From ca1e25f8d4d49e9a281de9db042eff5dc2da1d10 Mon Sep 17 00:00:00 2001
From: Whitney Purdum <whitney.purdum@energyweb.org>
Date: Mon, 4 Dec 2023 13:03:58 -0500
Subject: [PATCH] fix: security upgrade rimraf from 3.0.2 to 4.0.0 (#11)

* fix: apps/vc-api/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116

* fix(deps): update rimraf to ^4 in did and e2e

---------

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: jrhender <vcapi@energyweb.org>
Signed-off-by: jrhender <vcapi@energyweb.org>
---
 apps/vc-api/package.json          |  2 +-
 common/config/rush/pnpm-lock.yaml | 16 ++++++++--------
 libraries/did/package.json        |  2 +-
 tests/e2e/package.json            |  2 +-
 4 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/apps/vc-api/package.json b/apps/vc-api/package.json
index f3a27e6..f8fbfa5 100644
--- a/apps/vc-api/package.json
+++ b/apps/vc-api/package.json
@@ -34,7 +34,7 @@
     "@nestjs/typeorm": "^10.0.0",
     "jose": "^4.14.4",
     "reflect-metadata": "^0.1.13",
-    "rimraf": "^3.0.0",
+    "rimraf": "^4.0.0",
     "rxjs": "^7.8.1",
     "typeorm": "^0.3.17",
     "better-sqlite3": "~8.4.0",
diff --git a/common/config/rush/pnpm-lock.yaml b/common/config/rush/pnpm-lock.yaml
index ba2453b..fbb006f 100644
--- a/common/config/rush/pnpm-lock.yaml
+++ b/common/config/rush/pnpm-lock.yaml
@@ -141,8 +141,8 @@ dependencies:
     specifier: ^0.1.13
     version: 0.1.13
   rimraf:
-    specifier: ^3.0.0
-    version: 3.0.2
+    specifier: ^4.0.0
+    version: 4.4.1
   rxjs:
     specifier: ^7.8.1
     version: 7.8.1
@@ -6715,7 +6715,7 @@ packages:
     dev: false
 
   file:projects/ssi-did.tgz(@babel/core@7.18.13)(@types/node@20.3.2)(ts-node@10.9.1):
-    resolution: {integrity: sha512-AizntCdLoG/qAR2CZ9ZEpyXu8SSg8d28/Uwwe3X6nbQdaglM4Ewy5MT1nZAcwPIo9mqhHf50cxV44kg8YBvwVA==, tarball: file:projects/ssi-did.tgz}
+    resolution: {integrity: sha512-7I7t71Q3QAT+iH6E4b1VwDoBuy6om1VKfkuVBr9gdRHM1Pk3DRbCnN2HkPmrIRit+tXhrUNka20QGrjGhUX+PA==, tarball: file:projects/ssi-did.tgz}
     id: file:projects/ssi-did.tgz
     name: '@rush-temp/ssi-did'
     version: 0.0.0
@@ -6736,7 +6736,7 @@ packages:
       ethr-did-resolver: 8.0.0
       jest: 29.5.0(@types/node@20.3.2)(ts-node@10.9.1)
       prettier: 2.8.8
-      rimraf: 3.0.2
+      rimraf: 4.4.1
       ts-jest: 29.1.1(@babel/core@7.18.13)(babel-jest@29.5.0)(jest@29.5.0)(typescript@4.8.2)
       typescript: 4.8.2
     transitivePeerDependencies:
@@ -6752,7 +6752,7 @@ packages:
     dev: false
 
   file:projects/ssi-vc-api-tests-e2e.tgz(@babel/core@7.18.13)(@nestjs/core@10.0.4)(@nestjs/platform-express@10.0.4)(@types/node@20.3.2)(babel-jest@29.5.0)(class-transformer@0.5.1)(class-validator@0.14.0)(reflect-metadata@0.1.13)(rxjs@7.8.1)(webpack@5.88.1):
-    resolution: {integrity: sha512-abAeDIGN3BbtmOEJo2gAF1OmzTEBDHlW72CqjNcU8aclRIxeKbtb4+TKvVHJGPBMbVHYDd1LQsJKgWar+KbFLw==, tarball: file:projects/ssi-vc-api-tests-e2e.tgz}
+    resolution: {integrity: sha512-e9LRjL86isbXANQVFXzL6819G0yay3jluAoIZRAejYuBxVzrV12fRtQnNoDN4gTVdb6NOHUIXl2DKsuK5+8Iiw==, tarball: file:projects/ssi-vc-api-tests-e2e.tgz}
     id: file:projects/ssi-vc-api-tests-e2e.tgz
     name: '@rush-temp/ssi-vc-api-tests-e2e'
     version: 0.0.0
@@ -6768,7 +6768,7 @@ packages:
       eslint-plugin-prettier: 4.2.1(eslint-config-prettier@8.8.0)(eslint@8.22.0)(prettier@2.8.8)
       jest: 29.5.0(@types/node@20.3.2)(ts-node@10.9.1)
       prettier: 2.8.8
-      rimraf: 3.0.2
+      rimraf: 4.4.1
       supertest: 6.3.3
       ts-jest: 29.1.1(@babel/core@7.18.13)(babel-jest@29.5.0)(jest@29.5.0)(typescript@4.8.2)
       ts-loader: 9.4.4(typescript@4.8.2)(webpack@5.88.1)
@@ -6796,7 +6796,7 @@ packages:
     dev: false
 
   file:projects/ssi-vc-api.tgz(@babel/core@7.18.13)(babel-jest@29.5.0)(express@4.18.2)(webpack@5.88.1):
-    resolution: {integrity: sha512-ykt6a+AfUSs0VCpLdIUaulTqJGs0CGlEnkSReLTLUVXJvaLolSJqDC8uCZao1rZrlkHQyQKZdeBiYEdUIvGywg==, tarball: file:projects/ssi-vc-api.tgz}
+    resolution: {integrity: sha512-8fQcjodK3YMgLet7vye9nnhLTSnsfLuopvpVJbNOhTEQvHooFGydYb9zVC+9pAXgu9P8ga3Wyu2esljVUomLog==, tarball: file:projects/ssi-vc-api.tgz}
     id: file:projects/ssi-vc-api.tgz
     name: '@rush-temp/ssi-vc-api'
     version: 0.0.0
@@ -6838,7 +6838,7 @@ packages:
       nock: 13.3.1
       prettier: 2.8.8
       reflect-metadata: 0.1.13
-      rimraf: 3.0.2
+      rimraf: 4.4.1
       rxjs: 7.8.1
       supertest: 6.3.3
       swagger-ui-express: 4.6.3(express@4.18.2)
diff --git a/libraries/did/package.json b/libraries/did/package.json
index 1a7d5a1..5ff6162 100644
--- a/libraries/did/package.json
+++ b/libraries/did/package.json
@@ -29,7 +29,7 @@
     "babel-jest": "29.5.0",
     "eslint": "^8.22.0",
     "jest": "^29.5.0",
-    "rimraf": "^3.0.0",
+    "rimraf": "^4.0.0",
     "ts-jest": "^29.1.1",
     "typescript": "^4.8.0",
     "@energyweb/eslint-config": "~0.1.0",
diff --git a/tests/e2e/package.json b/tests/e2e/package.json
index ee34ece..f70d10e 100644
--- a/tests/e2e/package.json
+++ b/tests/e2e/package.json
@@ -22,7 +22,7 @@
     "eslint-plugin-prettier": "^4.2.1",
     "jest": "^29.5.0",
     "prettier": "^2.8.8",
-    "rimraf": "^3.0.0",
+    "rimraf": "^4.0.0",
     "supertest": "^6.3.3",
     "ts-jest": "^29.1.1",
     "ts-loader": "^9.4.4",