From c5515410aeced0b581a5caa5ba6f1047b861f1c7 Mon Sep 17 00:00:00 2001 From: Felix Stupp Date: Tue, 24 Sep 2019 08:22:28 +0000 Subject: [PATCH] npm: Exchanged express-minify-html with fork To fix vulnerability --- app.js | 2 +- package-lock.json | 112 +++++++++++++--------------------------------- package.json | 2 +- 3 files changed, 34 insertions(+), 82 deletions(-) diff --git a/app.js b/app.js index 3fbed0a..c1070a5 100644 --- a/app.js +++ b/app.js @@ -12,7 +12,7 @@ let hbs = require('hbs'); //let sessionMySQL = require("connect-mysql")(expressSession); let compression = require("compression"); //let expressMinify = require('express-minify'); -//let expressMinifyHtml = require('express-minify-html'); +//let expressMinifyHtml = require('express-minify-html-2'); let app = express(); diff --git a/package-lock.json b/package-lock.json index c57eeef..507b9ec 100644 --- a/package-lock.json +++ b/package-lock.json @@ -449,13 +449,39 @@ "uglify-js": "^3.0.28" } }, - "express-minify-html": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/express-minify-html/-/express-minify-html-0.12.0.tgz", - "integrity": "sha512-T31JAiPYPCosfiBeKX5CTkIUhbs78NHAn8dfvX4T5wz1PRLkgGJmLqEzDk1BgIzzzXcmbsof9YtNF6cJQEsPrw==", + "express-minify-html-2": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/express-minify-html-2/-/express-minify-html-2-1.0.1.tgz", + "integrity": "sha512-nj82eJtynjbye8AgN8L4HzVX+xWDY+d5RJSNrJbATbIdfxO6z91EgLN89U78MZV1z9ACEdzlWWXvvPTZ1+jQWg==", "requires": { - "html-minifier": "3.5.7", - "lodash.merge": "4.6.0" + "html-minifier": "^4.0.0", + "lodash.merge": "^4.6.2" + }, + "dependencies": { + "he": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/he/-/he-1.2.0.tgz", + "integrity": "sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==" + }, + "html-minifier": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/html-minifier/-/html-minifier-4.0.0.tgz", + "integrity": "sha512-aoGxanpFPLg7MkIl/DDFYtb0iWz7jMFGqFhvEDZga6/4QTjneiD8I/NXL1x5aaoCp7FSIT6h/OhykDdPsbtMig==", + "requires": { + "camel-case": "^3.0.0", + "clean-css": "^4.2.1", + "commander": "^2.19.0", + "he": "^1.2.0", + "param-case": "^2.1.1", + "relateurl": "^0.2.7", + "uglify-js": "^3.5.1" + } + }, + "lodash.merge": { + "version": "4.6.2", + "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", + "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==" + } } }, "express-session": { @@ -673,62 +699,6 @@ } } }, - "he": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/he/-/he-1.1.1.tgz", - "integrity": "sha1-k0EP0hsAlzUVH4howvJx80J+I/0=" - }, - "html-minifier": { - "version": "3.5.7", - "resolved": "https://registry.npmjs.org/html-minifier/-/html-minifier-3.5.7.tgz", - "integrity": "sha512-GISXn6oKDo7+gVpKOgZJTbHMCUI2TSGfpg/8jgencWhWJsvEmsvp3M8emX7QocsXsYznWloLib3OeSfeyb/ewg==", - "requires": { - "camel-case": "3.0.x", - "clean-css": "4.1.x", - "commander": "2.12.x", - "he": "1.1.x", - "ncname": "1.0.x", - "param-case": "2.1.x", - "relateurl": "0.2.x", - "uglify-js": "3.2.x" - }, - "dependencies": { - "clean-css": { - "version": "4.1.11", - "resolved": "https://registry.npmjs.org/clean-css/-/clean-css-4.1.11.tgz", - "integrity": "sha1-Ls3xRaujj1R0DybO/Q/z4D4SXWo=", - "requires": { - "source-map": "0.5.x" - } - }, - "commander": { - "version": "2.12.2", - "resolved": "https://registry.npmjs.org/commander/-/commander-2.12.2.tgz", - "integrity": "sha512-BFnaq5ZOGcDN7FlrtBT4xxkgIToalIIxwjxLWVJ8bGTpe1LroqMiqQXdA7ygc7CRvaYS+9zfPGFnJqFSayx+AA==" - }, - "source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=" - }, - "uglify-js": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.2.2.tgz", - "integrity": "sha512-++1NO/zZIEdWf6cDIGceSJQPX31SqIpbVAHwFG5+240MtZqPG/NIPoinj8zlXQtAfMBqEt1Jyv2FiLP3n9gVhQ==", - "requires": { - "commander": "~2.12.1", - "source-map": "~0.6.1" - }, - "dependencies": { - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" - } - } - } - } - }, "http-errors": { "version": "1.6.3", "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.6.3.tgz", @@ -908,11 +878,6 @@ "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" }, - "lodash.merge": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.0.tgz", - "integrity": "sha1-aYhLoUSsM/5plzemCG3v+t0PicU=" - }, "lower-case": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/lower-case/-/lower-case-1.1.4.tgz", @@ -1052,14 +1017,6 @@ "resolved": "https://registry.npmjs.org/nan/-/nan-2.13.2.tgz", "integrity": "sha512-TghvYc72wlMGMVMluVo9WRJc0mB8KxxF/gZ4YYFy7V2ZQX9l7rgbPg7vjS9mt6U5HXODVFVI2bOduCzwOMv/lw==" }, - "ncname": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/ncname/-/ncname-1.0.0.tgz", - "integrity": "sha1-W1etGLHKCShk72Kwse2BlPODtxw=", - "requires": { - "xml-char-classes": "^1.0.0" - } - }, "needle": { "version": "2.4.0", "resolved": "https://registry.npmjs.org/needle/-/needle-2.4.0.tgz", @@ -4751,11 +4708,6 @@ "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" }, - "xml-char-classes": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/xml-char-classes/-/xml-char-classes-1.0.0.tgz", - "integrity": "sha1-ZGV4SKIP/F31g6Qq2KJ3tFErvE0=" - }, "yallist": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.0.3.tgz", diff --git a/package.json b/package.json index 6744196..a65194e 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ "express": "~4.16.0", "express-layout": "^0.1.0", "express-minify": "^1.0.0", - "express-minify-html": "^0.12.0", + "express-minify-html-2": "^1.0.1", "express-session": "^1.15.6", "express-validator": "^5.3.0", "handlebars": "^4.1.0",