Skip to content

Commit 003a5bb

Browse files
lucychen-grafanalucychen-grafana
authored
Bump CVE multer and tar-fs (#653)
* update multer * bump tar-fs
1 parent 9fc3706 commit 003a5bb

File tree

2 files changed

+27
-26
lines changed

2 files changed

+27
-26
lines changed

package.json

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@
4545
"lodash": "^4.17.21",
4646
"minimist": "^1.2.6",
4747
"morgan": "^1.9.0",
48-
"multer": "^2.0.0",
48+
"multer": "^2.0.1",
4949
"on-finished": "^2.3.0",
5050
"poolpeteer": "^0.24.0",
5151
"prom-client": "^14.1.0",
@@ -84,7 +84,8 @@
8484
},
8585
"resolutions": {
8686
"@types/express": "^4.17.14",
87-
"xml2js": "^0.6.2"
87+
"xml2js": "^0.6.2",
88+
"@puppeteer/browsers/tar-fs": "^3.0.9"
8889
},
8990
"lint-staged": {
9091
"*.ts": [

yarn.lock

Lines changed: 24 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -2899,7 +2899,7 @@ builtin-modules@^3.3.0:
28992899
resolved "https://registry.yarnpkg.com/builtin-modules/-/builtin-modules-3.3.0.tgz#cae62812b89801e9656336e46223e030386be7b6"
29002900
integrity sha512-zhaCDicdLuWN5UbN5IMnFqNMhNfo919sH85y2/ea+5Yg9TsTkeZxpL+JLbp6cgYFS4sRLp3YV4S6yDuqVWHYOw==
29012901

2902-
busboy@^1.0.0:
2902+
busboy@^1.6.0:
29032903
version "1.6.0"
29042904
resolved "https://registry.yarnpkg.com/busboy/-/busboy-1.6.0.tgz#966ea36a9502e43cdb9146962523b92f531f6893"
29052905
integrity sha512-8SFQbg/0hQ9xy3UNTB0YEnsNBbWfhf7RtnzpL7TkBiTBRfrQ9Fxcnz7VJsleJpyp6rVLvXiuORqjlHi5q+PYuA==
@@ -3162,14 +3162,14 @@ [email protected]:
31623162
resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b"
31633163
integrity sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==
31643164

3165-
concat-stream@^1.5.2:
3166-
version "1.6.2"
3167-
resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.2.tgz#904bdf194cd3122fc675c77fc4ac3d4ff0fd1a34"
3168-
integrity sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw==
3165+
concat-stream@^2.0.0:
3166+
version "2.0.0"
3167+
resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-2.0.0.tgz#414cf5af790a48c60ab9be4527d56d5e41133cb1"
3168+
integrity sha512-MWufYdFw53ccGjCA+Ol7XJYpAlW6/prSMzuPOTRnJGcGzuhLn4Scrz7qf6o8bROZ514ltazcIFJZevcfbo0x7A==
31693169
dependencies:
31703170
buffer-from "^1.0.0"
31713171
inherits "^2.0.3"
3172-
readable-stream "^2.2.2"
3172+
readable-stream "^3.0.2"
31733173
typedarray "^0.0.6"
31743174

31753175
[email protected]:
@@ -5981,7 +5981,7 @@ mkdirp-classic@^0.5.2, mkdirp-classic@^0.5.3:
59815981
resolved "https://registry.yarnpkg.com/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz#fa10c9115cc6d8865be221ba47ee9bed78601113"
59825982
integrity sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==
59835983

5984-
mkdirp@^0.5.4:
5984+
mkdirp@^0.5.6:
59855985
version "0.5.6"
59865986
resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.6.tgz#7def03d2432dcae4ba1d611445c48396062255f6"
59875987
integrity sha512-FP+p8RB8OWpF3YZBCrP5gtADmtXApB5AMLn+vdyA+PyxCjrCs00mjyUozssO33cwDeT3wNGdLxJ5M//YqtHAJw==
@@ -6019,18 +6019,18 @@ [email protected], ms@^2.1.1, ms@^2.1.3:
60196019
resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.3.tgz#574c8138ce1d2b5861f0b44579dbadd60c6615b2"
60206020
integrity sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==
60216021

6022-
multer@^2.0.0:
6023-
version "2.0.0"
6024-
resolved "https://registry.yarnpkg.com/multer/-/multer-2.0.0.tgz#47076aa0f7c2c2fd273715e767c6962bf7f94326"
6025-
integrity sha512-bS8rPZurbAuHGAnApbM9d4h1wSoYqrOqkE+6a64KLMK9yWU7gJXBDDVklKQ3TPi9DRb85cRs6yXaC0+cjxRtRg==
6022+
multer@^2.0.1:
6023+
version "2.0.1"
6024+
resolved "https://registry.yarnpkg.com/multer/-/multer-2.0.1.tgz#3ed335ed2b96240e3df9e23780c91cfcf5d29202"
6025+
integrity sha512-Ug8bXeTIUlxurg8xLTEskKShvcKDZALo1THEX5E41pYCD2sCVub5/kIRIGqWNoqV6szyLyQKV6mD4QUrWE5GCQ==
60266026
dependencies:
60276027
append-field "^1.0.0"
6028-
busboy "^1.0.0"
6029-
concat-stream "^1.5.2"
6030-
mkdirp "^0.5.4"
6028+
busboy "^1.6.0"
6029+
concat-stream "^2.0.0"
6030+
mkdirp "^0.5.6"
60316031
object-assign "^4.1.1"
6032-
type-is "^1.6.4"
6033-
xtend "^4.0.0"
6032+
type-is "^1.6.18"
6033+
xtend "^4.0.2"
60346034

60356035
multistream@^4.1.0:
60366036
version "4.1.0"
@@ -6844,7 +6844,7 @@ react-is@^18.0.0:
68446844
resolved "https://registry.yarnpkg.com/react-is/-/react-is-18.3.1.tgz#e83557dc12eae63a99e003a46388b1dcbb44db7e"
68456845
integrity sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==
68466846

6847-
readable-stream@^2.0.0, readable-stream@^2.0.2, readable-stream@^2.1.4, readable-stream@^2.2.2:
6847+
readable-stream@^2.0.0, readable-stream@^2.0.2, readable-stream@^2.1.4:
68486848
version "2.3.8"
68496849
resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.8.tgz#91125e8042bba1b9887f49345f6277027ce8be9b"
68506850
integrity sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==
@@ -6857,7 +6857,7 @@ readable-stream@^2.0.0, readable-stream@^2.0.2, readable-stream@^2.1.4, readable
68576857
string_decoder "~1.1.1"
68586858
util-deprecate "~1.0.1"
68596859

6860-
readable-stream@^3.1.1, readable-stream@^3.4.0, readable-stream@^3.6.0, readable-stream@^3.6.2:
6860+
readable-stream@^3.0.2, readable-stream@^3.1.1, readable-stream@^3.4.0, readable-stream@^3.6.0, readable-stream@^3.6.2:
68616861
version "3.6.2"
68626862
resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-3.6.2.tgz#56a9b36ea965c00c5a93ef31eb111a0f11056967"
68636863
integrity sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==
@@ -7617,10 +7617,10 @@ tar-fs@^2.0.0, tar-fs@^2.1.1:
76177617
pump "^3.0.0"
76187618
tar-stream "^2.1.4"
76197619

7620-
tar-fs@^3.0.6, tar-fs@^3.0.8:
7621-
version "3.0.8"
7622-
resolved "https://registry.yarnpkg.com/tar-fs/-/tar-fs-3.0.8.tgz#8f62012537d5ff89252d01e48690dc4ebed33ab7"
7623-
integrity sha512-ZoROL70jptorGAlgAYiLoBLItEKw/fUxg9BSYK/dF/GAGYFJOJJJMvjPAKDJraCXFwadD456FCuvLWgfhMsPwg==
7620+
tar-fs@^3.0.6, tar-fs@^3.0.8, tar-fs@^3.0.9:
7621+
version "3.0.10"
7622+
resolved "https://registry.yarnpkg.com/tar-fs/-/tar-fs-3.0.10.tgz#60f8ccd60fe30164bdd3d6606619650236ed38f7"
7623+
integrity sha512-C1SwlQGNLe/jPNqapK8epDsXME7CAJR5RL3GcE6KWx1d9OUByzoHVcbu1VPI8tevg9H8Alae0AApHHFGzrD5zA==
76247624
dependencies:
76257625
pump "^3.0.0"
76267626
tar-stream "^3.1.5"
@@ -7865,7 +7865,7 @@ type-fest@^4.39.1:
78657865
resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-4.41.0.tgz#6ae1c8e5731273c2bf1f58ad39cbae2c91a46c58"
78667866
integrity sha512-TeTSQ6H5YHvpqVwBRcnLDCBnDOHWYu7IvGbHT6N8AOymcr9PJGjc1GTtiWZTYg0NCgYwvnYWEkVChQAr9bjfwA==
78677867

7868-
type-is@^1.6.4, type-is@~1.6.18:
7868+
type-is@^1.6.18, type-is@~1.6.18:
78697869
version "1.6.18"
78707870
resolved "https://registry.yarnpkg.com/type-is/-/type-is-1.6.18.tgz#4e552cd05df09467dcbc4ef739de89f2cf37c131"
78717871
integrity sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==
@@ -8304,7 +8304,7 @@ xmlchars@^2.2.0:
83048304
resolved "https://registry.yarnpkg.com/xmlchars/-/xmlchars-2.2.0.tgz#060fe1bcb7f9c76fe2a17db86a9bc3ab894210cb"
83058305
integrity sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==
83068306

8307-
xtend@^4.0.0:
8307+
xtend@^4.0.0, xtend@^4.0.2:
83088308
version "4.0.2"
83098309
resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.2.tgz#bb72779f5fa465186b1f438f674fa347fdb5db54"
83108310
integrity sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==

0 commit comments

Comments
 (0)