From 4d7a6f984b14e2ff45c6c08de33909c70d01ac85 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 11 Sep 2024 10:23:29 +0000 Subject: [PATCH] fix: upgrade needle from 2.2.4 to 2.9.1 Snyk has created this PR to upgrade needle from 2.2.4 to 2.9.1. See this package in npm: needle See this project in Snyk: https://app.snyk.io/org/balde.laye5891/project/ace85ece-84e0-4d29-bf07-6c798ef59076?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 51 +++++++++++++++++++++++++++++++++++++---------- package.json | 2 +- 2 files changed, 42 insertions(+), 11 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3a26af223..7ab137070 100644 --- a/package-lock.json +++ b/package-lock.json @@ -20,7 +20,7 @@ "helmet": "^2.0.0", "marked": "0.3.5", "mongodb": "^2.1.18", - "needle": "2.2.4", + "needle": "^2.9.1", "node-esapi": "0.0.1", "serve-favicon": "^2.3.0", "swig": "^1.4.2", @@ -7202,11 +7202,12 @@ } }, "node_modules/needle": { - "version": "2.2.4", - "resolved": "https://registry.npmjs.org/needle/-/needle-2.2.4.tgz", - "integrity": "sha1-UZMb/4JTOxkot9HWngHxsA/9Kk4=", + "version": "2.9.1", + "resolved": "https://registry.npmjs.org/needle/-/needle-2.9.1.tgz", + "integrity": "sha512-6R9fqJ5Zcmf+uYaFgdIHmLwNldn5HbK8L5ybn7Uz+ylX/rnOsSp1AHcvQSrCaFN+qNM1wpymHqD7mVasEOlHGQ==", + "license": "MIT", "dependencies": { - "debug": "^2.1.2", + "debug": "^3.2.6", "iconv-lite": "^0.4.4", "sax": "^1.2.4" }, @@ -7214,9 +7215,24 @@ "needle": "bin/needle" }, "engines": { - "node": ">= 0.10.x" + "node": ">= 4.4.x" + } + }, + "node_modules/needle/node_modules/debug": { + "version": "3.2.7", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.7.tgz", + "integrity": "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==", + "license": "MIT", + "dependencies": { + "ms": "^2.1.1" } }, + "node_modules/needle/node_modules/ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "license": "MIT" + }, "node_modules/negotiator": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.1.tgz", @@ -21086,13 +21102,28 @@ "integrity": "sha1-q8xsvT7C7Spyn/bnwfqPAXhKhXQ=" }, "needle": { - "version": "2.2.4", - "resolved": "https://registry.npmjs.org/needle/-/needle-2.2.4.tgz", - "integrity": "sha1-UZMb/4JTOxkot9HWngHxsA/9Kk4=", + "version": "2.9.1", + "resolved": "https://registry.npmjs.org/needle/-/needle-2.9.1.tgz", + "integrity": "sha512-6R9fqJ5Zcmf+uYaFgdIHmLwNldn5HbK8L5ybn7Uz+ylX/rnOsSp1AHcvQSrCaFN+qNM1wpymHqD7mVasEOlHGQ==", "requires": { - "debug": "^2.1.2", + "debug": "^3.2.6", "iconv-lite": "^0.4.4", "sax": "^1.2.4" + }, + "dependencies": { + "debug": { + "version": "3.2.7", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.7.tgz", + "integrity": "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==", + "requires": { + "ms": "^2.1.1" + } + }, + "ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" + } } }, "negotiator": { diff --git a/package.json b/package.json index b2eb65a04..f1cad0524 100644 --- a/package.json +++ b/package.json @@ -16,7 +16,7 @@ "helmet": "^2.0.0", "marked": "0.3.5", "mongodb": "^2.1.18", - "needle": "2.2.4", + "needle": "2.9.1", "node-esapi": "0.0.1", "serve-favicon": "^2.3.0", "swig": "^1.4.2",