From c75b7d4a706b73f09688c1a84e8a98927623e118 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bugsounet=20-=20C=C3=A9dric?= Date: Sat, 20 Jan 2024 22:55:01 +0100 Subject: [PATCH] pm2 update ;) (#3364) `pm2` just updated to v5.3.1 with `0 vulnerabilities` let's delete `allow-ghsas` in depsreview and update dependencies --- .github/workflows/depsreview.yaml | 2 -- CHANGELOG.md | 1 + package-lock.json | 35 ++++++++++++++++--------------- package.json | 2 +- 4 files changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/workflows/depsreview.yaml b/.github/workflows/depsreview.yaml index d70d79d3..7d8866d8 100644 --- a/.github/workflows/depsreview.yaml +++ b/.github/workflows/depsreview.yaml @@ -16,5 +16,3 @@ jobs: uses: actions/checkout@v4 - name: "Dependency Review" uses: actions/dependency-review-action@v3 - with: - allow-ghsas: GHSA-wf5p-g6vw-rhxx diff --git a/CHANGELOG.md b/CHANGELOG.md index 0b6138f8..c0884bc4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -20,6 +20,7 @@ _This release is scheduled to be released on 2024-04-01._ - Use node prefix for build-in modules (#3340) - Rework logging colors (#3350) - Update electron to v28 and update other dependencies (#3357) +- Update pm2 to v5.3.1 with no allow-ghsas (#3364) ### Fixed diff --git a/package-lock.json b/package-lock.json index da68f8fe..09fe1f6e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -23,7 +23,8 @@ "module-alias": "^2.2.3", "moment": "^2.30.1", "node-ical": "^0.17.1", - "pm2": "^5.3.0", + "pm2": "^5.3.1", + "socket.io": "^4.7.4", "systeminformation": "^5.21.22" }, "devDependencies": { @@ -1757,14 +1758,14 @@ "integrity": "sha512-JEPTiaOt9f04oa6NOkc4aH+nVp5I3wEjpHbIPqfgCdD5v5bUzy7xQqwcVO2aDQgOWhI28da57HksMrzK9HlRxg==" }, "node_modules/@pm2/js-api": { - "version": "0.6.7", - "resolved": "https://registry.npmjs.org/@pm2/js-api/-/js-api-0.6.7.tgz", - "integrity": "sha512-jiJUhbdsK+5C4zhPZNnyA3wRI01dEc6a2GhcQ9qI38DyIk+S+C8iC3fGjcjUbt/viLYKPjlAaE+hcT2/JMQPXw==", + "version": "0.8.0", + "resolved": "https://registry.npmjs.org/@pm2/js-api/-/js-api-0.8.0.tgz", + "integrity": "sha512-nmWzrA/BQZik3VBz+npRcNIu01kdBhWL0mxKmP1ciF/gTcujPTQqt027N9fc1pK9ERM8RipFhymw7RcmCyOEYA==", "dependencies": { "async": "^2.6.3", - "axios": "^0.21.0", "debug": "~4.3.1", "eventemitter2": "^6.3.1", + "extrareqp2": "^1.0.0", "ws": "^7.0.0" }, "engines": { @@ -1779,14 +1780,6 @@ "lodash": "^4.17.14" } }, - "node_modules/@pm2/js-api/node_modules/axios": { - "version": "0.21.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", - "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==", - "dependencies": { - "follow-redirects": "^1.14.0" - } - }, "node_modules/@pm2/js-api/node_modules/eventemitter2": { "version": "6.4.9", "resolved": "https://registry.npmjs.org/eventemitter2/-/eventemitter2-6.4.9.tgz", @@ -4898,6 +4891,14 @@ "@types/yauzl": "^2.9.1" } }, + "node_modules/extrareqp2": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/extrareqp2/-/extrareqp2-1.0.0.tgz", + "integrity": "sha512-Gum0g1QYb6wpPJCVypWP3bbIuaibcFiJcpuPM10YSXp/tzqi84x9PJageob+eN4xVRIOto4wjSGNLyMD54D2xA==", + "dependencies": { + "follow-redirects": "^1.14.0" + } + }, "node_modules/fast-deep-equal": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", @@ -8482,13 +8483,13 @@ } }, "node_modules/pm2": { - "version": "5.3.0", - "resolved": "https://registry.npmjs.org/pm2/-/pm2-5.3.0.tgz", - "integrity": "sha512-xscmQiAAf6ArVmKhjKTeeN8+Td7ZKnuZFFPw1DGkdFPR/0Iyx+m+1+OpCdf9+HQopX3VPc9/wqPQHqVOfHum9w==", + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/pm2/-/pm2-5.3.1.tgz", + "integrity": "sha512-DLVQHpSR1EegaTaRH3KbRXxpPVaqYwAp3uHSCtCsS++LSErvk07WSxuUnntFblBRqNU/w2KQyqs12mSq5wurkg==", "dependencies": { "@pm2/agent": "~2.0.0", "@pm2/io": "~5.0.0", - "@pm2/js-api": "~0.6.7", + "@pm2/js-api": "~0.8.0", "@pm2/pm2-version-check": "latest", "async": "~3.2.0", "blessed": "0.1.81", diff --git a/package.json b/package.json index dd88a2db..67c274ae 100644 --- a/package.json +++ b/package.json @@ -84,7 +84,7 @@ "module-alias": "^2.2.3", "moment": "^2.30.1", "node-ical": "^0.17.1", - "pm2": "^5.3.0", + "pm2": "^5.3.1", "socket.io": "^4.7.4", "systeminformation": "^5.21.22" },