From 20bf9624f559275b634b00576b35090e5a9a5bb6 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Thu, 18 Jun 2020 08:14:53 +0000 Subject: [PATCH] [Security] Bump apollo-server-core from 2.12.0 to 2.15.0 Bumps [apollo-server-core](https://github.com/apollographql/apollo-server) from 2.12.0 to 2.15.0. **This update includes a security fix.** - [Release notes](https://github.com/apollographql/apollo-server/releases) - [Changelog](https://github.com/apollographql/apollo-server/blob/master/CHANGELOG.md) - [Commits](https://github.com/apollographql/apollo-server/compare/apollo-server-core@2.12.0...apollo-server-core@2.15.0) Signed-off-by: dependabot-preview[bot] --- package-lock.json | 217 +++++++++++++++++++++++++++++++--------------- 1 file changed, 145 insertions(+), 72 deletions(-) diff --git a/package-lock.json b/package-lock.json index 95d55ca..714a70d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -342,14 +342,6 @@ "@types/mime": "*" } }, - "@types/ws": { - "version": "6.0.4", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-6.0.4.tgz", - "integrity": "sha512-PpPrX7SZW9re6+Ha8ojZG4Se8AZXgf0GK6zmfqEuCsY49LFDNXO3SByp44X3dFEqtB73lkCDAdUazhAjVPiNwg==", - "requires": { - "@types/node": "*" - } - }, "@wry/equality": { "version": "0.1.11", "resolved": "https://registry.npmjs.org/@wry/equality/-/equality-0.1.11.tgz", @@ -416,15 +408,6 @@ "picomatch": "^2.0.4" } }, - "apollo-cache-control": { - "version": "0.9.1", - "resolved": "https://registry.npmjs.org/apollo-cache-control/-/apollo-cache-control-0.9.1.tgz", - "integrity": "sha512-9t2EcRevUrANuGhF5XUbKJEfnc6Jy2Rn7Y8nOIKlsEEC+AX7Ko4svWYTyyTxj0h0RXfiegY2nbz4sVry/pS3rA==", - "requires": { - "apollo-server-env": "^2.4.3", - "graphql-extensions": "^0.11.1" - } - }, "apollo-datasource": { "version": "0.7.0", "resolved": "https://registry.npmjs.org/apollo-datasource/-/apollo-datasource-0.7.0.tgz", @@ -434,21 +417,6 @@ "apollo-server-env": "^2.4.3" } }, - "apollo-engine-reporting": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/apollo-engine-reporting/-/apollo-engine-reporting-1.7.1.tgz", - "integrity": "sha512-9ykddPxlC95R9CkkJaPaGriRbOGfzeKqqPXRAunyX1h4sG/8g+MJ/gGzmnNf63k6RvRUdRENCE83wPk2OeU+2A==", - "requires": { - "apollo-engine-reporting-protobuf": "^0.4.4", - "apollo-graphql": "^0.4.0", - "apollo-server-caching": "^0.5.1", - "apollo-server-env": "^2.4.3", - "apollo-server-errors": "^2.4.1", - "apollo-server-types": "^0.3.1", - "async-retry": "^1.2.1", - "graphql-extensions": "^0.11.1" - } - }, "apollo-engine-reporting-protobuf": { "version": "0.4.4", "resolved": "https://registry.npmjs.org/apollo-engine-reporting-protobuf/-/apollo-engine-reporting-protobuf-0.4.4.tgz", @@ -507,25 +475,25 @@ } }, "apollo-server-core": { - "version": "2.12.0", - "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-2.12.0.tgz", - "integrity": "sha512-BRVdOyZrRJ1ALlmis0vaOLIHHYu5K3UVKAQKIgHkRh/YY0Av4lpeEXr49ELK04LTeh0DG0pQ5YYYhaX1wFcDEw==", + "version": "2.15.0", + "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-2.15.0.tgz", + "integrity": "sha512-PwNm/G5IXReev7E0ZaRAekQ7pN9BTuXH8c2QVgfMGMno3XiN5Dj+1DXYQthpwNJch0y5zhhLcb/JbClijgSEsA==", "requires": { "@apollographql/apollo-tools": "^0.4.3", - "@apollographql/graphql-playground-html": "1.6.24", + "@apollographql/graphql-playground-html": "1.6.26", "@types/graphql-upload": "^8.0.0", - "@types/ws": "^6.0.0", - "apollo-cache-control": "^0.9.1", - "apollo-datasource": "^0.7.0", - "apollo-engine-reporting": "^1.7.1", + "@types/ws": "^7.0.0", + "apollo-cache-control": "^0.11.0", + "apollo-datasource": "^0.7.1", + "apollo-engine-reporting": "^2.2.0", "apollo-server-caching": "^0.5.1", - "apollo-server-env": "^2.4.3", + "apollo-server-env": "^2.4.4", "apollo-server-errors": "^2.4.1", - "apollo-server-plugin-base": "^0.7.1", - "apollo-server-types": "^0.3.1", - "apollo-tracing": "^0.9.1", + "apollo-server-plugin-base": "^0.9.0", + "apollo-server-types": "^0.5.0", + "apollo-tracing": "^0.11.0", "fast-json-stable-stringify": "^2.0.0", - "graphql-extensions": "^0.11.1", + "graphql-extensions": "^0.12.3", "graphql-tag": "^2.9.2", "graphql-tools": "^4.0.0", "graphql-upload": "^8.0.2", @@ -533,6 +501,117 @@ "sha.js": "^2.4.11", "subscriptions-transport-ws": "^0.9.11", "ws": "^6.0.0" + }, + "dependencies": { + "@apollographql/graphql-playground-html": { + "version": "1.6.26", + "resolved": "https://registry.npmjs.org/@apollographql/graphql-playground-html/-/graphql-playground-html-1.6.26.tgz", + "integrity": "sha512-XAwXOIab51QyhBxnxySdK3nuMEUohhDsHQ5Rbco/V1vjlP75zZ0ZLHD9dTpXTN8uxKxopb2lUvJTq+M4g2Q0HQ==", + "requires": { + "xss": "^1.0.6" + } + }, + "@types/ws": { + "version": "7.2.5", + "resolved": "https://registry.npmjs.org/@types/ws/-/ws-7.2.5.tgz", + "integrity": "sha512-4UEih9BI1nBKii385G9id1oFrSkLcClbwtDfcYj8HJLQqZVAtb/42vXVrYvRWCcufNF/a+rZD3MxNwghA7UmCg==", + "requires": { + "@types/node": "*" + } + }, + "apollo-cache-control": { + "version": "0.11.0", + "resolved": "https://registry.npmjs.org/apollo-cache-control/-/apollo-cache-control-0.11.0.tgz", + "integrity": "sha512-dmRnQ9AXGw2SHahVGLzB/p4UW/taFBAJxifxubp8hqY5p9qdlSu4MPRq8zvV2ULMYf50rBtZyC4C+dZLqmHuHQ==", + "requires": { + "apollo-server-env": "^2.4.4", + "apollo-server-plugin-base": "^0.9.0" + } + }, + "apollo-datasource": { + "version": "0.7.1", + "resolved": "https://registry.npmjs.org/apollo-datasource/-/apollo-datasource-0.7.1.tgz", + "integrity": "sha512-h++/jQAY7GA+4TBM+7ezvctFmmGNLrAPf51KsagZj+NkT9qvxp585rdsuatynVbSl59toPK2EuVmc6ilmQHf+g==", + "requires": { + "apollo-server-caching": "^0.5.1", + "apollo-server-env": "^2.4.4" + } + }, + "apollo-engine-reporting": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/apollo-engine-reporting/-/apollo-engine-reporting-2.2.0.tgz", + "integrity": "sha512-FmfWTpyEATO392QHcot3PNMrxNhEJ4Kq+QiYY263vN/OBLZQ5zpkFY25iB6gVuiJoz3NUkByhxq5f/XjarJVvA==", + "requires": { + "apollo-engine-reporting-protobuf": "^0.5.1", + "apollo-graphql": "^0.4.0", + "apollo-server-caching": "^0.5.1", + "apollo-server-env": "^2.4.4", + "apollo-server-errors": "^2.4.1", + "apollo-server-plugin-base": "^0.9.0", + "apollo-server-types": "^0.5.0", + "async-retry": "^1.2.1", + "uuid": "^8.0.0" + } + }, + "apollo-engine-reporting-protobuf": { + "version": "0.5.1", + "resolved": "https://registry.npmjs.org/apollo-engine-reporting-protobuf/-/apollo-engine-reporting-protobuf-0.5.1.tgz", + "integrity": "sha512-TSfr9iAaInV8dhXkesdcmqsthRkVcJkzznmiM+1Ob/GScK7r6hBYCjVDt2613EHAg9SUzTOltIKlGD+N+GJRUw==", + "requires": { + "@apollo/protobufjs": "^1.0.3" + } + }, + "apollo-server-env": { + "version": "2.4.4", + "resolved": "https://registry.npmjs.org/apollo-server-env/-/apollo-server-env-2.4.4.tgz", + "integrity": "sha512-c2oddDS3lwAl6QNCIKCLEzt/dF9M3/tjjYRVdxOVN20TidybI7rAbnT4QOzf4tORnGXtiznEAvr/Kc9ahhKADg==", + "requires": { + "node-fetch": "^2.1.2", + "util.promisify": "^1.0.0" + } + }, + "apollo-server-plugin-base": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/apollo-server-plugin-base/-/apollo-server-plugin-base-0.9.0.tgz", + "integrity": "sha512-LWcPrsy2+xqwlNseh/QaGa/MPNopS8c4qGgh0g0cAn0lZBRrJ9Yab7dq+iQ6vdUBwIhUWYN6s9dwUWCZw2SL8g==", + "requires": { + "apollo-server-types": "^0.5.0" + } + }, + "apollo-server-types": { + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/apollo-server-types/-/apollo-server-types-0.5.0.tgz", + "integrity": "sha512-zhtsqqqfdeoJQAfc41Sy6WnnBVxKNgZ34BKXf/Q+kXmw7rbZ/B5SG3SJMvj1iFsbzZxILmWdUsE9aD20lEr0bg==", + "requires": { + "apollo-engine-reporting-protobuf": "^0.5.1", + "apollo-server-caching": "^0.5.1", + "apollo-server-env": "^2.4.4" + } + }, + "apollo-tracing": { + "version": "0.11.0", + "resolved": "https://registry.npmjs.org/apollo-tracing/-/apollo-tracing-0.11.0.tgz", + "integrity": "sha512-I9IFb/8lkBW8ZwOAi4LEojfT7dMfUSkpnV8LHQI8Rcj0HtzL9HObQ3woBmzyGHdGHLFuD/6/VHyFD67SesSrJg==", + "requires": { + "apollo-server-env": "^2.4.4", + "apollo-server-plugin-base": "^0.9.0" + } + }, + "graphql-extensions": { + "version": "0.12.3", + "resolved": "https://registry.npmjs.org/graphql-extensions/-/graphql-extensions-0.12.3.tgz", + "integrity": "sha512-W7iT0kzlwTiZU7fXfw9IgWnsqVj7EFLd0/wVcZZRAbR8L3f4+YsGls0oxKdsrvYBnbG347BXKQmIyo6GTEk4XA==", + "requires": { + "@apollographql/apollo-tools": "^0.4.3", + "apollo-server-env": "^2.4.4", + "apollo-server-types": "^0.5.0" + } + }, + "uuid": { + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.1.0.tgz", + "integrity": "sha512-CI18flHDznR0lq54xBycOVmphdCYnQLKn8abKn7PXUiKUGdEd+/l9LWNJmugXel4hXq7S+RMNl34ecyC9TntWg==" + } } }, "apollo-server-env": { @@ -584,14 +663,6 @@ } } }, - "apollo-server-plugin-base": { - "version": "0.7.1", - "resolved": "https://registry.npmjs.org/apollo-server-plugin-base/-/apollo-server-plugin-base-0.7.1.tgz", - "integrity": "sha512-PRavvoWq7/Xufqc+qkDQg3Aqueq4QrPBFfoCFIjhkJ4n2d2YoqE3gTGccb8YoWusfa62ASMn6R47OdNuVtEbXw==", - "requires": { - "apollo-server-types": "^0.3.1" - } - }, "apollo-server-types": { "version": "0.3.1", "resolved": "https://registry.npmjs.org/apollo-server-types/-/apollo-server-types-0.3.1.tgz", @@ -602,15 +673,6 @@ "apollo-server-env": "^2.4.3" } }, - "apollo-tracing": { - "version": "0.9.1", - "resolved": "https://registry.npmjs.org/apollo-tracing/-/apollo-tracing-0.9.1.tgz", - "integrity": "sha512-4wVNM6rc70XhwWxuDWrMBLaHA8NjB9pUS2sNpddQvP36ZtQfsa08XLSUxGAZT+bej+TzW26hKNtuO31RgqC9Hg==", - "requires": { - "apollo-server-env": "^2.4.3", - "graphql-extensions": "^0.11.1" - } - }, "apollo-utilities": { "version": "1.3.3", "resolved": "https://registry.npmjs.org/apollo-utilities/-/apollo-utilities-1.3.3.tgz", @@ -1128,6 +1190,11 @@ "integrity": "sha1-ojD2T1aDEOFJgAmUB5DsmVRbyn4=", "dev": true }, + "cssfilter": { + "version": "0.0.10", + "resolved": "https://registry.npmjs.org/cssfilter/-/cssfilter-0.0.10.tgz", + "integrity": "sha1-xtJnJjKi5cg+AT5oZKQs6N79IK4=" + }, "debug": { "version": "2.6.9", "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", @@ -1862,16 +1929,6 @@ "iterall": "^1.2.2" } }, - "graphql-extensions": { - "version": "0.11.1", - "resolved": "https://registry.npmjs.org/graphql-extensions/-/graphql-extensions-0.11.1.tgz", - "integrity": "sha512-1bstq6YKaC579PTw9gchw2VlXqjPo3vn8NjRMaUqF2SxyYTjVSgXaCAbaeNa0B7xlLVigxi3DV1zh4A+ss+Lwg==", - "requires": { - "@apollographql/apollo-tools": "^0.4.3", - "apollo-server-env": "^2.4.3", - "apollo-server-types": "^0.3.1" - } - }, "graphql-subscriptions": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/graphql-subscriptions/-/graphql-subscriptions-1.1.0.tgz", @@ -3916,6 +3973,22 @@ "integrity": "sha1-SWsswQnsqNus/i3HK2A8F8WHCtQ=", "dev": true }, + "xss": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/xss/-/xss-1.0.7.tgz", + "integrity": "sha512-A9v7tblGvxu8TWXQC9rlpW96a+LN1lyw6wyhpTmmGW+FwRMactchBR3ROKSi33UPCUcUHSu8s9YP6F+K3Mw//w==", + "requires": { + "commander": "^2.20.3", + "cssfilter": "0.0.10" + }, + "dependencies": { + "commander": { + "version": "2.20.3", + "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz", + "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==" + } + } + }, "yallist": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz",