From c19edffb8cf846010b1db58c8d81cc132535131e Mon Sep 17 00:00:00 2001 From: Nicolas Coden Date: Fri, 23 Feb 2018 23:47:47 +0100 Subject: [PATCH] chore: update dependencies with CVE See: * https://github.com/zurb/supercollider/pull/16 * https://github.com/zurb/panini/pull/158 * https://github.com/zurb/foundation-docs/pull/27 Update packages: * `handlebars`: `2.0.0`-> `4.0.1` (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8861) * `uglify-js`: `2.3.6` -> `2.8.29` (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8857, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8858) * `marked`: `0.3.6` -> `0.3.14` (https://nvd.nist.gov/vuln/detail/CVE-2017-1000427) --- package-lock.json | 293 ++++++++++++++++------------------------------ package.json | 6 +- 2 files changed, 106 insertions(+), 193 deletions(-) diff --git a/package-lock.json b/package-lock.json index 59a6d78b6..48be4263b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1026,9 +1026,9 @@ } }, "bluebird": { - "version": "3.5.0", - "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.5.0.tgz", - "integrity": "sha1-eRQg1/VR7qKJdFOop3ZT+WYG1nw=", + "version": "3.4.7", + "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.4.7.tgz", + "integrity": "sha1-9y12C+Cbf3bQjtj66Ysomo0F+rM=", "dev": true }, "bn.js": { @@ -1406,7 +1406,7 @@ "requires": { "array-back": "1.0.4", "core-js": "2.5.1", - "feature-detect-es6": "1.3.1", + "feature-detect-es6": "1.4.0", "fs-then-native": "1.0.2", "mkdirp": "0.5.1" } @@ -2815,7 +2815,7 @@ "integrity": "sha512-WkjsUNVCu+ITKDj73QDvi0trvpdDWdkDyHybDGSXPfekLCqwmpD7CP7iPbvBgosNuLcI96XTDwNa75JyFl7tEQ==", "dev": true, "requires": { - "bluebird": "3.5.0", + "bluebird": "3.4.7", "commander": "2.11.0", "lru-cache": "3.2.0", "semver": "5.4.1", @@ -3589,9 +3589,9 @@ } }, "feature-detect-es6": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/feature-detect-es6/-/feature-detect-es6-1.3.1.tgz", - "integrity": "sha1-+IhzavnLDJH1VmO/pHYuuW7nBH8=", + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/feature-detect-es6/-/feature-detect-es6-1.4.0.tgz", + "integrity": "sha512-7OnRV38WLydGuGcdm/fGk2SG9uo5ljslBSbPhCfEW5Gl0lX/IliaAVXYiYUBcI0UHTbepqO4T1SkJ74K8gtcDg==", "dev": true, "requires": { "array-back": "1.0.4" @@ -3833,11 +3833,11 @@ "dev": true }, "foundation-docs": { - "version": "git+https://github.com/zurb/foundation-docs.git#856ca900f5fae6557a74530d1eeaf7b244736d28", + "version": "github:zurb/foundation-docs#5bcace3dfdb3e9288744ed0537a9ae0b0a98cce7", "dev": true, "requires": { "cheerio": "0.20.0", - "handlebars": "3.0.3", + "handlebars": "4.0.11", "highlight.js": "9.12.0", "inky": "1.3.7", "js-beautify": "1.7.3", @@ -3901,7 +3901,7 @@ "integrity": "sha1-rI04B8nxu9Enlgf7Io4Ktkm7Qf4=", "dev": true, "requires": { - "feature-detect-es6": "1.3.1" + "feature-detect-es6": "1.4.0" } }, "fs.realpath": { @@ -6510,24 +6510,85 @@ } }, "handlebars": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-3.0.3.tgz", - "integrity": "sha1-DgllGi8Ps8lJFgWDcQ1VH5Lm0q0=", + "version": "4.0.11", + "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.0.11.tgz", + "integrity": "sha1-Ywo13+ApS8KB7a5v/F0yn8eYLcw=", "dev": true, "requires": { + "async": "1.5.2", "optimist": "0.6.1", - "source-map": "0.1.43", - "uglify-js": "2.3.6" + "source-map": "0.4.4", + "uglify-js": "2.8.29" }, "dependencies": { + "cliui": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/cliui/-/cliui-2.1.0.tgz", + "integrity": "sha1-S0dXYP+AJkx2LDoXGQMukcf+oNE=", + "dev": true, + "optional": true, + "requires": { + "center-align": "0.1.3", + "right-align": "0.1.3", + "wordwrap": "0.0.2" + } + }, "source-map": { - "version": "0.1.43", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.1.43.tgz", - "integrity": "sha1-wkvBRspRfBRx9drL4lcbK3+eM0Y=", + "version": "0.4.4", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.4.4.tgz", + "integrity": "sha1-66T12pwNyZneaAMti092FzZSA2s=", "dev": true, "requires": { "amdefine": "1.0.1" } + }, + "uglify-js": { + "version": "2.8.29", + "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-2.8.29.tgz", + "integrity": "sha1-KcVzMUgFe7Th913zW3qcty5qWd0=", + "dev": true, + "optional": true, + "requires": { + "source-map": "0.5.7", + "uglify-to-browserify": "1.0.2", + "yargs": "3.10.0" + }, + "dependencies": { + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true, + "optional": true + } + } + }, + "window-size": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/window-size/-/window-size-0.1.0.tgz", + "integrity": "sha1-VDjNLqk7IC76Ohn+iIeu58lPnJ0=", + "dev": true, + "optional": true + }, + "wordwrap": { + "version": "0.0.2", + "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.2.tgz", + "integrity": "sha1-t5Zpu0LstAn4PVg8rVLKF+qhZD8=", + "dev": true, + "optional": true + }, + "yargs": { + "version": "3.10.0", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-3.10.0.tgz", + "integrity": "sha1-9+572FfdfB0tOMDnTvvWgdFDH9E=", + "dev": true, + "optional": true, + "requires": { + "camelcase": "1.2.1", + "cliui": "2.1.0", + "decamelize": "1.2.0", + "window-size": "0.1.0" + } } } }, @@ -7423,12 +7484,6 @@ "integrity": "sha1-ReN/s56No/JbruP/U2niu18iAXo=", "dev": true }, - "bluebird": { - "version": "3.4.7", - "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.4.7.tgz", - "integrity": "sha1-9y12C+Cbf3bQjtj66Ysomo0F+rM=", - "dev": true - }, "espree": { "version": "3.1.7", "resolved": "https://registry.npmjs.org/espree/-/espree-3.1.7.tgz", @@ -7457,7 +7512,7 @@ "cache-point": "0.3.4", "collect-all": "1.0.3", "core-js": "2.5.1", - "feature-detect-es6": "1.3.1", + "feature-detect-es6": "1.4.0", "file-set": "1.1.1", "jsdoc-75lb": "3.6.0", "object-to-spawn-args": "1.1.1", @@ -7482,6 +7537,12 @@ "integrity": "sha512-Vg0C9s/REX6/WIXN37UKpv5ZhRi6A4pjHlpkE34+8/a6c2W1Q692n3hmc+SZG5lKRnaExLUbxtJ1SVT+KaCQ/A==", "dev": true }, + "bluebird": { + "version": "3.5.1", + "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.5.1.tgz", + "integrity": "sha512-MKiLiV+I1AA596t9w1sQJ8jkiSr5+ZKi0WKrYGUn6d1Fx+Ij4tIj+m2WMQSGczs5jZVxV339chE8iwk6F64wjA==", + "dev": true + }, "js2xmlparser": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/js2xmlparser/-/js2xmlparser-3.0.0.tgz", @@ -7498,7 +7559,7 @@ "dev": true, "requires": { "babylon": "7.0.0-beta.19", - "bluebird": "3.5.0", + "bluebird": "3.5.1", "catharsis": "0.8.9", "escape-string-regexp": "1.0.5", "js2xmlparser": "3.0.0", @@ -9529,18 +9590,18 @@ "dev": true }, "panini": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/panini/-/panini-1.5.1.tgz", - "integrity": "sha1-q63gQQcftxxrP9eF99Jgvhd8fTA=", + "version": "1.6.2", + "resolved": "https://registry.npmjs.org/panini/-/panini-1.6.2.tgz", + "integrity": "sha512-FUcvo3ylOE4K0orUVAKbXQZSd5GLOCgNJd0RODBTDhOFt+W0/ijH98nfhdpwYLTU6AfTvTSTXni6m35M9lKGWw==", "dev": true, "requires": { "deepmerge": "1.5.2", "front-matter": "2.1.2", "glob": "7.1.2", - "handlebars": "4.0.10", + "handlebars": "4.0.11", "highlight.js": "8.9.1", "js-yaml": "3.10.0", - "marked": "0.3.6", + "marked": "0.3.16", "nopt": "4.0.1", "slash": "1.0.0", "strip-bom": "2.0.0", @@ -9548,18 +9609,6 @@ "vinyl-fs": "2.4.4" }, "dependencies": { - "cliui": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-2.1.0.tgz", - "integrity": "sha1-S0dXYP+AJkx2LDoXGQMukcf+oNE=", - "dev": true, - "optional": true, - "requires": { - "center-align": "0.1.3", - "right-align": "0.1.3", - "wordwrap": "0.0.2" - } - }, "glob": { "version": "7.1.2", "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz", @@ -9574,24 +9623,18 @@ "path-is-absolute": "1.0.1" } }, - "handlebars": { - "version": "4.0.10", - "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.0.10.tgz", - "integrity": "sha1-PTDHGLCaPZbyPqTMH0A8TTup/08=", - "dev": true, - "requires": { - "async": "1.5.2", - "optimist": "0.6.1", - "source-map": "0.4.4", - "uglify-js": "2.8.29" - } - }, "highlight.js": { "version": "8.9.1", "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-8.9.1.tgz", "integrity": "sha1-uKnFSTISqTkvAiK2SclhFJfr+4g=", "dev": true }, + "marked": { + "version": "0.3.16", + "resolved": "https://registry.npmjs.org/marked/-/marked-0.3.16.tgz", + "integrity": "sha512-diLiAxHidES67uJ1P5unXBUB4CyOFwodKrctuK0U4Ogw865N9Aw4dLmY0BK0tGKOy3xvkdMGgUXPD6W9z1Ne0Q==", + "dev": true + }, "nopt": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/nopt/-/nopt-4.0.1.tgz", @@ -9602,15 +9645,6 @@ "osenv": "0.1.4" } }, - "source-map": { - "version": "0.4.4", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.4.4.tgz", - "integrity": "sha1-66T12pwNyZneaAMti092FzZSA2s=", - "dev": true, - "requires": { - "amdefine": "1.0.1" - } - }, "through2": { "version": "2.0.3", "resolved": "https://registry.npmjs.org/through2/-/through2-2.0.3.tgz", @@ -9620,54 +9654,6 @@ "readable-stream": "2.3.3", "xtend": "4.0.1" } - }, - "uglify-js": { - "version": "2.8.29", - "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-2.8.29.tgz", - "integrity": "sha1-KcVzMUgFe7Th913zW3qcty5qWd0=", - "dev": true, - "optional": true, - "requires": { - "source-map": "0.5.7", - "uglify-to-browserify": "1.0.2", - "yargs": "3.10.0" - }, - "dependencies": { - "source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", - "dev": true, - "optional": true - } - } - }, - "window-size": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/window-size/-/window-size-0.1.0.tgz", - "integrity": "sha1-VDjNLqk7IC76Ohn+iIeu58lPnJ0=", - "dev": true, - "optional": true - }, - "wordwrap": { - "version": "0.0.2", - "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.2.tgz", - "integrity": "sha1-t5Zpu0LstAn4PVg8rVLKF+qhZD8=", - "dev": true, - "optional": true - }, - "yargs": { - "version": "3.10.0", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-3.10.0.tgz", - "integrity": "sha1-9+572FfdfB0tOMDnTvvWgdFDH9E=", - "dev": true, - "optional": true, - "requires": { - "camelcase": "1.2.1", - "cliui": "2.1.0", - "decamelize": "1.2.0", - "window-size": "0.1.0" - } } } }, @@ -12030,9 +12016,9 @@ "dev": true }, "supercollider": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/supercollider/-/supercollider-1.4.2.tgz", - "integrity": "sha1-0zucTuwCWkmX2rv0+pVYE5fUBiQ=", + "version": "1.4.3", + "resolved": "https://registry.npmjs.org/supercollider/-/supercollider-1.4.3.tgz", + "integrity": "sha512-MO0AizK32avV6T5SUnd6gKbsjFRpY9KW5kPYN5hXE9bpdjfXOxQMs1IIgdML+ortzUZEVH/EsalxCJ4A6m0DVg==", "dev": true, "requires": { "async": "0.9.2", @@ -12044,7 +12030,7 @@ "glob": "4.5.3", "glob-all": "3.1.0", "gulp-util": "3.0.8", - "handlebars": "2.0.0", + "handlebars": "4.0.11", "js-yaml": "3.10.0", "jsdoc-api": "1.2.4", "jsdoc3-parser": "1.1.0", @@ -12177,16 +12163,6 @@ "natives": "1.1.0" } }, - "handlebars": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-2.0.0.tgz", - "integrity": "sha1-bp1/hRSjRn+l6fgswVjs/B1ax28=", - "dev": true, - "requires": { - "optimist": "0.3.7", - "uglify-js": "2.3.6" - } - }, "lodash": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/lodash/-/lodash-1.0.2.tgz", @@ -12223,15 +12199,6 @@ "integrity": "sha1-Q8NuXVaf+OSBbE76i+AtJpZ8GKo=", "dev": true }, - "optimist": { - "version": "0.3.7", - "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.3.7.tgz", - "integrity": "sha1-yQlBrVnkJzMokjB00s8ufLxuwNk=", - "dev": true, - "requires": { - "wordwrap": "0.0.3" - } - }, "ordered-read-streams": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/ordered-read-streams/-/ordered-read-streams-0.1.0.tgz", @@ -12281,12 +12248,6 @@ "through2": "0.6.5", "vinyl": "0.4.6" } - }, - "wordwrap": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.3.tgz", - "integrity": "sha1-o9XabNXAvAAI03I0u68b7WMFkQc=", - "dev": true } } }, @@ -12787,54 +12748,6 @@ "integrity": "sha1-BMgamb3V3FImPqKdJMa/jUgYpLs=", "dev": true }, - "uglify-js": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-2.3.6.tgz", - "integrity": "sha1-+gmEdwtCi3qbKoBY9GNV0U/vIRo=", - "dev": true, - "optional": true, - "requires": { - "async": "0.2.10", - "optimist": "0.3.7", - "source-map": "0.1.43" - }, - "dependencies": { - "async": { - "version": "0.2.10", - "resolved": "https://registry.npmjs.org/async/-/async-0.2.10.tgz", - "integrity": "sha1-trvgsGdLnXGXCMo43owjfLUmw9E=", - "dev": true, - "optional": true - }, - "optimist": { - "version": "0.3.7", - "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.3.7.tgz", - "integrity": "sha1-yQlBrVnkJzMokjB00s8ufLxuwNk=", - "dev": true, - "optional": true, - "requires": { - "wordwrap": "0.0.3" - } - }, - "source-map": { - "version": "0.1.43", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.1.43.tgz", - "integrity": "sha1-wkvBRspRfBRx9drL4lcbK3+eM0Y=", - "dev": true, - "optional": true, - "requires": { - "amdefine": "1.0.1" - } - }, - "wordwrap": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.3.tgz", - "integrity": "sha1-o9XabNXAvAAI03I0u68b7WMFkQc=", - "dev": true, - "optional": true - } - } - }, "uglify-save-license": { "version": "0.4.1", "resolved": "https://registry.npmjs.org/uglify-save-license/-/uglify-save-license-0.4.1.tgz", diff --git a/package.json b/package.json index bdc14ffa0..3d2fb9e33 100644 --- a/package.json +++ b/package.json @@ -50,7 +50,7 @@ "corejs-typeahead": "^1.1.1", "dateformat": "^3.0.0", "doiuse": "^2.6.0", - "foundation-docs": "git+https://github.com/zurb/foundation-docs.git#856ca900f5fae6557a74530d1eeaf7b244736d28", + "foundation-docs": "github:zurb/foundation-docs#5bcace3dfdb3e9288744ed0537a9ae0b0a98cce7", "gaze": "^1.1.2", "gulp": "^3.8.10", "gulp-add-src": "^0.2.0", @@ -86,7 +86,7 @@ "normalize-scss": "6.0.0", "octophant": "^1.0.0", "opener": "^1.4.3", - "panini": "^1.4.0", + "panini": "^1.6.2", "parker": "^1.0.0-alpha.0", "prettyjson": "^1.1.3", "process-nextick-args": "^1.0.7", @@ -96,7 +96,7 @@ "sass-true": "^2.2.2", "sassy-lists": "3.0.0", "sinon": "^1.17.7", - "supercollider": "^1.4.0", + "supercollider": "^1.4.3", "touch": "^1.0.0", "util-deprecate": "^1.0.2", "vinyl": "^2.0.2", -- 2.47.2