From c1f86ff9b13c0ae0a80a4a1f62f2f38d69686e7d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 18 Sep 2024 10:21:22 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-POSTCSS-5926692 --- package.json | 2 +- yarn.lock | 167 ++++++++++++++++++++++++++++++++++++++++----------- 2 files changed, 134 insertions(+), 35 deletions(-) diff --git a/package.json b/package.json index e3f272f..1765dd5 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "dependencies": { "@astrojs/node": "^6.0.0", "@astrojs/react": "^3.0.2", - "@astrojs/tailwind": "*", + "@astrojs/tailwind": "5.1.1", "@radix-ui/react-collapsible": "1.0.2", "@radix-ui/react-dropdown-menu": "^2.0.4", "@radix-ui/react-tooltip": "^1.0.5", diff --git a/yarn.lock b/yarn.lock index 37a9cda..6d7ccec 100644 --- a/yarn.lock +++ b/yarn.lock @@ -102,17 +102,17 @@ __metadata: languageName: node linkType: hard -"@astrojs/tailwind@npm:*": - version: 5.0.0 - resolution: "@astrojs/tailwind@npm:5.0.0" +"@astrojs/tailwind@npm:5.1.1": + version: 5.1.1 + resolution: "@astrojs/tailwind@npm:5.1.1" dependencies: - autoprefixer: ^10.4.15 - postcss: ^8.4.28 - postcss-load-config: ^4.0.1 + autoprefixer: ^10.4.20 + postcss: ^8.4.45 + postcss-load-config: ^4.0.2 peerDependencies: - astro: ^3.0.0 + astro: ^3.0.0 || ^4.0.0 || ^5.0.0-beta.0 tailwindcss: ^3.0.24 - checksum: e21c785d7c931e3abcb46bc6d5e1c3984e24f16db2e2a32e838c30cce32485b8aa2880d9755bbb9d703ee26bd4297c05e9541738b023fe636f8052ed27092e9c + checksum: 0335e556cb4b9d454399351844f4b3736dac2acd44f79dbf2db3d2d6f765ebec538ea159fa90be27ee18b1ab5b9058e6bc2495bfdb1f962c6626f4ce1fb05d1b languageName: node linkType: hard @@ -752,7 +752,7 @@ __metadata: "@astrojs/netlify": ^3.0.1 "@astrojs/node": ^6.0.0 "@astrojs/react": ^3.0.2 - "@astrojs/tailwind": "*" + "@astrojs/tailwind": 5.1.1 "@radix-ui/react-collapsible": 1.0.2 "@radix-ui/react-dropdown-menu": ^2.0.4 "@radix-ui/react-tooltip": ^1.0.5 @@ -2293,21 +2293,21 @@ __metadata: languageName: node linkType: hard -"autoprefixer@npm:^10.4.15": - version: 10.4.15 - resolution: "autoprefixer@npm:10.4.15" +"autoprefixer@npm:^10.4.20": + version: 10.4.20 + resolution: "autoprefixer@npm:10.4.20" dependencies: - browserslist: ^4.21.10 - caniuse-lite: ^1.0.30001520 - fraction.js: ^4.2.0 + browserslist: ^4.23.3 + caniuse-lite: ^1.0.30001646 + fraction.js: ^4.3.7 normalize-range: ^0.1.2 - picocolors: ^1.0.0 + picocolors: ^1.0.1 postcss-value-parser: ^4.2.0 peerDependencies: postcss: ^8.1.0 bin: autoprefixer: bin/autoprefixer - checksum: d490b14fb098c043e109fc13cd23628f146af99a493d35b9df3a26f8ec0b4dd8937c5601cdbaeb465b98ea31d3ea05aa7184711d4d93dfb52358d073dcb67032 + checksum: 187cec2ec356631932b212f76dc64f4419c117fdb2fb9eeeb40867d38ba5ca5ba734e6ceefc9e3af4eec8258e60accdf5cbf2b7708798598fde35cdc3de562d6 languageName: node linkType: hard @@ -2439,7 +2439,7 @@ __metadata: languageName: node linkType: hard -"browserslist@npm:^4.21.10, browserslist@npm:^4.21.9": +"browserslist@npm:^4.21.9": version: 4.21.10 resolution: "browserslist@npm:4.21.10" dependencies: @@ -2453,6 +2453,20 @@ __metadata: languageName: node linkType: hard +"browserslist@npm:^4.23.3": + version: 4.23.3 + resolution: "browserslist@npm:4.23.3" + dependencies: + caniuse-lite: ^1.0.30001646 + electron-to-chromium: ^1.5.4 + node-releases: ^2.0.18 + update-browserslist-db: ^1.1.0 + bin: + browserslist: cli.js + checksum: 7906064f9970aeb941310b2fcb8b4ace4a1b50aa657c986677c6f1553a8cabcc94ee9c5922f715baffbedaa0e6cf0831b6fed7b059dde6873a4bfadcbe069c7e + languageName: node + linkType: hard + "bs58@npm:^4.0.0": version: 4.0.1 resolution: "bs58@npm:4.0.1" @@ -2525,13 +2539,20 @@ __metadata: languageName: node linkType: hard -"caniuse-lite@npm:^1.0.30001517, caniuse-lite@npm:^1.0.30001520": +"caniuse-lite@npm:^1.0.30001517": version: 1.0.30001538 resolution: "caniuse-lite@npm:1.0.30001538" checksum: 94c5d55757a339c7cc175f08a024671e2b4e7c04f130b1015793303d637061347efb6ad84447c3b8137333e742d150b8ad9672716bbf2482646c2e63a56f6c55 languageName: node linkType: hard +"caniuse-lite@npm:^1.0.30001646": + version: 1.0.30001660 + resolution: "caniuse-lite@npm:1.0.30001660" + checksum: 8b2c5de2f5facd31980426afbba68238270984acfe8c1ae925b8b6480448eea2fae292f815674617e9170c730c8a238d7cc0db919f184dc0e3cd9bec18f5e5ad + languageName: node + linkType: hard + "capability@npm:^0.2.5": version: 0.2.5 resolution: "capability@npm:0.2.5" @@ -3030,6 +3051,13 @@ __metadata: languageName: node linkType: hard +"electron-to-chromium@npm:^1.5.4": + version: 1.5.25 + resolution: "electron-to-chromium@npm:1.5.25" + checksum: 3aef974d586815e9b1fd3221be3e2e124d59a9b992dbd59dbce618ac165feddebda9238be8f93b504f3cc067821e94810bf8a877be8a23a125d6c8f401aeb27e + languageName: node + linkType: hard + "emoji-regex@npm:^10.2.1": version: 10.2.1 resolution: "emoji-regex@npm:10.2.1" @@ -3269,6 +3297,13 @@ __metadata: languageName: node linkType: hard +"escalade@npm:^3.1.2": + version: 3.2.0 + resolution: "escalade@npm:3.2.0" + checksum: 47b029c83de01b0d17ad99ed766347b974b0d628e848de404018f3abee728e987da0d2d370ad4574aa3d5b5bfc368754fd085d69a30f8e75903486ec4b5b709e + languageName: node + linkType: hard + "escape-html@npm:~1.0.3": version: 1.0.3 resolution: "escape-html@npm:1.0.3" @@ -3471,10 +3506,10 @@ __metadata: languageName: node linkType: hard -"fraction.js@npm:^4.2.0": - version: 4.3.6 - resolution: "fraction.js@npm:4.3.6" - checksum: e96ae77e64ebfd442d3a5a01a3f0637b0663fc2440bcf2841b3ad9341ba24c81fb2e3e7142e43ef7d088558c6b3f8609df135b201adc7a1c674aea6a71384162 +"fraction.js@npm:^4.3.7": + version: 4.3.7 + resolution: "fraction.js@npm:4.3.7" + checksum: e1553ae3f08e3ba0e8c06e43a3ab20b319966dfb7ddb96fd9b5d0ee11a66571af7f993229c88ebbb0d4a816eb813a24ed48207b140d442a8f76f33763b8d1f3f languageName: node linkType: hard @@ -4308,6 +4343,13 @@ __metadata: languageName: node linkType: hard +"lilconfig@npm:^3.0.0": + version: 3.1.2 + resolution: "lilconfig@npm:3.1.2" + checksum: 4e8b83ddd1d0ad722600994e6ba5d858ddca14f0587aa6b9c8185e17548149b5e13d4d583d811e9e9323157fa8c6a527e827739794c7502b59243c58e210b8c3 + languageName: node + linkType: hard + "load-yaml-file@npm:^0.2.0": version: 0.2.0 resolution: "load-yaml-file@npm:0.2.0" @@ -5206,6 +5248,15 @@ __metadata: languageName: node linkType: hard +"nanoid@npm:^3.3.7": + version: 3.3.7 + resolution: "nanoid@npm:3.3.7" + bin: + nanoid: bin/nanoid.cjs + checksum: d36c427e530713e4ac6567d488b489a36582ef89da1d6d4e3b87eded11eb10d7042a877958c6f104929809b2ab0bafa17652b076cdf84324aa75b30b722204f2 + languageName: node + linkType: hard + "napi-build-utils@npm:^1.0.1": version: 1.0.2 resolution: "napi-build-utils@npm:1.0.2" @@ -5340,6 +5391,13 @@ __metadata: languageName: node linkType: hard +"node-releases@npm:^2.0.18": + version: 2.0.18 + resolution: "node-releases@npm:2.0.18" + checksum: ef55a3d853e1269a6d6279b7692cd6ff3e40bc74947945101138745bfdc9a5edabfe72cb19a31a8e45752e1910c4c65c77d931866af6357f242b172b7283f5b3 + languageName: node + linkType: hard + "nopt@npm:^6.0.0": version: 6.0.0 resolution: "nopt@npm:6.0.0" @@ -5614,6 +5672,13 @@ __metadata: languageName: node linkType: hard +"picocolors@npm:^1.0.1, picocolors@npm:^1.1.0": + version: 1.1.0 + resolution: "picocolors@npm:1.1.0" + checksum: a64d653d3a188119ff45781dfcdaeedd7625583f45280aea33fcb032c7a0d3959f2368f9b192ad5e8aade75b74dbd954ffe3106c158509a45e4c18ab379a2acd + languageName: node + linkType: hard + "picomatch@npm:^2.0.4, picomatch@npm:^2.2.1, picomatch@npm:^2.3.1": version: 2.3.1 resolution: "picomatch@npm:2.3.1" @@ -5686,12 +5751,12 @@ __metadata: languageName: node linkType: hard -"postcss-load-config@npm:^4.0.1": - version: 4.0.1 - resolution: "postcss-load-config@npm:4.0.1" +"postcss-load-config@npm:^4.0.2": + version: 4.0.2 + resolution: "postcss-load-config@npm:4.0.2" dependencies: - lilconfig: ^2.0.5 - yaml: ^2.1.1 + lilconfig: ^3.0.0 + yaml: ^2.3.4 peerDependencies: postcss: ">=8.0.9" ts-node: ">=9.0.0" @@ -5700,7 +5765,7 @@ __metadata: optional: true ts-node: optional: true - checksum: b61f890499ed7dcda1e36c20a9582b17d745bad5e2b2c7bc96942465e406bc43ae03f270c08e60d1e29dab1ee50cb26970b5eb20c9aae30e066e20bd607ae4e4 + checksum: 7c27dd3801db4eae207a5116fed2db6b1ebb780b40c3dd62a3e57e087093a8e6a14ee17ada729fee903152d6ef4826c6339eb135bee6208e0f3140d7e8090185 languageName: node linkType: hard @@ -5732,7 +5797,7 @@ __metadata: languageName: node linkType: hard -"postcss@npm:^8.0.9, postcss@npm:^8.4.27, postcss@npm:^8.4.28": +"postcss@npm:^8.0.9, postcss@npm:^8.4.27": version: 8.4.30 resolution: "postcss@npm:8.4.30" dependencies: @@ -5743,6 +5808,17 @@ __metadata: languageName: node linkType: hard +"postcss@npm:^8.4.45": + version: 8.4.47 + resolution: "postcss@npm:8.4.47" + dependencies: + nanoid: ^3.3.7 + picocolors: ^1.1.0 + source-map-js: ^1.2.1 + checksum: f78440a9d8f97431dd2ab1ab8e1de64f12f3eff38a3d8d4a33919b96c381046a314658d2de213a5fa5eb296b656de76a3ec269fdea27f16d5ab465b916a0f52c + languageName: node + linkType: hard + "prebuild-install@npm:^7.1.1": version: 7.1.1 resolution: "prebuild-install@npm:7.1.1" @@ -6599,6 +6675,13 @@ prettier@latest: languageName: node linkType: hard +"source-map-js@npm:^1.2.1": + version: 1.2.1 + resolution: "source-map-js@npm:1.2.1" + checksum: 4eb0cd997cdf228bc253bcaff9340afeb706176e64868ecd20efbe6efea931465f43955612346d6b7318789e5265bdc419bc7669c1cebe3db0eb255f57efa76b + languageName: node + linkType: hard + "space-separated-tokens@npm:^1.0.0": version: 1.1.5 resolution: "space-separated-tokens@npm:1.1.5" @@ -7213,6 +7296,20 @@ prettier@latest: languageName: node linkType: hard +"update-browserslist-db@npm:^1.1.0": + version: 1.1.0 + resolution: "update-browserslist-db@npm:1.1.0" + dependencies: + escalade: ^3.1.2 + picocolors: ^1.0.1 + peerDependencies: + browserslist: ">= 4.21.0" + bin: + update-browserslist-db: cli.js + checksum: 7b74694d96f0c360f01b702e72353dc5a49df4fe6663d3ee4e5c628f061576cddf56af35a3a886238c01dd3d8f231b7a86a8ceaa31e7a9220ae31c1c1238e562 + languageName: node + linkType: hard + "uri-js@npm:^4.2.2": version: 4.4.1 resolution: "uri-js@npm:4.4.1" @@ -7556,10 +7653,12 @@ prettier@latest: languageName: node linkType: hard -"yaml@npm:^2.1.1": - version: 2.3.2 - resolution: "yaml@npm:2.3.2" - checksum: acd80cc24df12c808c6dec8a0176d404ef9e6f08ad8786f746ecc9d8974968c53c6e8a67fdfabcc5f99f3dc59b6bb0994b95646ff03d18e9b1dcd59eccc02146 +"yaml@npm:^2.3.4": + version: 2.5.1 + resolution: "yaml@npm:2.5.1" + bin: + yaml: bin.mjs + checksum: 31275223863fbd0b47ba9d2b248fbdf085db8d899e4ca43fff8a3a009497c5741084da6871d11f40e555d61360951c4c910b98216c1325d2c94753c0036d8172 languageName: node linkType: hard