Skip to content

Commit d2ee43b

Browse files
wojtekmajwojtekmaj
committed
Fix security vulnerability in terser dependency
1 parent 5ac07aa commit d2ee43b

File tree

7 files changed

+385
-110
lines changed

7 files changed

+385
-110
lines changed

sample/create-react-app-5/yarn.lock

Lines changed: 62 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1754,6 +1754,58 @@ __metadata:
17541754
languageName: node
17551755
linkType: hard
17561756

1757+
"@jridgewell/gen-mapping@npm:^0.3.0":
1758+
version: 0.3.2
1759+
resolution: "@jridgewell/gen-mapping@npm:0.3.2"
1760+
dependencies:
1761+
"@jridgewell/set-array": ^1.0.1
1762+
"@jridgewell/sourcemap-codec": ^1.4.10
1763+
"@jridgewell/trace-mapping": ^0.3.9
1764+
checksum: 1832707a1c476afebe4d0fbbd4b9434fdb51a4c3e009ab1e9938648e21b7a97049fa6009393bdf05cab7504108413441df26d8a3c12193996e65493a4efb6882
1765+
languageName: node
1766+
linkType: hard
1767+
1768+
"@jridgewell/resolve-uri@npm:^3.0.3":
1769+
version: 3.1.0
1770+
resolution: "@jridgewell/resolve-uri@npm:3.1.0"
1771+
checksum: b5ceaaf9a110fcb2780d1d8f8d4a0bfd216702f31c988d8042e5f8fbe353c55d9b0f55a1733afdc64806f8e79c485d2464680ac48a0d9fcadb9548ee6b81d267
1772+
languageName: node
1773+
linkType: hard
1774+
1775+
"@jridgewell/set-array@npm:^1.0.1":
1776+
version: 1.1.2
1777+
resolution: "@jridgewell/set-array@npm:1.1.2"
1778+
checksum: 69a84d5980385f396ff60a175f7177af0b8da4ddb81824cb7016a9ef914eee9806c72b6b65942003c63f7983d4f39a5c6c27185bbca88eb4690b62075602e28e
1779+
languageName: node
1780+
linkType: hard
1781+
1782+
"@jridgewell/source-map@npm:^0.3.2":
1783+
version: 0.3.2
1784+
resolution: "@jridgewell/source-map@npm:0.3.2"
1785+
dependencies:
1786+
"@jridgewell/gen-mapping": ^0.3.0
1787+
"@jridgewell/trace-mapping": ^0.3.9
1788+
checksum: 1b83f0eb944e77b70559a394d5d3b3f98a81fcc186946aceb3ef42d036762b52ef71493c6c0a3b7c1d2f08785f53ba2df1277fe629a06e6109588ff4cdcf7482
1789+
languageName: node
1790+
linkType: hard
1791+
1792+
"@jridgewell/sourcemap-codec@npm:^1.4.10":
1793+
version: 1.4.14
1794+
resolution: "@jridgewell/sourcemap-codec@npm:1.4.14"
1795+
checksum: 61100637b6d173d3ba786a5dff019e1a74b1f394f323c1fee337ff390239f053b87266c7a948777f4b1ee68c01a8ad0ab61e5ff4abb5a012a0b091bec391ab97
1796+
languageName: node
1797+
linkType: hard
1798+
1799+
"@jridgewell/trace-mapping@npm:^0.3.9":
1800+
version: 0.3.14
1801+
resolution: "@jridgewell/trace-mapping@npm:0.3.14"
1802+
dependencies:
1803+
"@jridgewell/resolve-uri": ^3.0.3
1804+
"@jridgewell/sourcemap-codec": ^1.4.10
1805+
checksum: b9537b9630ffb631aef9651a085fe361881cde1772cd482c257fe3c78c8fd5388d681f504a9c9fe1081b1c05e8f75edf55ee10fdb58d92bbaa8dbf6a7bd6b18c
1806+
languageName: node
1807+
linkType: hard
1808+
17571809
"@nodelib/fs.scandir@npm:2.1.5":
17581810
version: 2.1.5
17591811
resolution: "@nodelib/fs.scandir@npm:2.1.5"
@@ -2801,12 +2853,12 @@ __metadata:
28012853
languageName: node
28022854
linkType: hard
28032855

2804-
"acorn@npm:^8.2.4, acorn@npm:^8.4.1, acorn@npm:^8.7.0":
2805-
version: 8.7.0
2806-
resolution: "acorn@npm:8.7.0"
2856+
"acorn@npm:^8.2.4, acorn@npm:^8.4.1, acorn@npm:^8.5.0, acorn@npm:^8.7.0":
2857+
version: 8.8.0
2858+
resolution: "acorn@npm:8.8.0"
28072859
bin:
28082860
acorn: bin/acorn
2809-
checksum: e0f79409d68923fbf1aa6d4166f3eedc47955320d25c89a20cc822e6ba7c48c5963d5bc657bc242d68f7a4ac9faf96eef033e8f73656da6c640d4219935fdfd0
2861+
checksum: 7270ca82b242eafe5687a11fea6e088c960af712683756abf0791b68855ea9cace3057bd5e998ffcef50c944810c1e0ca1da526d02b32110e13c722aa959afdc
28102862
languageName: node
28112863
linkType: hard
28122864

@@ -10457,7 +10509,7 @@ __metadata:
1045710509
languageName: node
1045810510
linkType: hard
1045910511

10460-
"source-map@npm:^0.7.3, source-map@npm:~0.7.2":
10512+
"source-map@npm:^0.7.3":
1046110513
version: 0.7.3
1046210514
resolution: "source-map@npm:0.7.3"
1046310515
checksum: cd24efb3b8fa69b64bf28e3c1b1a500de77e84260c5b7f2b873f88284df17974157cc88d386ee9b6d081f08fdd8242f3fc05c953685a6ad81aad94c7393dedea
@@ -10942,20 +10994,16 @@ __metadata:
1094210994
linkType: hard
1094310995

1094410996
"terser@npm:^5.0.0, terser@npm:^5.10.0, terser@npm:^5.7.2":
10945-
version: 5.10.0
10946-
resolution: "terser@npm:5.10.0"
10997+
version: 5.14.2
10998+
resolution: "terser@npm:5.14.2"
1094710999
dependencies:
11000+
"@jridgewell/source-map": ^0.3.2
11001+
acorn: ^8.5.0
1094811002
commander: ^2.20.0
10949-
source-map: ~0.7.2
1095011003
source-map-support: ~0.5.20
10951-
peerDependencies:
10952-
acorn: ^8.5.0
10953-
peerDependenciesMeta:
10954-
acorn:
10955-
optional: true
1095611004
bin:
1095711005
terser: bin/terser
10958-
checksum: 1080faeb6d5cd155bb39d9cc41d20a590eafc9869560d5285f255f6858604dcd135311e344188a106f87fedb12d096ad3799cfc2e65acd470b85d468b1c7bd4c
11006+
checksum: cabb50a640d6c2cfb351e4f43dc7bf7436f649755bb83eb78b2cacda426d5e0979bd44e6f92d713f3ca0f0866e322739b9ced888ebbce6508ad872d08de74fcc
1095911007
languageName: node
1096011008
linkType: hard
1096111009

sample/parcel/yarn.lock

Lines changed: 66 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -1344,6 +1344,58 @@ __metadata:
13441344
languageName: node
13451345
linkType: hard
13461346

1347+
"@jridgewell/gen-mapping@npm:^0.3.0":
1348+
version: 0.3.2
1349+
resolution: "@jridgewell/gen-mapping@npm:0.3.2"
1350+
dependencies:
1351+
"@jridgewell/set-array": ^1.0.1
1352+
"@jridgewell/sourcemap-codec": ^1.4.10
1353+
"@jridgewell/trace-mapping": ^0.3.9
1354+
checksum: 1832707a1c476afebe4d0fbbd4b9434fdb51a4c3e009ab1e9938648e21b7a97049fa6009393bdf05cab7504108413441df26d8a3c12193996e65493a4efb6882
1355+
languageName: node
1356+
linkType: hard
1357+
1358+
"@jridgewell/resolve-uri@npm:^3.0.3":
1359+
version: 3.1.0
1360+
resolution: "@jridgewell/resolve-uri@npm:3.1.0"
1361+
checksum: b5ceaaf9a110fcb2780d1d8f8d4a0bfd216702f31c988d8042e5f8fbe353c55d9b0f55a1733afdc64806f8e79c485d2464680ac48a0d9fcadb9548ee6b81d267
1362+
languageName: node
1363+
linkType: hard
1364+
1365+
"@jridgewell/set-array@npm:^1.0.1":
1366+
version: 1.1.2
1367+
resolution: "@jridgewell/set-array@npm:1.1.2"
1368+
checksum: 69a84d5980385f396ff60a175f7177af0b8da4ddb81824cb7016a9ef914eee9806c72b6b65942003c63f7983d4f39a5c6c27185bbca88eb4690b62075602e28e
1369+
languageName: node
1370+
linkType: hard
1371+
1372+
"@jridgewell/source-map@npm:^0.3.2":
1373+
version: 0.3.2
1374+
resolution: "@jridgewell/source-map@npm:0.3.2"
1375+
dependencies:
1376+
"@jridgewell/gen-mapping": ^0.3.0
1377+
"@jridgewell/trace-mapping": ^0.3.9
1378+
checksum: 1b83f0eb944e77b70559a394d5d3b3f98a81fcc186946aceb3ef42d036762b52ef71493c6c0a3b7c1d2f08785f53ba2df1277fe629a06e6109588ff4cdcf7482
1379+
languageName: node
1380+
linkType: hard
1381+
1382+
"@jridgewell/sourcemap-codec@npm:^1.4.10":
1383+
version: 1.4.14
1384+
resolution: "@jridgewell/sourcemap-codec@npm:1.4.14"
1385+
checksum: 61100637b6d173d3ba786a5dff019e1a74b1f394f323c1fee337ff390239f053b87266c7a948777f4b1ee68c01a8ad0ab61e5ff4abb5a012a0b091bec391ab97
1386+
languageName: node
1387+
linkType: hard
1388+
1389+
"@jridgewell/trace-mapping@npm:^0.3.9":
1390+
version: 0.3.14
1391+
resolution: "@jridgewell/trace-mapping@npm:0.3.14"
1392+
dependencies:
1393+
"@jridgewell/resolve-uri": ^3.0.3
1394+
"@jridgewell/sourcemap-codec": ^1.4.10
1395+
checksum: b9537b9630ffb631aef9651a085fe361881cde1772cd482c257fe3c78c8fd5388d681f504a9c9fe1081b1c05e8f75edf55ee10fdb58d92bbaa8dbf6a7bd6b18c
1396+
languageName: node
1397+
linkType: hard
1398+
13471399
"@mrmlnc/readdir-enhanced@npm:^2.2.1":
13481400
version: 2.2.1
13491401
resolution: "@mrmlnc/readdir-enhanced@npm:2.2.1"
@@ -1502,6 +1554,15 @@ __metadata:
15021554
languageName: node
15031555
linkType: hard
15041556

1557+
"acorn@npm:^8.5.0":
1558+
version: 8.8.0
1559+
resolution: "acorn@npm:8.8.0"
1560+
bin:
1561+
acorn: bin/acorn
1562+
checksum: 7270ca82b242eafe5687a11fea6e088c960af712683756abf0791b68855ea9cace3057bd5e998ffcef50c944810c1e0ca1da526d02b32110e13c722aa959afdc
1563+
languageName: node
1564+
linkType: hard
1565+
15051566
"agent-base@npm:6, agent-base@npm:^6.0.2":
15061567
version: 6.0.2
15071568
resolution: "agent-base@npm:6.0.2"
@@ -7168,13 +7229,6 @@ __metadata:
71687229
languageName: node
71697230
linkType: hard
71707231

7171-
"source-map@npm:~0.7.2":
7172-
version: 0.7.3
7173-
resolution: "source-map@npm:0.7.3"
7174-
checksum: cd24efb3b8fa69b64bf28e3c1b1a500de77e84260c5b7f2b873f88284df17974157cc88d386ee9b6d081f08fdd8242f3fc05c953685a6ad81aad94c7393dedea
7175-
languageName: node
7176-
linkType: hard
7177-
71787232
"split-string@npm:^3.0.1, split-string@npm:^3.0.2":
71797233
version: 3.1.0
71807234
resolution: "split-string@npm:3.1.0"
@@ -7465,20 +7519,16 @@ __metadata:
74657519
linkType: hard
74667520

74677521
"terser@npm:^5.6.1":
7468-
version: 5.10.0
7469-
resolution: "terser@npm:5.10.0"
7522+
version: 5.14.2
7523+
resolution: "terser@npm:5.14.2"
74707524
dependencies:
7525+
"@jridgewell/source-map": ^0.3.2
7526+
acorn: ^8.5.0
74717527
commander: ^2.20.0
7472-
source-map: ~0.7.2
74737528
source-map-support: ~0.5.20
7474-
peerDependencies:
7475-
acorn: ^8.5.0
7476-
peerDependenciesMeta:
7477-
acorn:
7478-
optional: true
74797529
bin:
74807530
terser: bin/terser
7481-
checksum: 1080faeb6d5cd155bb39d9cc41d20a590eafc9869560d5285f255f6858604dcd135311e344188a106f87fedb12d096ad3799cfc2e65acd470b85d468b1c7bd4c
7531+
checksum: cabb50a640d6c2cfb351e4f43dc7bf7436f649755bb83eb78b2cacda426d5e0979bd44e6f92d713f3ca0f0866e322739b9ced888ebbce6508ad872d08de74fcc
74827532
languageName: node
74837533
linkType: hard
74847534

sample/parcel2/yarn.lock

Lines changed: 66 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -287,6 +287,58 @@ __metadata:
287287
languageName: node
288288
linkType: hard
289289

290+
"@jridgewell/gen-mapping@npm:^0.3.0":
291+
version: 0.3.2
292+
resolution: "@jridgewell/gen-mapping@npm:0.3.2"
293+
dependencies:
294+
"@jridgewell/set-array": ^1.0.1
295+
"@jridgewell/sourcemap-codec": ^1.4.10
296+
"@jridgewell/trace-mapping": ^0.3.9
297+
checksum: 1832707a1c476afebe4d0fbbd4b9434fdb51a4c3e009ab1e9938648e21b7a97049fa6009393bdf05cab7504108413441df26d8a3c12193996e65493a4efb6882
298+
languageName: node
299+
linkType: hard
300+
301+
"@jridgewell/resolve-uri@npm:^3.0.3":
302+
version: 3.1.0
303+
resolution: "@jridgewell/resolve-uri@npm:3.1.0"
304+
checksum: b5ceaaf9a110fcb2780d1d8f8d4a0bfd216702f31c988d8042e5f8fbe353c55d9b0f55a1733afdc64806f8e79c485d2464680ac48a0d9fcadb9548ee6b81d267
305+
languageName: node
306+
linkType: hard
307+
308+
"@jridgewell/set-array@npm:^1.0.1":
309+
version: 1.1.2
310+
resolution: "@jridgewell/set-array@npm:1.1.2"
311+
checksum: 69a84d5980385f396ff60a175f7177af0b8da4ddb81824cb7016a9ef914eee9806c72b6b65942003c63f7983d4f39a5c6c27185bbca88eb4690b62075602e28e
312+
languageName: node
313+
linkType: hard
314+
315+
"@jridgewell/source-map@npm:^0.3.2":
316+
version: 0.3.2
317+
resolution: "@jridgewell/source-map@npm:0.3.2"
318+
dependencies:
319+
"@jridgewell/gen-mapping": ^0.3.0
320+
"@jridgewell/trace-mapping": ^0.3.9
321+
checksum: 1b83f0eb944e77b70559a394d5d3b3f98a81fcc186946aceb3ef42d036762b52ef71493c6c0a3b7c1d2f08785f53ba2df1277fe629a06e6109588ff4cdcf7482
322+
languageName: node
323+
linkType: hard
324+
325+
"@jridgewell/sourcemap-codec@npm:^1.4.10":
326+
version: 1.4.14
327+
resolution: "@jridgewell/sourcemap-codec@npm:1.4.14"
328+
checksum: 61100637b6d173d3ba786a5dff019e1a74b1f394f323c1fee337ff390239f053b87266c7a948777f4b1ee68c01a8ad0ab61e5ff4abb5a012a0b091bec391ab97
329+
languageName: node
330+
linkType: hard
331+
332+
"@jridgewell/trace-mapping@npm:^0.3.9":
333+
version: 0.3.14
334+
resolution: "@jridgewell/trace-mapping@npm:0.3.14"
335+
dependencies:
336+
"@jridgewell/resolve-uri": ^3.0.3
337+
"@jridgewell/sourcemap-codec": ^1.4.10
338+
checksum: b9537b9630ffb631aef9651a085fe361881cde1772cd482c257fe3c78c8fd5388d681f504a9c9fe1081b1c05e8f75edf55ee10fdb58d92bbaa8dbf6a7bd6b18c
339+
languageName: node
340+
linkType: hard
341+
290342
"@nodelib/fs.scandir@npm:2.1.5":
291343
version: 2.1.5
292344
resolution: "@nodelib/fs.scandir@npm:2.1.5"
@@ -1195,6 +1247,15 @@ __metadata:
11951247
languageName: node
11961248
linkType: hard
11971249

1250+
"acorn@npm:^8.5.0":
1251+
version: 8.8.0
1252+
resolution: "acorn@npm:8.8.0"
1253+
bin:
1254+
acorn: bin/acorn
1255+
checksum: 7270ca82b242eafe5687a11fea6e088c960af712683756abf0791b68855ea9cace3057bd5e998ffcef50c944810c1e0ca1da526d02b32110e13c722aa959afdc
1256+
languageName: node
1257+
linkType: hard
1258+
11981259
"agent-base@npm:6, agent-base@npm:^6.0.2":
11991260
version: 6.0.2
12001261
resolution: "agent-base@npm:6.0.2"
@@ -5208,13 +5269,6 @@ __metadata:
52085269
languageName: node
52095270
linkType: hard
52105271

5211-
"source-map@npm:~0.7.2":
5212-
version: 0.7.3
5213-
resolution: "source-map@npm:0.7.3"
5214-
checksum: cd24efb3b8fa69b64bf28e3c1b1a500de77e84260c5b7f2b873f88284df17974157cc88d386ee9b6d081f08fdd8242f3fc05c953685a6ad81aad94c7393dedea
5215-
languageName: node
5216-
linkType: hard
5217-
52185272
"split2@npm:^3.1.1":
52195273
version: 3.2.2
52205274
resolution: "split2@npm:3.2.2"
@@ -5423,20 +5477,16 @@ __metadata:
54235477
linkType: hard
54245478

54255479
"terser@npm:^5.2.0":
5426-
version: 5.10.0
5427-
resolution: "terser@npm:5.10.0"
5480+
version: 5.14.2
5481+
resolution: "terser@npm:5.14.2"
54285482
dependencies:
5483+
"@jridgewell/source-map": ^0.3.2
5484+
acorn: ^8.5.0
54295485
commander: ^2.20.0
5430-
source-map: ~0.7.2
54315486
source-map-support: ~0.5.20
5432-
peerDependencies:
5433-
acorn: ^8.5.0
5434-
peerDependenciesMeta:
5435-
acorn:
5436-
optional: true
54375487
bin:
54385488
terser: bin/terser
5439-
checksum: 1080faeb6d5cd155bb39d9cc41d20a590eafc9869560d5285f255f6858604dcd135311e344188a106f87fedb12d096ad3799cfc2e65acd470b85d468b1c7bd4c
5489+
checksum: cabb50a640d6c2cfb351e4f43dc7bf7436f649755bb83eb78b2cacda426d5e0979bd44e6f92d713f3ca0f0866e322739b9ced888ebbce6508ad872d08de74fcc
54405490
languageName: node
54415491
linkType: hard
54425492

sample/webpack4/yarn.lock

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7723,15 +7723,15 @@ __metadata:
77237723
linkType: hard
77247724

77257725
"terser@npm:^4.1.2, terser@npm:^4.6.3":
7726-
version: 4.8.0
7727-
resolution: "terser@npm:4.8.0"
7726+
version: 4.8.1
7727+
resolution: "terser@npm:4.8.1"
77287728
dependencies:
77297729
commander: ^2.20.0
77307730
source-map: ~0.6.1
77317731
source-map-support: ~0.5.12
77327732
bin:
77337733
terser: bin/terser
7734-
checksum: f980789097d4f856c1ef4b9a7ada37beb0bb022fb8aa3057968862b5864ad7c244253b3e269c9eb0ab7d0caf97b9521273f2d1cf1e0e942ff0016e0583859c71
7734+
checksum: b342819bf7e82283059aaa3f22bb74deb1862d07573ba5a8947882190ad525fd9b44a15074986be083fd379c58b9a879457a330b66dcdb77b485c44267f9a55a
77357735
languageName: node
77367736
linkType: hard
77377737

0 commit comments

Comments
 (0)