From 53a78cb73d133ad7def990f9c7c038521634500e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 13 Jul 2024 00:34:16 +0000 Subject: [PATCH] fix: js/package.json & js/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-7444617 --- js/package-lock.json | 30 +++++++++++++++++------------- js/package.json | 2 +- 2 files changed, 18 insertions(+), 14 deletions(-) diff --git a/js/package-lock.json b/js/package-lock.json index 609e9e2fa6..498e78efdd 100644 --- a/js/package-lock.json +++ b/js/package-lock.json @@ -1,7 +1,7 @@ { "name": "@flarum/core", - "requires": true, "lockfileVersion": 1, + "requires": true, "dependencies": { "@babel/code-frame": { "version": "7.12.11", @@ -1422,9 +1422,9 @@ "integrity": "sha512-GkTiFpjFtUzU9CbMeJ5iazkCzGL3jrhzerzZIuqLABjbwRaFt33I9tUdSNryIptM+RxDet6OKm2WnLXzW51KsQ==" }, "bootstrap": { - "version": "3.4.1", - "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-3.4.1.tgz", - "integrity": "sha512-yN5oZVmRCwe5aKwzRj6736nSmKDX7pLYwsXiCj/EYmo16hODaBiT4En5btW/jhBF/seV+XMx3aYwukYC3A49DA==" + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-5.0.0.tgz", + "integrity": "sha512-tmhPET9B9qCl8dCofvHeiIhi49iBt0EehmIsziZib65k1erBW1rHhj2s/2JsuQh5Pq+xz2E9bEbzp9B7xHG+VA==" }, "brace-expansion": { "version": "1.1.11", @@ -4328,6 +4328,14 @@ "resolved": "https://registry.npmjs.org/stream-shift/-/stream-shift-1.0.1.tgz", "integrity": "sha512-AiisoFqQ0vbGcZgQPY1cdP2I76glaVA/RauYR4G4thNFgkTqr90yXTo4LYX60Jl+sIlPNHHdGSwo01AvbKUSVQ==" }, + "string_decoder": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", + "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", + "requires": { + "safe-buffer": "~5.1.0" + } + }, "string-width": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz", @@ -4338,14 +4346,6 @@ "strip-ansi": "^5.1.0" } }, - "string_decoder": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", - "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", - "requires": { - "safe-buffer": "~5.1.0" - } - }, "strip-ansi": { "version": "5.2.0", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", @@ -4782,7 +4782,11 @@ "version": "1.2.13", "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-1.2.13.tgz", "integrity": "sha512-oWb1Z6mkHIskLzEJ/XWX0srkpkTQ7vaopMQkyaEIoq0fmtFVxOthb8cCxeT+p3ynTdkk/RZwbgG4brR5BeWECw==", - "optional": true + "optional": true, + "requires": { + "bindings": "^1.5.0", + "nan": "^2.12.1" + } }, "glob-parent": { "version": "3.1.0", diff --git a/js/package.json b/js/package.json index c6c8aa9b15..01ef59ada5 100644 --- a/js/package.json +++ b/js/package.json @@ -4,7 +4,7 @@ "dependencies": { "@babel/preset-typescript": "^7.10.1", "@types/mithril": "^2.0.3", - "bootstrap": "^3.4.1", + "bootstrap": "^5.0.0", "classnames": "^2.2.5", "color-thief-browser": "^2.0.2", "dayjs": "^1.8.28",