From 1f3f3b859bca0d6694afa52b89af6a8dee31478a Mon Sep 17 00:00:00 2001 From: Todd Underwood Date: Fri, 8 Jan 2021 13:49:46 -0800 Subject: [PATCH] dep: Update insecure dependencies --- build.gradle | 8 ++++---- cerberus-dashboard/package-lock.json | 20 +++++++++++++++----- cerberus-dashboard/package.json | 2 +- 3 files changed, 20 insertions(+), 10 deletions(-) diff --git a/build.gradle b/build.gradle index c92df4cb7..4533ee85e 100644 --- a/build.gradle +++ b/build.gradle @@ -24,11 +24,11 @@ buildscript { resilience4j: '1.1.0', awsSdkVersion: '1.11.847', kork: '6.22.1', - guava: '28.1-jre', + guava: '30.1-jre', springBoot: springBootVersion, ] } - ext['groovy.version'] = '2.5.12' + ext['groovy.version'] = '2.5.14' repositories { maven { @@ -131,8 +131,8 @@ subprojects { } dependencies { //upgrading tomcat manually until Spring-Boot 2.3.5 is released to resolve a security vulnerability - dependency 'org.apache.tomcat.embed:tomcat-embed-core:9.0.39' - dependency 'org.apache.tomcat.embed:tomcat-embed-websocket:9.0.39' + dependency 'org.apache.tomcat.embed:tomcat-embed-core:9.0.41' + dependency 'org.apache.tomcat.embed:tomcat-embed-websocket:9.0.41' } } diff --git a/cerberus-dashboard/package-lock.json b/cerberus-dashboard/package-lock.json index dad2e30b0..fb1eb0680 100644 --- a/cerberus-dashboard/package-lock.json +++ b/cerberus-dashboard/package-lock.json @@ -2804,11 +2804,18 @@ "integrity": "sha512-wMHVg2EOHaMRxbzgFJ9gtjOOCrI80OHLG14rxi28XwOW8ux6IiEbRCGGGqCtdAIg4FQCbW20k9RsT4y3gJlFug==" }, "axios": { - "version": "0.19.2", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.19.2.tgz", - "integrity": "sha512-fjgm5MvRHLhx+osE2xoekY70AhARk3a6hkN+3Io1jc00jtquGvxYlKlsFUhmUET0V5te6CcZI7lcv2Ym61mjHA==", + "version": "0.21.1", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.1.tgz", + "integrity": "sha512-dKQiRHxGD9PPRIUNIWvZhPTPpl1rf/OxTYKsqKUDjBwYylTvV7SjSHJb9ratfyzM6wCdLCOYLzs73qpg5c4iGA==", "requires": { - "follow-redirects": "1.5.10" + "follow-redirects": "^1.10.0" + }, + "dependencies": { + "follow-redirects": { + "version": "1.13.1", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.13.1.tgz", + "integrity": "sha512-SSG5xmZh1mkPGyKzjZP8zLjltIfpW32Y5QpdNJyjcfGxK3qo3NDDkZOZSFiGn1A6SclQxY9GzEwAHQ3dmYRWpg==" + } } }, "axobject-query": { @@ -5437,6 +5444,7 @@ "version": "3.1.0", "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz", "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==", + "dev": true, "requires": { "ms": "2.0.0" } @@ -7322,6 +7330,7 @@ "version": "1.5.10", "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.10.tgz", "integrity": "sha512-0V5l4Cizzvqt5D44aTXbFZz+FtyXV1vrDN6qrelxtfYQKW0KO0W2T/hkE8xvGa/540LkZlkaUjO4ailYTFtHVQ==", + "dev": true, "requires": { "debug": "=3.1.0" } @@ -10835,7 +10844,8 @@ "ms": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", + "dev": true }, "multicast-dns": { "version": "6.2.3", diff --git a/cerberus-dashboard/package.json b/cerberus-dashboard/package.json index 589265966..f16e46cde 100644 --- a/cerberus-dashboard/package.json +++ b/cerberus-dashboard/package.json @@ -18,7 +18,7 @@ "author": "Justin Field ", "license": "Apache-2.0", "dependencies": { - "axios": "^0.19.2", + "axios": "^0.21.1", "cookie": "0.3.1", "downloadjs": "1.4.7", "humps": "1.1.0",