roost.tools / coop
Mirror of https://github.com/roostorg/coop github.com/roostorg/coop
2
fork

Configure Feed

Select the types of activity you want to include in your feed.

[Vulnerabilities] Upgrade UUID, postcss, and xml parser for vulnerability (#322)

authored by

Juan Mrad and committed by
GitHub 13f857b3 416d3881

+66 -71
+7 -5
client/package-lock.json
··· 102 102 "eslint-plugin-custom-rules": "file:./eslint", 103 103 "eslint-plugin-react": "^7.30.1", 104 104 "eslint-plugin-react-hooks": "^7.0.1", 105 - "postcss": "^8.4.14", 105 + "postcss": "^8.5.10", 106 106 "prop-types": "^15.8.1", 107 107 "source-map-explorer": "^2.5.3", 108 108 "storybook": "^9.1.20", 109 109 "tailwindcss": "^3.4.19", 110 110 "typescript": "^5.3.2", 111 - "vite": "^7.3.1", 111 + "vite": "^7.3.2", 112 112 "vite-plugin-commonjs": "^0.10.4", 113 113 "vite-plugin-svgr": "^4.5.0", 114 114 "vite-tsconfig-paths": "^6.1.1", ··· 116 116 } 117 117 }, 118 118 "eslint": { 119 + "name": "eslint-plugin-custom-rules", 120 + "version": "0.0.0", 119 121 "dev": true 120 122 }, 121 123 "node_modules/@adobe/css-tools": { ··· 10183 10185 } 10184 10186 }, 10185 10187 "node_modules/postcss": { 10186 - "version": "8.5.6", 10187 - "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.6.tgz", 10188 - "integrity": "sha512-3Ybi1tAuwAP9s0r1UQ2J4n5Y0G05bJkpUIO0/bI9MhwmD70S5aTWbXGBwxHrelT+XM1k6dM0pk+SwNkpTRN7Pg==", 10188 + "version": "8.5.12", 10189 + "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.12.tgz", 10190 + "integrity": "sha512-W62t/Se6rA0Az3DfCL0AqJwXuKwBeYg6nOaIgzP+xZ7N5BFCI7DYi1qs6ygUYT6rvfi6t9k65UMLJC+PHZpDAA==", 10189 10191 "funding": [ 10190 10192 { 10191 10193 "type": "opencollective",
+1 -1
client/package.json
··· 109 109 "eslint-plugin-custom-rules": "file:./eslint", 110 110 "eslint-plugin-react": "^7.30.1", 111 111 "eslint-plugin-react-hooks": "^7.0.1", 112 - "postcss": "^8.4.14", 112 + "postcss": "^8.5.10", 113 113 "prop-types": "^15.8.1", 114 114 "source-map-explorer": "^2.5.3", 115 115 "storybook": "^9.1.20",
+22 -16
migrator/package-lock.json
··· 1 1 { 2 2 "name": "@roostorg/db-migrator", 3 - "version": "1.1.0", 3 + "version": "1.1.1", 4 4 "lockfileVersion": 2, 5 5 "requires": true, 6 6 "packages": { 7 7 "": { 8 8 "name": "@roostorg/db-migrator", 9 - "version": "1.1.0", 9 + "version": "1.1.1", 10 10 "license": "ISC", 11 11 "dependencies": { 12 12 "@total-typescript/ts-reset": "^0.6.1", ··· 149 149 "integrity": "sha512-d/MUkJYdOeKycmm75Arql4M5+UuXmf4cHdHKsyw1GcvnNgL6s77UkgSgJ8TE/rI5PYsnwYq5jkcWBLuN/MpQ1A==" 150 150 }, 151 151 "node_modules/@types/yargs": { 152 - "version": "17.0.24", 153 - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", 154 - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", 152 + "version": "17.0.35", 153 + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.35.tgz", 154 + "integrity": "sha512-qUHkeCyQFxMXg79wQfTtfndEC+N9ZZg76HJftDJp+qH2tV7Gj4OJi7l+PiWwJ+pWtW8GwSmqsDj/oymhrTWXjg==", 155 + "license": "MIT", 155 156 "dependencies": { 156 157 "@types/yargs-parser": "*" 157 158 } ··· 1002 1003 } 1003 1004 }, 1004 1005 "node_modules/uuid": { 1005 - "version": "8.3.2", 1006 - "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", 1007 - "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", 1006 + "version": "14.0.0", 1007 + "resolved": "https://registry.npmjs.org/uuid/-/uuid-14.0.0.tgz", 1008 + "integrity": "sha512-Qo+uWgilfSmAhXCMav1uYFynlQO7fMFiMVZsQqZRMIXp0O7rR7qjkj+cPvBHLgBqi960QCoo/PH2/6ZtVqKvrg==", 1009 + "funding": [ 1010 + "https://github.com/sponsors/broofa", 1011 + "https://github.com/sponsors/ctavan" 1012 + ], 1013 + "license": "MIT", 1008 1014 "bin": { 1009 - "uuid": "dist/bin/uuid" 1015 + "uuid": "dist-node/bin/uuid" 1010 1016 } 1011 1017 }, 1012 1018 "node_modules/validator": { ··· 1176 1182 "integrity": "sha512-d/MUkJYdOeKycmm75Arql4M5+UuXmf4cHdHKsyw1GcvnNgL6s77UkgSgJ8TE/rI5PYsnwYq5jkcWBLuN/MpQ1A==" 1177 1183 }, 1178 1184 "@types/yargs": { 1179 - "version": "17.0.24", 1180 - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", 1181 - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", 1185 + "version": "17.0.35", 1186 + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.35.tgz", 1187 + "integrity": "sha512-qUHkeCyQFxMXg79wQfTtfndEC+N9ZZg76HJftDJp+qH2tV7Gj4OJi7l+PiWwJ+pWtW8GwSmqsDj/oymhrTWXjg==", 1182 1188 "requires": { 1183 1189 "@types/yargs-parser": "*" 1184 1190 } ··· 1591 1597 "semver": "^7.5.4", 1592 1598 "sequelize-pool": "^7.1.0", 1593 1599 "toposort-class": "^1.0.1", 1594 - "uuid": "^8.3.2", 1600 + "uuid": "^14.0.0", 1595 1601 "validator": "^13.9.0", 1596 1602 "wkx": "^0.5.0" 1597 1603 } ··· 1689 1695 "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==" 1690 1696 }, 1691 1697 "uuid": { 1692 - "version": "8.3.2", 1693 - "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", 1694 - "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==" 1698 + "version": "14.0.0", 1699 + "resolved": "https://registry.npmjs.org/uuid/-/uuid-14.0.0.tgz", 1700 + "integrity": "sha512-Qo+uWgilfSmAhXCMav1uYFynlQO7fMFiMVZsQqZRMIXp0O7rR7qjkj+cPvBHLgBqi960QCoo/PH2/6ZtVqKvrg==" 1695 1701 }, 1696 1702 "validator": { 1697 1703 "version": "13.15.26",
+3 -2
migrator/package.json
··· 1 1 { 2 2 "name": "@roostorg/db-migrator", 3 - "version": "1.1.0", 3 + "version": "1.1.1", 4 4 "description": "CLI tool for managing database migrations and seeding. Designed for modern scalable systems.", 5 5 "type": "module", 6 6 "scripts": { ··· 35 35 "typescript": "^6.0.3" 36 36 }, 37 37 "overrides": { 38 - "ajv": "~8.18.0" 38 + "ajv": "~8.18.0", 39 + "uuid": "^14.0.0" 39 40 }, 40 41 "publishConfig": { 41 42 "access": "public"
+29 -44
server/package-lock.json
··· 92 92 "uid": "^2.0.1", 93 93 "undici": "^7.24.0", 94 94 "unhomoglyph": "^1.0.6", 95 - "uuid": "^8.3.2", 95 + "uuid": "^14.0.0", 96 96 "uuid-apikey": "^1.5.3", 97 97 "validator": "^13.15.35", 98 98 "xml-js": "^1.6.11", ··· 111 111 "@types/js-yaml": "^4.0.5", 112 112 "@types/stream-json": "^1.7.7", 113 113 "@types/supertest": "^2.0.11", 114 - "@types/uuid": "^8.3.4", 115 114 "@typescript-eslint/eslint-plugin": "^8.57.2", 116 115 "@typescript-eslint/parser": "^8.57.2", 117 116 "copyfiles": "^2.4.1", ··· 413 412 "license": "BlueOak-1.0.0", 414 413 "engines": { 415 414 "node": "20 || >=22" 416 - } 417 - }, 418 - "node_modules/@apollo/server/node_modules/uuid": { 419 - "version": "11.1.0", 420 - "resolved": "https://registry.npmjs.org/uuid/-/uuid-11.1.0.tgz", 421 - "integrity": "sha512-0/A9rDy9P7cJ+8w1c9WD9V//9Wj15Ce2MPz8Ri6032usz+NfePxx5AcN3bN+r6ZL6jEo066/yNYB3tn4pQEx+A==", 422 - "funding": [ 423 - "https://github.com/sponsors/broofa", 424 - "https://github.com/sponsors/ctavan" 425 - ], 426 - "license": "MIT", 427 - "bin": { 428 - "uuid": "dist/esm/bin/uuid" 429 415 } 430 416 }, 431 417 "node_modules/@apollo/server/node_modules/whatwg-mimetype": { ··· 3325 3311 "funding": { 3326 3312 "url": "https://paulmillr.com/funding/" 3327 3313 } 3314 + }, 3315 + "node_modules/@nodable/entities": { 3316 + "version": "2.1.0", 3317 + "resolved": "https://registry.npmjs.org/@nodable/entities/-/entities-2.1.0.tgz", 3318 + "integrity": "sha512-nyT7T3nbMyBI/lvr6L5TyWbFJAI9FTgVRakNoBqCD+PmID8DzFrrNdLLtHMwMszOtqZa8PAOV24ZqDnQrhQINA==", 3319 + "funding": [ 3320 + { 3321 + "type": "github", 3322 + "url": "https://github.com/sponsors/nodable" 3323 + } 3324 + ], 3325 + "license": "MIT" 3328 3326 }, 3329 3327 "node_modules/@node-saml/node-saml": { 3330 3328 "version": "5.1.0", ··· 11022 11020 "@types/superagent": "*" 11023 11021 } 11024 11022 }, 11025 - "node_modules/@types/uuid": { 11026 - "version": "8.3.4", 11027 - "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", 11028 - "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", 11029 - "dev": true 11030 - }, 11031 11023 "node_modules/@types/validator": { 11032 11024 "version": "13.9.0", 11033 11025 "resolved": "https://registry.npmjs.org/@types/validator/-/validator-13.9.0.tgz", ··· 12702 12694 "uuid": "11.1.0" 12703 12695 } 12704 12696 }, 12705 - "node_modules/bullmq/node_modules/uuid": { 12706 - "version": "11.1.0", 12707 - "resolved": "https://registry.npmjs.org/uuid/-/uuid-11.1.0.tgz", 12708 - "integrity": "sha512-0/A9rDy9P7cJ+8w1c9WD9V//9Wj15Ce2MPz8Ri6032usz+NfePxx5AcN3bN+r6ZL6jEo066/yNYB3tn4pQEx+A==", 12709 - "funding": [ 12710 - "https://github.com/sponsors/broofa", 12711 - "https://github.com/sponsors/ctavan" 12712 - ], 12713 - "license": "MIT", 12714 - "bin": { 12715 - "uuid": "dist/esm/bin/uuid" 12716 - } 12717 - }, 12718 12697 "node_modules/bytes": { 12719 12698 "version": "3.1.2", 12720 12699 "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz", ··· 14739 14718 } 14740 14719 }, 14741 14720 "node_modules/fast-xml-parser": { 14742 - "version": "5.5.8", 14743 - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.5.8.tgz", 14744 - "integrity": "sha512-Z7Fh2nVQSb2d+poDViM063ix2ZGt9jmY1nWhPfHBOK2Hgnb/OW3P4Et3P/81SEej0J7QbWtJqxO05h8QYfK7LQ==", 14721 + "version": "5.7.2", 14722 + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.7.2.tgz", 14723 + "integrity": "sha512-P7oW7tLbYnhOLQk/Gv7cZgzgMPP/XN03K02/Jy6Y/NHzyIAIpxuZIM/YqAkfiXFPxA2CTm7NtCijK9EDu09u2w==", 14745 14724 "funding": [ 14746 14725 { 14747 14726 "type": "github", ··· 14750 14729 ], 14751 14730 "license": "MIT", 14752 14731 "dependencies": { 14753 - "fast-xml-builder": "^1.1.4", 14754 - "path-expression-matcher": "^1.2.0", 14755 - "strnum": "^2.2.0" 14732 + "@nodable/entities": "^2.1.0", 14733 + "fast-xml-builder": "^1.1.5", 14734 + "path-expression-matcher": "^1.5.0", 14735 + "strnum": "^2.2.3" 14756 14736 }, 14757 14737 "bin": { 14758 14738 "fxparser": "src/cli/cli.js" ··· 21542 21522 } 21543 21523 }, 21544 21524 "node_modules/uuid": { 21545 - "version": "8.3.2", 21546 - "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", 21547 - "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", 21525 + "version": "14.0.0", 21526 + "resolved": "https://registry.npmjs.org/uuid/-/uuid-14.0.0.tgz", 21527 + "integrity": "sha512-Qo+uWgilfSmAhXCMav1uYFynlQO7fMFiMVZsQqZRMIXp0O7rR7qjkj+cPvBHLgBqi960QCoo/PH2/6ZtVqKvrg==", 21528 + "funding": [ 21529 + "https://github.com/sponsors/broofa", 21530 + "https://github.com/sponsors/ctavan" 21531 + ], 21532 + "license": "MIT", 21548 21533 "bin": { 21549 - "uuid": "dist/bin/uuid" 21534 + "uuid": "dist-node/bin/uuid" 21550 21535 } 21551 21536 }, 21552 21537 "node_modules/uuid-apikey": {
+4 -3
server/package.json
··· 106 106 "uid": "^2.0.1", 107 107 "undici": "^7.24.0", 108 108 "unhomoglyph": "^1.0.6", 109 - "uuid": "^8.3.2", 109 + "uuid": "^14.0.0", 110 110 "uuid-apikey": "^1.5.3", 111 111 "validator": "^13.15.35", 112 112 "xml-js": "^1.6.11", ··· 125 125 "@types/js-yaml": "^4.0.5", 126 126 "@types/stream-json": "^1.7.7", 127 127 "@types/supertest": "^2.0.11", 128 - "@types/uuid": "^8.3.4", 129 128 "@typescript-eslint/eslint-plugin": "^8.57.2", 130 129 "@typescript-eslint/parser": "^8.57.2", 131 130 "copyfiles": "^2.4.1", ··· 164 163 "@types/express": "$@types/express", 165 164 "@googlemaps/google-maps-services-js@^3.3.16": { 166 165 "retry-axios": "npm:@ethanresnick/retry-axios@2.6.1" 167 - } 166 + }, 167 + "uuid": "^14.0.0", 168 + "fast-xml-parser": "^5.7.0" 168 169 } 169 170 }