From 7b071707927bb4d979935a1a10761b45f87c4bb8 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Thu, 18 Jul 2019 15:54:59 +0000 Subject: [PATCH] Bump helmet from 3.18.0 to 3.19.0 in /backend Bumps [helmet](https://github.com/helmetjs/helmet) from 3.18.0 to 3.19.0. - [Release notes](https://github.com/helmetjs/helmet/releases) - [Changelog](https://github.com/helmetjs/helmet/blob/master/CHANGELOG.md) - [Commits](https://github.com/helmetjs/helmet/compare/v3.18.0...v3.19.0) Signed-off-by: dependabot-preview[bot] --- backend/package.json | 2 +- backend/yarn.lock | 58 ++++++++++++++++++++++---------------------- 2 files changed, 30 insertions(+), 30 deletions(-) diff --git a/backend/package.json b/backend/package.json index d9672ec6b..274af878b 100644 --- a/backend/package.json +++ b/backend/package.json @@ -64,7 +64,7 @@ "graphql-middleware": "~3.0.2", "graphql-shield": "~6.0.3", "graphql-tag": "~2.10.1", - "helmet": "~3.18.0", + "helmet": "~3.19.0", "jsonwebtoken": "~8.5.1", "linkifyjs": "~2.1.8", "lodash": "~4.17.14", diff --git a/backend/yarn.lock b/backend/yarn.lock index d8f6991d2..7697d75d7 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -2766,10 +2766,10 @@ diff@^3.0.0: resolved "https://registry.yarnpkg.com/diff/-/diff-3.5.0.tgz#800c0dd1e0a8bfbc95835c202ad220fe317e5a12" integrity sha512-A46qtFgd+g7pDZinpnwiRJtxbC1hpgf0uzP3iG89scHk0AUC7A1TGxf5OiiOUv/JMZR8GOt8hL900hV0bOy5xA== -dns-prefetch-control@0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/dns-prefetch-control/-/dns-prefetch-control-0.1.0.tgz#60ddb457774e178f1f9415f0cabb0e85b0b300b2" - integrity sha1-YN20V3dOF48flBXwyrsOhbCzALI= +dns-prefetch-control@0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/dns-prefetch-control/-/dns-prefetch-control-0.2.0.tgz#73988161841f3dcc81f47686d539a2c702c88624" + integrity sha512-hvSnros73+qyZXhHFjx2CMLwoj3Fe7eR9EJsFsqmcI1bB2OBWL/+0YzaEaKssCHnj/6crawNnUyw74Gm2EKe+Q== doctrine@1.5.0: version "1.5.0" @@ -2829,10 +2829,10 @@ domutils@^1.5.1: dom-serializer "0" domelementtype "1" -dont-sniff-mimetype@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/dont-sniff-mimetype/-/dont-sniff-mimetype-1.0.0.tgz#5932890dc9f4e2f19e5eb02a20026e5e5efc8f58" - integrity sha1-WTKJDcn04vGeXrAqIAJuXl78j1g= +dont-sniff-mimetype@1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/dont-sniff-mimetype/-/dont-sniff-mimetype-1.1.0.tgz#c7d0427f8bcb095762751252af59d148b0a623b2" + integrity sha512-ZjI4zqTaxveH2/tTlzS1wFp+7ncxNZaIEWYg3lzZRHkKf5zPT/MnEG6WL0BhHMJUabkh8GeU5NL5j+rEUCb7Ug== dot-prop@^4.1.0: version "4.2.0" @@ -3916,10 +3916,10 @@ he@0.5.0: resolved "https://registry.yarnpkg.com/he/-/he-0.5.0.tgz#2c05ffaef90b68e860f3fd2b54ef580989277ee2" integrity sha1-LAX/rvkLaOhg8/0rVO9YCYknfuI= -helmet-crossdomain@0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/helmet-crossdomain/-/helmet-crossdomain-0.3.0.tgz#707e2df930f13ad61f76ed08e1bb51ab2b2e85fa" - integrity sha512-YiXhj0E35nC4Na5EPE4mTfoXMf9JTGpN4OtB4aLqShKuH9d2HNaJX5MQoglO6STVka0uMsHyG5lCut5Kzsy7Lg== +helmet-crossdomain@0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/helmet-crossdomain/-/helmet-crossdomain-0.4.0.tgz#5f1fe5a836d0325f1da0a78eaa5fd8429078894e" + integrity sha512-AB4DTykRw3HCOxovD1nPR16hllrVImeFp5VBV9/twj66lJ2nU75DP8FPL0/Jp4jj79JhTfG+pFI2MD02kWJ+fA== helmet-csp@2.7.1: version "2.7.1" @@ -3931,31 +3931,31 @@ helmet-csp@2.7.1: dasherize "2.0.0" platform "1.3.5" -helmet@~3.18.0: - version "3.18.0" - resolved "https://registry.yarnpkg.com/helmet/-/helmet-3.18.0.tgz#37666f7c861bd1ff3015e0cdb903a43501e3da3e" - integrity sha512-TsKlGE5UVkV0NiQ4PllV9EVfZklPjyzcMEMjWlyI/8S6epqgRT+4s4GHVgc25x0TixsKvp3L7c91HQQt5l0+QA== +helmet@~3.19.0: + version "3.19.0" + resolved "https://registry.yarnpkg.com/helmet/-/helmet-3.19.0.tgz#02c524dd69e03b0af20dce7bc9929ff951081a29" + integrity sha512-l58Q3unSpYatlurvFzkCbTRQ8oWUmdXbOs7h+pnwQbFJRhRJDjER6UMyqHxp9iFtWPcVA05VLcUGSi0EXIv7GA== dependencies: depd "2.0.0" - dns-prefetch-control "0.1.0" - dont-sniff-mimetype "1.0.0" + dns-prefetch-control "0.2.0" + dont-sniff-mimetype "1.1.0" expect-ct "0.2.0" feature-policy "0.3.0" frameguard "3.1.0" - helmet-crossdomain "0.3.0" + helmet-crossdomain "0.4.0" helmet-csp "2.7.1" - hide-powered-by "1.0.0" + hide-powered-by "1.1.0" hpkp "2.0.0" hsts "2.2.0" ienoopen "1.1.0" nocache "2.1.0" referrer-policy "1.2.0" - x-xss-protection "1.1.0" + x-xss-protection "1.2.0" -hide-powered-by@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/hide-powered-by/-/hide-powered-by-1.0.0.tgz#4a85ad65881f62857fc70af7174a1184dccce32b" - integrity sha1-SoWtZYgfYoV/xwr3F0oRhNzM4ys= +hide-powered-by@1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/hide-powered-by/-/hide-powered-by-1.1.0.tgz#be3ea9cab4bdb16f8744be873755ca663383fa7a" + integrity sha512-Io1zA2yOA1YJslkr+AJlWSf2yWFkKjvkcL9Ni1XSUqnGLr/qRQe2UI3Cn/J9MsJht7yEVCe0SscY1HgVMujbgg== hoek@5.x.x: version "5.0.4" @@ -7945,10 +7945,10 @@ ws@^6.0.0: dependencies: async-limiter "~1.0.0" -x-xss-protection@1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/x-xss-protection/-/x-xss-protection-1.1.0.tgz#4f1898c332deb1e7f2be1280efb3e2c53d69c1a7" - integrity sha512-rx3GzJlgEeZ08MIcDsU2vY2B1QEriUKJTSiNHHUIem6eg9pzVOr2TL3Y4Pd6TMAM5D5azGjcxqI62piITBDHVg== +x-xss-protection@1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/x-xss-protection/-/x-xss-protection-1.2.0.tgz#3170498ff8e7e8159f4896b27fa4d4810c2ff486" + integrity sha512-xN0kV+8XfOQM2OPPBdEbGtbvJNNP1pvZR7sE6d44cjJFQG4OiGDdienPg5iOUGswBTiGbBvtYDURd30BMJwwqg== xdg-basedir@^3.0.0: version "3.0.0"