From f595a7941a22e77a2a145cfce9f15bcd37c84d23 Mon Sep 17 00:00:00 2001
From: admin-token-bot <36773031+admin-token-bot@users.noreply.github.com>
Date: Mon, 30 Jan 2023 21:59:38 +0000
Subject: [PATCH] [Snyk] Upgrade @babel/core from 7.20.7 to 7.20.12 (#2522)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Snyk has created this PR to upgrade @babel/core from 7.20.7 to
7.20.12.
:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **1 version** ahead of your current
version.
- The recommended version was released **21 days ago**, on 2023-01-04.
The recommended version fixes:
Severity | Issue | PriorityScore (*) | Exploit Maturity |
:-------------------------:|:-------------------------|-------------------------|:-------------------------
| Prototype
Pollution
[SNYK-JS-JSON5-3182856](https://snyk.io/vuln/SNYK-JS-JSON5-3182856) |
**427/1000**
**Why?** Proof of Concept exploit, CVSS 6.4 | Proof
of Concept
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: @babel/core
from @babel/core
GitHub release notes
**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*
For more information:
🧐 [View latest project
report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg=@babel/core&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
---------
Co-authored-by: snyk-bot
---
examples/node/package-lock.json | 38 ++++++++++++++++-----------------
examples/node/package.json | 2 +-
2 files changed, 20 insertions(+), 20 deletions(-)
diff --git a/examples/node/package-lock.json b/examples/node/package-lock.json
index ead346eeb3..d9d7ff6fe2 100644
--- a/examples/node/package-lock.json
+++ b/examples/node/package-lock.json
@@ -9,7 +9,7 @@
"version": "1.0.0",
"license": "ISC",
"dependencies": {
- "@babel/core": "^7.20.7",
+ "@babel/core": "^7.20.12",
"@babel/preset-env": "^7.20.2",
"@types/bson": "^4.0.2",
"@types/jest": "^29.2.5",
@@ -65,24 +65,24 @@
}
},
"node_modules/@babel/core": {
- "version": "7.20.7",
- "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.20.7.tgz",
- "integrity": "sha512-t1ZjCluspe5DW24bn2Rr1CDb2v9rn/hROtg9a2tmd0+QYf4bsloYfLQzjG4qHPNMhWtKdGC33R5AxGR2Af2cBw==",
+ "version": "7.20.12",
+ "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.20.12.tgz",
+ "integrity": "sha512-XsMfHovsUYHFMdrIHkZphTN/2Hzzi78R08NuHfDBehym2VsPDL6Zn/JAD/JQdnRvbSsbQc4mVaU1m6JgtTEElg==",
"dependencies": {
"@ampproject/remapping": "^2.1.0",
"@babel/code-frame": "^7.18.6",
"@babel/generator": "^7.20.7",
"@babel/helper-compilation-targets": "^7.20.7",
- "@babel/helper-module-transforms": "^7.20.7",
+ "@babel/helper-module-transforms": "^7.20.11",
"@babel/helpers": "^7.20.7",
"@babel/parser": "^7.20.7",
"@babel/template": "^7.20.7",
- "@babel/traverse": "^7.20.7",
+ "@babel/traverse": "^7.20.12",
"@babel/types": "^7.20.7",
"convert-source-map": "^1.7.0",
"debug": "^4.1.0",
"gensync": "^1.0.0-beta.2",
- "json5": "^2.2.1",
+ "json5": "^2.2.2",
"semver": "^6.3.0"
},
"engines": {
@@ -6853,9 +6853,9 @@
"integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA=="
},
"node_modules/json5": {
- "version": "2.2.1",
- "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.1.tgz",
- "integrity": "sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA==",
+ "version": "2.2.3",
+ "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz",
+ "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==",
"bin": {
"json5": "lib/cli.js"
},
@@ -9302,24 +9302,24 @@
"integrity": "sha512-KZXo2t10+/jxmkhNXc7pZTqRvSOIvVv/+lJwHS+B2rErwOyjuVRh60yVpb7liQ1U5t7lLJ1bz+t8tSypUZdm0g=="
},
"@babel/core": {
- "version": "7.20.7",
- "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.20.7.tgz",
- "integrity": "sha512-t1ZjCluspe5DW24bn2Rr1CDb2v9rn/hROtg9a2tmd0+QYf4bsloYfLQzjG4qHPNMhWtKdGC33R5AxGR2Af2cBw==",
+ "version": "7.20.12",
+ "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.20.12.tgz",
+ "integrity": "sha512-XsMfHovsUYHFMdrIHkZphTN/2Hzzi78R08NuHfDBehym2VsPDL6Zn/JAD/JQdnRvbSsbQc4mVaU1m6JgtTEElg==",
"requires": {
"@ampproject/remapping": "^2.1.0",
"@babel/code-frame": "^7.18.6",
"@babel/generator": "^7.20.7",
"@babel/helper-compilation-targets": "^7.20.7",
- "@babel/helper-module-transforms": "^7.20.7",
+ "@babel/helper-module-transforms": "^7.20.11",
"@babel/helpers": "^7.20.7",
"@babel/parser": "^7.20.7",
"@babel/template": "^7.20.7",
- "@babel/traverse": "^7.20.7",
+ "@babel/traverse": "^7.20.12",
"@babel/types": "^7.20.7",
"convert-source-map": "^1.7.0",
"debug": "^4.1.0",
"gensync": "^1.0.0-beta.2",
- "json5": "^2.2.1",
+ "json5": "^2.2.2",
"semver": "^6.3.0"
},
"dependencies": {
@@ -14146,9 +14146,9 @@
"integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA=="
},
"json5": {
- "version": "2.2.1",
- "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.1.tgz",
- "integrity": "sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA=="
+ "version": "2.2.3",
+ "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz",
+ "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg=="
},
"jsonfile": {
"version": "4.0.0",
diff --git a/examples/node/package.json b/examples/node/package.json
index cd66611d66..38b44bc975 100644
--- a/examples/node/package.json
+++ b/examples/node/package.json
@@ -13,7 +13,7 @@
"author": "",
"license": "ISC",
"dependencies": {
- "@babel/core": "^7.20.7",
+ "@babel/core": "^7.20.12",
"@babel/preset-env": "^7.20.2",
"@types/bson": "^4.0.2",
"@types/jest": "^29.2.5",