fix: package.json & package-lock.json to reduce vulnerabilities (#97)

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-XML2JS-5414874
2025-12-19 04:37:43 +00:00 · 2023-04-25 19:47:16 +08:00
parent b311d4af48
commit 1a09a13cfa
2 changed files with 20 additions and 30 deletions
--- a/package-lock.json
+++ b/package-lock.json
@@ -17,7 +17,7 @@
        "@jambonz/siprec-client-utils": "^0.2.4",
        "@jambonz/stats-collector": "^0.1.8",
        "@jambonz/time-series": "^0.2.5",
-        "aws-sdk": "^2.1261.0",
+        "aws-sdk": "^2.1354.0",
        "bent": "^7.3.12",
        "cidr-matcher": "^2.1.1",
        "debug": "^4.3.4",
@@ -930,9 +930,9 @@
      }
    },
    "node_modules/aws-sdk": {
-      "version": "2.1293.0",
-      "resolved": "https://registry.npmjs.org/aws-sdk/-/aws-sdk-2.1293.0.tgz",
-      "integrity": "sha512-Wq4zPwJsrYLerXkWzllrTky3DM/Gwg8rKmC/79cDckGzDT8vZ2w/JfI5lW94ckRHjbqQXalChMH3GmWp0sV29Q==",
+      "version": "2.1354.0",
+      "resolved": "https://registry.npmjs.org/aws-sdk/-/aws-sdk-2.1354.0.tgz",
+      "integrity": "sha512-3aDxvyuOqMB9DqJguCq6p8momdsz0JR1axwkWOOCzHA7a35+Bw+WLmqt3pWwRjR1tGIwkkZ2CvGJObYHsOuw3w==",
      "dependencies": {
        "buffer": "4.9.2",
        "events": "1.1.1",
@@ -943,7 +943,7 @@
        "url": "0.10.3",
        "util": "^0.12.4",
        "uuid": "8.0.0",
-        "xml2js": "0.4.19"
+        "xml2js": "0.5.0"
      },
      "engines": {
        "node": ">= 10.0.0"
@@ -958,20 +958,15 @@
      }
    },
    "node_modules/aws-sdk/node_modules/xml2js": {
-      "version": "0.4.19",
-      "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.4.19.tgz",
-      "integrity": "sha512-esZnJZJOiJR9wWKMyuvSE1y6Dq5LCuJanqhxslH2bxM6duahNZ+HMpCLhBQGZkbX6xRf8x1Y2eJlgt2q3qo49Q==",
+      "version": "0.5.0",
+      "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.5.0.tgz",
+      "integrity": "sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA==",
      "dependencies": {
        "sax": ">=0.6.0",
-        "xmlbuilder": "~9.0.1"
-      }
-    },
-    "node_modules/aws-sdk/node_modules/xmlbuilder": {
-      "version": "9.0.7",
-      "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-9.0.7.tgz",
-      "integrity": "sha512-7YXTQc3P2l9+0rjaUbLwMKRhtmwg1M1eDf6nag7urC7pIPYLD9W/jmzQ4ptRSUbodw5S0jfoGTflLemQibSpeQ==",
+        "xmlbuilder": "~11.0.0"
+      },
      "engines": {
-        "node": ">=4.0"
+        "node": ">=4.0.0"
      }
    },
    "node_modules/balanced-match": {
@@ -6003,9 +5998,9 @@
      "integrity": "sha512-DMD0KiN46eipeziST1LPP/STfDU0sufISXmjSgvVsoU2tqxctQeASejWcfNtxYKqETM1UxQ8sp2OrSBWpHY6sw=="
    },
    "aws-sdk": {
-      "version": "2.1293.0",
-      "resolved": "https://registry.npmjs.org/aws-sdk/-/aws-sdk-2.1293.0.tgz",
-      "integrity": "sha512-Wq4zPwJsrYLerXkWzllrTky3DM/Gwg8rKmC/79cDckGzDT8vZ2w/JfI5lW94ckRHjbqQXalChMH3GmWp0sV29Q==",
+      "version": "2.1354.0",
+      "resolved": "https://registry.npmjs.org/aws-sdk/-/aws-sdk-2.1354.0.tgz",
+      "integrity": "sha512-3aDxvyuOqMB9DqJguCq6p8momdsz0JR1axwkWOOCzHA7a35+Bw+WLmqt3pWwRjR1tGIwkkZ2CvGJObYHsOuw3w==",
      "requires": {
        "buffer": "4.9.2",
        "events": "1.1.1",
@@ -6016,7 +6011,7 @@
        "url": "0.10.3",
        "util": "^0.12.4",
        "uuid": "8.0.0",
-        "xml2js": "0.4.19"
+        "xml2js": "0.5.0"
      },
      "dependencies": {
        "uuid": {
@@ -6025,18 +6020,13 @@
          "integrity": "sha512-jOXGuXZAWdsTH7eZLtyXMqUb9EcWMGZNbL9YcGBJl4MH4nrxHmZJhEHvyLFrkxo+28uLb/NYRcStH48fnD0Vzw=="
        },
        "xml2js": {
-          "version": "0.4.19",
-          "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.4.19.tgz",
-          "integrity": "sha512-esZnJZJOiJR9wWKMyuvSE1y6Dq5LCuJanqhxslH2bxM6duahNZ+HMpCLhBQGZkbX6xRf8x1Y2eJlgt2q3qo49Q==",
+          "version": "0.5.0",
+          "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.5.0.tgz",
+          "integrity": "sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA==",
          "requires": {
            "sax": ">=0.6.0",
-            "xmlbuilder": "~9.0.1"
+            "xmlbuilder": "~11.0.0"
          }
-        },
-        "xmlbuilder": {
-          "version": "9.0.7",
-          "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-9.0.7.tgz",
-          "integrity": "sha512-7YXTQc3P2l9+0rjaUbLwMKRhtmwg1M1eDf6nag7urC7pIPYLD9W/jmzQ4ptRSUbodw5S0jfoGTflLemQibSpeQ=="
        }
      }
    },
--- a/package.json
+++ b/package.json
@@ -33,7 +33,7 @@
    "@jambonz/siprec-client-utils": "^0.2.4",
    "@jambonz/stats-collector": "^0.1.8",
    "@jambonz/time-series": "^0.2.5",
-    "aws-sdk": "^2.1261.0",
+    "aws-sdk": "^2.1354.0",
    "bent": "^7.3.12",
    "cidr-matcher": "^2.1.1",
    "debug": "^4.3.4",