[arvados] created: 2.7.0-6383-gd5b6d89b25
git repository hosting
git at public.arvados.org
Tue Apr 9 16:15:28 UTC 2024
at d5b6d89b2518c96eba130466a5fea12608090818 (commit)
commit d5b6d89b2518c96eba130466a5fea12608090818
Author: Lucas Di Pentima <lucas.dipentima at curii.com>
Date: Tue Apr 9 13:11:51 2024 -0300
21654: Upgrades axios to address CVE-2023-45857
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima at curii.com>
diff --git a/services/workbench2/package.json b/services/workbench2/package.json
index 94e35029c4..4b3a81db24 100644
--- a/services/workbench2/package.json
+++ b/services/workbench2/package.json
@@ -28,7 +28,7 @@
"@types/react-window": "1.8.2",
"@types/redux-form": "7.4.12",
"@types/shell-escape": "^0.2.0",
- "axios": "^0.21.1",
+ "axios": "^0.28.0",
"bootstrap": "^5.3.2",
"caniuse-lite": "1.0.30001606",
"classnames": "2.2.6",
diff --git a/services/workbench2/yarn.lock b/services/workbench2/yarn.lock
index 1b537dab62..928cb4d950 100644
--- a/services/workbench2/yarn.lock
+++ b/services/workbench2/yarn.lock
@@ -4152,7 +4152,7 @@ __metadata:
"@types/shell-escape": ^0.2.0
"@types/sinon": 7.5
"@types/uuid": 3.4.4
- axios: ^0.21.1
+ axios: ^0.28.0
axios-mock-adapter: 1.17.0
bootstrap: ^5.3.2
caniuse-lite: 1.0.30001606
@@ -4429,12 +4429,14 @@ __metadata:
languageName: node
linkType: hard
-"axios at npm:^0.21.1":
- version: 0.21.4
- resolution: "axios at npm:0.21.4"
+"axios at npm:^0.28.0":
+ version: 0.28.1
+ resolution: "axios at npm:0.28.1"
dependencies:
- follow-redirects: ^1.14.0
- checksum: 44245f24ac971e7458f3120c92f9d66d1fc695e8b97019139de5b0cc65d9b8104647db01e5f46917728edfc0cfd88eb30fc4c55e6053eef4ace76768ce95ff3c
+ follow-redirects: ^1.15.0
+ form-data: ^4.0.0
+ proxy-from-env: ^1.1.0
+ checksum: 5115a38d79064d07437c5a28f15841e3607634040e3120ec06a2c4367a7d07cf213b16496eab53b6f58ebc5fb377a440ba9ed4782529b14449a1e285734bfb54
languageName: node
linkType: hard
@@ -5839,7 +5841,7 @@ __metadata:
languageName: node
linkType: hard
-"combined-stream at npm:^1.0.6, combined-stream at npm:~1.0.6":
+"combined-stream at npm:^1.0.6, combined-stream at npm:^1.0.8, combined-stream at npm:~1.0.6":
version: 1.0.8
resolution: "combined-stream at npm:1.0.8"
dependencies:
@@ -8685,7 +8687,7 @@ __metadata:
languageName: node
linkType: hard
-"follow-redirects at npm:^1.0.0, follow-redirects at npm:^1.14.0":
+"follow-redirects at npm:^1.0.0, follow-redirects at npm:^1.15.0":
version: 1.15.6
resolution: "follow-redirects at npm:1.15.6"
peerDependenciesMeta:
@@ -8750,6 +8752,17 @@ __metadata:
languageName: node
linkType: hard
+"form-data at npm:^4.0.0":
+ version: 4.0.0
+ resolution: "form-data at npm:4.0.0"
+ dependencies:
+ asynckit: ^0.4.0
+ combined-stream: ^1.0.8
+ mime-types: ^2.1.12
+ checksum: 01135bf8675f9d5c61ff18e2e2932f719ca4de964e3be90ef4c36aacfc7b9cb2fceb5eca0b7e0190e3383fe51c5b37f4cb80b62ca06a99aaabfcfd6ac7c9328c
+ languageName: node
+ linkType: hard
+
"form-data at npm:~2.3.2":
version: 2.3.3
resolution: "form-data at npm:2.3.3"
@@ -15312,6 +15325,13 @@ __metadata:
languageName: node
linkType: hard
+"proxy-from-env at npm:^1.1.0":
+ version: 1.1.0
+ resolution: "proxy-from-env at npm:1.1.0"
+ checksum: ed7fcc2ba0a33404958e34d95d18638249a68c430e30fcb6c478497d72739ba64ce9810a24f53a7d921d0c065e5b78e3822759800698167256b04659366ca4d4
+ languageName: node
+ linkType: hard
+
"prr at npm:~1.0.1":
version: 1.0.1
resolution: "prr at npm:1.0.1"
commit 23c01a7c048315d34c7a8c25eb34d9ed06a973e3
Author: Lucas Di Pentima <lucas.dipentima at curii.com>
Date: Tue Apr 9 12:21:50 2024 -0300
21654: Upgrades ex5-ext to address CVE-2024-27088
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima at curii.com>
diff --git a/services/workbench2/yarn.lock b/services/workbench2/yarn.lock
index a004acd79a..1b537dab62 100644
--- a/services/workbench2/yarn.lock
+++ b/services/workbench2/yarn.lock
@@ -6670,6 +6670,16 @@ __metadata:
languageName: node
linkType: hard
+"d at npm:^1.0.2":
+ version: 1.0.2
+ resolution: "d at npm:1.0.2"
+ dependencies:
+ es5-ext: ^0.10.64
+ type: ^2.7.2
+ checksum: 775db1e8ced6707cddf64a5840522fcf5475d38ef49a5d615be0ac47f86ef64d15f5a73de1522b09327cc466d4dc35ea83dbfeed456f7a0fdcab138deb800355
+ languageName: node
+ linkType: hard
+
"damerau-levenshtein at npm:^1.0.4":
version: 1.0.7
resolution: "damerau-levenshtein at npm:1.0.7"
@@ -7656,14 +7666,15 @@ __metadata:
languageName: node
linkType: hard
-"es5-ext at npm:^0.10.35, es5-ext at npm:^0.10.50":
- version: 0.10.53
- resolution: "es5-ext at npm:0.10.53"
+"es5-ext at npm:^0.10.35, es5-ext at npm:^0.10.50, es5-ext at npm:^0.10.62, es5-ext at npm:^0.10.64, es5-ext at npm:~0.10.14":
+ version: 0.10.64
+ resolution: "es5-ext at npm:0.10.64"
dependencies:
- es6-iterator: ~2.0.3
- es6-symbol: ~3.1.3
- next-tick: ~1.0.0
- checksum: 24ec22369260cf98605cb2f51eae9d7df5dc621bc5d3b311f6f5c3d0fcdb7bafae888270f3083ee6e9af27350a5ea49f1fe2dd6406a9017247ca40f091f529b2
+ es6-iterator: ^2.0.3
+ es6-symbol: ^3.1.3
+ esniff: ^2.0.1
+ next-tick: ^1.1.0
+ checksum: 01179fab0769fdbef213062222f99d0346724dbaccf04b87c0e6ee7f0c97edabf14be647ca1321f0497425ea7145de0fd278d1b3f3478864b8933e7136a5c645
languageName: node
linkType: hard
@@ -7674,7 +7685,7 @@ __metadata:
languageName: node
linkType: hard
-"es6-iterator at npm:2.0.3, es6-iterator at npm:~2.0.3":
+"es6-iterator at npm:2.0.3, es6-iterator at npm:^2.0.3":
version: 2.0.3
resolution: "es6-iterator at npm:2.0.3"
dependencies:
@@ -7685,7 +7696,7 @@ __metadata:
languageName: node
linkType: hard
-"es6-symbol at npm:^3.1.1, es6-symbol at npm:~3.1.3":
+"es6-symbol at npm:^3.1.1":
version: 3.1.3
resolution: "es6-symbol at npm:3.1.3"
dependencies:
@@ -7695,6 +7706,16 @@ __metadata:
languageName: node
linkType: hard
+"es6-symbol at npm:^3.1.3":
+ version: 3.1.4
+ resolution: "es6-symbol at npm:3.1.4"
+ dependencies:
+ d: ^1.0.2
+ ext: ^1.7.0
+ checksum: 52125ec4b5d1b6b93b8d3d42830bb19f8da21080ffcf45253b614bc6ff3e31349be202fb745d4d1af6778cdf5e38fea30e0c7e7dc37e2aecd44acc43502055f9
+ languageName: node
+ linkType: hard
+
"escalade at npm:^3.1.1":
version: 3.1.1
resolution: "escalade at npm:3.1.1"
@@ -7981,6 +8002,18 @@ __metadata:
languageName: node
linkType: hard
+"esniff at npm:^2.0.1":
+ version: 2.0.1
+ resolution: "esniff at npm:2.0.1"
+ dependencies:
+ d: ^1.0.1
+ es5-ext: ^0.10.62
+ event-emitter: ^0.3.5
+ type: ^2.7.2
+ checksum: d814c0e5c39bce9925b2e65b6d8767af72c9b54f35a65f9f3d6e8c606dce9aebe35a9599d30f15b0807743f88689f445163cfb577a425de4fb8c3c5bc16710cc
+ languageName: node
+ linkType: hard
+
"espree at npm:^6.1.2":
version: 6.2.1
resolution: "espree at npm:6.2.1"
@@ -8048,6 +8081,16 @@ __metadata:
languageName: node
linkType: hard
+"event-emitter at npm:^0.3.5":
+ version: 0.3.5
+ resolution: "event-emitter at npm:0.3.5"
+ dependencies:
+ d: 1
+ es5-ext: ~0.10.14
+ checksum: 27c1399557d9cd7e0aa0b366c37c38a4c17293e3a10258e8b692a847dd5ba9fb90429c3a5a1eeff96f31f6fa03ccbd31d8ad15e00540b22b22f01557be706030
+ languageName: node
+ linkType: hard
+
"eventemitter2 at npm:6.4.7":
version: 6.4.7
resolution: "eventemitter2 at npm:6.4.7"
@@ -8218,6 +8261,15 @@ __metadata:
languageName: node
linkType: hard
+"ext at npm:^1.7.0":
+ version: 1.7.0
+ resolution: "ext at npm:1.7.0"
+ dependencies:
+ type: ^2.7.2
+ checksum: ef481f9ef45434d8c867cfd09d0393b60945b7c8a1798bedc4514cb35aac342ccb8d8ecb66a513e6a2b4ec1e294a338e3124c49b29736f8e7c735721af352c31
+ languageName: node
+ linkType: hard
+
"extend-shallow at npm:^2.0.1":
version: 2.0.1
resolution: "extend-shallow at npm:2.0.1"
@@ -12985,10 +13037,10 @@ __metadata:
languageName: node
linkType: hard
-"next-tick at npm:~1.0.0":
- version: 1.0.0
- resolution: "next-tick at npm:1.0.0"
- checksum: 83fcb3d4f8d9380210b1c2b8a610463602d80283f0c0c8571c1688e1ad6cbf3a16b345f5bb7212617d4898bedcfa10dff327dc09ec20a112a5bf43a0271375fb
+"next-tick at npm:^1.1.0":
+ version: 1.1.0
+ resolution: "next-tick at npm:1.1.0"
+ checksum: 83b5cf36027a53ee6d8b7f9c0782f2ba87f4858d977342bfc3c20c21629290a2111f8374d13a81221179603ffc4364f38374b5655d17b6a8f8a8c77bdea4fe8b
languageName: node
linkType: hard
@@ -18817,6 +18869,13 @@ __metadata:
languageName: node
linkType: hard
+"type at npm:^2.7.2":
+ version: 2.7.2
+ resolution: "type at npm:2.7.2"
+ checksum: 0f42379a8adb67fe529add238a3e3d16699d95b42d01adfe7b9a7c5da297f5c1ba93de39265ba30ffeb37dfd0afb3fb66ae09f58d6515da442219c086219f6f4
+ languageName: node
+ linkType: hard
+
"typedarray at npm:^0.0.6":
version: 0.0.6
resolution: "typedarray at npm:0.0.6"
commit b5da8e816bfb9790fc37965311a9dcb0f169ea79
Author: Lucas Di Pentima <lucas.dipentima at curii.com>
Date: Tue Apr 9 12:17:17 2024 -0300
21654: Upgrades ip packages to address CVE-2023-42282.
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima at curii.com>
diff --git a/services/workbench2/yarn.lock b/services/workbench2/yarn.lock
index 7f09d5ef59..a004acd79a 100644
--- a/services/workbench2/yarn.lock
+++ b/services/workbench2/yarn.lock
@@ -10078,16 +10078,16 @@ __metadata:
linkType: hard
"ip at npm:^1.1.0, ip at npm:^1.1.5":
- version: 1.1.5
- resolution: "ip at npm:1.1.5"
- checksum: 30133981f082a060a32644f6a7746e9ba7ac9e2bc07ecc8bbdda3ee8ca9bec1190724c390e45a1ee7695e7edfd2a8f7dda2c104ec5f7ac5068c00648504c7e5a
+ version: 1.1.9
+ resolution: "ip at npm:1.1.9"
+ checksum: b6d91fd45a856e3bd6d4f601ea0619d90f3517638f6918ebd079f959a8a6308568d8db5ef4fdf037e0d9cfdcf264f46833dfeea81ca31309cf0a7eb4b1307b84
languageName: node
linkType: hard
"ip at npm:^2.0.0":
- version: 2.0.0
- resolution: "ip at npm:2.0.0"
- checksum: cfcfac6b873b701996d71ec82a7dd27ba92450afdb421e356f44044ed688df04567344c36cbacea7d01b1c39a4c732dc012570ebe9bebfb06f27314bca625349
+ version: 2.0.1
+ resolution: "ip at npm:2.0.1"
+ checksum: d765c9fd212b8a99023a4cde6a558a054c298d640fec1020567494d257afd78ca77e37126b1a3ef0e053646ced79a816bf50621d38d5e768cdde0431fa3b0d35
languageName: node
linkType: hard
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list