This is an automated email from the ASF dual-hosted git repository.
pefernan pushed a commit to branch 1.40.x
in repository https://gitbox.apache.org/repos/asf/incubator-kie-kogito-apps.git
The following commit(s) were added to refs/heads/1.40.x by this push:
new 815804e65 NO_ISSUE: Fix CVE-2022-25883(semver) in @kogito-apps/trusty
(#1911)
815804e65 is described below
commit 815804e65e8b5a2daa088759155e52d9dd7baeb9
Author: Pere Fernández <[email protected]>
AuthorDate: Wed Nov 8 10:08:19 2023 +0100
NO_ISSUE: Fix CVE-2022-25883(semver) in @kogito-apps/trusty (#1911)
---
ui-packages/package.json | 1 +
ui-packages/yarn.lock | 33 ++++++++++++++-------------------
2 files changed, 15 insertions(+), 19 deletions(-)
diff --git a/ui-packages/package.json b/ui-packages/package.json
index b666bc096..4a1c78f8e 100644
--- a/ui-packages/package.json
+++ b/ui-packages/package.json
@@ -151,6 +151,7 @@
"@kie-tools-core/**/semver": "^7.5.2",
"@kie-tools/**/semver": "^7.5.2",
"@kogito-tooling/**/semver": "^7.5.2",
+ "@kogito-apps/trusty/semver": "^7.5.2",
"@types/express-serve-static-core": "^4.17.21",
"@types/minimatch": "^3.0.5",
"axios": "0.21.2",
diff --git a/ui-packages/yarn.lock b/ui-packages/yarn.lock
index f5c48d9d7..903169f97 100644
--- a/ui-packages/yarn.lock
+++ b/ui-packages/yarn.lock
@@ -20032,11 +20032,13 @@ sass-loader@^9.0.2:
semver "^7.3.2"
sass@^1.26.10:
- version "1.43.4"
- resolved
"https://registry.yarnpkg.com/sass/-/sass-1.43.4.tgz#68c7d6a1b004bef49af0d9caf750e9b252105d1f";
- integrity
sha512-/ptG7KE9lxpGSYiXn7Ar+lKOv37xfWsZRtFYal2QHNigyVQDx685VFT/h7ejVr+R8w7H4tmUgtulsKl5YpveOg==
+ version "1.69.5"
+ resolved
"https://registry.yarnpkg.com/sass/-/sass-1.69.5.tgz#23e18d1c757a35f2e52cc81871060b9ad653dfde";
+ integrity
sha512-qg2+UCJibLr2LCVOt3OlPhr/dqVHWOa9XtZf2OjbLs/T4VPSJ00udtgJxH3neXZm+QqX8B+3cU7RaLqp1iVfcQ==
dependencies:
chokidar ">=3.0.0 <4.0.0"
+ immutable "^4.0.0"
+ source-map-js ">=0.6.2 <2.0.0"
sass@^1.54.5:
version "1.54.5"
@@ -20160,34 +20162,27 @@ semver-diff@^3.1.1:
semver "^6.3.0"
"semver@2 || 3 || 4 || 5", semver@^5.4.1, semver@^5.5.0, semver@^5.6.0,
semver@^5.7.0, semver@^5.7.1:
- version "5.7.1"
- resolved
"https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7";
- integrity
sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==
+ version "5.7.2"
+ resolved
"https://registry.yarnpkg.com/semver/-/semver-5.7.2.tgz#48d55db737c3287cd4835e17fa13feace1c41ef8";
+ integrity
sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g==
[email protected]:
version "7.0.0"
resolved
"https://registry.yarnpkg.com/semver/-/semver-7.0.0.tgz#5f3ca35761e47e05b206c6daff2cf814f0316b8e";
integrity
sha512-+GB6zVA9LWh6zovYQLALHwv5rb2PHGlJi3lfiqIHxR0uuwCgefcOJc59v9fv1w8GbStwxuuqqAjI9NMAOOgq1A==
[email protected], semver@^7.1.1, semver@^7.1.3, semver@^7.2.1, semver@^7.3.2,
semver@^7.3.4:
- version "7.3.5"
- resolved
"https://registry.yarnpkg.com/semver/-/semver-7.3.5.tgz#0b621c879348d8998e4b0e4be94b3f12e6018ef7";
- integrity
sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==
- dependencies:
- lru-cache "^6.0.0"
-
-semver@^6.0.0, semver@^6.1.1, semver@^6.1.2, semver@^6.2.0, semver@^6.3.0:
- version "6.3.0"
- resolved
"https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d";
- integrity
sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==
-
-semver@^7.3.5, semver@^7.5.2:
[email protected], semver@^7.1.1, semver@^7.1.3, semver@^7.2.1, semver@^7.3.2,
semver@^7.3.4, semver@^7.3.5, semver@^7.5.2:
version "7.5.4"
resolved
"https://registry.yarnpkg.com/semver/-/semver-7.5.4.tgz#483986ec4ed38e1c6c48c34894a9182dbff68a6e";
integrity
sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==
dependencies:
lru-cache "^6.0.0"
+semver@^6.0.0, semver@^6.1.1, semver@^6.1.2, semver@^6.2.0, semver@^6.3.0:
+ version "6.3.1"
+ resolved
"https://registry.yarnpkg.com/semver/-/semver-6.3.1.tgz#556d2ef8689146e46dcea4bfdd095f3434dffcb4";
+ integrity
sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==
+
[email protected]:
version "0.17.2"
resolved
"https://registry.yarnpkg.com/send/-/send-0.17.2.tgz#926622f76601c41808012c8bf1688fe3906f7820";
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
