From 08d557c67205e478362663cda6fb4ce0ab03af8c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 30 Mar 2021 06:03:46 +0000 Subject: [PATCH] fix: packages/web3-core-requestmanager/package.json & packages/web3-core-requestmanager/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984 --- .../package-lock.json | 34 +++++++++++++++++-- .../web3-core-requestmanager/package.json | 2 +- 2 files changed, 32 insertions(+), 4 deletions(-) diff --git a/packages/web3-core-requestmanager/package-lock.json b/packages/web3-core-requestmanager/package-lock.json index e1923792279..3300d93f545 100644 --- a/packages/web3-core-requestmanager/package-lock.json +++ b/packages/web3-core-requestmanager/package-lock.json @@ -542,9 +542,9 @@ } }, "underscore": { - "version": "1.9.1", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.9.1.tgz", - "integrity": "sha512-5/4etnCkd9c8gwgowi5/om/mYO5ajCaOgdzj/oW+0eQV9WxKBDZw5+ycmKmeaTXjInS/W0BzpGLo2xR2aBwZdg==" + "version": "1.12.1", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.12.1.tgz", + "integrity": "sha512-hEQt0+ZLDVUMhebKxL4x1BTtDY7bavVofhZ9KZ4aI26X9SRaE+Y3m83XUL1UP2jn8ynjndwCCpEHdUG+9pP1Tw==" }, "url-set-query": { "version": "1.0.0", @@ -584,6 +584,13 @@ "underscore": "1.9.1", "web3-eth-iban": "1.3.0", "web3-utils": "1.3.0" + }, + "dependencies": { + "underscore": { + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.9.1.tgz", + "integrity": "sha512-5/4etnCkd9c8gwgowi5/om/mYO5ajCaOgdzj/oW+0eQV9WxKBDZw5+ycmKmeaTXjInS/W0BzpGLo2xR2aBwZdg==" + } } }, "web3-eth-iban": { @@ -612,6 +619,13 @@ "oboe": "2.1.5", "underscore": "1.9.1", "web3-core-helpers": "1.3.0" + }, + "dependencies": { + "underscore": { + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.9.1.tgz", + "integrity": "sha512-5/4etnCkd9c8gwgowi5/om/mYO5ajCaOgdzj/oW+0eQV9WxKBDZw5+ycmKmeaTXjInS/W0BzpGLo2xR2aBwZdg==" + } } }, "web3-providers-ws": { @@ -623,6 +637,13 @@ "underscore": "1.9.1", "web3-core-helpers": "1.3.0", "websocket": "^1.0.32" + }, + "dependencies": { + "underscore": { + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.9.1.tgz", + "integrity": "sha512-5/4etnCkd9c8gwgowi5/om/mYO5ajCaOgdzj/oW+0eQV9WxKBDZw5+ycmKmeaTXjInS/W0BzpGLo2xR2aBwZdg==" + } } }, "web3-utils": { @@ -638,6 +659,13 @@ "randombytes": "^2.1.0", "underscore": "1.9.1", "utf8": "3.0.0" + }, + "dependencies": { + "underscore": { + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.9.1.tgz", + "integrity": "sha512-5/4etnCkd9c8gwgowi5/om/mYO5ajCaOgdzj/oW+0eQV9WxKBDZw5+ycmKmeaTXjInS/W0BzpGLo2xR2aBwZdg==" + } } }, "websocket": { diff --git a/packages/web3-core-requestmanager/package.json b/packages/web3-core-requestmanager/package.json index 799b6abfacf..de18b3266b1 100644 --- a/packages/web3-core-requestmanager/package.json +++ b/packages/web3-core-requestmanager/package.json @@ -12,7 +12,7 @@ "tsc": "tsc -b tsconfig.json" }, "dependencies": { - "underscore": "1.9.1", + "underscore": "1.12.1", "util": "^0.12.0", "web3-core-helpers": "1.3.0", "web3-providers-http": "1.3.0",