From 72a762f371c9e4d4c413f906792ae56b4af895d0 Mon Sep 17 00:00:00 2001 From: Denys Vuika Date: Thu, 6 May 2021 14:50:44 +0100 Subject: [PATCH] Fix security issues and remove cpr dependency (#2102) * remove cpr dependency * fix security warnings --- docs/extending/redistributable-libraries.md | 2 +- .../ja/extending/redistributable-libraries.md | 2 +- .../how-to-create-your-first-extension.md | 2 +- package-lock.json | 70 ++++++------------- package.json | 1 - 5 files changed, 23 insertions(+), 54 deletions(-) diff --git a/docs/extending/redistributable-libraries.md b/docs/extending/redistributable-libraries.md index 76699f376..2016f654d 100644 --- a/docs/extending/redistributable-libraries.md +++ b/docs/extending/redistributable-libraries.md @@ -104,7 +104,7 @@ Update the root `package.json` file and append the following entry to the `scrip { "scripts": { "build:my-extension": - "ng build my-extension && cpr projects/my-extension/assets dist/my-extension/assets --deleteFirst" + "ng build my-extension && npx cpr projects/my-extension/assets dist/my-extension/assets --deleteFirst" } } ``` diff --git a/docs/ja/extending/redistributable-libraries.md b/docs/ja/extending/redistributable-libraries.md index 150d76872..7b432e04d 100644 --- a/docs/ja/extending/redistributable-libraries.md +++ b/docs/ja/extending/redistributable-libraries.md @@ -102,7 +102,7 @@ JSON 定義で `my-extension.main.component` 識別子を使用できるよう { "scripts": { "build:my-extension": - "ng build my-extension && cpr projects/my-extension/assets dist/my-extension/assets --deleteFirst" + "ng build my-extension && npx cpr projects/my-extension/assets dist/my-extension/assets --deleteFirst" } } ``` diff --git a/docs/tutorials/how-to-create-your-first-extension.md b/docs/tutorials/how-to-create-your-first-extension.md index b86c7fc3a..0dc7cdb42 100644 --- a/docs/tutorials/how-to-create-your-first-extension.md +++ b/docs/tutorials/how-to-create-your-first-extension.md @@ -130,7 +130,7 @@ Last but not least, edit the package.json file to allow the build of the extensi { ... "scripts": { ..., - "build:my-extension": "ng build my-extension && cpr projects/my-extension/assets dist/my-extension/assets --deleteFirst" + "build:my-extension": "ng build my-extension && npx cpr projects/my-extension/assets dist/my-extension/assets --deleteFirst" }, ... } diff --git a/package-lock.json b/package-lock.json index 07b94b6ba..c7116ef36 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2900,8 +2900,7 @@ "after": { "version": "0.8.2", "resolved": "https://registry.npmjs.org/after/-/after-0.8.2.tgz", - "integrity": "sha1-/ts5T58OAqqXaOcCvaI7UF+ufh8=", - "dev": true + "integrity": "sha1-/ts5T58OAqqXaOcCvaI7UF+ufh8=" }, "agent-base": { "version": "4.3.0", @@ -3150,8 +3149,7 @@ "arraybuffer.slice": { "version": "0.0.7", "resolved": "https://registry.npmjs.org/arraybuffer.slice/-/arraybuffer.slice-0.0.7.tgz", - "integrity": "sha512-wGUIVQXuehL5TCqQun8OW81jGzAWycqzFF8lFp+GOM5BXLYj3bKNsYC4daB7n6XjCqxQA/qgTJ+8ANR3acjrog==", - "dev": true + "integrity": "sha512-wGUIVQXuehL5TCqQun8OW81jGzAWycqzFF8lFp+GOM5BXLYj3bKNsYC4daB7n6XjCqxQA/qgTJ+8ANR3acjrog==" }, "arrify": { "version": "1.0.1", @@ -3461,8 +3459,7 @@ "base64-arraybuffer": { "version": "0.1.4", "resolved": "https://registry.npmjs.org/base64-arraybuffer/-/base64-arraybuffer-0.1.4.tgz", - "integrity": "sha1-mBjHngWbE1X5fgQooBfIOOkLqBI=", - "dev": true + "integrity": "sha1-mBjHngWbE1X5fgQooBfIOOkLqBI=" }, "base64-js": { "version": "1.5.1", @@ -3564,8 +3561,7 @@ "blob": { "version": "0.0.5", "resolved": "https://registry.npmjs.org/blob/-/blob-0.0.5.tgz", - "integrity": "sha512-gaqbzQPqOoamawKg0LGVd7SzLgXS+JH61oWprSLH+P+abTczqJbhTR8CmJ2u9/bUYNmHTGJx/UEmn6doAvvuig==", - "dev": true + "integrity": "sha512-gaqbzQPqOoamawKg0LGVd7SzLgXS+JH61oWprSLH+P+abTczqJbhTR8CmJ2u9/bUYNmHTGJx/UEmn6doAvvuig==" }, "blocking-proxy": { "version": "1.0.1", @@ -4556,8 +4552,7 @@ "component-inherit": { "version": "0.0.3", "resolved": "https://registry.npmjs.org/component-inherit/-/component-inherit-0.0.3.tgz", - "integrity": "sha1-ZF/ErfWLcrZJ1crmUTVhnbJv8UM=", - "dev": true + "integrity": "sha1-ZF/ErfWLcrZJ1crmUTVhnbJv8UM=" }, "compose-function": { "version": "3.0.3", @@ -4986,18 +4981,6 @@ "parse-json": "^4.0.0" } }, - "cpr": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/cpr/-/cpr-3.0.1.tgz", - "integrity": "sha1-uaVQOLfNgaNcF7l2GJW9hJau8eU=", - "dev": true, - "requires": { - "graceful-fs": "^4.1.5", - "minimist": "^1.2.0", - "mkdirp": "~0.5.1", - "rimraf": "^2.5.4" - } - }, "create-ecdh": { "version": "4.0.4", "resolved": "https://registry.npmjs.org/create-ecdh/-/create-ecdh-4.0.4.tgz", @@ -6263,10 +6246,9 @@ } }, "engine.io-client": { - "version": "3.5.0", - "resolved": "https://registry.npmjs.org/engine.io-client/-/engine.io-client-3.5.0.tgz", - "integrity": "sha512-12wPRfMrugVw/DNyJk34GQ5vIVArEcVMXWugQGGuw2XxUSztFNmJggZmv8IZlLyEdnpO1QB9LkcjeWewO2vxtA==", - "dev": true, + "version": "3.5.2", + "resolved": "https://registry.npmjs.org/engine.io-client/-/engine.io-client-3.5.2.tgz", + "integrity": "sha512-QEqIp+gJ/kMHeUun7f5Vv3bteRHppHH/FMBQX/esFj/fuYfjyUKWGMo3VCvIP/V8bE9KcjHmRZrhIz2Z9oNsDA==", "requires": { "component-emitter": "~1.3.0", "component-inherit": "0.0.3", @@ -6277,7 +6259,7 @@ "parseqs": "0.0.6", "parseuri": "0.0.6", "ws": "~7.4.2", - "xmlhttprequest-ssl": "~1.5.4", + "xmlhttprequest-ssl": "~1.6.2", "yeast": "0.1.2" }, "dependencies": { @@ -6285,7 +6267,6 @@ "version": "3.1.0", "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz", "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==", - "dev": true, "requires": { "ms": "2.0.0" } @@ -6293,8 +6274,7 @@ "ms": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", - "dev": true + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" } } }, @@ -6302,7 +6282,6 @@ "version": "2.2.1", "resolved": "https://registry.npmjs.org/engine.io-parser/-/engine.io-parser-2.2.1.tgz", "integrity": "sha512-x+dN/fBH8Ro8TFwJ+rkB2AmuVw9Yu2mockR/p3W8f8YtExwFgDvBDi0GWyb4ZLkpahtDGZgtr3zLovanJghPqg==", - "dev": true, "requires": { "after": "0.8.2", "arraybuffer.slice": "~0.0.7", @@ -7586,7 +7565,6 @@ "version": "1.0.3", "resolved": "https://registry.npmjs.org/has-binary2/-/has-binary2-1.0.3.tgz", "integrity": "sha512-G1LWKhDSvhGeAQ8mPVQlqNcOB2sJdwATtZKl2pDKKHfpf/rYj24lkinxf69blJbnsvtqqNU+L3SL50vzZhXOnw==", - "dev": true, "requires": { "isarray": "2.0.1" }, @@ -7594,16 +7572,14 @@ "isarray": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/isarray/-/isarray-2.0.1.tgz", - "integrity": "sha1-o32U7ZzaLVmGXJ92/llu4fM4dB4=", - "dev": true + "integrity": "sha1-o32U7ZzaLVmGXJ92/llu4fM4dB4=" } } }, "has-cors": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/has-cors/-/has-cors-1.1.0.tgz", - "integrity": "sha1-XkdHk/fqmEPRu5nCPu9J/xJv/zk=", - "dev": true + "integrity": "sha1-XkdHk/fqmEPRu5nCPu9J/xJv/zk=" }, "has-flag": { "version": "3.0.0", @@ -8187,8 +8163,7 @@ "indexof": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/indexof/-/indexof-0.0.1.tgz", - "integrity": "sha1-gtwzbSMrkGIXnQWrMpOmYFn9Q10=", - "dev": true + "integrity": "sha1-gtwzbSMrkGIXnQWrMpOmYFn9Q10=" }, "infer-owner": { "version": "1.0.4", @@ -11458,14 +11433,12 @@ "parseqs": { "version": "0.0.6", "resolved": "https://registry.npmjs.org/parseqs/-/parseqs-0.0.6.tgz", - "integrity": "sha512-jeAGzMDbfSHHA091hr0r31eYfTig+29g3GKKE/PPbEQ65X0lmMwlEoqmhzu0iztID5uJpZsFlUPDP8ThPL7M8w==", - "dev": true + "integrity": "sha512-jeAGzMDbfSHHA091hr0r31eYfTig+29g3GKKE/PPbEQ65X0lmMwlEoqmhzu0iztID5uJpZsFlUPDP8ThPL7M8w==" }, "parseuri": { "version": "0.0.6", "resolved": "https://registry.npmjs.org/parseuri/-/parseuri-0.0.6.tgz", - "integrity": "sha512-AUjen8sAkGgao7UyCX6Ahv0gIK2fABKmYjvP4xmy5JaKvcbTRueIqIPHLAfq30xJddqSE033IOMUSOMCcK3Sow==", - "dev": true + "integrity": "sha512-AUjen8sAkGgao7UyCX6Ahv0gIK2fABKmYjvP4xmy5JaKvcbTRueIqIPHLAfq30xJddqSE033IOMUSOMCcK3Sow==" }, "parseurl": { "version": "1.3.3", @@ -17753,8 +17726,7 @@ "ws": { "version": "7.4.3", "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.3.tgz", - "integrity": "sha512-hr6vCR76GsossIRsr8OLR9acVVm1jyfEWvhbNjtgPOrfvAlKzvyeg/P6r8RuDjRyrcQoPQT7K0DGEPc7Ae6jzA==", - "dev": true + "integrity": "sha512-hr6vCR76GsossIRsr8OLR9acVVm1jyfEWvhbNjtgPOrfvAlKzvyeg/P6r8RuDjRyrcQoPQT7K0DGEPc7Ae6jzA==" }, "xdg-basedir": { "version": "4.0.0", @@ -17779,10 +17751,9 @@ "dev": true }, "xmlhttprequest-ssl": { - "version": "1.5.5", - "resolved": "https://registry.npmjs.org/xmlhttprequest-ssl/-/xmlhttprequest-ssl-1.5.5.tgz", - "integrity": "sha1-wodrBhaKrcQOV9l+gRkayPQ5iz4=", - "dev": true + "version": "1.6.2", + "resolved": "https://registry.npmjs.org/xmlhttprequest-ssl/-/xmlhttprequest-ssl-1.6.2.tgz", + "integrity": "sha512-tYOaldF/0BLfKuoA39QMwD4j2m8lq4DIncqj1yuNELX4vz9+z/ieG/vwmctjJce+boFHXstqhWnHSxc4W8f4qg==" }, "xtend": { "version": "4.0.2", @@ -17917,8 +17888,7 @@ "yeast": { "version": "0.1.2", "resolved": "https://registry.npmjs.org/yeast/-/yeast-0.1.2.tgz", - "integrity": "sha1-AI4G2AlDIMNy28L47XagymyKxBk=", - "dev": true + "integrity": "sha1-AI4G2AlDIMNy28L47XagymyKxBk=" }, "yn": { "version": "3.1.1", diff --git a/package.json b/package.json index be3af5025..642462398 100644 --- a/package.json +++ b/package.json @@ -78,7 +78,6 @@ "codelyzer": "^6.0.1", "commander": "^6.1.0", "connect-history-api-fallback": "^1.6.0", - "cpr": "^3.0.1", "cspell": "^5.3.9", "dotenv": "^8.2.0", "http-server": "^0.12.3",