RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: package.json & package-lock.json to reduce vulnerabilities 

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HELMETCSP-469436
pull/410/head^2
snyk-bot 2019-09-30 07:50:58 +00:00 committed by Clément Michaud
parent dd0add9618
commit dd6823f227
2 changed files with 89 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

152
package-lock.json generated
View File

@ -1067,6 +1067,11 @@
"type-is": "~1.6.15" "type-is": "~1.6.15"
} }
}, },
"bowser": {
"version": "2.6.1",
"resolved": "https://registry.npmjs.org/bowser/-/bowser-2.6.1.tgz",
"integrity": "sha512-hySGUuLhi0KetfxPZpuJOsjM0kRvCiCgPBygBkzGzJNsq/nbJmaO8QJc6xlWfeFFnMvtd/LeKkhDJGVrmVobUA=="
},
"boxen": { "boxen": {
"version": "1.3.0", "version": "1.3.0",
"resolved": "https://registry.npmjs.org/boxen/-/boxen-1.3.0.tgz", "resolved": "https://registry.npmjs.org/boxen/-/boxen-1.3.0.tgz",
@ -1813,9 +1818,9 @@
"integrity": "sha1-DPaLud318r55YcOoUXjLhdunjLQ=" "integrity": "sha1-DPaLud318r55YcOoUXjLhdunjLQ="
}, },
"content-security-policy-builder": { "content-security-policy-builder": {
"version": "2.0.0", "version": "2.1.0",
"resolved": "https://registry.npmjs.org/content-security-policy-builder/-/content-security-policy-builder-2.0.0.tgz", "resolved": "https://registry.npmjs.org/content-security-policy-builder/-/content-security-policy-builder-2.1.0.tgz",
"integrity": "sha512-j+Nhmj1yfZAikJLImCvPJFE29x/UuBi+/MWqggGGc515JKaZrjuei2RhULJmy0MsstW3E3htl002bwmBNMKr7w==" "integrity": "sha512-/MtLWhJVvJNkA9dVLAp6fg9LxD2gfI6R2Fi1hPmfjYXSahJJzcfvoeDOxSyp4NvxMuwWv3WMssE9o31DoULHrQ=="
}, },
"content-type": { "content-type": {
"version": "1.0.4", "version": "1.0.4",
@ -2101,14 +2106,14 @@
"dev": true "dev": true
}, },
"dns-prefetch-control": { "dns-prefetch-control": {
"version": "0.1.0", "version": "0.2.0",
"resolved": "https://registry.npmjs.org/dns-prefetch-control/-/dns-prefetch-control-0.1.0.tgz", "resolved": "https://registry.npmjs.org/dns-prefetch-control/-/dns-prefetch-control-0.2.0.tgz",
"integrity": "sha1-YN20V3dOF48flBXwyrsOhbCzALI=" "integrity": "sha512-hvSnros73+qyZXhHFjx2CMLwoj3Fe7eR9EJsFsqmcI1bB2OBWL/+0YzaEaKssCHnj/6crawNnUyw74Gm2EKe+Q=="
}, },
"dont-sniff-mimetype": { "dont-sniff-mimetype": {
"version": "1.0.0", "version": "1.1.0",
"resolved": "https://registry.npmjs.org/dont-sniff-mimetype/-/dont-sniff-mimetype-1.0.0.tgz", "resolved": "https://registry.npmjs.org/dont-sniff-mimetype/-/dont-sniff-mimetype-1.1.0.tgz",
"integrity": "sha1-WTKJDcn04vGeXrAqIAJuXl78j1g=" "integrity": "sha512-ZjI4zqTaxveH2/tTlzS1wFp+7ncxNZaIEWYg3lzZRHkKf5zPT/MnEG6WL0BhHMJUabkh8GeU5NL5j+rEUCb7Ug=="
}, },
"dot-prop": { "dot-prop": {
"version": "4.2.0", "version": "4.2.0",
@ -2347,9 +2352,9 @@
} }
}, },
"expect-ct": { "expect-ct": {
"version": "0.1.0", "version": "0.2.0",
"resolved": "https://registry.npmjs.org/expect-ct/-/expect-ct-0.1.0.tgz", "resolved": "https://registry.npmjs.org/expect-ct/-/expect-ct-0.2.0.tgz",
"integrity": "sha1-UnNWeN4YUwiQ2Ne5XwrGNkCVgJQ=" "integrity": "sha512-6SK3MG/Bbhm8MsgyJAylg+ucIOU71/FzyFalcfu5nY19dH8y/z0tBJU0wrNBXD4B27EoQtqPF/9wqH0iYAd04g=="
}, },
"express": { "express": {
"version": "4.16.3", "version": "4.16.3",
@ -2586,6 +2591,11 @@
"pend": "~1.2.0" "pend": "~1.2.0"
} }
}, },
"feature-policy": {
"version": "0.3.0",
"resolved": "https://registry.npmjs.org/feature-policy/-/feature-policy-0.3.0.tgz",
"integrity": "sha512-ZtijOTFN7TzCujt1fnNhfWPFPSHeZkesff9AXZj+UEjYBynWNUIYpC87Ve4wHzyexQsImicLu7WsC2LHq7/xrQ=="
},
"fill-range": { "fill-range": {
"version": "4.0.0", "version": "4.0.0",
"resolved": "https://registry.npmjs.org/fill-range/-/fill-range-4.0.0.tgz", "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-4.0.0.tgz",
@ -2742,9 +2752,9 @@
} }
}, },
"frameguard": { "frameguard": {
"version": "3.0.0", "version": "3.1.0",
"resolved": "https://registry.npmjs.org/frameguard/-/frameguard-3.0.0.tgz", "resolved": "https://registry.npmjs.org/frameguard/-/frameguard-3.1.0.tgz",
"integrity": "sha1-e8rUae57lukdEs6zlZx4I1qScuk=" "integrity": "sha512-TxgSKM+7LTA6sidjOiSZK9wxY0ffMPY3Wta//MqwmX0nZuEHc8QrkV8Fh3ZhMJeiH+Uyh/tcaarImRy8u77O7g=="
}, },
"fresh": { "fresh": {
"version": "0.5.2", "version": "0.5.2",
@ -3631,40 +3641,54 @@
"dev": true "dev": true
}, },
"helmet": { "helmet": {
"version": "3.12.0", "version": "3.21.1",
"resolved": "https://registry.npmjs.org/helmet/-/helmet-3.12.0.tgz", "resolved": "https://registry.npmjs.org/helmet/-/helmet-3.21.1.tgz",
"integrity": "sha512-CgkctpvreQLL6X3EL2Igs/92+75ZFIsrob9/Rdwf2hQCBGH/DxLk4xFPxAAl6jYnnus/YXfFEVXHEJf8TJTwlA==", "integrity": "sha512-IC/54Lxvvad2YiUdgLmPlNFKLhNuG++waTF5KPYq/Feo3NNhqMFbcLAlbVkai+9q0+4uxjxGPJ9bNykG+3zZNg==",
"requires": { "requires": {
"dns-prefetch-control": "0.1.0", "depd": "2.0.0",
"dont-sniff-mimetype": "1.0.0", "dns-prefetch-control": "0.2.0",
"expect-ct": "0.1.0", "dont-sniff-mimetype": "1.1.0",
"frameguard": "3.0.0", "expect-ct": "0.2.0",
"helmet-csp": "2.7.0", "feature-policy": "0.3.0",
"hide-powered-by": "1.0.0", "frameguard": "3.1.0",
"helmet-crossdomain": "0.4.0",
"helmet-csp": "2.9.2",
"hide-powered-by": "1.1.0",
"hpkp": "2.0.0", "hpkp": "2.0.0",
"hsts": "2.1.0", "hsts": "2.2.0",
"ienoopen": "1.0.0", "ienoopen": "1.1.0",
"nocache": "2.0.0", "nocache": "2.1.0",
"referrer-policy": "1.1.0", "referrer-policy": "1.2.0",
"x-xss-protection": "1.1.0" "x-xss-protection": "1.3.0"
},
"dependencies": {
"depd": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
"integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
}
} }
}, },
"helmet-crossdomain": {
"version": "0.4.0",
"resolved": "https://registry.npmjs.org/helmet-crossdomain/-/helmet-crossdomain-0.4.0.tgz",
"integrity": "sha512-AB4DTykRw3HCOxovD1nPR16hllrVImeFp5VBV9/twj66lJ2nU75DP8FPL0/Jp4jj79JhTfG+pFI2MD02kWJ+fA=="
},
"helmet-csp": { "helmet-csp": {
"version": "2.7.0", "version": "2.9.2",
"resolved": "https://registry.npmjs.org/helmet-csp/-/helmet-csp-2.7.0.tgz", "resolved": "https://registry.npmjs.org/helmet-csp/-/helmet-csp-2.9.2.tgz",
"integrity": "sha512-IGIAkWnxjRbgMXFA2/kmDqSIrIaSfZ6vhMHlSHw7jm7Gm9nVVXqwJ2B1YEpYrJsLrqY+w2Bbimk7snux9+sZAw==", "integrity": "sha512-Lt5WqNfbNjEJ6ysD4UNpVktSyjEKfU9LVJ1LaFmPfYseg/xPealPfgHhtqdAdjPDopp5zbg/VWCyp4cluMIckw==",
"requires": { "requires": {
"bowser": "^2.6.1",
"camelize": "1.0.0", "camelize": "1.0.0",
"content-security-policy-builder": "2.0.0", "content-security-policy-builder": "2.1.0",
"dasherize": "2.0.0", "dasherize": "2.0.0"
"lodash.reduce": "4.6.0",
"platform": "1.3.5"
} }
}, },
"hide-powered-by": { "hide-powered-by": {
"version": "1.0.0", "version": "1.1.0",
"resolved": "https://registry.npmjs.org/hide-powered-by/-/hide-powered-by-1.0.0.tgz", "resolved": "https://registry.npmjs.org/hide-powered-by/-/hide-powered-by-1.1.0.tgz",
"integrity": "sha1-SoWtZYgfYoV/xwr3F0oRhNzM4ys=" "integrity": "sha512-Io1zA2yOA1YJslkr+AJlWSf2yWFkKjvkcL9Ni1XSUqnGLr/qRQe2UI3Cn/J9MsJht7yEVCe0SscY1HgVMujbgg=="
}, },
"hosted-git-info": { "hosted-git-info": {
"version": "2.7.1", "version": "2.7.1",
@ -3678,9 +3702,19 @@
"integrity": "sha1-EOFCJk52IVpdMMROxD3mTe5tFnI=" "integrity": "sha1-EOFCJk52IVpdMMROxD3mTe5tFnI="
}, },
"hsts": { "hsts": {
"version": "2.1.0", "version": "2.2.0",
"resolved": "https://registry.npmjs.org/hsts/-/hsts-2.1.0.tgz", "resolved": "https://registry.npmjs.org/hsts/-/hsts-2.2.0.tgz",
"integrity": "sha512-zXhh/DqgrTXJ7erTN6Fh5k/xjMhDGXCqdYN3wvxUvGUQvnxcFfUd8E+6vLg/nk3ss1TYMb+DhRl25fYABioTvA==" "integrity": "sha512-ToaTnQ2TbJkochoVcdXYm4HOCliNozlviNsg+X2XQLQvZNI/kCHR9rZxVYpJB3UPcHz80PgxRyWQ7PdU1r+VBQ==",
"requires": {
"depd": "2.0.0"
},
"dependencies": {
"depd": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
"integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
}
}
}, },
"http-errors": { "http-errors": {
"version": "1.6.3", "version": "1.6.3",
@ -3737,9 +3771,9 @@
"dev": true "dev": true
}, },
"ienoopen": { "ienoopen": {
"version": "1.0.0", "version": "1.1.0",
"resolved": "https://registry.npmjs.org/ienoopen/-/ienoopen-1.0.0.tgz", "resolved": "https://registry.npmjs.org/ienoopen/-/ienoopen-1.1.0.tgz",
"integrity": "sha1-NGpCj0dKrI9QzzeE6i0PFvYr2ms=" "integrity": "sha512-MFs36e/ca6ohEKtinTJ5VvAJ6oDRAYFdYXweUnGY9L9vcoqFOU4n2ZhmJ0C4z/cwGZ3YIQRSB3XZ1+ghZkY5NQ=="
}, },
"ignore-by-default": { "ignore-by-default": {
"version": "1.0.1", "version": "1.0.1",
@ -4607,11 +4641,6 @@
"integrity": "sha1-LRd/ZS+jHpObRDjVNBSZ36OCXpk=", "integrity": "sha1-LRd/ZS+jHpObRDjVNBSZ36OCXpk=",
"dev": true "dev": true
}, },
"lodash.reduce": {
"version": "4.6.0",
"resolved": "https://registry.npmjs.org/lodash.reduce/-/lodash.reduce-4.6.0.tgz",
"integrity": "sha1-8atrg5KZrUj3hKu/R2WW8DuRTTs="
},
"log-symbols": { "log-symbols": {
"version": "2.2.0", "version": "2.2.0",
"resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-2.2.0.tgz", "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-2.2.0.tgz",
@ -5206,9 +5235,9 @@
} }
}, },
"nocache": { "nocache": {
"version": "2.0.0", "version": "2.1.0",
"resolved": "https://registry.npmjs.org/nocache/-/nocache-2.0.0.tgz", "resolved": "https://registry.npmjs.org/nocache/-/nocache-2.1.0.tgz",
"integrity": "sha1-ICtIAhoMTL3i34DeFaF0Q8i0OYA=" "integrity": "sha512-0L9FvHG3nfnnmaEQPjT9xhfN4ISk0A8/2j4M37Np4mcDesJjHgEUfgPhdCyZuFI954tjokaIj/A3NdpFNdEh4Q=="
}, },
"node-environment-flags": { "node-environment-flags": {
"version": "1.0.5", "version": "1.0.5",
@ -6297,11 +6326,6 @@
} }
} }
}, },
"platform": {
"version": "1.3.5",
"resolved": "https://registry.npmjs.org/platform/-/platform-1.3.5.tgz",
"integrity": "sha512-TuvHS8AOIZNAlE77WUDiR4rySV/VMptyMfcfeoMgs4P8apaZM3JrnbzBiixKUv+XR6i+BXrQh8WAnjaSPFO65Q=="
},
"posix-character-classes": { "posix-character-classes": {
"version": "0.1.1", "version": "0.1.1",
"resolved": "https://registry.npmjs.org/posix-character-classes/-/posix-character-classes-0.1.1.tgz", "resolved": "https://registry.npmjs.org/posix-character-classes/-/posix-character-classes-0.1.1.tgz",
@ -6547,9 +6571,9 @@
"integrity": "sha1-Uu0J2srBCPGmMcB+m2mUHnoZUEs=" "integrity": "sha1-Uu0J2srBCPGmMcB+m2mUHnoZUEs="
}, },
"referrer-policy": { "referrer-policy": {
"version": "1.1.0", "version": "1.2.0",
"resolved": "https://registry.npmjs.org/referrer-policy/-/referrer-policy-1.1.0.tgz", "resolved": "https://registry.npmjs.org/referrer-policy/-/referrer-policy-1.2.0.tgz",
"integrity": "sha1-NXdOtzW/UPtsB46DM0tHI1AgfXk=" "integrity": "sha512-LgQJIuS6nAy1Jd88DCQRemyE3mS+ispwlqMk3b0yjZ257fI1v9c+/p6SD5gP5FGyXUIgrNOAfmyioHwZtYv2VA=="
}, },
"regex-not": { "regex-not": {
"version": "1.0.2", "version": "1.0.2",
@ -8473,9 +8497,9 @@
} }
}, },
"x-xss-protection": { "x-xss-protection": {
"version": "1.1.0", "version": "1.3.0",
"resolved": "https://registry.npmjs.org/x-xss-protection/-/x-xss-protection-1.1.0.tgz", "resolved": "https://registry.npmjs.org/x-xss-protection/-/x-xss-protection-1.3.0.tgz",
"integrity": "sha512-rx3GzJlgEeZ08MIcDsU2vY2B1QEriUKJTSiNHHUIem6eg9pzVOr2TL3Y4Pd6TMAM5D5azGjcxqI62piITBDHVg==" "integrity": "sha512-kpyBI9TlVipZO4diReZMAHWtS0MMa/7Kgx8hwG/EuZLiA6sg4Ah/4TRdASHhRRN3boobzcYgFRUFSgHRge6Qhg=="
}, },
"xdg-basedir": { "xdg-basedir": {
"version": "3.0.0", "version": "3.0.0",

2
package.json
View File

@ -41,7 +41,7 @@
"express": "^4.14.0", "express": "^4.14.0",
"express-request-id": "^1.4.0", "express-request-id": "^1.4.0",
"express-session": "^1.14.2", "express-session": "^1.14.2",
"helmet": "^3.12.0", "helmet": "^3.21.1",
"ip-range-check": "0.0.2", "ip-range-check": "0.0.2",
"ldapjs": "^1.0.2", "ldapjs": "^1.0.2",
"mongodb": "^3.0.5", "mongodb": "^3.0.5",