From f9babc38b48049f73a3a282f48d8cb26969cb0a0 Mon Sep 17 00:00:00 2001 From: Matthew Phillips Date: Thu, 2 Feb 2023 16:41:10 -0500 Subject: [PATCH] Upgrade preact's dependencies to fix security issue (#6108) --- .changeset/breezy-scissors-attack.md | 5 ++++ packages/integrations/preact/package.json | 2 +- pnpm-lock.yaml | 34 +++++++++++++++++++++-- 3 files changed, 38 insertions(+), 3 deletions(-) create mode 100644 .changeset/breezy-scissors-attack.md diff --git a/.changeset/breezy-scissors-attack.md b/.changeset/breezy-scissors-attack.md new file mode 100644 index 000000000000..d34c0566a64e --- /dev/null +++ b/.changeset/breezy-scissors-attack.md @@ -0,0 +1,5 @@ +--- +'@astrojs/preact': patch +--- + +Upgrade babel dependency to fix security vuln diff --git a/packages/integrations/preact/package.json b/packages/integrations/preact/package.json index 47408fa59656..ab7efa4cbd77 100644 --- a/packages/integrations/preact/package.json +++ b/packages/integrations/preact/package.json @@ -34,7 +34,7 @@ "dependencies": { "@babel/core": ">=7.0.0-0 <8.0.0", "@babel/plugin-transform-react-jsx": "^7.17.12", - "babel-plugin-module-resolver": "^4.1.0", + "babel-plugin-module-resolver": "^5.0.0", "preact-render-to-string": "^5.2.4", "@preact/signals": "^1.1.0" }, diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 1c199181edbf..ac4eedde9dde 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -3151,14 +3151,14 @@ importers: '@preact/signals': ^1.1.0 astro: workspace:* astro-scripts: workspace:* - babel-plugin-module-resolver: ^4.1.0 + babel-plugin-module-resolver: ^5.0.0 preact: ^10.7.3 preact-render-to-string: ^5.2.4 dependencies: '@babel/core': 7.20.12 '@babel/plugin-transform-react-jsx': 7.20.13_@babel+core@7.20.12 '@preact/signals': 1.1.3_preact@10.11.3 - babel-plugin-module-resolver: 4.1.0 + babel-plugin-module-resolver: 5.0.0 preact-render-to-string: 5.2.6_preact@10.11.3 devDependencies: astro: link:../../astro @@ -7912,6 +7912,17 @@ packages: resolve: 1.22.1 dev: false + /babel-plugin-module-resolver/5.0.0: + resolution: {integrity: sha512-g0u+/ChLSJ5+PzYwLwP8Rp8Rcfowz58TJNCe+L/ui4rpzE/mg//JVX0EWBUYoxaextqnwuGHzfGp2hh0PPV25Q==} + engines: {node: '>= 16'} + dependencies: + find-babel-config: 2.0.0 + glob: 8.1.0 + pkg-up: 3.1.0 + reselect: 4.1.7 + resolve: 1.22.1 + dev: false + /babel-plugin-polyfill-corejs2/0.3.3_@babel+core@7.20.12: resolution: {integrity: sha512-8hOdmFYFSZhqg2C/JgLUQ+t52o5nirNwaWM2B9LWteozwIvM14VSwdsCAUET10qT+kmySAlseadmfeeSWFCy+Q==} peerDependencies: @@ -9883,6 +9894,14 @@ packages: path-exists: 3.0.0 dev: false + /find-babel-config/2.0.0: + resolution: {integrity: sha512-dOKT7jvF3hGzlW60Gc3ONox/0rRZ/tz7WCil0bqA1In/3I8f1BctpXahRnEKDySZqci7u+dqq93sZST9fOJpFw==} + engines: {node: '>=16.0.0'} + dependencies: + json5: 2.2.3 + path-exists: 4.0.0 + dev: false + /find-up/3.0.0: resolution: {integrity: sha512-1yD6RmLI1XBfxugvORwlck6f75tYL+iR0jqwsOrOxMZyGYqUuDhJ0l4AXdO1iX/FTs9cBAMEk1gWSEx1kSbylg==} engines: {node: '>=6'} @@ -10145,6 +10164,17 @@ packages: once: 1.4.0 path-is-absolute: 1.0.1 + /glob/8.1.0: + resolution: {integrity: sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ==} + engines: {node: '>=12'} + dependencies: + fs.realpath: 1.0.0 + inflight: 1.0.6 + inherits: 2.0.4 + minimatch: 5.1.6 + once: 1.4.0 + dev: false + /global-agent/3.0.0: resolution: {integrity: sha512-PT6XReJ+D07JvGoxQMkT6qji/jVNfX/h364XHZOWeRzy64sSFr+xJ5OX7LI3b4MPQzdL4H8Y8M0xzPpsVMwA8Q==} engines: {node: '>=10.0'}