From 547efff23314f1638e2fcfc67dec4f70936c6e5f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 5 May 2020 00:30:37 +0100 Subject: [PATCH 1/2] fix: upgrade helmet from 3.21.2 to 3.22.0 Snyk has created this PR to upgrade helmet from 3.21.2 to 3.22.0. See this package in NPM: https://www.npmjs.com/package/helmet See this project in Snyk: https://app.snyk.io/org/financial-times/project/73eba637-5626-4a8c-9f6e-dd40d0ecf0bd?utm_source=github&utm_medium=upgrade-pr --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 1a0be2d..7f41d21 100755 --- a/package.json +++ b/package.json @@ -38,7 +38,7 @@ "fs": "0.0.1-security", "gm": "^1.23.1", "hbs": "^4.1.0", - "helmet": "^3.21.2", + "helmet": "^3.22.0", "is-uuid": "^1.0.2", "md5": "^2.2.1", "mocha": "^5.0.3", From feb581280a5325b39626bf087c64faf300de0fef Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 5 May 2020 00:30:38 +0100 Subject: [PATCH 2/2] fix: upgrade helmet from 3.21.2 to 3.22.0 Snyk has created this PR to upgrade helmet from 3.21.2 to 3.22.0. See this package in NPM: https://www.npmjs.com/package/helmet See this project in Snyk: https://app.snyk.io/org/financial-times/project/73eba637-5626-4a8c-9f6e-dd40d0ecf0bd?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/package-lock.json b/package-lock.json index b0a9086..6e58faa 100644 --- a/package-lock.json +++ b/package-lock.json @@ -718,9 +718,9 @@ } }, "bowser": { - "version": "2.7.0", - "resolved": "https://registry.npmjs.org/bowser/-/bowser-2.7.0.tgz", - "integrity": "sha512-aIlMvstvu8x+34KEiOHD3AsBgdrzg6sxALYiukOWhFvGMbQI6TRP/iY0LMhUrHs56aD6P1G0Z7h45PUJaa5m9w==" + "version": "2.9.0", + "resolved": "https://registry.npmjs.org/bowser/-/bowser-2.9.0.tgz", + "integrity": "sha512-2ld76tuLBNFekRgmJfT2+3j5MIrP6bFict8WAIT3beq+srz1gcKNAdNKMqHqauQt63NmAa88HfP1/Ypa9Er3HA==" }, "boxen": { "version": "1.3.0", @@ -2985,9 +2985,9 @@ "integrity": "sha1-k0EP0hsAlzUVH4howvJx80J+I/0=" }, "helmet": { - "version": "3.21.2", - "resolved": "https://registry.npmjs.org/helmet/-/helmet-3.21.2.tgz", - "integrity": "sha512-okUo+MeWgg00cKB8Csblu8EXgcIoDyb5ZS/3u0W4spCimeVuCUvVZ6Vj3O2VJ1Sxpyb8jCDvzu0L1KKT11pkIg==", + "version": "3.22.0", + "resolved": "https://registry.npmjs.org/helmet/-/helmet-3.22.0.tgz", + "integrity": "sha512-Xrqicn2nm1ZIUxP3YGuTBmbDL04neKsIT583Sjh0FkiwKDXYCMUqGqC88w3NUvVXtA75JyR2Jn6jw6ZEMOD+ZA==", "requires": { "depd": "2.0.0", "dns-prefetch-control": "0.2.0", @@ -2996,7 +2996,7 @@ "feature-policy": "0.3.0", "frameguard": "3.1.0", "helmet-crossdomain": "0.4.0", - "helmet-csp": "2.9.4", + "helmet-csp": "2.10.0", "hide-powered-by": "1.1.0", "hpkp": "2.0.0", "hsts": "2.2.0", @@ -3019,11 +3019,11 @@ "integrity": "sha512-AB4DTykRw3HCOxovD1nPR16hllrVImeFp5VBV9/twj66lJ2nU75DP8FPL0/Jp4jj79JhTfG+pFI2MD02kWJ+fA==" }, "helmet-csp": { - "version": "2.9.4", - "resolved": "https://registry.npmjs.org/helmet-csp/-/helmet-csp-2.9.4.tgz", - "integrity": "sha512-qUgGx8+yk7Xl8XFEGI4MFu1oNmulxhQVTlV8HP8tV3tpfslCs30OZz/9uQqsWPvDISiu/NwrrCowsZBhFADYqg==", + "version": "2.10.0", + "resolved": "https://registry.npmjs.org/helmet-csp/-/helmet-csp-2.10.0.tgz", + "integrity": "sha512-Rz953ZNEFk8sT2XvewXkYN0Ho4GEZdjAZy4stjiEQV3eN7GDxg1QKmYggH7otDyIA7uGA6XnUMVSgeJwbR5X+w==", "requires": { - "bowser": "^2.7.0", + "bowser": "2.9.0", "camelize": "1.0.0", "content-security-policy-builder": "2.1.0", "dasherize": "2.0.0"