From 949d33b1db1097bf2a0112a1c80bd5f725c5086f Mon Sep 17 00:00:00 2001 From: kirrg001 Date: Tue, 31 Oct 2017 12:21:48 +0100 Subject: [PATCH] Bump jsonpath to version 1.0.0 no issue - major bump - we only use jsonpath inside the `get` helper - the functionality still works as expected - includes security fix, see https://github.com/dchester/jsonpath/commit/98464aa5fea65bad09564a5632bad72e31736244 --- package.json | 2 +- yarn.lock | 44 +++++++++++++++++++++++++------------------- 2 files changed, 26 insertions(+), 20 deletions(-) diff --git a/package.json b/package.json index 82adb22c4c..e9ecde1774 100644 --- a/package.json +++ b/package.json @@ -59,7 +59,7 @@ "image-size": "0.6.1", "intl": "1.2.5", "intl-messageformat": "1.3.0", - "jsonpath": "0.2.12", + "jsonpath": "1.0.0", "knex": "0.12.9", "knex-migrator": "2.1.9", "lodash": "4.17.4", diff --git a/yarn.lock b/yarn.lock index 8c669f25ad..cd212d8c9d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1298,14 +1298,16 @@ escodegen@1.8.x: optionalDependencies: source-map "~0.2.0" -escodegen@~0.0.24: - version "0.0.28" - resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-0.0.28.tgz#0e4ff1715f328775d6cab51ac44a406cd7abffd3" +escodegen@^1.8.1: + version "1.9.0" + resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-1.9.0.tgz#9811a2f265dc1cd3894420ee3717064b632b8852" dependencies: - esprima "~1.0.2" - estraverse "~1.3.0" + esprima "^3.1.3" + estraverse "^4.2.0" + esutils "^2.0.2" + optionator "^0.8.1" optionalDependencies: - source-map ">= 0.1.2" + source-map "~0.5.6" esprima@1.0.x, "esprima@~ 1.0.2", esprima@~1.0.2: version "1.0.4" @@ -1319,11 +1321,15 @@ esprima@2.7.x, esprima@^2.6.0, esprima@^2.7.1: version "2.7.3" resolved "https://registry.yarnpkg.com/esprima/-/esprima-2.7.3.tgz#96e3b70d5779f6ad49cd032673d1c312767ba581" +esprima@^3.1.3: + version "3.1.3" + resolved "https://registry.yarnpkg.com/esprima/-/esprima-3.1.3.tgz#fdca51cee6133895e3c88d535ce49dbff62a4633" + estraverse@^1.9.1: version "1.9.3" resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-1.9.3.tgz#af67f2dc922582415950926091a4005d29c9bb44" -estraverse@^4.1.0: +estraverse@^4.1.0, estraverse@^4.2.0: version "4.2.0" resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13" @@ -1331,10 +1337,6 @@ estraverse@~0.0.4: version "0.0.4" resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-0.0.4.tgz#01a0932dfee574684a598af5a67c3bf9b6428db2" -estraverse@~1.3.0: - version "1.3.2" - resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-1.3.2.tgz#37c2b893ef13d723f276d878d60d8535152a6c42" - esutils@^2.0.2: version "2.0.2" resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.2.tgz#0abf4f1caa5bcb1f7a9d8acc6dea4faaa04bac9b" @@ -2929,13 +2931,13 @@ jsonlint@~1.6.2: JSV ">= 4.0.x" nomnom ">= 1.5.x" -jsonpath@0.2.12: - version "0.2.12" - resolved "https://registry.yarnpkg.com/jsonpath/-/jsonpath-0.2.12.tgz#5bf9d911fb4616c1e3370beceb9f0db24ae34cd2" +jsonpath@1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/jsonpath/-/jsonpath-1.0.0.tgz#45cd9d4c4d0d6825d90bd7e40f83f1182b13dd07" dependencies: esprima "1.2.2" jison "0.4.13" - static-eval "0.2.3" + static-eval "2.0.0" underscore "1.7.0" jsprim@^1.2.2: @@ -5058,6 +5060,10 @@ source-map@~0.2.0: dependencies: amdefine ">=0.0.4" +source-map@~0.5.6: + version "0.5.7" + resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.7.tgz#8a039d2d1021d22d1ea14c80d8ea468ba2ef3fcc" + sparkles@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/sparkles/-/sparkles-1.0.0.tgz#1acbbfb592436d10bbe8f785b7cc6f82815012c3" @@ -5127,11 +5133,11 @@ stack-trace@0.0.9, stack-trace@0.0.x: version "0.0.9" resolved "https://registry.yarnpkg.com/stack-trace/-/stack-trace-0.0.9.tgz#a8f6eaeca90674c333e7c43953f275b451510695" -static-eval@0.2.3: - version "0.2.3" - resolved "https://registry.yarnpkg.com/static-eval/-/static-eval-0.2.3.tgz#023f17ac9fee426ea788c12ea39206dc175f8b2a" +static-eval@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/static-eval/-/static-eval-2.0.0.tgz#0e821f8926847def7b4b50cda5d55c04a9b13864" dependencies: - escodegen "~0.0.24" + escodegen "^1.8.1" statuses@1, "statuses@>= 1.2.1 < 2", "statuses@>= 1.3.1 < 2", statuses@~1.3.0, statuses@~1.3.1: version "1.3.1"