From 2530ff96d56e9c88ddd63f80d01e2ddc44965c33 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Tue, 23 Jun 2020 15:18:42 +0000 Subject: [PATCH] build(deps): [security] bump apollo-server-express in /backend Bumps [apollo-server-express](https://github.com/apollographql/apollo-server) from 2.12.0 to 2.14.2. **This update includes a security fix.** - [Release notes](https://github.com/apollographql/apollo-server/releases) - [Changelog](https://github.com/apollographql/apollo-server/blob/master/CHANGELOG.md) - [Commits](https://github.com/apollographql/apollo-server/compare/apollo-server-express@2.12.0...apollo-server-express@2.14.2) Signed-off-by: dependabot-preview[bot] --- backend/package.json | 2 +- backend/yarn.lock | 43 ++++++++++++++----------------------------- 2 files changed, 15 insertions(+), 30 deletions(-) diff --git a/backend/package.json b/backend/package.json index 164e8c9b1..e79197d3a 100644 --- a/backend/package.json +++ b/backend/package.json @@ -44,7 +44,7 @@ "apollo-link-context": "~1.0.20", "apollo-link-http": "~1.5.17", "apollo-server": "~2.11.0", - "apollo-server-express": "^2.12.0", + "apollo-server-express": "^2.14.2", "aws-sdk": "^2.652.0", "babel-plugin-transform-runtime": "^6.23.0", "bcryptjs": "~2.4.3", diff --git a/backend/yarn.lock b/backend/yarn.lock index a42c5cc64..49fc1e26a 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -1592,13 +1592,14 @@ "@types/qs" "*" "@types/serve-static" "*" -"@types/express@4.17.3": - version "4.17.3" - resolved "https://registry.yarnpkg.com/@types/express/-/express-4.17.3.tgz#38e4458ce2067873b09a73908df488870c303bd9" - integrity sha512-I8cGRJj3pyOLs/HndoP+25vOqhqWkAZsWMEmq1qXy/b/M3ppufecUwaK2/TVDVxcV61/iSdhykUjQQ2DLSrTdg== +"@types/express@4.17.4": + version "4.17.4" + resolved "https://registry.yarnpkg.com/@types/express/-/express-4.17.4.tgz#e78bf09f3f530889575f4da8a94cd45384520aac" + integrity sha512-DO1L53rGqIDUEvOjJKmbMEQ5Z+BM2cIEPy/eV3En+s166Gz+FeuzRerxcab757u/U4v4XF4RYrZPmqKa+aY/2w== dependencies: "@types/body-parser" "*" "@types/express-serve-static-core" "*" + "@types/qs" "*" "@types/serve-static" "*" "@types/fs-capacitor@*": @@ -1999,13 +2000,6 @@ apollo-datasource@^0.7.1: apollo-server-caching "^0.5.1" apollo-server-env "^2.4.4" -apollo-engine-reporting-protobuf@^0.4.4: - version "0.4.4" - resolved "https://registry.yarnpkg.com/apollo-engine-reporting-protobuf/-/apollo-engine-reporting-protobuf-0.4.4.tgz#73a064f8c9f2d6605192d1673729c66ec47d9cb7" - integrity sha512-SGrIkUR7Q/VjU8YG98xcvo340C4DaNUhg/TXOtGsMlfiJDzHwVau/Bv6zifAzBafp2lj0XND6Daj5kyT/eSI/w== - dependencies: - "@apollo/protobufjs" "^1.0.3" - apollo-engine-reporting-protobuf@^0.5.1: version "0.5.1" resolved "https://registry.yarnpkg.com/apollo-engine-reporting-protobuf/-/apollo-engine-reporting-protobuf-0.5.1.tgz#b6e66e6e382f9bcdc2ac8ed168b047eb1470c1a8" @@ -2097,7 +2091,7 @@ apollo-server-caching@^0.5.1: dependencies: lru-cache "^5.0.0" -apollo-server-core@^2.11.0, apollo-server-core@^2.12.0: +apollo-server-core@^2.11.0, apollo-server-core@^2.14.2: version "2.15.0" resolved "https://registry.yarnpkg.com/apollo-server-core/-/apollo-server-core-2.15.0.tgz#a9c19028b76e7ca90a759b4421556ba7625df1d9" integrity sha512-PwNm/G5IXReev7E0ZaRAekQ7pN9BTuXH8c2QVgfMGMno3XiN5Dj+1DXYQthpwNJch0y5zhhLcb/JbClijgSEsA== @@ -2125,7 +2119,7 @@ apollo-server-core@^2.11.0, apollo-server-core@^2.12.0: subscriptions-transport-ws "^0.9.11" ws "^6.0.0" -apollo-server-env@^2.4.3, apollo-server-env@^2.4.4: +apollo-server-env@^2.4.4: version "2.4.4" resolved "https://registry.yarnpkg.com/apollo-server-env/-/apollo-server-env-2.4.4.tgz#12d2d0896dcb184478cba066c7a683ab18689ca1" integrity sha512-c2oddDS3lwAl6QNCIKCLEzt/dF9M3/tjjYRVdxOVN20TidybI7rAbnT4QOzf4tORnGXtiznEAvr/Kc9ahhKADg== @@ -2138,19 +2132,19 @@ apollo-server-errors@^2.4.1: resolved "https://registry.yarnpkg.com/apollo-server-errors/-/apollo-server-errors-2.4.1.tgz#16ad49de6c9134bfb2b7dede9842e73bb239dbe2" integrity sha512-7oEd6pUxqyWYUbQ9TA8tM0NU/3aGtXSEibo6+txUkuHe7QaxfZ2wHRp+pfT1LC1K3RXYjKj61/C2xEO19s3Kdg== -apollo-server-express@^2.11.0, apollo-server-express@^2.12.0: - version "2.12.0" - resolved "https://registry.yarnpkg.com/apollo-server-express/-/apollo-server-express-2.12.0.tgz#a03cef8a3aa753bff73156e6a31fd59a076dc48b" - integrity sha512-oTBKM2SsziCoFW+ta+ubJ/ypvsc+EWrbJnyZhJ5FBYzSXPstt/jvgZHgMO+kOQgHEHrbJwugNDUuLMSm608L7A== +apollo-server-express@^2.11.0, apollo-server-express@^2.14.2: + version "2.14.2" + resolved "https://registry.yarnpkg.com/apollo-server-express/-/apollo-server-express-2.14.2.tgz#662dfeb9c794c1eca59dd93e57e74487a8195ae6" + integrity sha512-iYyZm0kQqkM561i9l0WC9HbJsGZJbHP9bhnWaa1Itd+yNBS2AJFp6mRR3hQacsWXUw7ewaKAracMIggvfSH5Aw== dependencies: "@apollographql/graphql-playground-html" "1.6.24" "@types/accepts" "^1.3.5" "@types/body-parser" "1.19.0" "@types/cors" "^2.8.4" - "@types/express" "4.17.3" + "@types/express" "4.17.4" accepts "^1.3.5" - apollo-server-core "^2.12.0" - apollo-server-types "^0.3.1" + apollo-server-core "^2.14.2" + apollo-server-types "^0.5.0" body-parser "^1.18.3" cors "^2.8.4" express "^4.17.1" @@ -2174,15 +2168,6 @@ apollo-server-testing@~2.11.0: dependencies: apollo-server-core "^2.11.0" -apollo-server-types@^0.3.1: - version "0.3.1" - resolved "https://registry.yarnpkg.com/apollo-server-types/-/apollo-server-types-0.3.1.tgz#9456e243dad525a78b689246f124a66d7d8ac409" - integrity sha512-6nX5VC3icOGf1RZIs7/SYQZff+Cl16LQu1FHUOIk9gAMN2XjlRCyJgCeMj5YHJzQ8Mhg4BO0weWuydEg+JxLzg== - dependencies: - apollo-engine-reporting-protobuf "^0.4.4" - apollo-server-caching "^0.5.1" - apollo-server-env "^2.4.3" - apollo-server-types@^0.5.0: version "0.5.0" resolved "https://registry.yarnpkg.com/apollo-server-types/-/apollo-server-types-0.5.0.tgz#51f39c5fa610ece8b07f1fbcf63c47d4ac150340"