Skip to content

Commit

Permalink
Dependabot fixes - critical (#94)
Browse files Browse the repository at this point in the history 
* Update versions of json-scheme and minimalist to fix dependabot vulnerabilities

* Revert "Update versions of json-scheme and minimalist to fix dependabot vulnerabilities"

This reverts commit a04fd34.

* Add json-schema and bump mimist versions for dependabot fixes

* Update nlkm and url-lib versions in requirement files

* Modify requirements version format to try and get build to succeed

* Remove ntlk as a package

* Add and update npm packages to fix high level dependabot alerts

* Set type as module in package.json to handle ES6 syntax

* Revert "Add and update npm packages to fix high level dependabot alerts"

This reverts commit 60a2943.

Co-authored-by: wondrousWebWorks <[email protected]>
  • Loading branch information
@bravoalpha79 @wondrousWebWorks
bravoalpha79 and wondrousWebWorks authored Aug 30, 2022
1 parent c3b6912 commit f30c280
Show file tree
Hide file tree
Showing 5 changed files with 6 additions and 5 deletions.
4 changes: 4 additions & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
{
"name": "edx",
"version": "0.1.0",
"type": "module",
"dependencies": {
"@edx/edx-bootstrap": "1.0.4",
"@edx/edx-proctoring": "^1.5.0",
Expand Down Expand Up @@ -37,6 +38,7 @@
"jquery-migrate": "1.4.1",
"jquery.scrollto": "2.1.2",
"js-cookie": "2.2.0",
"json-schema": ">=0.4.0",
"lodash": ">=4.17.21",
"moment": "2.29.4",
"moment-timezone": "0.5.14",
Expand Down Expand Up @@ -98,6 +100,7 @@
"jasmine-jquery": "git+https://github.com/velesin/jasmine-jquery.git#ebad463d592d3fea00c69f26ea18a930e09c7b58",
"jest": "^26.6.3",
"jest-enzyme": "^7.1.2",
"json-schema": ">=0.4.0",
"karma": "^6.1.0",
"karma-chrome-launcher": "0.2.3",
"karma-coverage": "0.5.5",
Expand All @@ -110,6 +113,7 @@
"karma-sourcemap-loader": "0.3.7",
"karma-spec-reporter": "0.0.20",
"karma-webpack": "^5.0.0",
"minimist": ">=1.2.6",
"react-test-renderer": "^17.0.1",
"selenium-webdriver": "3.4.0",
"sinon": "2.3.5",
Expand Down
1 change: 0 additions & 1 deletion requirements/edx-sandbox/shared.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,4 +11,3 @@

cryptography # Implementations of assorted cryptography algorithms
lxml # XML parser
nltk # Natural language processing; used by the chem package
1 change: 0 additions & 1 deletion requirements/edx-sandbox/shared.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ click==7.1.2 # via nltk
cryptography==2.9.2 # via -r requirements/edx-sandbox/shared.in
joblib==0.14.1 # via -c requirements/edx-sandbox/../constraints.txt, nltk
lxml==4.5.0 # via -c requirements/edx-sandbox/../constraints.txt, -r requirements/edx-sandbox/shared.in
nltk==3.5 # via -r requirements/edx-sandbox/shared.in
pycparser==2.20 # via cffi
regex==2020.7.14 # via nltk
six==1.15.0 # via cryptography
Expand Down
3 changes: 1 addition & 2 deletions requirements/edx/base.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,6 @@ more-itertools==8.4.0 # via -r requirements/edx/paver.txt, zipp
mpmath==1.1.0 # via sympy
mysqlclient==2.0.1 # via -r requirements/edx/base.in
newrelic==5.14.1.144 # via -r requirements/edx/base.in, edx-django-utils
nltk==3.5 # via -r requirements/edx/../edx-sandbox/shared.txt, chem
nodeenv==1.4.0 # via -r requirements/edx/base.in
numpy==1.18.5 # via -c requirements/edx/../constraints.txt, chem, openedx-calc, scipy
oauthlib==3.0.1 # via -c requirements/edx/../constraints.txt, -r requirements/edx/base.in, django-oauth-toolkit, lti-consumer-xblock, requests-oauthlib, social-auth-core
Expand Down Expand Up @@ -236,7 +235,7 @@ tqdm==4.47.0 # via -r requirements/edx/../edx-sandbox/shared.txt, n
ua-parser==0.10.0 # via django-cookies-samesite
unicodecsv==0.14.1 # via -r requirements/edx/base.in, edx-enterprise
uritemplate==3.0.1 # via coreapi, drf-yasg
urllib3==1.25.9 # via -r requirements/edx/paver.txt, elasticsearch, geoip2, requests
urllib3==1.26.5 # via -r requirements/edx/paver.txt, elasticsearch, geoip2, requests
user-util==0.2 # via -r requirements/edx/base.in
voluptuous==0.11.7 # via ora2
watchdog==0.10.3 # via -r requirements/edx/paver.txt
Expand Down
2 changes: 1 addition & 1 deletion requirements/edx/paver.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ python-memcached==1.59 # via -r requirements/edx/paver.in
requests==2.24.0 # via -r requirements/edx/paver.in
six==1.15.0 # via edx-opaque-keys, libsass, mock, paver, python-memcached, stevedore
stevedore==1.32.0 # via -c requirements/edx/../constraints.txt, -r requirements/edx/paver.in, edx-opaque-keys
urllib3==1.25.9 # via requests
urllib3==1.26.5 # via requests
watchdog==0.10.3 # via -r requirements/edx/paver.in
wrapt==1.11.2 # via -c requirements/edx/../constraints.txt, -r requirements/edx/paver.in
zipp==1.0.0 # via -c requirements/edx/../constraints.txt, importlib-metadata

0 comments on commit f30c280

Please sign in to comment.