From b5b5a0e22e64a3a5f84ebc5865b30fb69a218fa1 Mon Sep 17 00:00:00 2001 From: Marcus Bjurman Date: Thu, 9 Jan 2020 17:31:38 +0100 Subject: [PATCH 1/3] fix(core): solve audit errors by updating deps --- packages/roc-abstract-package-base-dev/package.json | 2 +- packages/roc-package-webpack-dev/package.json | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/roc-abstract-package-base-dev/package.json b/packages/roc-abstract-package-base-dev/package.json index 4a956e2..ba6af59 100644 --- a/packages/roc-abstract-package-base-dev/package.json +++ b/packages/roc-abstract-package-base-dev/package.json @@ -24,7 +24,7 @@ ], "license": "MIT", "dependencies": { - "lodash": "~4.5.1", + "lodash": "^4.17.15", "rimraf": "~2.5.1", "roc": "^1.0.0-rc.23" }, diff --git a/packages/roc-package-webpack-dev/package.json b/packages/roc-package-webpack-dev/package.json index 11d12e3..8b493d7 100644 --- a/packages/roc-package-webpack-dev/package.json +++ b/packages/roc-package-webpack-dev/package.json @@ -30,7 +30,7 @@ "chalk": "~1.1.1", "dev-ip": "~1.0.1", "json-loader": "~0.5.3", - "lodash": "~4.5.1", + "lodash": "^4.17.15", "mkdirp": "~0.5.1", "multi-progress": "~2.0.0", "node-watch": "~0.3.4", @@ -39,7 +39,7 @@ "roc-abstract-package-base-dev": "^1.0.0", "roc-plugin-babel": "^1.0.0", "webpack": "~1.12.2", - "webpack-merge": "0.14.0" + "webpack-merge": "^1.0.12" }, "roc": { "packages": [ From 1071410c5d0b445ac5e0c9f76cb5ff74495c28b2 Mon Sep 17 00:00:00 2001 From: Marcus Bjurman Date: Fri, 10 Jan 2020 11:55:29 +0100 Subject: [PATCH 2/3] fix(core): fix more vulnerabilities --- packages/roc-package-web-app/package.json | 4 ++-- packages/roc-package-webpack-web-dev/package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/roc-package-web-app/package.json b/packages/roc-package-web-app/package.json index 60c41a3..cb3b0cd 100644 --- a/packages/roc-package-web-app/package.json +++ b/packages/roc-package-web-app/package.json @@ -26,7 +26,7 @@ "dependencies": { "config": "~1.16.0", "debug": "~2.2.0", - "koa": "~1.1.1", + "koa": "~2.11.0", "koa-accesslog": "~0.0.2", "koa-add-trailing-slashes": "~1.1.0", "koa-compressor": "~1.0.3", @@ -40,7 +40,7 @@ "koa-normalize-path": "~1.0.0", "koa-remove-trailing-slashes": "~1.0.0", "koa-static": "~2.0.0", - "lodash": "4.13.1", + "lodash": "~4.17.15", "roc": "^1.0.0-rc.23", "roc-package-webpack-node": "^1.0.0", "roc-package-webpack-web": "^1.0.0" diff --git a/packages/roc-package-webpack-web-dev/package.json b/packages/roc-package-webpack-web-dev/package.json index 4895d79..6f3ee79 100644 --- a/packages/roc-package-webpack-web-dev/package.json +++ b/packages/roc-package-webpack-web-dev/package.json @@ -24,7 +24,7 @@ "license": "MIT", "dependencies": { "debug": "~2.2.0", - "koa": "~1.1.1", + "koa": "~2.11.0", "koa-webpack-dev-middleware": "~1.1.0", "qs": "~6.1.0", "roc": "^1.0.0-rc.23", From bb68126c34b50a4a3f85151f1f9eed23a98d85a1 Mon Sep 17 00:00:00 2001 From: Marcus Bjurman Date: Fri, 10 Jan 2020 12:02:25 +0100 Subject: [PATCH 3/3] fix(core): revert upgrade to koa 2x --- packages/roc-package-web-app/package.json | 2 +- packages/roc-package-webpack-web-dev/package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/roc-package-web-app/package.json b/packages/roc-package-web-app/package.json index cb3b0cd..dfc32b7 100644 --- a/packages/roc-package-web-app/package.json +++ b/packages/roc-package-web-app/package.json @@ -26,7 +26,7 @@ "dependencies": { "config": "~1.16.0", "debug": "~2.2.0", - "koa": "~2.11.0", + "koa": "~1.7.0", "koa-accesslog": "~0.0.2", "koa-add-trailing-slashes": "~1.1.0", "koa-compressor": "~1.0.3", diff --git a/packages/roc-package-webpack-web-dev/package.json b/packages/roc-package-webpack-web-dev/package.json index 6f3ee79..49b5ec4 100644 --- a/packages/roc-package-webpack-web-dev/package.json +++ b/packages/roc-package-webpack-web-dev/package.json @@ -24,7 +24,7 @@ "license": "MIT", "dependencies": { "debug": "~2.2.0", - "koa": "~2.11.0", + "koa": "~1.7.0", "koa-webpack-dev-middleware": "~1.1.0", "qs": "~6.1.0", "roc": "^1.0.0-rc.23",