This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch 389-ds-base-1.4.0
in repository 389-ds-base.
commit 7e5e30e393d068a2c50e0651b1e17d4745443170
Author: Simon Pichugin <spichugi(a)redhat.com>
AuthorDate: Mon Jul 15 23:28:45 2019 +0200
Issue 50499 - Fix audit issues and remove jquery from the whitelist
Description: 50 high vulnerabilities were found during audit. Fix them.
It updates the Patternfly version to 3.59.3 version.
Package jquery is no longer an issue, remove it from the whitelist.
https://pagure.io/389-ds-base/issue/50499
Reviewed by: mreynolds (Thanks!)
---
src/cockpit/389-console/audit-ci.json | 3 +-
src/cockpit/389-console/package-lock.json | 149 +++++++++++++++---------------
src/cockpit/389-console/package.json | 2 +-
3 files changed, 76 insertions(+), 78 deletions(-)
diff --git a/src/cockpit/389-console/audit-ci.json
b/src/cockpit/389-console/audit-ci.json
index 78b590f..96915fa 100644
--- a/src/cockpit/389-console/audit-ci.json
+++ b/src/cockpit/389-console/audit-ci.json
@@ -3,6 +3,5 @@
"package-manager": "auto",
"report": true,
"advisories": [],
- "_comment": "jquery should be removed from the whitelist after
https://github.com/patternfly/patternfly/pull/1174 is merged",
- "whitelist": ["jquery"]
+ "whitelist": []
}
diff --git a/src/cockpit/389-console/package-lock.json
b/src/cockpit/389-console/package-lock.json
index 16a54ab..9fec71c 100644
--- a/src/cockpit/389-console/package-lock.json
+++ b/src/cockpit/389-console/package-lock.json
@@ -1044,7 +1044,8 @@
"@types/d3-color": {
"version": "1.2.2",
"resolved":
"https://registry.npmjs.org/@types/d3-color/-/d3-color-1.2.2.tgz",
- "integrity":
"sha512-6pBxzJ8ZP3dYEQ4YjQ+NVbQaOflfgXq/JbDiS99oLobM2o72uAST4q6yPxHv6FOTCRC/n35ktuo8pvw/S4M7sw=="
+ "integrity":
"sha512-6pBxzJ8ZP3dYEQ4YjQ+NVbQaOflfgXq/JbDiS99oLobM2o72uAST4q6yPxHv6FOTCRC/n35ktuo8pvw/S4M7sw==",
+ "optional": true
},
"@types/d3-dispatch": {
"version": "1.0.7",
@@ -1064,7 +1065,8 @@
"@types/d3-dsv": {
"version": "1.0.36",
"resolved":
"https://registry.npmjs.org/@types/d3-dsv/-/d3-dsv-1.0.36.tgz",
- "integrity":
"sha512-jbIWQ27QJcBNMZbQv0NSQMHnBDCmxghAxePxgyiPH1XPCRkOsTBei7jcdi3fDrUCGpCV3lKrSZFSlOkhUQVClA=="
+ "integrity":
"sha512-jbIWQ27QJcBNMZbQv0NSQMHnBDCmxghAxePxgyiPH1XPCRkOsTBei7jcdi3fDrUCGpCV3lKrSZFSlOkhUQVClA==",
+ "optional": true
},
"@types/d3-ease": {
"version": "1.0.8",
@@ -1103,6 +1105,7 @@
"version": "1.3.1",
"resolved":
"https://registry.npmjs.org/@types/d3-interpolate/-/d3-interpolate-1.3.1.tgz",
"integrity":
"sha512-z8Zmi08XVwe8e62vP6wcA+CNuRhpuUU5XPEfqpG0hRypDE5BWNthQHB1UNWWDB7ojCbGaN4qBdsWp5kWxhT1IQ==",
+ "optional": true,
"requires": {
"@types/d3-color": "*"
}
@@ -1110,7 +1113,8 @@
"@types/d3-path": {
"version": "1.0.8",
"resolved":
"https://registry.npmjs.org/@types/d3-path/-/d3-path-1.0.8.tgz",
- "integrity":
"sha512-AZGHWslq/oApTAHu9+yH/Bnk63y9oFOMROtqPAtxl5uB6qm1x2lueWdVEjsjjV3Qc2+QfuzKIwIR5MvVBakfzA=="
+ "integrity":
"sha512-AZGHWslq/oApTAHu9+yH/Bnk63y9oFOMROtqPAtxl5uB6qm1x2lueWdVEjsjjV3Qc2+QfuzKIwIR5MvVBakfzA==",
+ "optional": true
},
"@types/d3-polygon": {
"version": "1.0.7",
@@ -1157,7 +1161,8 @@
"@types/d3-selection": {
"version": "1.4.1",
"resolved":
"https://registry.npmjs.org/@types/d3-selection/-/d3-selection-1.4.1.tgz",
- "integrity":
"sha512-bv8IfFYo/xG6dxri9OwDnK3yCagYPeRIjTlrcdYJSx+FDWlCeBDepIHUpqROmhPtZ53jyna0aUajZRk0I3rXNA=="
+ "integrity":
"sha512-bv8IfFYo/xG6dxri9OwDnK3yCagYPeRIjTlrcdYJSx+FDWlCeBDepIHUpqROmhPtZ53jyna0aUajZRk0I3rXNA==",
+ "optional": true
},
"@types/d3-shape": {
"version": "1.3.1",
@@ -1171,7 +1176,8 @@
"@types/d3-time": {
"version": "1.0.10",
"resolved":
"https://registry.npmjs.org/@types/d3-time/-/d3-time-1.0.10.tgz",
- "integrity":
"sha512-aKf62rRQafDQmSiv1NylKhIMmznsjRN+MnXRXTqHoqm0U/UZzVpdrtRnSIfdiLS616OuC1soYeX1dBg2n1u8Xw=="
+ "integrity":
"sha512-aKf62rRQafDQmSiv1NylKhIMmznsjRN+MnXRXTqHoqm0U/UZzVpdrtRnSIfdiLS616OuC1soYeX1dBg2n1u8Xw==",
+ "optional": true
},
"@types/d3-time-format": {
"version": "2.1.1",
@@ -2112,9 +2118,9 @@
"integrity":
"sha512-CB9CrpNVrIytlOoqHtRXhhxFo/jencr1U5cMqPBA0WmMdb13bzjHnXQVNGYde/g5gWW+RWiuT9jTquZuz3VE8A=="
},
"bootstrap-switch": {
- "version": "3.3.5",
- "resolved":
"https://registry.npmjs.org/bootstrap-switch/-/bootstrap-switch-3.3.5.tgz",
- "integrity":
"sha512-aRwgTPO7QPvTtUxit2ucXgs/P+dp3Y8Qy41XOOqTXZiJvfI6b87+hP+r4B4+3y7bptu0P6KHIyEc4ordEVIVkg==",
+ "version": "3.3.4",
+ "resolved":
"https://registry.npmjs.org/bootstrap-switch/-/bootstrap-switch-3.3.4.tgz",
+ "integrity": "sha1-cOCusqh3wNx2aZHeEI4hcPwpov8=",
"optional": true
},
"bootstrap-touchspin": {
@@ -2896,17 +2902,18 @@
"version": "1.10.19",
"resolved":
"https://registry.npmjs.org/datatables.net/-/datatables.net-1.10.19.tgz",
"integrity":
"sha512-+ljXcI6Pj3PTGy5pesp3E5Dr3x3AV45EZe0o1r0gKENN2gafBKXodVnk2ypKwl2tTmivjxbkiqoWnipTefyBTA==",
+ "optional": true,
"requires": {
"jquery": ">=1.7"
}
},
"datatables.net-bs": {
- "version": "2.1.1",
- "resolved":
"https://registry.npmjs.org/datatables.net-bs/-/datatables.net-bs-2.1.1.tgz",
- "integrity": "sha1-cEEIlyiRlJ0JS/RPU9BlTZ/ue84=",
+ "version": "1.10.19",
+ "resolved":
"https://registry.npmjs.org/datatables.net-bs/-/datatables.net-bs-1.10.19.tgz",
+ "integrity":
"sha512-5gxoI2n+duZP06+4xVC2TtH6zcY369/TRKTZ1DdSgDcDUl4OYQsrXCuaLJmbVzna/5Y5lrMmK7CxgvYgIynICA==",
"optional": true,
"requires": {
- "datatables.net": ">=1.10.9",
+ "datatables.net": "1.10.19",
"jquery": ">=1.7"
}
},
@@ -4216,7 +4223,8 @@
"ansi-regex": {
"version": "2.1.1",
"bundled": true,
- "dev": true
+ "dev": true,
+ "optional": true
},
"aproba": {
"version": "1.2.0",
@@ -4237,12 +4245,14 @@
"balanced-match": {
"version": "1.0.0",
"bundled": true,
- "dev": true
+ "dev": true,
+ "optional": true
},
"brace-expansion": {
"version": "1.1.11",
"bundled": true,
"dev": true,
+ "optional": true,
"requires": {
"balanced-match": "^1.0.0",
"concat-map": "0.0.1"
@@ -4257,17 +4267,20 @@
"code-point-at": {
"version": "1.1.0",
"bundled": true,
- "dev": true
+ "dev": true,
+ "optional": true
},
"concat-map": {
"version": "0.0.1",
"bundled": true,
- "dev": true
+ "dev": true,
+ "optional": true
},
"console-control-strings": {
"version": "1.1.0",
"bundled": true,
- "dev": true
+ "dev": true,
+ "optional": true
},
"core-util-is": {
"version": "1.0.2",
@@ -4384,7 +4397,8 @@
"inherits": {
"version": "2.0.3",
"bundled": true,
- "dev": true
+ "dev": true,
+ "optional": true
},
"ini": {
"version": "1.3.5",
@@ -4396,6 +4410,7 @@
"version": "1.0.0",
"bundled": true,
"dev": true,
+ "optional": true,
"requires": {
"number-is-nan": "^1.0.0"
}
@@ -4410,6 +4425,7 @@
"version": "3.0.4",
"bundled": true,
"dev": true,
+ "optional": true,
"requires": {
"brace-expansion": "^1.1.7"
}
@@ -4417,12 +4433,14 @@
"minimist": {
"version": "0.0.8",
"bundled": true,
- "dev": true
+ "dev": true,
+ "optional": true
},
"minipass": {
"version": "2.3.5",
"bundled": true,
"dev": true,
+ "optional": true,
"requires": {
"safe-buffer": "^5.1.2",
"yallist": "^3.0.0"
@@ -4441,6 +4459,7 @@
"version": "0.5.1",
"bundled": true,
"dev": true,
+ "optional": true,
"requires": {
"minimist": "0.0.8"
}
@@ -4528,7 +4547,8 @@
"number-is-nan": {
"version": "1.0.1",
"bundled": true,
- "dev": true
+ "dev": true,
+ "optional": true
},
"object-assign": {
"version": "4.1.1",
@@ -4540,6 +4560,7 @@
"version": "1.4.0",
"bundled": true,
"dev": true,
+ "optional": true,
"requires": {
"wrappy": "1"
}
@@ -4625,7 +4646,8 @@
"safe-buffer": {
"version": "5.1.2",
"bundled": true,
- "dev": true
+ "dev": true,
+ "optional": true
},
"safer-buffer": {
"version": "2.1.2",
@@ -4661,6 +4683,7 @@
"version": "1.0.2",
"bundled": true,
"dev": true,
+ "optional": true,
"requires": {
"code-point-at": "^1.0.0",
"is-fullwidth-code-point": "^1.0.0",
@@ -4680,6 +4703,7 @@
"version": "3.0.1",
"bundled": true,
"dev": true,
+ "optional": true,
"requires": {
"ansi-regex": "^2.0.0"
}
@@ -4723,12 +4747,14 @@
"wrappy": {
"version": "1.0.2",
"bundled": true,
- "dev": true
+ "dev": true,
+ "optional": true
},
"yallist": {
"version": "3.0.3",
"bundled": true,
- "dev": true
+ "dev": true,
+ "optional": true
}
}
},
@@ -5792,9 +5818,9 @@
}
},
"lodash": {
- "version": "4.17.11",
- "resolved":
"https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz",
- "integrity":
"sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg=="
+ "version": "4.17.14",
+ "resolved":
"https://registry.npmjs.org/lodash/-/lodash-4.17.14.tgz",
+ "integrity":
"sha512-mmKYbW3GLuJeX+iGP+Y7Gp1AiGHGbXHCOh/jZmrawMmsE7MS4znI3RL2FsjbqOyMayHInjOeykW7PEajUk1/xw=="
},
"lodash.assign": {
"version": "4.2.0",
@@ -5812,9 +5838,9 @@
"integrity": "sha1-gteb/zCmfEAF/9XiUVMArZyk168="
},
"lodash.mergewith": {
- "version": "4.6.1",
- "resolved":
"https://registry.npmjs.org/lodash.mergewith/-/lodash.mergewith-4.6.1.tgz",
- "integrity":
"sha512-eWw5r+PYICtEBgrBE5hhlT6aAa75f411bgDz/ZL2KZqYV03USvucsxcHUIlGTDTECs1eunpI7HOV7U+WLDvNdQ=="
+ "version": "4.6.2",
+ "resolved":
"https://registry.npmjs.org/lodash.mergewith/-/lodash.mergewith-4.6.2.tgz",
+ "integrity":
"sha512-GK3g5RPZWTRSeLSpgP8Xhra+pnjBC56q9FZYe1d5RN3TJ35dbkGy3YqBSMbyCrlbi+CM9Z3Jk5yTL7RCsqboyQ=="
},
"lodash.tail": {
"version": "4.1.1",
@@ -6037,9 +6063,9 @@
}
},
"mixin-deep": {
- "version": "1.3.1",
- "resolved":
"https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.1.tgz",
- "integrity":
"sha512-8ZItLHeEgaqEvd5lYBXfm4EZSFCX29Jb9K+lAHhDKzReKBQKj3R+7NOF6tjqYi9t4oI8VUfaWITJQm86wnXGNQ==",
+ "version": "1.3.2",
+ "resolved":
"https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.2.tgz",
+ "integrity":
"sha512-WRoDn//mXBiJ1H40rqa3vH0toePwSsGb45iInWlTySa+Uu4k3tYUSxa2v1KqAiLtvlrSzaExqS1gtk96A9zvEA==",
"dev": true,
"requires": {
"for-in": "^1.0.2",
@@ -6093,11 +6119,12 @@
"moment": {
"version": "2.24.0",
"resolved":
"https://registry.npmjs.org/moment/-/moment-2.24.0.tgz",
- "integrity":
"sha512-bV7f+6l2QigeBBZSM/6yTNq4P2fNpSWj/0e7jQcy87A8e7o2nAfP/34/2ky5Vw4B9S446EtIhodAzkFCcR4dQg=="
+ "integrity":
"sha512-bV7f+6l2QigeBBZSM/6yTNq4P2fNpSWj/0e7jQcy87A8e7o2nAfP/34/2ky5Vw4B9S446EtIhodAzkFCcR4dQg==",
+ "optional": true
},
"moment-timezone": {
"version": "0.4.1",
- "resolved":
"http://registry.npmjs.org/moment-timezone/-/moment-timezone-0.4.1.tgz",
+ "resolved":
"https://registry.npmjs.org/moment-timezone/-/moment-timezone-0.4.1.tgz",
"integrity": "sha1-gfWYw61eIs2teWtn7NjYjQ9bqgY=",
"optional": true,
"requires": {
@@ -6611,17 +6638,17 @@
}
},
"patternfly": {
- "version": "3.59.1",
- "resolved":
"https://registry.npmjs.org/patternfly/-/patternfly-3.59.1.tgz",
- "integrity":
"sha512-0Q/P58yaxcQXwnXo/OssiXaZmuX0g9QvWdpsYHyml4ihqnN2lL/yGdadFarA6UAQb//15XtNjKHZocoJXCkWYg==",
+ "version": "3.59.3",
+ "resolved":
"https://registry.npmjs.org/patternfly/-/patternfly-3.59.3.tgz",
+ "integrity":
"sha512-gStdjLCS9k6NmI2xCXa1IBK0s8p5l5dqMEh/zLEUwA+qdV6z6qwSxHe8QT3AjLyEy27qMSzmtUXxvkO1c8jENw==",
"requires": {
"@types/c3": "^0.6.0",
- "bootstrap": "~3.4.0",
+ "bootstrap": "~3.4.1",
"bootstrap-datepicker": "^1.7.1",
"bootstrap-sass": "^3.4.0",
"bootstrap-select": "1.12.2",
"bootstrap-slider": "^9.9.0",
- "bootstrap-switch": "~3.3.4",
+ "bootstrap-switch": "3.3.4",
"bootstrap-touchspin": "~3.1.1",
"c3": "~0.4.11",
"d3": "~3.5.17",
@@ -6634,7 +6661,7 @@
"font-awesome": "^4.7.0",
"font-awesome-sass": "^4.7.0",
"google-code-prettify": "~1.0.5",
- "jquery": "~3.2.1",
+ "jquery": "~3.4.1",
"jquery-match-height": "^0.7.2",
"moment": "^2.19.1",
"moment-timezone": "^0.4.1",
@@ -6646,11 +6673,6 @@
"version": "3.4.1",
"resolved":
"https://registry.npmjs.org/bootstrap/-/bootstrap-3.4.1.tgz",
"integrity":
"sha512-yN5oZVmRCwe5aKwzRj6736nSmKDX7pLYwsXiCj/EYmo16hODaBiT4En5btW/jhBF/seV+XMx3aYwukYC3A49DA=="
- },
- "jquery": {
- "version": "3.2.1",
- "resolved":
"https://registry.npmjs.org/jquery/-/jquery-3.2.1.tgz",
- "integrity": "sha1-XE2d5lKvbNCncBVKYxu6ErAVx4c="
}
}
},
@@ -7766,9 +7788,9 @@
"integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc="
},
"set-value": {
- "version": "2.0.0",
- "resolved":
"https://registry.npmjs.org/set-value/-/set-value-2.0.0.tgz",
- "integrity":
"sha512-hw0yxk9GT/Hr5yJEYnHNKYXkIA8mVJgd9ditYZCe16ZczcaELYYcfvaXesNACk2O8O0nTiPQcQhGUQj8JLzeeg==",
+ "version": "2.0.1",
+ "resolved":
"https://registry.npmjs.org/set-value/-/set-value-2.0.1.tgz",
+ "integrity":
"sha512-JxHc1weCN68wRY0fhCoXpyK55m/XPHafOmK4UWD7m2CI14GMcFypt4w/0+NV5f/ZMby2F6S2wwA7fgynh9gWSw==",
"dev": true,
"requires": {
"extend-shallow": "^2.0.1",
@@ -8623,38 +8645,15 @@
"dev": true
},
"union-value": {
- "version": "1.0.0",
- "resolved":
"https://registry.npmjs.org/union-value/-/union-value-1.0.0.tgz",
- "integrity": "sha1-XHHDTLW61dzr4+oM0IIHulqhrqQ=",
+ "version": "1.0.1",
+ "resolved":
"https://registry.npmjs.org/union-value/-/union-value-1.0.1.tgz",
+ "integrity":
"sha512-tJfXmxMeWYnczCVs7XAEvIV7ieppALdyepWMkHkwciRpZraG/xwT+s2JN8+pr1+8jCRf80FFzvr+MpQeeoF4Xg==",
"dev": true,
"requires": {
"arr-union": "^3.1.0",
"get-value": "^2.0.6",
"is-extendable": "^0.1.1",
- "set-value": "^0.4.3"
- },
- "dependencies": {
- "extend-shallow": {
- "version": "2.0.1",
- "resolved":
"https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz",
- "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=",
- "dev": true,
- "requires": {
- "is-extendable": "^0.1.0"
- }
- },
- "set-value": {
- "version": "0.4.3",
- "resolved":
"https://registry.npmjs.org/set-value/-/set-value-0.4.3.tgz",
- "integrity": "sha1-fbCPnT0i3H945Trzw79GZuzfzPE=",
- "dev": true,
- "requires": {
- "extend-shallow": "^2.0.1",
- "is-extendable": "^0.1.1",
- "is-plain-object": "^2.0.1",
- "to-object-path": "^0.3.0"
- }
- }
+ "set-value": "^2.0.1"
}
},
"uniq": {
diff --git a/src/cockpit/389-console/package.json b/src/cockpit/389-console/package.json
index eb269d9..ddf44b5 100644
--- a/src/cockpit/389-console/package.json
+++ b/src/cockpit/389-console/package.json
@@ -51,7 +51,7 @@
"dependencies": {
"bootstrap": "^4.3.1",
"node-sass": "4.11.0",
- "patternfly": "^3.59.1",
+ "patternfly": "^3.59.3",
"patternfly-react": "^2.34.3",
"prop-types": "15.6.2",
"react": "16.6.1",
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.