From 6950ee2f73308258c768267cd3cfe621d34edb58 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 17 Jul 2025 09:48:31 +0000 Subject: [PATCH] feat: upgrade @cyclonedx/cyclonedx-npm from 3.0.0 to 4.0.0 Snyk has created this PR to upgrade @cyclonedx/cyclonedx-npm from 3.0.0 to 4.0.0. See this package in npm: @cyclonedx/cyclonedx-npm See this project in Snyk: https://app.snyk.io/org/nodeshift-agg/project/53f94480-e7ae-41d2-985c-270fae345664?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 134 ++++++++++++++++++++++++++-------------------- package.json | 2 +- 2 files changed, 76 insertions(+), 60 deletions(-) diff --git a/package-lock.json b/package-lock.json index b00b85e..16bbd8c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -24,7 +24,7 @@ "faas-js-runtime": "bin/cli.js" }, "devDependencies": { - "@cyclonedx/cyclonedx-npm": "^3.0.0", + "@cyclonedx/cyclonedx-npm": "^4.0.0", "@types/node": "^20.4.7", "@typescript-eslint/eslint-plugin": "^6.4.0", "@typescript-eslint/parser": "^6.4.1", @@ -444,9 +444,9 @@ } }, "node_modules/@cyclonedx/cyclonedx-library": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@cyclonedx/cyclonedx-library/-/cyclonedx-library-8.1.0.tgz", - "integrity": "sha512-RekxX0XwNmHR+NeS/7ImzZTmhZeS/EyCE+gjTbF/Mb3o1F2SkrvjWMr1JjRUcsVGL0C0m/iupWxCw7+2sbDRsQ==", + "version": "8.5.0", + "resolved": "https://registry.npmjs.org/@cyclonedx/cyclonedx-library/-/cyclonedx-library-8.5.0.tgz", + "integrity": "sha512-1EkCTcch4Sek6masF4yY1AV0iYg34tx18HoS7nn5v4DLNRELoqvDv64+pPnHzr67K35M7JviCzIOQBEdIsuv0w==", "dev": true, "funding": [ { @@ -534,9 +534,9 @@ "optional": true }, "node_modules/@cyclonedx/cyclonedx-npm": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@cyclonedx/cyclonedx-npm/-/cyclonedx-npm-3.0.0.tgz", - "integrity": "sha512-lQr2Sl1xD0HeQZrEtC+x+HBM61eKWujlw0HJDm9d542cATt5/23TfDjUPvy0WhHRgFtDKRmTE7FG14UZOdM+GA==", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/@cyclonedx/cyclonedx-npm/-/cyclonedx-npm-4.0.0.tgz", + "integrity": "sha512-CXzMeLAKJnikuGTBhR6u8WqIQM/dIWVHqnSy/o4z+e8BqfPC/Sdj3dhfPDUxiis5wzXaDoMyLWyOSC+yEdbVmA==", "dev": true, "funding": [ { @@ -546,8 +546,8 @@ ], "license": "Apache-2.0", "dependencies": { - "@cyclonedx/cyclonedx-library": "^8.0.0", - "commander": "^13.1.0", + "@cyclonedx/cyclonedx-library": "^8.4.0", + "commander": "^14.0.0", "normalize-package-data": "^7.0.0", "xmlbuilder2": "^3.0.2" }, @@ -559,6 +559,16 @@ "npm": ">=9" } }, + "node_modules/@cyclonedx/cyclonedx-npm/node_modules/commander": { + "version": "14.0.0", + "resolved": "https://registry.npmjs.org/commander/-/commander-14.0.0.tgz", + "integrity": "sha512-2uM9rYjPvyq39NwLRqaiLtWHyDC1FvryJDa2ATTVims5YAS4PupsEQsDvP14FqhFr0P49CYDugi59xaxJlTXRA==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=20" + } + }, "node_modules/@cyclonedx/cyclonedx-npm/node_modules/hosted-git-info": { "version": "8.1.0", "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-8.1.0.tgz", @@ -1588,9 +1598,9 @@ } }, "node_modules/agent-base": { - "version": "7.1.3", - "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", - "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==", + "version": "7.1.4", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.4.tgz", + "integrity": "sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==", "dev": true, "license": "MIT", "optional": true, @@ -2034,9 +2044,9 @@ } }, "node_modules/cacache/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz", + "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", "dev": true, "license": "MIT", "optional": true, @@ -2751,9 +2761,9 @@ } }, "node_modules/end-of-stream": { - "version": "1.4.4", - "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", - "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", "dev": true, "license": "MIT", "optional": true, @@ -6075,9 +6085,9 @@ } }, "node_modules/pump": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.2.tgz", - "integrity": "sha512-tUPXtzlGM8FE3P0ZL6DVs/3P58k9nk8/jZeQCurTJylQA8qFYzHFfhBJkuqyE0FifOsQ0uKWekiZ5g8wtr28cw==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", "dev": true, "license": "MIT", "optional": true, @@ -6692,9 +6702,9 @@ } }, "node_modules/socks": { - "version": "2.8.4", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.4.tgz", - "integrity": "sha512-D3YaD0aRxR3mEcqnidIs7ReYJFVzWdd6fXJYUM8ixcQcJRGTka/b3saV0KflYhyVJXKhb947GndU35SxYNResQ==", + "version": "2.8.6", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.6.tgz", + "integrity": "sha512-pe4Y2yzru68lXCb38aAqRf5gvN8YdjP1lok5o0J7BOHljkyCGKVz7H3vpVIXKD27rj2giOJ7DwVyk/GWrPHDWA==", "dev": true, "license": "MIT", "optional": true, @@ -7262,9 +7272,9 @@ } }, "node_modules/tinyglobby/node_modules/fdir": { - "version": "6.4.5", - "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.4.5.tgz", - "integrity": "sha512-4BG7puHpVsIYxZUbiUE3RqGloLaSSwzYie5jvasC4LWuBWzZawynvYouhjbQKw2JuIGYdm0DzIxl8iVidKlUEw==", + "version": "6.4.6", + "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.4.6.tgz", + "integrity": "sha512-hiFoqpyZcfNm1yc4u8oWCf9A2c4D3QjCrks3zmoVKVxpQRzmPNar1hUJcBG2RQHvEVGDN+Jm81ZheVLAQMK6+w==", "dev": true, "license": "MIT", "optional": true, @@ -7278,9 +7288,9 @@ } }, "node_modules/tinyglobby/node_modules/picomatch": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", - "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz", + "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==", "dev": true, "license": "MIT", "optional": true, @@ -8092,9 +8102,9 @@ } }, "@cyclonedx/cyclonedx-library": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@cyclonedx/cyclonedx-library/-/cyclonedx-library-8.1.0.tgz", - "integrity": "sha512-RekxX0XwNmHR+NeS/7ImzZTmhZeS/EyCE+gjTbF/Mb3o1F2SkrvjWMr1JjRUcsVGL0C0m/iupWxCw7+2sbDRsQ==", + "version": "8.5.0", + "resolved": "https://registry.npmjs.org/@cyclonedx/cyclonedx-library/-/cyclonedx-library-8.5.0.tgz", + "integrity": "sha512-1EkCTcch4Sek6masF4yY1AV0iYg34tx18HoS7nn5v4DLNRELoqvDv64+pPnHzr67K35M7JviCzIOQBEdIsuv0w==", "dev": true, "requires": { "ajv": "^8.12.0", @@ -8146,17 +8156,23 @@ } }, "@cyclonedx/cyclonedx-npm": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@cyclonedx/cyclonedx-npm/-/cyclonedx-npm-3.0.0.tgz", - "integrity": "sha512-lQr2Sl1xD0HeQZrEtC+x+HBM61eKWujlw0HJDm9d542cATt5/23TfDjUPvy0WhHRgFtDKRmTE7FG14UZOdM+GA==", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/@cyclonedx/cyclonedx-npm/-/cyclonedx-npm-4.0.0.tgz", + "integrity": "sha512-CXzMeLAKJnikuGTBhR6u8WqIQM/dIWVHqnSy/o4z+e8BqfPC/Sdj3dhfPDUxiis5wzXaDoMyLWyOSC+yEdbVmA==", "dev": true, "requires": { - "@cyclonedx/cyclonedx-library": "^8.0.0", - "commander": "^13.1.0", + "@cyclonedx/cyclonedx-library": "^8.4.0", + "commander": "^14.0.0", "normalize-package-data": "^7.0.0", "xmlbuilder2": "^3.0.2" }, "dependencies": { + "commander": { + "version": "14.0.0", + "resolved": "https://registry.npmjs.org/commander/-/commander-14.0.0.tgz", + "integrity": "sha512-2uM9rYjPvyq39NwLRqaiLtWHyDC1FvryJDa2ATTVims5YAS4PupsEQsDvP14FqhFr0P49CYDugi59xaxJlTXRA==", + "dev": true + }, "hosted-git-info": { "version": "8.1.0", "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-8.1.0.tgz", @@ -8854,9 +8870,9 @@ "requires": {} }, "agent-base": { - "version": "7.1.3", - "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", - "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==", + "version": "7.1.4", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.4.tgz", + "integrity": "sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==", "dev": true, "optional": true }, @@ -9141,9 +9157,9 @@ }, "dependencies": { "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz", + "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", "dev": true, "optional": true, "requires": { @@ -9628,9 +9644,9 @@ } }, "end-of-stream": { - "version": "1.4.4", - "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", - "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", "dev": true, "optional": true, "requires": { @@ -11893,9 +11909,9 @@ } }, "pump": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.2.tgz", - "integrity": "sha512-tUPXtzlGM8FE3P0ZL6DVs/3P58k9nk8/jZeQCurTJylQA8qFYzHFfhBJkuqyE0FifOsQ0uKWekiZ5g8wtr28cw==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", "dev": true, "optional": true, "requires": { @@ -12294,9 +12310,9 @@ } }, "socks": { - "version": "2.8.4", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.4.tgz", - "integrity": "sha512-D3YaD0aRxR3mEcqnidIs7ReYJFVzWdd6fXJYUM8ixcQcJRGTka/b3saV0KflYhyVJXKhb947GndU35SxYNResQ==", + "version": "2.8.6", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.6.tgz", + "integrity": "sha512-pe4Y2yzru68lXCb38aAqRf5gvN8YdjP1lok5o0J7BOHljkyCGKVz7H3vpVIXKD27rj2giOJ7DwVyk/GWrPHDWA==", "dev": true, "optional": true, "requires": { @@ -12715,17 +12731,17 @@ }, "dependencies": { "fdir": { - "version": "6.4.5", - "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.4.5.tgz", - "integrity": "sha512-4BG7puHpVsIYxZUbiUE3RqGloLaSSwzYie5jvasC4LWuBWzZawynvYouhjbQKw2JuIGYdm0DzIxl8iVidKlUEw==", + "version": "6.4.6", + "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.4.6.tgz", + "integrity": "sha512-hiFoqpyZcfNm1yc4u8oWCf9A2c4D3QjCrks3zmoVKVxpQRzmPNar1hUJcBG2RQHvEVGDN+Jm81ZheVLAQMK6+w==", "dev": true, "optional": true, "requires": {} }, "picomatch": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", - "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz", + "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==", "dev": true, "optional": true } diff --git a/package.json b/package.json index f7748ee..8550a6c 100644 --- a/package.json +++ b/package.json @@ -46,7 +46,7 @@ "qs": "^6.11.2" }, "devDependencies": { - "@cyclonedx/cyclonedx-npm": "^3.0.0", + "@cyclonedx/cyclonedx-npm": "^4.0.0", "@types/node": "^20.4.7", "@typescript-eslint/eslint-plugin": "^6.4.0", "@typescript-eslint/parser": "^6.4.1",