Skip to content

Commit

Permalink
fix(security): Fix dependencies to avoid infected event-stream
Browse files Browse the repository at this point in the history
  • Loading branch information
pixelastic committed Nov 28, 2018
1 parent 31eebba commit 9f93ffb
Show file tree
Hide file tree
Showing 5 changed files with 84 additions and 103 deletions.
2 changes: 1 addition & 1 deletion docs/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@
"glob": "7.1.3",
"husky": "0.14.3",
"inquirer": "6.2.0",
"live-server": "1.2.0",
"live-server": "1.2.1",
"lodash": "4.17.11",
"markdown-it": "8.4.2",
"markdown-it-anchor": "5.0.2",
Expand Down
1 change: 1 addition & 0 deletions docs/scripts/netlify-deploy-preview
Original file line number Diff line number Diff line change
Expand Up @@ -28,5 +28,6 @@ if [ "$DOCS_FOLDER_HAS_CHANGED" = "1" ]; then
fi

# Full build if documentation changed
yarn install
yarn run build

90 changes: 40 additions & 50 deletions docs/yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -1744,7 +1744,7 @@ cheerio@1.0.0-rc.2:
lodash "^4.15.0"
parse5 "^3.0.1"

chokidar@2.0.4, chokidar@^2.0.3:
chokidar@2.0.4, chokidar@^2.0.3, chokidar@^2.0.4:
version "2.0.4"
resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-2.0.4.tgz#356ff4e2b0e8e43e322d18a372460bbcf3accd26"
integrity sha512-z9n7yt9rOvIJrMhvDtDictKrkFHeihkNl6uWMmZlmL6tJtX9Cs+87oK+teBx+JIgzvbX3yZHT3eF8vpbDxHJXQ==
Expand Down Expand Up @@ -1957,15 +1957,15 @@ configstore@^3.0.0:
write-file-atomic "^2.0.0"
xdg-basedir "^3.0.0"

connect@3.5.x:
version "3.5.1"
resolved "https://registry.yarnpkg.com/connect/-/connect-3.5.1.tgz#6d30d7a63c7f170857a6b3aa6b363d973dca588e"
integrity sha1-bTDXpjx/FwhXprOqazY9lz3KWI4=
connect@^3.6.6:
version "3.6.6"
resolved "https://registry.yarnpkg.com/connect/-/connect-3.6.6.tgz#09eff6c55af7236e137135a72574858b6786f524"
integrity sha1-Ce/2xVr3I24TcTWnJXSFi2eG9SQ=
dependencies:
debug "~2.2.0"
finalhandler "0.5.1"
parseurl "~1.3.1"
utils-merge "1.0.0"
debug "2.6.9"
finalhandler "1.1.0"
parseurl "~1.3.2"
utils-merge "1.0.1"

console-control-strings@^1.0.0, console-control-strings@~1.1.0:
version "1.1.0"
Expand Down Expand Up @@ -2145,13 +2145,6 @@ debug@~0.8.1:
resolved "https://registry.yarnpkg.com/debug/-/debug-0.8.1.tgz#20ff4d26f5e422cb68a1bacbbb61039ad8c1c130"
integrity sha1-IP9NJvXkIstoobrLu2EDmtjBwTA=

debug@~2.2.0:
version "2.2.0"
resolved "https://registry.yarnpkg.com/debug/-/debug-2.2.0.tgz#f87057e995b1a1f6ae6a4960664137bc56f039da"
integrity sha1-+HBX6ZWxofauaklgZkE3vFbwOdo=
dependencies:
ms "0.7.1"

decamelize-keys@^1.0.0:
version "1.1.0"
resolved "https://registry.yarnpkg.com/decamelize-keys/-/decamelize-keys-1.1.0.tgz#d171a87933252807eb3cb61dc1c1445d078df2d9"
Expand Down Expand Up @@ -2237,7 +2230,7 @@ delegates@^1.0.0:
resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a"
integrity sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o=

depd@~1.1.1, depd@~1.1.2:
depd@~1.1.2:
version "1.1.2"
resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.2.tgz#9bcd52e14c097763e749b274c4346ed2e560b5a9"
integrity sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=
Expand Down Expand Up @@ -2397,7 +2390,7 @@ en-stemmer@^1.0.2:
resolved "https://registry.yarnpkg.com/en-stemmer/-/en-stemmer-1.0.3.tgz#2d22fb5db9005a88d6fc58026b38a831c8bc7c19"
integrity sha1-LSL7XbkAWojW/FgCazioMci8fBk=

encodeurl@~1.0.2:
encodeurl@~1.0.1, encodeurl@~1.0.2:
version "1.0.2"
resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59"
integrity sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k=
Expand Down Expand Up @@ -2610,9 +2603,9 @@ etag@~1.8.1:
resolved "https://registry.yarnpkg.com/etag/-/etag-1.8.1.tgz#41ae2eeb65efa62268aebfea83ac7d79299b0887"
integrity sha1-Qa4u62XvpiJorr/qg6x9eSmbCIc=

event-stream@latest:
event-stream@3.3.4:
version "3.3.4"
resolved "http://registry.npmjs.org/event-stream/-/event-stream-3.3.4.tgz#4ab4c9a0f5a54db9338b4c34d86bfce8f4b35571"
resolved "https://registry.yarnpkg.com/event-stream/-/event-stream-3.3.4.tgz#4ab4c9a0f5a54db9338b4c34d86bfce8f4b35571"
integrity sha1-SrTJoPWlTbkzi0w02Gv86PSzVXE=
dependencies:
duplexer "~0.1.1"
Expand Down Expand Up @@ -2863,14 +2856,16 @@ fill-range@^4.0.0:
repeat-string "^1.6.1"
to-regex-range "^2.1.0"

finalhandler@0.5.1:
version "0.5.1"
resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-0.5.1.tgz#2c400d8d4530935bc232549c5fa385ec07de6fcd"
integrity sha1-LEANjUUwk1vCMlScX6OF7Afeb80=
finalhandler@1.1.0:
version "1.1.0"
resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-1.1.0.tgz#ce0b6855b45853e791b2fcc680046d88253dd7f5"
integrity sha1-zgtoVbRYU+eRsvzGgARtiCU91/U=
dependencies:
debug "~2.2.0"
debug "2.6.9"
encodeurl "~1.0.1"
escape-html "~1.0.3"
on-finished "~2.3.0"
parseurl "~1.3.2"
statuses "~1.3.1"
unpipe "~1.0.0"

Expand Down Expand Up @@ -4139,24 +4134,24 @@ linkify-it@^2.0.0:
dependencies:
uc.micro "^1.0.1"

live-server@1.2.0:
version "1.2.0"
resolved "https://registry.yarnpkg.com/live-server/-/live-server-1.2.0.tgz#4498644bbf81a66f18dd8dffdef61c4c1c374ca3"
integrity sha1-RJhkS7+Bpm8Y3Y3/3vYcTBw3TKM=
live-server@1.2.1:
version "1.2.1"
resolved "https://registry.yarnpkg.com/live-server/-/live-server-1.2.1.tgz#670630dd409d22fe9c513ab1c1894686c757153e"
integrity sha512-Yn2XCVjErTkqnM3FfTmM7/kWy3zP7+cEtC7x6u+wUzlQ+1UW3zEYbbyJrc0jNDwiMDZI0m4a0i3dxlGHVyXczw==
dependencies:
chokidar "^1.6.0"
chokidar "^2.0.4"
colors latest
connect "3.5.x"
connect "^3.6.6"
cors latest
event-stream latest
event-stream "3.3.4"
faye-websocket "0.11.x"
http-auth "3.1.x"
morgan "^1.6.1"
morgan "^1.9.1"
object-assign latest
opn latest
proxy-middleware latest
send latest
serve-index "^1.7.2"
serve-index "^1.9.1"

load-json-file@^1.0.0:
version "1.1.0"
Expand Down Expand Up @@ -4605,22 +4600,17 @@ mkdirp@^0.5.0, mkdirp@^0.5.1:
dependencies:
minimist "0.0.8"

morgan@^1.6.1:
version "1.9.0"
resolved "https://registry.yarnpkg.com/morgan/-/morgan-1.9.0.tgz#d01fa6c65859b76fcf31b3cb53a3821a311d8051"
integrity sha1-0B+mxlhZt2/PMbPLU6OCGjEdgFE=
morgan@^1.9.1:
version "1.9.1"
resolved "https://registry.yarnpkg.com/morgan/-/morgan-1.9.1.tgz#0a8d16734a1d9afbc824b99df87e738e58e2da59"
integrity sha512-HQStPIV4y3afTiCYVxirakhlCfGkI161c76kKFca7Fk1JusM//Qeo1ej2XaMniiNeaZklMVrh3vTtIzpzwbpmA==
dependencies:
basic-auth "~2.0.0"
debug "2.6.9"
depd "~1.1.1"
depd "~1.1.2"
on-finished "~2.3.0"
on-headers "~1.0.1"

ms@0.7.1:
version "0.7.1"
resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098"
integrity sha1-nNE8A62/8ltl7/3nzoZO6VIBcJg=

ms@2.0.0:
version "2.0.0"
resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8"
Expand Down Expand Up @@ -5143,7 +5133,7 @@ parse5@^3.0.1:
dependencies:
"@types/node" "*"

parseurl@~1.3.1, parseurl@~1.3.2:
parseurl@~1.3.2:
version "1.3.2"
resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.2.tgz#fc289d4ed8993119460c156253262cdc8de65bf3"
integrity sha1-/CidTtiZMRlGDBViUyYs3I3mW/M=
Expand Down Expand Up @@ -6942,7 +6932,7 @@ sentence-splitter@^3.0.1:
object.values "^1.0.4"
structured-source "^3.0.2"

serve-index@^1.7.2:
serve-index@^1.9.1:
version "1.9.1"
resolved "https://registry.yarnpkg.com/serve-index/-/serve-index-1.9.1.tgz#d3768d69b1e7d82e5ce050fff5b453bea12a9239"
integrity sha1-03aNabHn2C5c4FD/9bRTvqEqkjk=
Expand Down Expand Up @@ -8147,10 +8137,10 @@ util-deprecate@~1.0.1:
resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf"
integrity sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=

utils-merge@1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.0.tgz#0294fb922bb9375153541c4f7096231f287c8af8"
integrity sha1-ApT7kiu5N1FTVBxPcJYjHyh8ivg=
utils-merge@1.0.1:
version "1.0.1"
resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.1.tgz#9f95710f50a267947b2ccc124741c1028427e713"
integrity sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM=

uuid@^3.0.0:
version "3.3.2"
Expand Down
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@
"jest": "23.6.0",
"jsdom": "11.12.0",
"json": "9.0.6",
"live-server": "1.2.0",
"live-server": "1.2.1",
"mversion": "1.12.0",
"node-sass": "4.10.0",
"onchange": "4.1.0",
Expand Down
Loading

0 comments on commit 9f93ffb

Please sign in to comment.