From 51c3d73917937dace4e06aabca2f35bbfdb25500 Mon Sep 17 00:00:00 2001 From: Mihai PLESA Date: Tue, 9 Jan 2024 17:21:45 +0000 Subject: [PATCH] Bumped follow-redirects and WDP to address GHSA-jchw-25xp-jwwc --- DEPS | 2 +- package-lock.json | 40 +++++++--------------------------------- package.json | 2 +- 3 files changed, 9 insertions(+), 35 deletions(-) diff --git a/DEPS b/DEPS index 77ce456a55e5..f2a8aa44bdae 100644 --- a/DEPS +++ b/DEPS @@ -18,7 +18,7 @@ deps = { }, "vendor/bat-native-tweetnacl": "https://github.com/brave-intl/bat-native-tweetnacl.git@800f9d40b7409239ff192e0be634764e747c7a75", "vendor/gn-project-generators": "https://github.com/brave/gn-project-generators.git@b76e14b162aa0ce40f11920ec94bfc12da29e5d0", - "vendor/web-discovery-project": "https://github.com/brave/web-discovery-project@2d05ad803e249f3686d093b9318f783c6cb5f380", + "vendor/web-discovery-project": "https://github.com/brave/web-discovery-project@3d18f68dec687df171d3cdcdd79332a3c68b1c28", "third_party/bip39wally-core-native": "https://github.com/brave-intl/bat-native-bip39wally-core.git@0d3a8713a2b388d2156fe49a70ef3f7cdb44b190", "third_party/ethash/src": "https://github.com/chfast/ethash.git@e4a15c3d76dc09392c7efd3e30d84ee3b871e9ce", "third_party/bitcoin-core/src": "https://github.com/bitcoin/bitcoin.git@8105bce5b384c72cf08b25b7c5343622754e7337", # v25.0 diff --git a/package-lock.json b/package-lock.json index ba67ff14b665..7ede6c4cd7f9 100644 --- a/package-lock.json +++ b/package-lock.json @@ -90,7 +90,7 @@ "ethereum-blockies": "github:brave/blockies#0880fa9867b7da039e6d6f143b8f6c57b9f9eb3b", "ethereumjs-util": "7.0.9", "file-loader": "6.2.0", - "follow-redirects": "1.14.8", + "follow-redirects": "1.15.4", "font-awesome": "4.7.0", "fs-extra": "8.1.0", "https-browserify": "1.0.0", @@ -9755,25 +9755,6 @@ "proxy-from-env": "^1.1.0" } }, - "node_modules/axios/node_modules/follow-redirects": { - "version": "1.15.3", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.3.tgz", - "integrity": "sha512-1VzOtuEM8pC9SFU1E+8KfTjZyMztRsgEfwQl44z8A25uy13jSzTj6dyK2Df52iV0vgHCfBwLhDWevLn95w5v6Q==", - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/RubenVerborgh" - } - ], - "engines": { - "node": ">=4.0" - }, - "peerDependenciesMeta": { - "debug": { - "optional": true - } - } - }, "node_modules/axios/node_modules/form-data": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", @@ -15522,10 +15503,9 @@ } }, "node_modules/follow-redirects": { - "version": "1.14.8", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.8.tgz", - "integrity": "sha512-1x0S9UVJHsQprFcEC/qnNzBLcIxsjAV905f/UkQxbclCsoTWlacCNOpQa/anodLl2uaEKFhfWOvM2Qg77+15zA==", - "dev": true, + "version": "1.15.4", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.4.tgz", + "integrity": "sha512-Cr4D/5wlrb0z9dgERpUL3LrmPKVDsETIJhaCMeDfuFYcqa5bldGV6wBsAN6X/vxlXQtFBMrXdXxdL8CbDTGniw==", "funding": [ { "type": "individual", @@ -34868,11 +34848,6 @@ "proxy-from-env": "^1.1.0" }, "dependencies": { - "follow-redirects": { - "version": "1.15.3", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.3.tgz", - "integrity": "sha512-1VzOtuEM8pC9SFU1E+8KfTjZyMztRsgEfwQl44z8A25uy13jSzTj6dyK2Df52iV0vgHCfBwLhDWevLn95w5v6Q==" - }, "form-data": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", @@ -39300,10 +39275,9 @@ "dev": true }, "follow-redirects": { - "version": "1.14.8", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.8.tgz", - "integrity": "sha512-1x0S9UVJHsQprFcEC/qnNzBLcIxsjAV905f/UkQxbclCsoTWlacCNOpQa/anodLl2uaEKFhfWOvM2Qg77+15zA==", - "dev": true + "version": "1.15.4", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.4.tgz", + "integrity": "sha512-Cr4D/5wlrb0z9dgERpUL3LrmPKVDsETIJhaCMeDfuFYcqa5bldGV6wBsAN6X/vxlXQtFBMrXdXxdL8CbDTGniw==" }, "font-awesome": { "version": "4.7.0", diff --git a/package.json b/package.json index 2cca4323f0de..9de4e6992d3d 100644 --- a/package.json +++ b/package.json @@ -321,7 +321,7 @@ "ethereum-blockies": "github:brave/blockies#0880fa9867b7da039e6d6f143b8f6c57b9f9eb3b", "ethereumjs-util": "7.0.9", "file-loader": "6.2.0", - "follow-redirects": "1.14.8", + "follow-redirects": "1.15.4", "font-awesome": "4.7.0", "fs-extra": "8.1.0", "https-browserify": "1.0.0",