From 5f235d2ab26ee5123ef31983681929ccc225cea0 Mon Sep 17 00:00:00 2001 From: John Gunther Date: Fri, 14 Feb 2025 14:34:20 -0500 Subject: [PATCH] Update vitest to 1.6.1 to address security vulnerability CVE-2025-24964 --- packages/all/package.json | 6 +- packages/all/tsconfig.json | 8 +- packages/packer/package.json | 8 +- .../rrweb-plugin-console-record/package.json | 4 +- packages/record/package.json | 4 +- packages/replay/package.json | 4 +- packages/rrdom-nodejs/package.json | 8 +- packages/rrdom-nodejs/tsconfig.json | 8 +- packages/rrweb-snapshot/package.json | 2 +- yarn.lock | 95 +++++++++++-------- 10 files changed, 81 insertions(+), 66 deletions(-) diff --git a/packages/all/package.json b/packages/all/package.json index 6aa8256457..53ef54686d 100644 --- a/packages/all/package.json +++ b/packages/all/package.json @@ -50,14 +50,14 @@ ], "devDependencies": { "puppeteer": "^20.9.0", + "typescript": "^5.4.5", "vite": "^5.3.1", "vite-plugin-dts": "^3.9.1", - "vitest": "^1.4.0", - "typescript": "^5.4.5" + "vitest": "^1.6.1" }, "dependencies": { - "@rrweb/types": "^2.0.0-alpha.18", "@rrweb/packer": "^2.0.0-alpha.18", + "@rrweb/types": "^2.0.0-alpha.18", "rrweb": "^2.0.0-alpha.18" }, "browserslist": [ diff --git a/packages/all/tsconfig.json b/packages/all/tsconfig.json index 5de77cef36..b3a0d7d861 100644 --- a/packages/all/tsconfig.json +++ b/packages/all/tsconfig.json @@ -1,16 +1,18 @@ { "extends": "../../tsconfig.base.json", - "include": ["src"], + "include": [ + "src" + ], "compilerOptions": { "rootDir": "src", "tsBuildInfoFile": "./tsconfig.tsbuildinfo" }, "references": [ { - "path": "../types" + "path": "../packer" }, { - "path": "../packer" + "path": "../types" }, { "path": "../rrweb" diff --git a/packages/packer/package.json b/packages/packer/package.json index c4595a4e87..bb0030e1b0 100644 --- a/packages/packer/package.json +++ b/packages/packer/package.json @@ -71,14 +71,14 @@ "package.json" ], "devDependencies": { + "typescript": "^5.4.5", "vite": "^5.3.1", "vite-plugin-dts": "^3.9.1", - "vitest": "^1.4.0", - "typescript": "^5.4.5" + "vitest": "^1.6.1" }, "dependencies": { - "fflate": "^0.4.4", - "@rrweb/types": "^2.0.0-alpha.18" + "@rrweb/types": "^2.0.0-alpha.18", + "fflate": "^0.4.4" }, "browserslist": [ "supports es6-class" diff --git a/packages/plugins/rrweb-plugin-console-record/package.json b/packages/plugins/rrweb-plugin-console-record/package.json index c59352c02c..dbad42a1a6 100644 --- a/packages/plugins/rrweb-plugin-console-record/package.json +++ b/packages/plugins/rrweb-plugin-console-record/package.json @@ -45,12 +45,12 @@ }, "homepage": "https://github.com/rrweb-io/rrweb#readme", "devDependencies": { + "puppeteer": "^20.9.0", "rrweb": "^2.0.0-alpha.18", "typescript": "^5.4.5", "vite": "^5.3.1", "vite-plugin-dts": "^3.9.1", - "vitest": "^1.4.0", - "puppeteer": "^20.9.0" + "vitest": "^1.6.1" }, "peerDependencies": { "rrweb": "^2.0.0-alpha.18" diff --git a/packages/record/package.json b/packages/record/package.json index 0e58cd5a59..3fc538f0eb 100644 --- a/packages/record/package.json +++ b/packages/record/package.json @@ -49,10 +49,10 @@ ], "devDependencies": { "puppeteer": "^20.9.0", + "typescript": "^5.4.5", "vite": "^5.3.1", "vite-plugin-dts": "^3.9.1", - "vitest": "^1.4.0", - "typescript": "^5.4.5" + "vitest": "^1.6.1" }, "dependencies": { "@rrweb/types": "^2.0.0-alpha.18", diff --git a/packages/replay/package.json b/packages/replay/package.json index 5c9d3f44e9..4293cdc25c 100644 --- a/packages/replay/package.json +++ b/packages/replay/package.json @@ -50,10 +50,10 @@ ], "devDependencies": { "puppeteer": "^20.9.0", + "typescript": "^5.4.5", "vite": "^5.3.1", "vite-plugin-dts": "^3.9.1", - "vitest": "^1.4.0", - "typescript": "^5.4.5" + "vitest": "^1.6.1" }, "dependencies": { "@rrweb/types": "^2.0.0-alpha.18", diff --git a/packages/rrdom-nodejs/package.json b/packages/rrdom-nodejs/package.json index 455c317a7c..2aa1496131 100644 --- a/packages/rrdom-nodejs/package.json +++ b/packages/rrdom-nodejs/package.json @@ -46,16 +46,16 @@ "compare-versions": "^4.1.3", "eslint": "^8.15.0", "puppeteer": "^9.1.1", + "typescript": "^5.4.5", "vite": "^5.3.1", "vite-plugin-dts": "^3.9.1", - "vitest": "^1.4.0", - "typescript": "^5.4.5" + "vitest": "^1.6.1" }, "dependencies": { + "@rrweb/types": "^2.0.0-alpha.18", "cssom": "^0.5.0", "cssstyle": "^2.3.0", "nwsapi": "2.2.0", - "rrdom": "^2.0.0-alpha.18", - "@rrweb/types": "^2.0.0-alpha.18" + "rrdom": "^2.0.0-alpha.18" } } diff --git a/packages/rrdom-nodejs/tsconfig.json b/packages/rrdom-nodejs/tsconfig.json index 8f1d20380a..09784e0dd7 100644 --- a/packages/rrdom-nodejs/tsconfig.json +++ b/packages/rrdom-nodejs/tsconfig.json @@ -1,16 +1,18 @@ { "extends": "../../tsconfig.base.json", - "include": ["src"], + "include": [ + "src" + ], "compilerOptions": { "rootDir": "src", "tsBuildInfoFile": "./tsconfig.tsbuildinfo" }, "references": [ { - "path": "../rrdom" + "path": "../types" }, { - "path": "../types" + "path": "../rrdom" } ] } diff --git a/packages/rrweb-snapshot/package.json b/packages/rrweb-snapshot/package.json index 299384b2de..4e71868f54 100644 --- a/packages/rrweb-snapshot/package.json +++ b/packages/rrweb-snapshot/package.json @@ -65,7 +65,7 @@ "typescript": "^5.4.5", "vite": "^5.3.1", "vite-plugin-dts": "^3.9.1", - "vitest": "^1.4.0" + "vitest": "^1.6.1" }, "dependencies": { "postcss": "^8.4.38" diff --git a/yarn.lock b/yarn.lock index ddbfc5571e..da228fdfd3 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2620,7 +2620,7 @@ dependencies: "@types/dom-webcodecs" "*" -"@types/dom-webcodecs@*", "@types/dom-webcodecs@0.1.5": +"@types/dom-webcodecs@*": version "0.1.5" resolved "https://registry.yarnpkg.com/@types/dom-webcodecs/-/dom-webcodecs-0.1.5.tgz#2252fdb4a3229924d27f054242cc614e2cd5b83b" integrity sha512-dsAE+4ws75W5mmNmIZ7IKZwv4bcz5GgPuA87u+Mk1CeVWB6g7ZwBfizRwBZDeyO12RSxoU3NlRa8jgLYQeSZGg== @@ -3079,44 +3079,44 @@ "@types/babel__core" "^7.20.5" react-refresh "^0.14.2" -"@vitest/expect@1.6.0": - version "1.6.0" - resolved "https://registry.yarnpkg.com/@vitest/expect/-/expect-1.6.0.tgz#0b3ba0914f738508464983f4d811bc122b51fb30" - integrity sha512-ixEvFVQjycy/oNgHjqsL6AZCDduC+tflRluaHIzKIsdbzkLn2U/iBnVeJwB6HsIjQBdfMR8Z0tRxKUsvFJEeWQ== +"@vitest/expect@1.6.1": + version "1.6.1" + resolved "https://registry.yarnpkg.com/@vitest/expect/-/expect-1.6.1.tgz#b90c213f587514a99ac0bf84f88cff9042b0f14d" + integrity sha512-jXL+9+ZNIJKruofqXuuTClf44eSpcHlgj3CiuNihUF3Ioujtmc0zIa3UJOW5RjDK1YLBJZnWBlPuqhYycLioog== dependencies: - "@vitest/spy" "1.6.0" - "@vitest/utils" "1.6.0" + "@vitest/spy" "1.6.1" + "@vitest/utils" "1.6.1" chai "^4.3.10" -"@vitest/runner@1.6.0": - version "1.6.0" - resolved "https://registry.yarnpkg.com/@vitest/runner/-/runner-1.6.0.tgz#a6de49a96cb33b0e3ba0d9064a3e8d6ce2f08825" - integrity sha512-P4xgwPjwesuBiHisAVz/LSSZtDjOTPYZVmNAnpHHSR6ONrf8eCJOFRvUwdHn30F5M1fxhqtl7QZQUk2dprIXAg== +"@vitest/runner@1.6.1": + version "1.6.1" + resolved "https://registry.yarnpkg.com/@vitest/runner/-/runner-1.6.1.tgz#10f5857c3e376218d58c2bfacfea1161e27e117f" + integrity sha512-3nSnYXkVkf3mXFfE7vVyPmi3Sazhb/2cfZGGs0JRzFsPFvAMBEcrweV1V1GsrstdXeKCTXlJbvnQwGWgEIHmOA== dependencies: - "@vitest/utils" "1.6.0" + "@vitest/utils" "1.6.1" p-limit "^5.0.0" pathe "^1.1.1" -"@vitest/snapshot@1.6.0": - version "1.6.0" - resolved "https://registry.yarnpkg.com/@vitest/snapshot/-/snapshot-1.6.0.tgz#deb7e4498a5299c1198136f56e6e0f692e6af470" - integrity sha512-+Hx43f8Chus+DCmygqqfetcAZrDJwvTj0ymqjQq4CvmpKFSTVteEOBzCusu1x2tt4OJcvBflyHUE0DZSLgEMtQ== +"@vitest/snapshot@1.6.1": + version "1.6.1" + resolved "https://registry.yarnpkg.com/@vitest/snapshot/-/snapshot-1.6.1.tgz#90414451a634bb36cd539ccb29ae0d048a8c0479" + integrity sha512-WvidQuWAzU2p95u8GAKlRMqMyN1yOJkGHnx3M1PL9Raf7AQ1kwLKg04ADlCa3+OXUZE7BceOhVZiuWAbzCKcUQ== dependencies: magic-string "^0.30.5" pathe "^1.1.1" pretty-format "^29.7.0" -"@vitest/spy@1.6.0": - version "1.6.0" - resolved "https://registry.yarnpkg.com/@vitest/spy/-/spy-1.6.0.tgz#362cbd42ccdb03f1613798fde99799649516906d" - integrity sha512-leUTap6B/cqi/bQkXUu6bQV5TZPx7pmMBKBQiI0rJA8c3pB56ZsaTbREnF7CJfmvAS4V2cXIBAh/3rVwrrCYgw== +"@vitest/spy@1.6.1": + version "1.6.1" + resolved "https://registry.yarnpkg.com/@vitest/spy/-/spy-1.6.1.tgz#33376be38a5ed1ecd829eb986edaecc3e798c95d" + integrity sha512-MGcMmpGkZebsMZhbQKkAf9CX5zGvjkBTqf8Zx3ApYWXr3wG+QvEu2eXWfnIIWYSJExIp4V9FCKDEeygzkYrXMw== dependencies: tinyspy "^2.2.0" -"@vitest/utils@1.6.0": - version "1.6.0" - resolved "https://registry.yarnpkg.com/@vitest/utils/-/utils-1.6.0.tgz#5c5675ca7d6f546a7b4337de9ae882e6c57896a1" - integrity sha512-21cPiuGMoMZwiOHa2i4LXkMkMkCGzA+MVFV70jRwHo95dL4x/ts5GZhML1QWuy7yfp3WzK3lRvZi3JnXTYqrBw== +"@vitest/utils@1.6.1": + version "1.6.1" + resolved "https://registry.yarnpkg.com/@vitest/utils/-/utils-1.6.1.tgz#6d2f36cb6d866f2bbf59da854a324d6bf8040f17" + integrity sha512-jOrrUvXM4Av9ZWiG1EajNto0u96kWAhJ1LmPmJhXXQx/32MecEKd10pOLYgS2BQx1TgkGhloPU1ArDW2vvaY6g== dependencies: diff-sequences "^29.6.3" estree-walker "^3.0.3" @@ -4331,9 +4331,20 @@ cssesc@^3.0.0: resolved "https://registry.yarnpkg.com/cssesc/-/cssesc-3.0.0.tgz#37741919903b868565e1c09ea747445cd18983ee" integrity sha512-/Tb/JcjK111nNScGob5MNtsntNM1aCNUDipB/TkwZFhyDrrE47SOx/18wF2bbjgc3ZzCSKW1T5nt5EbFoAz/Vg== -cssom@^0.4.4, cssom@^0.5.0, "cssom@https://registry.npmjs.org/rrweb-cssom/-/rrweb-cssom-0.6.0.tgz", cssom@~0.3.6: - version "0.6.0" - resolved "https://registry.npmjs.org/rrweb-cssom/-/rrweb-cssom-0.6.0.tgz#ed298055b97cbddcdeb278f904857629dec5e0e1" +cssom@^0.4.4: + version "0.4.4" + resolved "https://registry.yarnpkg.com/cssom/-/cssom-0.4.4.tgz#5a66cf93d2d0b661d80bf6a44fb65f5c2e4e0a10" + integrity sha512-p3pvU7r1MyyqbTk+WbNJIgJjG2VmTIaB10rI93LzVPrmDJKkzKYMtxxyAvQXR/NS6otuzveI7+7BBq3SjBS2mw== + +cssom@^0.5.0: + version "0.5.0" + resolved "https://registry.yarnpkg.com/cssom/-/cssom-0.5.0.tgz#d254fa92cd8b6fbd83811b9fbaed34663cc17c36" + integrity sha512-iKuQcq+NdHqlAcwUY0o/HL69XQrUaQdMjmStJ8JFmUaiiQErlhrmuigkg/CU4E2J0IyUKUrMAgl36TvN67MqTw== + +cssom@~0.3.6: + version "0.3.8" + resolved "https://registry.yarnpkg.com/cssom/-/cssom-0.3.8.tgz#9f1276f5b2b463f2114d3f2c75250af8c1a36f4a" + integrity sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg== cssstyle@^2.3.0: version "2.3.0" @@ -10276,10 +10287,10 @@ vary@~1.1.2: resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.2.tgz#2299f02c6ded30d4a5961b0b9f74524a18f634fc" integrity sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg== -vite-node@1.6.0: - version "1.6.0" - resolved "https://registry.yarnpkg.com/vite-node/-/vite-node-1.6.0.tgz#2c7e61129bfecc759478fa592754fd9704aaba7f" - integrity sha512-de6HJgzC+TFzOu0NTC4RAIsyf/DY/ibWDYQUcuEA84EMHhcefTUGkjFHKKEJhQN4A+6I0u++kr3l36ZF2d7XRw== +vite-node@1.6.1: + version "1.6.1" + resolved "https://registry.yarnpkg.com/vite-node/-/vite-node-1.6.1.tgz#fff3ef309296ea03ceaa6ca4bb660922f5416c57" + integrity sha512-YAXkfvGtuTzwWbDSACdJSg4A4DZiAqckWe90Zapc/sEX3XvHcw1NdurM/6od8J207tSDqNbSsgdCacBgvJKFuA== dependencies: cac "^6.7.14" debug "^4.3.4" @@ -10352,16 +10363,16 @@ vitefu@^0.2.5: resolved "https://registry.yarnpkg.com/vitefu/-/vitefu-0.2.5.tgz#c1b93c377fbdd3e5ddd69840ea3aa70b40d90969" integrity sha512-SgHtMLoqaeeGnd2evZ849ZbACbnwQCIwRH57t18FxcXoZop0uQu0uzlIhJBlF/eWVzuce0sHeqPcDo+evVcg8Q== -vitest@^1.4.0: - version "1.6.0" - resolved "https://registry.yarnpkg.com/vitest/-/vitest-1.6.0.tgz#9d5ad4752a3c451be919e412c597126cffb9892f" - integrity sha512-H5r/dN06swuFnzNFhq/dnz37bPXnq8xB2xB5JOVk8K09rUtoeNN+LHWkoQ0A/i3hvbUKKcCei9KpbxqHMLhLLA== - dependencies: - "@vitest/expect" "1.6.0" - "@vitest/runner" "1.6.0" - "@vitest/snapshot" "1.6.0" - "@vitest/spy" "1.6.0" - "@vitest/utils" "1.6.0" +vitest@^1.6.1: + version "1.6.1" + resolved "https://registry.yarnpkg.com/vitest/-/vitest-1.6.1.tgz#b4a3097adf8f79ac18bc2e2e0024c534a7a78d2f" + integrity sha512-Ljb1cnSJSivGN0LqXd/zmDbWEM0RNNg2t1QW/XUhYl/qPqyu7CsqeWtqQXHVaJsecLPuDoak2oJcZN2QoRIOag== + dependencies: + "@vitest/expect" "1.6.1" + "@vitest/runner" "1.6.1" + "@vitest/snapshot" "1.6.1" + "@vitest/spy" "1.6.1" + "@vitest/utils" "1.6.1" acorn-walk "^8.3.2" chai "^4.3.10" debug "^4.3.4" @@ -10375,7 +10386,7 @@ vitest@^1.4.0: tinybench "^2.5.1" tinypool "^0.8.3" vite "^5.0.0" - vite-node "1.6.0" + vite-node "1.6.1" why-is-node-running "^2.2.2" vue-template-compiler@^2.7.14: