From ce66ea3b40d479beb44e09d8220f0639c46f76a1 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 11 Jul 2024 03:52:35 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PHIN-6598077 --- package.json | 2 +- yarn.lock | 49 ++++++++++++++++++++++++++++--------------------- 2 files changed, 29 insertions(+), 22 deletions(-) diff --git a/package.json b/package.json index f091df4..53986fe 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "deploy": "gh-pages -d build" }, "dependencies": { - "@ar-js-org/ar.js": "https://github.com/AR-js-org/AR.js.git#90e83dc4003aa1980b242014b3ca054effed8edf", + "@ar-js-org/ar.js": "3.4.0", "@emotion/react": "^11.8.1", "@emotion/styled": "^11.8.1", "@mediapipe/camera_utils": "^0.3.1640029074", diff --git a/yarn.lock b/yarn.lock index 33dd5fd..0e9abc5 100644 --- a/yarn.lock +++ b/yarn.lock @@ -18,20 +18,22 @@ jsonpointer "^5.0.0" leven "^3.1.0" -"@ar-js-org/ar.js@https://github.com/AR-js-org/AR.js.git#90e83dc4003aa1980b242014b3ca054effed8edf": - version "3.3.1" - resolved "https://github.com/AR-js-org/AR.js.git#90e83dc4003aa1980b242014b3ca054effed8edf" +"@ar-js-org/ar.js@3.4.0": + version "3.4.0" + resolved "https://registry.yarnpkg.com/@ar-js-org/ar.js/-/ar.js-3.4.0.tgz#43118de417a15a701a58afcbf34af4dddfc691d1" + integrity sha512-zAd+cn7oK7YvX9gatX3Kfdmx4AxWXCHl1WOeOnqd4cvzWAg5dLQGnbkNi2Ni27fOC2nfmaHOdYfpDM3Ba3Unfw== dependencies: - "@ar-js-org/artoolkit5-js" "https://github.com/AR-js-org/artoolkit5-js.git#4dc7f3e247dbbf4f73c66be2198a9268230a27a0" + "@ar-js-org/artoolkit5-js" "^0.1.3" aframe "^1.0.4" - three "^0.127.0" + three "^0.133.0" -"@ar-js-org/artoolkit5-js@https://github.com/AR-js-org/artoolkit5-js.git#4dc7f3e247dbbf4f73c66be2198a9268230a27a0": - version "0.1.0" - resolved "https://github.com/AR-js-org/artoolkit5-js.git#4dc7f3e247dbbf4f73c66be2198a9268230a27a0" +"@ar-js-org/artoolkit5-js@^0.1.3": + version "0.1.3" + resolved "https://registry.yarnpkg.com/@ar-js-org/artoolkit5-js/-/artoolkit5-js-0.1.3.tgz#24c2159aef47f183eea004b0f3fe71345ba7f70e" + integrity sha512-VMaWxlM5RTftZjXeZ6PRExhec1DFySHy6IprhBeGHPIg8lJO27FwxaHqwWvY050ANjFZEGRhgjvEjaXEmEi76Q== dependencies: - "@babel/runtime" "^7.13.9" - axios "^0.21.1" + "@babel/runtime" "^7.17.2" + axios "^0.26.0" "@babel/code-frame@^7.0.0", "@babel/code-frame@^7.10.4", "@babel/code-frame@^7.12.13", "@babel/code-frame@^7.16.0", "@babel/code-frame@^7.16.7", "@babel/code-frame@^7.8.3": version "7.16.7" @@ -1039,7 +1041,7 @@ core-js-pure "^3.20.2" regenerator-runtime "^0.13.4" -"@babel/runtime@^7.10.2", "@babel/runtime@^7.11.2", "@babel/runtime@^7.12.5", "@babel/runtime@^7.13.10", "@babel/runtime@^7.13.9", "@babel/runtime@^7.16.3", "@babel/runtime@^7.17.0", "@babel/runtime@^7.17.2", "@babel/runtime@^7.5.5", "@babel/runtime@^7.7.2", "@babel/runtime@^7.7.6", "@babel/runtime@^7.8.4", "@babel/runtime@^7.8.7", "@babel/runtime@^7.9.2": +"@babel/runtime@^7.10.2", "@babel/runtime@^7.11.2", "@babel/runtime@^7.12.5", "@babel/runtime@^7.13.10", "@babel/runtime@^7.16.3", "@babel/runtime@^7.17.0", "@babel/runtime@^7.17.2", "@babel/runtime@^7.5.5", "@babel/runtime@^7.7.2", "@babel/runtime@^7.7.6", "@babel/runtime@^7.8.4", "@babel/runtime@^7.8.7", "@babel/runtime@^7.9.2": version "7.17.2" resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.17.2.tgz#66f68591605e59da47523c631416b18508779941" integrity sha512-hzeyJyMA1YGdJTuWU0e/j4wKXrU4OMFvY2MSlaI9B7VQb0r5cxTE3EAIS2Q7Tn2RIcDkRvTA/v2JsAEhxe99uw== @@ -2853,12 +2855,12 @@ axe-core@^4.3.5: resolved "https://registry.yarnpkg.com/axe-core/-/axe-core-4.4.1.tgz#7dbdc25989298f9ad006645cd396782443757413" integrity sha512-gd1kmb21kwNuWr6BQz8fv6GNECPBnUasepcoLbekws23NVBLODdsClRZ+bQ8+9Uomf3Sm3+Vwn0oYG9NvwnJCw== -axios@^0.21.1: - version "0.21.4" - resolved "https://registry.yarnpkg.com/axios/-/axios-0.21.4.tgz#c67b90dc0568e5c1cf2b0b858c43ba28e2eda575" - integrity sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg== +axios@^0.26.0: + version "0.26.1" + resolved "https://registry.yarnpkg.com/axios/-/axios-0.26.1.tgz#1ede41c51fcf51bbbd6fd43669caaa4f0495aaa9" + integrity sha512-fPwcX4EvnSHuInCMItEhAGnaSEXRBjtzh9fOtsE6E1G6p7vl7edEeZe11QHf18+6+9gR5PbKV/sGKNaD8YaMeA== dependencies: - follow-redirects "^1.14.0" + follow-redirects "^1.14.8" axobject-query@^2.2.0: version "2.2.0" @@ -4777,11 +4779,16 @@ flatten-vertex-data@^1.0.0: dependencies: dtype "^2.0.0" -follow-redirects@^1.0.0, follow-redirects@^1.14.0: +follow-redirects@^1.0.0: version "1.14.8" resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.14.8.tgz#016996fb9a11a100566398b1c6839337d7bfa8fc" integrity sha512-1x0S9UVJHsQprFcEC/qnNzBLcIxsjAV905f/UkQxbclCsoTWlacCNOpQa/anodLl2uaEKFhfWOvM2Qg77+15zA== +follow-redirects@^1.14.8: + version "1.15.6" + resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.6.tgz#7f815c0cda4249c74ff09e95ef97c23b5fd0399b" + integrity sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA== + fork-ts-checker-webpack-plugin@^6.5.0: version "6.5.0" resolved "https://registry.yarnpkg.com/fork-ts-checker-webpack-plugin/-/fork-ts-checker-webpack-plugin-6.5.0.tgz#0282b335fa495a97e167f69018f566ea7d2a2b5e" @@ -8887,10 +8894,10 @@ three-buffer-vertex-data@dmarcos/three-buffer-vertex-data#69378fc58daf27d3b1d930 dependencies: flatten-vertex-data "^1.0.0" -three@^0.127.0: - version "0.127.0" - resolved "https://registry.yarnpkg.com/three/-/three-0.127.0.tgz#c463f4d41b2c735dcf8e9e51a388815e80cd3791" - integrity sha512-wtgrn+mhYUbobxT7QN3GPdu3SRpSBQvwY6uOzLChWS7QE//f7paDU/+wlzbg+ngeIvBBqjBHSRuywTh8A99Jng== +three@^0.133.0: + version "0.133.1" + resolved "https://registry.yarnpkg.com/three/-/three-0.133.1.tgz#5606f4817d67a09d9212d4ccbd6826564774f8f4" + integrity sha512-WydohO8ll949B0FTD6MGz59Yv2Lwj8hvObg/0Heh2r42S6+tQC1WByfCNRdmG4D7+odfGod+n8JPV1I2xrboWw== three@^0.138.3: version "0.138.3"