": "simple-get",
            "title": "Exposure of Sensitive Information in simple-get",
            "url": "https://github.com/advisories/GHSA-wpg7-2c88-r8xv",
            "severity": "high",
            "range": ">=3.0.0 <3.1.1"
          }
        ],
        "effects": [],
        "range": "3.0.0 - 3.1.0",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "validator": {
        "name": "validator",
        "severity": "moderate",
        "via": [
          {
            "source": 1067532,
            "name": "validator",
            "dependency": "validator",
            "title": " Inefficient Regular Expression Complexity in Validator.js",
            "url": "https://github.com/advisories/GHSA-xx4c-jj58-r7x6",
            "severity": "moderate",
            "range": ">=11.1.0 <13.7.0"
          },
          {
            "source": 1067560,
            "name": "validator",
            "dependency": "validator",
            "title": "Inefficient Regular Expression Complexity in validator.js",
            "url": "https://github.com/advisories/GHSA-qgmg-gppg-76g5",
            "severity": "moderate",
            "range": "<13.7.0"
          }
        ],
        "effects": [],
        "range": "<=13.6.0",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "watchpack": {
        "name": "watchpack",
        "severity": "high",
        "via": [
          "watchpack-chokidar2"
        ],
        "effects": [
          "webpack"
        ],
        "range": "1.7.2 - 1.7.5",
        "nodes": [
          "node_modules/watchpack"
        ],
        "fixAvailable": {
          "name": "webpack",
          "version": "5.72.0",
          "isSemVerMajor": true
        }
      },
      "watchpack-chokidar2": {
        "name": "watchpack-chokidar2",
        "severity": "high",
        "via": [
          "chokidar"
        ],
        "effects": [
          "watchpack"
        ],
        "range": "*",
        "nodes": [
          "node_modules/watchpack-chokidar2"
        ],
        "fixAvailable": {
          "name": "webpack",
          "version": "5.72.0",
          "isSemVerMajor": true
        }
      },
      "webpack": {
        "name": "webpack",
        "severity": "high",
        "via": [
          "watchpack"
        ],
        "effects": [],
        "range": "4.44.0 - 4.46.0",
        "nodes": [
          "node_modules/webpack"
        ],
        "fixAvailable": {
          "name": "webpack",
          "version": "5.72.0",
          "isSemVerMajor": true
        }
      },
      "webpack-cli": {
        "name": "webpack-cli",
        "severity": "moderate",
        "via": [
          "yargs"
        ],
        "effects": [],
        "range": "<=0.0.8-development || 1.3.4 - 3.3.4",
        "nodes": [
          "node_modules/webpack-cli"
        ],
        "fixAvailable": {
          "name": "webpack-cli",
          "version": "3.3.12",
          "isSemVerMajor": false
        }
      },
      "webpack-hot-middleware": {
        "name": "webpack-hot-middleware",
        "severity": "high",
        "via": [
          "ansi-html"
        ],
        "effects": [],
        "range": "2.9.0 - 2.25.0",
        "nodes": [
          ""
        ],
        "fixAvailable": true
      },
      "yargs": {
        "name": "yargs",
        "severity": "moderate",
        "via": [
          "yargs-parser"
        ],
        "effects": [
          "webpack-cli"
        ],
        "range": "8.0.0-candidate.0 - 12.0.5",
        "nodes": [
          "node_modules/webpack-cli/node_modules/yargs"
        ],
        "fixAvailable": {
          "name": "webpack-cli",
          "version": "3.3.12",
          "isSemVerMajor": false
        }
      },
      "yargs-parser": {
        "name": "yargs-parser",
        "severity": "moderate",
        "via": [
          {
            "source": 1068310,
            "name": "yargs-parser",
            "dependency": "yargs-parser",
            "title": "Prototype Pollution in yargs-parser",
            "url": "https://github.com/advisories/GHSA-p9pc-299p-vxgp",
            "severity": "moderate",
            "range": ">=6.0.0 <13.1.2"
          }
        ],
        "effects": [
          "yargs"
        ],
        "range": "6.0.0 - 13.1.1",
        "nodes": [
          "node_modules/webpack-cli/node_modules/yargs-parser"
        ],
        "fixAvailable": {
          "name": "webpack-cli",
          "version": "3.3.12",
          "isSemVerMajor": false
        }
      }
    },
    "metadata": {
      "vulnerabilities": {
        "info": 0,
        "low": 0,
        "moderate": 14,
        "high": 26,
        "critical": 3,
        "total": 43
      },
      "dependencies": {
        "prod": 1,
        "dev": 2466,
        "optional": 29,
        "peer": 0,
        "peerOptional": 0,
        "total": 2466
      }
    }
  }
}

--- end ---
{"added": 2466, "removed": 0, "changed": 0, "audited": 2467, "funding": 205, "audit": {"auditReportVersion": 2, "vulnerabilities": {"@storybook/builder-webpack4": {"name": "@storybook/builder-webpack4", "severity": "high", "via": ["@storybook/core-common", "react-dev-utils"], "effects": ["@storybook/core-server"], "range": "<=6.4.12 || 6.5.0-alpha.1 - 6.5.0-alpha.5", "nodes": ["node_modules/@storybook/builder-webpack4"], "fixAvailable": {"name": "@storybook/html", "version": "6.4.22", "isSemVerMajor": false}}, "@storybook/core": {"name": "@storybook/core", "severity": "moderate", "via": ["@storybook/core-server"], "effects": ["@storybook/html"], "range": "6.2.0-alpha.0 - 6.4.12 || 6.5.0-alpha.1 - 6.5.0-alpha.5", "nodes": ["node_modules/@storybook/core"], "fixAvailable": {"name": "@storybook/html", "version": "6.4.22", "isSemVerMajor": false}}, "@storybook/core-common": {"name": "@storybook/core-common", "severity": "high", "via": ["glob-base"], "effects": ["@storybook/builder-webpack4", "@storybook/core-server", "@storybook/html"], "range": "<=6.4.0-rc.11", "nodes": ["node_modules/@storybook/core-common"], "fixAvailable": {"name": "@storybook/html", "version": "6.4.22", "isSemVerMajor": false}}, "@storybook/core-server": {"name": "@storybook/core-server", "severity": "high", "via": ["@storybook/builder-webpack4", "@storybook/core-common", "cpy"], "effects": ["@storybook/core"], "range": "*", "nodes": ["node_modules/@storybook/core-server"], "fixAvailable": {"name": "@storybook/html", "version": "6.4.22", "isSemVerMajor": false}}, "@storybook/html": {"name": "@storybook/html", "severity": "high", "via": ["@storybook/core", "@storybook/core-common"], "effects": [], "range": "6.2.0-alpha.0 - 6.4.12 || 6.5.0-alpha.1 - 6.5.0-alpha.5", "nodes": ["node_modules/@storybook/html"], "fixAvailable": {"name": "@storybook/html", "version": "6.4.22", "isSemVerMajor": false}}, "ansi-html": {"name": "ansi-html", "severity": "high", "via": [{"source": 1067382, "name": "ansi-html", "dependency": "ansi-html", "title": "Uncontrolled Resource Consumption in ansi-html", "url": "https://github.com/advisories/GHSA-whgm-jr23-g3j9", "severity": "high", "range": "<0.0.8"}], "effects": ["webpack-hot-middleware"], "range": "<0.0.8", "nodes": [""], "fixAvailable": true}, "ansi-regex": {"name": "ansi-regex", "severity": "moderate", "via": [{"source": 1067300, "name": "ansi-regex", "dependency": "ansi-regex", "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex", "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw", "severity": "moderate", "range": ">=3.0.0 <3.0.1"}, {"source": 1067301, "name": "ansi-regex", "dependency": "ansi-regex", "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex", "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw", "severity": "moderate", "range": ">=4.0.0 <4.1.1"}, {"source": 1067302, "name": "ansi-regex", "dependency": "ansi-regex", "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex", "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw", "severity": "moderate", "range": ">=5.0.0 <5.0.1"}], "effects": [], "range": "3.0.0 || 4.0.0 - 4.1.0 || 5.0.0", "nodes": ["", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", ""], "fixAvailable": true}, "async": {"name": "async", "severity": "high", "via": [{"source": 1069985, "name": "async", "dependency": "async", "title": "Prototype Pollution in async", "url": "https://github.com/advisories/GHSA-fwr7-v2mv-hh25", "severity": "high", "range": "<2.6.4"}, {"source": 1069986, "name": "async", "dependency": "async", "title": "Prototype Pollution in async", "url": "https://github.com/advisories/GHSA-fwr7-v2mv-hh25", "severity": "high", "range": ">=3.0.0 <3.2.2"}], "effects": ["jake"], "range": ">=3.0.0 <3.2.2 || <2.6.4", "nodes": ["", "node_modules/async"], "fixAvailable": true}, "axios": {"name": "axios", "severity": "high", "via": [{"source": 1067343, "name": "axios", "dependency": "axios", "title": "Incorrect Comparison in axios", "url": "https://github.com/advisories/GHSA-cph5-m8f7-6c5x", "severity": "high", "range": "<0.21.2"}], "effects": ["github-build"], "range": "<0.21.2", "nodes": [""], "fixAvailable": true}, "browserslist": {"name": "browserslist", "severity": "moderate", "via": [{"source": 1067902, "name": "browserslist", "dependency": "browserslist", "title": "Regular Expression Denial of Service in browserslist", "url": "https://github.com/advisories/GHSA-w8qv-6jwh-64r5", "severity": "moderate", "range": ">=4.0.0 <4.16.5"}], "effects": ["react-dev-utils"], "range": "4.0.0 - 4.16.4", "nodes": ["node_modules/react-dev-utils/node_modules/browserslist"], "fixAvailable": {"name": "@storybook/html", "version": "6.4.22", "isSemVerMajor": false}}, "chokidar": {"name": "chokidar", "severity": "high", "via": ["glob-parent"], "effects": ["watchpack-chokidar2"], "range": "1.0.0-rc1 - 2.1.8", "nodes": ["node_modules/watchpack-chokidar2/node_modules/chokidar"], "fixAvailable": {"name": "webpack", "version": "5.72.0", "isSemVerMajor": true}}, "cpy": {"name": "cpy", "severity": "high", "via": ["globby"], "effects": ["@storybook/core-server"], "range": "7.0.0 - 8.1.2", "nodes": ["node_modules/cpy"], "fixAvailable": {"name": "@storybook/html", "version": "6.4.22", "isSemVerMajor": false}}, "ejs": {"name": "ejs", "severity": "high", "via": ["jake"], "effects": [], "range": ">=3.1.2", "nodes": ["node_modules/ejs"], "fixAvailable": true}, "fast-glob": {"name": "fast-glob", "severity": "high", "via": ["glob-parent"], "effects": ["globby"], "range": "<=2.2.7", "nodes": ["node_modules/cpy/node_modules/fast-glob"], "fixAvailable": {"name": "@storybook/html", "version": "6.4.22", "isSemVerMajor": false}}, "follow-redirects": {"name": "follow-redirects", "severity": "high", "via": [{"source": 1067407, "name": "follow-redirects", "dependency": "follow-redirects", "title": "Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects", "url": "https://github.com/advisories/GHSA-pw2r-vq6v-hr8c", "severity": "moderate", "range": "<1.14.8"}, {"source": 1067459, "name": "follow-redirects", "dependency": "follow-redirects", "title": "Exposure of sensitive information in follow-redirects", "url": "https://github.com/advisories/GHSA-74fj-2j2h-c42q", "severity": "high", "range": "<1.14.7"}], "effects": [], "range": "<=1.14.7", "nodes": [""], "fixAvailable": true}, "github-build": {"name": "github-build", "severity": "high", "via": ["axios"], "effects": [], "range": "<=1.2.2", "nodes": [""], "fixAvailable": true}, "glob-base": {"name": "glob-base", "severity": "high", "via": ["glob-parent"], "effects": ["@storybook/core-common"], "range": "*", "nodes": ["node_modules/glob-base"], "fixAvailable": {"name": "@storybook/html", "version": "6.4.22", "isSemVerMajor": false}}, "glob-parent": {"name": "glob-parent", "severity": "high", "via": [{"source": 1067329, "name": "glob-parent", "dependency": "glob-parent", "title": "Regular expression denial of service in glob-parent", "url": "https://github.com/advisories/GHSA-ww39-953v-wcq6", "severity": "high", "range": "<5.1.2"}], "effects": ["chokidar", "fast-glob", "glob-base"], "range": "<5.1.2", "nodes": ["node_modules/cpy/node_modules/glob-parent", "node_modules/glob-base/node_modules/glob-parent", "node_modules/watchpack-chokidar2/node_modules/glob-parent"], "fixAvailable": {"name": "webpack", "version": "5.72.0", "isSemVerMajor": true}}, "globby": {"name": "globby", "severity": "high", "via": ["fast-glob"], "effects": ["cpy"], "range": "8.0.0 - 9.2.0", "nodes": ["node_modules/cpy/node_modules/globby"], "fixAvailable": {"name": "@storybook/html", "version": "6.4.22", "isSemVerMajor": false}}, "immer": {"name": "immer", "severity": "critical", "via": [{"source": 1067720, "name": "immer", "dependency": "immer", "title": "Prototype Pollution in immer", "url": "https://github.com/advisories/GHSA-33f9-j839-rf8h", "severity": "critical", "range": "<9.0.6"}], "effects": ["react-dev-utils"], "range": "<9.0.6", "nodes": ["node_modules/immer"], "fixAvailable": {"name": "@storybook/html", "version": "6.4.22", "isSemVerMajor": false}}, "jake": {"name": "jake", "severity": "high", "via": ["async"], "effects": ["ejs"], "range": ">=8.0.1", "nodes": [""], "fixAvailable": true}, "jsdoc": {"name": "jsdoc", "severity": "high", "via": ["markdown-it", "marked"], "effects": [], "range": "3.2.0-dev - 3.6.7", "nodes": ["node_modules/jsdoc"], "fixAvailable": {"name": "jsdoc", "version": "3.6.10", "isSemVerMajor": false}}, "json-schema": {"name": "json-schema", "severity": "moderate", "via": [{"source": 1067524, "name": "json-schema", "dependency": "json-schema", "title": "json-schema is vulnerable to Prototype Pollution", "url": "https://github.com/advisories/GHSA-896r-f27r-55mw", "severity": "moderate", "range": "<0.4.0"}], "effects": ["jsprim"], "range": "<0.4.0", "nodes": [""], "fixAvailable": true}, "jsprim": {"name": "jsprim", "severity": "moderate", "via": ["json-schema"], "effects": [], "range": "0.3.0 - 1.4.1 || 2.0.0 - 2.0.1", "nodes": [""], "fixAvailable": true}, "markdown-it": {"name": "markdown-it", "severity": "moderate", "via": [{"source": 1067456, "name": "markdown-it", "dependency": "markdown-it", "title": "Uncontrolled Resource Consumption in markdown-it", "url": "https://github.com/advisories/GHSA-6vfc-qv3f-vr6c", "severity": "moderate", "range": "<12.3.2"}], "effects": ["jsdoc"], "range": "<12.3.2", "nodes": ["node_modules/markdown-it"], "fixAvailable": {"name": "jsdoc", "version": "3.6.10", "isSemVerMajor": false}}, "marked": {"name": "marked", "severity": "high", "via": [{"source": 1067450, "name": "marked", "dependency": "marked", "title": "Inefficient Regular Expression Complexity in marked", "url": "https://github.com/advisories/GHSA-rrrm-qjm4-v8hf", "severity": "high", "range": "<4.0.10"}], "effects": ["jsdoc"], "range": "<4.0.10", "nodes": ["node_modules/marked"], "fixAvailable": {"name": "jsdoc", "version": "3.6.10", "isSemVerMajor": false}}, "minimist": {"name": "minimist", "severity": "critical", "via": [{"source": 1067342, "name": "minimist", "dependency": "minimist", "title": "Prototype Pollution in minimist", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "severity": "critical", "range": "<1.2.6"}], "effects": [], "range": "<1.2.6", "nodes": [""], "fixAvailable": true}, "mocha": {"name": "mocha", "severity": "moderate", "via": ["nanoid"], "effects": [], "range": "8.2.0 - 9.1.4", "nodes": ["node_modules/mocha"], "fixAvailable": true}, "nanoid": {"name": "nanoid", "severity": "moderate", "via": [{"source": 1067367, "name": "nanoid", "dependency": "nanoid", "title": "Exposure of Sensitive Information to an Unauthorized Actor in nanoid", "url": "https://github.com/advisories/GHSA-qrpm-p2h7-hrv2", "severity": "moderate", "range": ">=3.0.0 <3.1.31"}], "effects": ["mocha"], "range": "3.0.0 - 3.1.30", "nodes": ["", "", "node_modules/nanoid"], "fixAvailable": true}, "node-fetch": {"name": "node-fetch", "severity": "high", "via": [{"source": 1067442, "name": "node-fetch", "dependency": "node-fetch", "title": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor", "url": "https://github.com/advisories/GHSA-r683-j2x4-v87g", "severity": "high", "range": "<2.6.7"}], "effects": [], "range": "<2.6.7", "nodes": [""], "fixAvailable": true}, "nth-check": {"name": "nth-check", "severity": "moderate", "via": [{"source": 1067654, "name": "nth-check", "dependency": "nth-check", "title": "Inefficient Regular Expression Complexity in nth-check", "url": "https://github.com/advisories/GHSA-rp65-9cf3-cjxr", "severity": "moderate", "range": "<2.0.1"}], "effects": [], "range": "<2.0.1", "nodes": [""], "fixAvailable": true}, "prismjs": {"name": "prismjs", "severity": "high", "via": [{"source": 1067401, "name": "prismjs", "dependency": "prismjs", "title": "Cross-site Scripting in Prism", "url": "https://github.com/advisories/GHSA-3949-f494-cm99", "severity": "high", "range": ">=1.14.0 <1.27.0"}, {"source": 1067653, "name": "prismjs", "dependency": "prismjs", "title": "Regular Expression Denial of Service in prismjs", "url": "https://github.com/advisories/GHSA-hqhp-5p83-hx96", "severity": "moderate", "range": "<1.25.0"}], "effects": ["refractor"], "range": "<=1.26.0", "nodes": [""], "fixAvailable": true}, "react-dev-utils": {"name": "react-dev-utils", "severity": "critical", "via": ["browserslist", "immer"], "effects": ["@storybook/builder-webpack4"], "range": "6.0.0-next.03604a46 - 12.0.0-next.60", "nodes": ["node_modules/react-dev-utils"], "fixAvailable": {"name": "@storybook/html", "version": "6.4.22", "isSemVerMajor": false}}, "refractor": {"name": "refractor", "severity": "moderate", "via": ["prismjs"], "effects": [], "range": "<=3.4.0 || 4.0.0 - 4.1.1", "nodes": [""], "fixAvailable": true}, "simple-get": {"name": "simple-get", "severity": "high", "via": [{"source": 1067428, "name": "simple-get", "dependency": "simple-get", "title": "Exposure of Sensitive Information in simple-get", "url": "https://github.com/advisories/GHSA-wpg7-2c88-r8xv", "severity": "high", "range": ">=3.0.0 <3.1.1"}], "effects": [], "range": "3.0.0 - 3.1.0", "nodes": [""], "fixAvailable": true}, "validator": {"name": "validator", "severity": "moderate", "via": [{"source": 1067532, "name": "validator", "dependency": "validator", "title": " Inefficient Regular Expression Complexity in Validator.js", "url": "https://github.com/advisories/GHSA-xx4c-jj58-r7x6", "severity": "moderate", "range": ">=11.1.0 <13.7.0"}, {"source": 1067560, "name": "validator", "dependency": "validator", "title": "Inefficient Regular Expression Complexity in validator.js", "url": "https://github.com/advisories/GHSA-qgmg-gppg-76g5", "severity": "moderate", "range": "<13.7.0"}], "effects": [], "range": "<=13.6.0", "nodes": [""], "fixAvailable": true}, "watchpack": {"name": "watchpack", "severity": "high", "via": ["watchpack-chokidar2"], "effects": ["webpack"], "range": "1.7.2 - 1.7.5", "nodes": ["node_modules/watchpack"], "fixAvailable": {"name": "webpack", "version": "5.72.0", "isSemVerMajor": true}}, "watchpack-chokidar2": {"name": "watchpack-chokidar2", "severity": "high", "via": ["chokidar"], "effects": ["watchpack"], "range": "*", "nodes": ["node_modules/watchpack-chokidar2"], "fixAvailable": {"name": "webpack", "version": "5.72.0", "isSemVerMajor": true}}, "webpack": {"name": "webpack", "severity": "high", "via": ["watchpack"], "effects": [], "range": "4.44.0 - 4.46.0", "nodes": ["node_modules/webpack"], "fixAvailable": {"name": "webpack", "version": "5.72.0", "isSemVerMajor": true}}, "webpack-cli": {"name": "webpack-cli", "severity": "moderate", "via": ["yargs"], "effects": [], "range": "<=0.0.8-development || 1.3.4 - 3.3.4", "nodes": ["node_modules/webpack-cli"], "fixAvailable": {"name": "webpack-cli", "version": "3.3.12", "isSemVerMajor": false}}, "webpack-hot-middleware": {"name": "webpack-hot-middleware", "severity": "high", "via": ["ansi-html"], "effects": [], "range": "2.9.0 - 2.25.0", "nodes": [""], "fixAvailable": true}, "yargs": {"name": "yargs", "severity": "moderate", "via": ["yargs-parser"], "effects": ["webpack-cli"], "range": "8.0.0-candidate.0 - 12.0.5", "nodes": ["node_modules/webpack-cli/node_modules/yargs"], "fixAvailable": {"name": "webpack-cli", "version": "3.3.12", "isSemVerMajor": false}}, "yargs-parser": {"name": "yargs-parser", "severity": "moderate", "via": [{"source": 1068310, "name": "yargs-parser", "dependency": "yargs-parser", "title": "Prototype Pollution in yargs-parser", "url": "https://github.com/advisories/GHSA-p9pc-299p-vxgp", "severity": "moderate", "range": ">=6.0.0 <13.1.2"}], "effects": ["yargs"], "range": "6.0.0 - 13.1.1", "nodes": ["node_modules/webpack-cli/node_modules/yargs-parser"], "fixAvailable": {"name": "webpack-cli", "version": "3.3.12", "isSemVerMajor": false}}}, "metadata": {"vulnerabilities": {"info": 0, "low": 0, "moderate": 14, "high": 26, "critical": 3, "total": 43}, "dependencies": {"prod": 1, "dev": 2466, "optional": 29, "peer": 0, "peerOptional": 0, "total": 2466}}}}
{}
Upgrading n:@storybook/html from 6.2.9 -> 6.4.22
{}
Upgrading n:jsdoc from 3.6.7 -> 3.6.10
{}
Upgrading n:webpack-cli from 3.1.2 -> 3.3.12
$ /usr/bin/npm audit fix --only=dev --legacy-peer-deps
--- stderr ---
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE   package: undefined,
npm WARN EBADENGINE   required: { node: '12.21.0' },
npm WARN EBADENGINE   current: { node: 'v12.22.5', npm: '7.5.2' }
npm WARN EBADENGINE }
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE   package: 'klaw@4.0.1',
npm WARN EBADENGINE   required: { node: '>=14.14.0' },
npm WARN EBADENGINE   current: { node: 'v12.22.5', npm: '7.5.2' }
npm WARN EBADENGINE }
--- stdout ---

added 2462 packages, and audited 2463 packages in 2m

145 packages are looking for funding
  run `npm fund` for details

# npm audit report

async  <2.6.4
Severity: high
Prototype Pollution in async - https://github.com/advisories/GHSA-fwr7-v2mv-hh25
fix available via `npm audit fix`
node_modules/async
  jake  >=8.0.1
  Depends on vulnerable versions of async
  node_modules/jake
    ejs  >=3.1.2
    Depends on vulnerable versions of jake
    node_modules/ejs

glob-parent  <5.1.2
Severity: high
Regular expression denial of service in glob-parent - https://github.com/advisories/GHSA-ww39-953v-wcq6
fix available via `npm audit fix --force`
Will install webpack@5.72.0, which is a breaking change
node_modules/cpy/node_modules/glob-parent
node_modules/watchpack-chokidar2/node_modules/glob-parent
  chokidar  1.0.0-rc1 - 2.1.8
  Depends on vulnerable versions of glob-parent
  node_modules/watchpack-chokidar2/node_modules/chokidar
    watchpack-chokidar2  *
    Depends on vulnerable versions of chokidar
    node_modules/watchpack-chokidar2
      watchpack  1.7.2 - 1.7.5
      Depends on vulnerable versions of watchpack-chokidar2
      node_modules/watchpack
        webpack  4.44.0 - 4.46.0
        Depends on vulnerable versions of watchpack
        node_modules/webpack
  fast-glob  <=2.2.7
  Depends on vulnerable versions of glob-parent
  node_modules/cpy/node_modules/fast-glob
    globby  8.0.0 - 9.2.0
    Depends on vulnerable versions of fast-glob
    node_modules/cpy/node_modules/globby
      cpy  7.0.0 - 8.1.2
      Depends on vulnerable versions of globby
      node_modules/cpy
        @storybook/core-server  *
        Depends on vulnerable versions of @storybook/csf-tools
        Depends on vulnerable versions of cpy
        node_modules/@storybook/core-server
          @storybook/core  >=6.2.0-alpha.0
          Depends on vulnerable versions of @storybook/core-server
          node_modules/@storybook/core
            @storybook/html  >=6.2.0-alpha.0
            Depends on vulnerable versions of @storybook/core
            node_modules/@storybook/html

nanoid  3.0.0 - 3.1.30
Severity: moderate
Exposure of Sensitive Information to an Unauthorized Actor in nanoid - https://github.com/advisories/GHSA-qrpm-p2h7-hrv2
fix available via `npm audit fix`
node_modules/nanoid
  mocha  8.2.0 - 9.1.4
  Depends on vulnerable versions of nanoid
  node_modules/mocha

trim  <0.0.3
Severity: high
Regular Expression Denial of Service in trim - https://github.com/advisories/GHSA-w5p7-h5w8-2hfq
fix available via `npm audit fix --force`
Will install @storybook/html@6.1.21, which is a breaking change
node_modules/trim
  remark-parse  <=8.0.3
  Depends on vulnerable versions of trim
  node_modules/@mdx-js/mdx/node_modules/remark-parse
  node_modules/remark-mdx/node_modules/remark-parse
    @mdx-js/mdx  <=1.6.22
    Depends on vulnerable versions of remark-mdx
    Depends on vulnerable versions of remark-parse
    node_modules/@mdx-js/mdx
      @storybook/csf-tools  <=6.5.0-alpha.42
      Depends on vulnerable versions of @mdx-js/mdx
      node_modules/@storybook/csf-tools
        @storybook/core-server  *
        Depends on vulnerable versions of @storybook/csf-tools
        Depends on vulnerable versions of cpy
        node_modules/@storybook/core-server
          @storybook/core  >=6.2.0-alpha.0
          Depends on vulnerable versions of @storybook/core-server
          node_modules/@storybook/core
            @storybook/html  >=6.2.0-alpha.0
            Depends on vulnerable versions of @storybook/core
            node_modules/@storybook/html
    remark-mdx  <=1.6.22
    Depends on vulnerable versions of remark-parse
    node_modules/remark-mdx

21 vulnerabilities (2 moderate, 19 high)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json

--- end ---
Verifying that tests still pass
$ /usr/bin/npm ci
--- stderr ---
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE   package: undefined,
npm WARN EBADENGINE   required: { node: '12.21.0' },
npm WARN EBADENGINE   current: { node: 'v12.22.5', npm: '7.5.2' }
npm WARN EBADENGINE }
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE   package: 'klaw@4.0.1',
npm WARN EBADENGINE   required: { node: '>=14.14.0' },
npm WARN EBADENGINE   current: { node: 'v12.22.5', npm: '7.5.2' }
npm WARN EBADENGINE }
--- stdout ---

added 2462 packages, and audited 2463 packages in 2m

145 packages are looking for funding
  run `npm fund` for details

21 vulnerabilities (2 moderate, 19 high)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.

--- end ---
$ /usr/bin/npm test
--- stderr ---
(node:2324) DeprecationWarning: loaderUtils.parseQuery() received a non-string value which can be problematic, see https://github.com/webpack/loader-utils/issues/56
parseQuery() will be replaced with getOptions() in the next major version of loader-utils.
npm ERR! code 1
npm ERR! path /src/repo
npm ERR! command failed
npm ERR! command sh -c npm -s run check-built-assets && npm run test:lint && bash ./dev-scripts/svg_check.sh && npm -s run coverage && npm -s run doc && bundlesize

npm ERR! A complete log of this run can be found in:
npm ERR!     /cache/_logs/2022-04-15T05_25_35_650Z-debug.log
--- stdout ---

> test
> npm -s run check-built-assets && npm run test:lint && bash ./dev-scripts/svg_check.sh && npm -s run coverage && npm -s run doc && bundlesize

CHECKING BUILD SOURCES ARE COMMITTED OR STAGED
Built at: 04/15/2022 5:25:34 AM
diff --git a/resources/dist/index.js b/resources/dist/index.js
index 493101d..c1a22a2 100644
Binary files a/resources/dist/index.js and b/resources/dist/index.js differ
diff --git a/resources/dist/index.js.map.json b/resources/dist/index.js.map.json
index 00ed8f6..df1d606 100644
Binary files a/resources/dist/index.js.map.json and b/resources/dist/index.js.map.json differ
v12.22.5
7.5.2
Please ensure you are running the correct version of nvm before running this command.

--- end ---
Traceback (most recent call last):
  File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 1396, in main
    libup.run(args.repo, args.output, args.branch)
  File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 1340, in run
    self.npm_audit_fix(new_npm_audit)
  File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 242, in npm_audit_fix
    self.check_call(['npm', 'test'])
  File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/shell2.py", line 54, in check_call
    res.check_returncode()
  File "/usr/lib/python3.9/subprocess.py", line 460, in check_returncode
    raise CalledProcessError(self.returncode, self.args, self.stdout,
subprocess.CalledProcessError: Command '['/usr/bin/npm', 'test']' returned non-zero exit status 1.

composer dependencies

Development dependencies

npm dependencies

Development dependencies

Logs

Source code is licensed under the AGPL.