From b5bc5e5e492cd398f0ca4385a79f2e32f3e1744d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 22 Aug 2024 23:35:17 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-7573289 --- package-lock.json | 112 +++++++++++++++++++++++++++++++++++++--------- package.json | 2 +- 2 files changed, 93 insertions(+), 21 deletions(-) diff --git a/package-lock.json b/package-lock.json index acdcd501..19dec8e2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -40,7 +40,7 @@ "libmime": "5.3.5", "libqp": "2.1.0", "logic-query-parser": "0.0.5", - "mailauth": "4.6.6", + "mailauth": "^4.6.9", "mailsplit": "5.4.0", "mobileconfig": "2.4.0", "mongo-cursor-pagination": "8.1.3", @@ -4369,9 +4369,9 @@ "dev": true }, "node_modules/fast-xml-parser": { - "version": "4.3.6", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.3.6.tgz", - "integrity": "sha512-M2SovcRxD4+vC493Uc2GZVcZaj66CCJhWurC4viynVSTvrpErCShNcDz1lAho6n9REQKvL/ll4A4/fw6Y9z8nw==", + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.4.1.tgz", + "integrity": "sha512-xkjOecfnKGkSsOwtZ5Pz7Us/T6mrbPQrq0nh+aCO5V9nk5NLWmasAHumTKjiPJPWANe+kAZ84Jc8ooJkzZ88Sw==", "funding": [ { "type": "github", @@ -4382,6 +4382,7 @@ "url": "https://paypal.me/naturalintelligence" } ], + "license": "MIT", "dependencies": { "strnum": "^1.0.5" }, @@ -6554,20 +6555,20 @@ } }, "node_modules/mailauth": { - "version": "4.6.6", - "resolved": "https://registry.npmjs.org/mailauth/-/mailauth-4.6.6.tgz", - "integrity": "sha512-0aa3evPhiFX4rcni2rPhkISwfupXA0l/FRLYvkwfZQJUPckjLXj69JMu9uI9zq2RlccjZmVYagHeuSYGkKtnaQ==", + "version": "4.6.9", + "resolved": "https://registry.npmjs.org/mailauth/-/mailauth-4.6.9.tgz", + "integrity": "sha512-alfs5FT96eW+vc9XgveQDlK+BAiz6hzWe1EvTjwX4GFuim5JwDfJA077s4QgAWNX/tyrPr8b2hIEQ7wSmk4YUQ==", + "license": "MIT", "dependencies": { "@postalsys/vmc": "1.0.8", - "fast-xml-parser": "4.3.6", + "fast-xml-parser": "4.4.1", "ipaddr.js": "2.2.0", - "joi": "17.13.1", + "joi": "17.13.3", "libmime": "5.3.5", - "nodemailer": "6.9.13", - "psl": "1.9.0", - "punycode": "2.3.1", + "nodemailer": "6.9.14", + "punycode.js": "2.3.1", + "tldts": "6.1.40", "undici": "5.28.4", - "uuid": "9.0.1", "yargs": "17.7.2" }, "bin": { @@ -6577,6 +6578,28 @@ "node": ">=16.0.0" } }, + "node_modules/mailauth/node_modules/joi": { + "version": "17.13.3", + "resolved": "https://registry.npmjs.org/joi/-/joi-17.13.3.tgz", + "integrity": "sha512-otDA4ldcIx+ZXsKHWmp0YizCweVRZG96J10b0FevjfuncLO1oX59THoAmHkNubYJ+9gWsYsp5k8v4ib6oDv1fA==", + "license": "BSD-3-Clause", + "dependencies": { + "@hapi/hoek": "^9.3.0", + "@hapi/topo": "^5.1.0", + "@sideway/address": "^4.1.5", + "@sideway/formula": "^3.0.1", + "@sideway/pinpoint": "^2.0.0" + } + }, + "node_modules/mailauth/node_modules/nodemailer": { + "version": "6.9.14", + "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.9.14.tgz", + "integrity": "sha512-Dobp/ebDKBvz91sbtRKhcznLThrKxKt97GI2FAlAyy+fk19j73Uz3sBXolVtmcXjaorivqsbbbjDY+Jkt4/bQA==", + "license": "MIT-0", + "engines": { + "node": ">=6.0.0" + } + }, "node_modules/mailparser": { "version": "3.7.1", "resolved": "https://registry.npmjs.org/mailparser/-/mailparser-3.7.1.tgz", @@ -7278,6 +7301,53 @@ "mailauth": "4.6.6" } }, + "node_modules/mx-connect/node_modules/fast-xml-parser": { + "version": "4.3.6", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.3.6.tgz", + "integrity": "sha512-M2SovcRxD4+vC493Uc2GZVcZaj66CCJhWurC4viynVSTvrpErCShNcDz1lAho6n9REQKvL/ll4A4/fw6Y9z8nw==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/NaturalIntelligence" + }, + { + "type": "paypal", + "url": "https://paypal.me/naturalintelligence" + } + ], + "license": "MIT", + "dependencies": { + "strnum": "^1.0.5" + }, + "bin": { + "fxparser": "src/cli/cli.js" + } + }, + "node_modules/mx-connect/node_modules/mailauth": { + "version": "4.6.6", + "resolved": "https://registry.npmjs.org/mailauth/-/mailauth-4.6.6.tgz", + "integrity": "sha512-0aa3evPhiFX4rcni2rPhkISwfupXA0l/FRLYvkwfZQJUPckjLXj69JMu9uI9zq2RlccjZmVYagHeuSYGkKtnaQ==", + "license": "MIT", + "dependencies": { + "@postalsys/vmc": "1.0.8", + "fast-xml-parser": "4.3.6", + "ipaddr.js": "2.2.0", + "joi": "17.13.1", + "libmime": "5.3.5", + "nodemailer": "6.9.13", + "psl": "1.9.0", + "punycode": "2.3.1", + "undici": "5.28.4", + "uuid": "9.0.1", + "yargs": "17.7.2" + }, + "bin": { + "mailauth": "bin/mailauth.js" + }, + "engines": { + "node": ">=16.0.0" + } + }, "node_modules/nan": { "version": "2.19.0", "resolved": "https://registry.npmjs.org/nan/-/nan-2.19.0.tgz", @@ -9511,20 +9581,22 @@ } }, "node_modules/tldts": { - "version": "6.1.20", - "resolved": "https://registry.npmjs.org/tldts/-/tldts-6.1.20.tgz", - "integrity": "sha512-ryfUREMx1yw2AsSMwzflHqe14DaoAoekQLjxV7gk6Uh97ng2MZdDwoxV+jTX3MpNfpwXbJuW7hriCa6/21DFNA==", + "version": "6.1.40", + "resolved": "https://registry.npmjs.org/tldts/-/tldts-6.1.40.tgz", + "integrity": "sha512-SAvDKQxzqoi2gaC14XdC1egLtBqcCnYTe/hKM07FMXSTKw4Tti3fRDcZopWJGAhXK0H6LfuM0QWwZhECUvLKTg==", + "license": "MIT", "dependencies": { - "tldts-core": "^6.1.20" + "tldts-core": "^6.1.40" }, "bin": { "tldts": "bin/cli.js" } }, "node_modules/tldts-core": { - "version": "6.1.20", - "resolved": "https://registry.npmjs.org/tldts-core/-/tldts-core-6.1.20.tgz", - "integrity": "sha512-VTEzsx7kVbLDgWaACW0atZ7Q0KzbJveYvR6IxvirIhV4Z4GGGqLVCCj9PvF0KW3h0PbJcw0JJnpr0YueHg0ueA==" + "version": "6.1.41", + "resolved": "https://registry.npmjs.org/tldts-core/-/tldts-core-6.1.41.tgz", + "integrity": "sha512-SkwZgo1ZzMp2ziMBwci5VBnLR9VywCi02jSgMX5TO5kf9fdaBsxZkblLff3NlJNTcH0vfvEsgw2B7jVR556Vgw==", + "license": "MIT" }, "node_modules/to-readable-stream": { "version": "1.0.0", diff --git a/package.json b/package.json index 8be81ffa..f0c05502 100644 --- a/package.json +++ b/package.json @@ -76,7 +76,7 @@ "libmime": "5.3.5", "libqp": "2.1.0", "logic-query-parser": "0.0.5", - "mailauth": "4.6.6", + "mailauth": "4.6.9", "mailsplit": "5.4.0", "mobileconfig": "2.4.0", "mongo-cursor-pagination": "8.1.3",