Skip to content

Commit 015609d

Browse files
arnaudbesnierarnaudbesnier
authored
fix(security): patch mysql2 dependency vulnerabilities (#1125)
1 parent ca7d63c commit 015609d

File tree

2 files changed

+80
-38
lines changed

2 files changed

+80
-38
lines changed

packages/forest-cloud/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@
1717
"axios": "^1.6.7",
1818
"commander": "^11.1.0",
1919
"dotenv": "^16.4.1",
20-
"forest-cli": "5.1.3",
20+
"forest-cli": "5.1.6",
2121
"form-data": "^4.0.0",
2222
"graphql": "14.5.7",
2323
"graphql-tag": "^2.12.6",

yarn.lock

Lines changed: 79 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -2907,6 +2907,40 @@
29072907
wordwrap "^1.0.0"
29082908
wrap-ansi "^7.0.0"
29092909

2910+
"@oclif/core@^3.26.6":
2911+
version "3.27.0"
2912+
resolved "https://registry.yarnpkg.com/@oclif/core/-/core-3.27.0.tgz#a22a4ff4e5811db7a182b1687302237a57802381"
2913+
integrity sha512-Fg93aNFvXzBq5L7ztVHFP2nYwWU1oTCq48G0TjF/qC1UN36KWa2H5Hsm72kERd5x/sjy2M2Tn4kDEorUlpXOlw==
2914+
dependencies:
2915+
"@types/cli-progress" "^3.11.5"
2916+
ansi-escapes "^4.3.2"
2917+
ansi-styles "^4.3.0"
2918+
cardinal "^2.1.1"
2919+
chalk "^4.1.2"
2920+
clean-stack "^3.0.1"
2921+
cli-progress "^3.12.0"
2922+
color "^4.2.3"
2923+
debug "^4.3.5"
2924+
ejs "^3.1.10"
2925+
get-package-type "^0.1.0"
2926+
globby "^11.1.0"
2927+
hyperlinker "^1.0.0"
2928+
indent-string "^4.0.0"
2929+
is-wsl "^2.2.0"
2930+
js-yaml "^3.14.1"
2931+
minimatch "^9.0.4"
2932+
natural-orderby "^2.0.3"
2933+
object-treeify "^1.1.33"
2934+
password-prompt "^1.1.3"
2935+
slice-ansi "^4.0.0"
2936+
string-width "^4.2.3"
2937+
strip-ansi "^6.0.1"
2938+
supports-color "^8.1.1"
2939+
supports-hyperlinks "^2.2.0"
2940+
widest-line "^3.1.0"
2941+
wordwrap "^1.0.0"
2942+
wrap-ansi "^7.0.0"
2943+
29102944
"@oclif/plugin-help@6.0.12":
29112945
version "6.0.12"
29122946
resolved "https://registry.yarnpkg.com/@oclif/plugin-help/-/plugin-help-6.0.12.tgz#d71b84531644ecf65fcd8df671cff6f4aa178d42"
@@ -2923,16 +2957,16 @@
29232957
chalk "^5.3.0"
29242958
fast-levenshtein "^3.0.0"
29252959

2926-
"@oclif/plugin-warn-if-update-available@3.0.10":
2927-
version "3.0.10"
2928-
resolved "https://registry.yarnpkg.com/@oclif/plugin-warn-if-update-available/-/plugin-warn-if-update-available-3.0.10.tgz#15a4068185f9390d8dfd2cf498aa97eec4f79953"
2929-
integrity sha512-dUuBnoU80VQ6Rt/cMhqMsz5abFMnCi/IqnAhRNfO5EQbJ8PvYpU+0kPx15cbtQcU4olQ2kqigLt4BU7ms4RqMA==
2960+
"@oclif/plugin-warn-if-update-available@3.0.19":
2961+
version "3.0.19"
2962+
resolved "https://registry.yarnpkg.com/@oclif/plugin-warn-if-update-available/-/plugin-warn-if-update-available-3.0.19.tgz#1009a1ff0016b64731792d169f2ee78e9770f5b1"
2963+
integrity sha512-CauYLxNuPtK9ig1ZlzFiCqxzGJJd73CKyJDiSzGkg3QRooyZkE9G+l1Lz18fHzj+TEeXUZ74t6RWWPC5p0TL4w==
29302964
dependencies:
2931-
"@oclif/core" "^3.18.2"
2965+
"@oclif/core" "^3.26.6"
29322966
chalk "^5.3.0"
29332967
debug "^4.1.0"
29342968
http-call "^5.2.2"
2935-
lodash.template "^4.5.0"
2969+
lodash "^4.17.21"
29362970

29372971
"@octokit/auth-token@^3.0.0":
29382972
version "3.0.4"
@@ -6649,6 +6683,13 @@ debug@^3.2.6, debug@^3.2.7:
66496683
dependencies:
66506684
ms "^2.1.1"
66516685

6686+
debug@^4.3.5:
6687+
version "4.3.5"
6688+
resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.5.tgz#e83444eceb9fedd4a1da56d671ae2446a01a6e1e"
6689+
integrity sha512-pt0bNEmneDIvdL1Xsd9oDQ/wrQRkXDT4AUWlNZNPKvW5x/jyO9VFXkJUP07vQ2upmw5PlaITaPKc31jK13V+jg==
6690+
dependencies:
6691+
ms "2.1.2"
6692+
66526693
debuglog@^1.0.1:
66536694
version "1.0.1"
66546695
resolved "https://registry.yarnpkg.com/debuglog/-/debuglog-1.0.1.tgz#aa24ffb9ac3df9a2351837cfb2d279360cd78492"
@@ -6971,7 +7012,7 @@ ee-first@1.1.1:
69717012
resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d"
69727013
integrity sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==
69737014

6974-
ejs@^3.1.7, ejs@^3.1.9:
7015+
ejs@^3.1.10, ejs@^3.1.7, ejs@^3.1.9:
69757016
version "3.1.10"
69767017
resolved "https://registry.yarnpkg.com/ejs/-/ejs-3.1.10.tgz#69ab8358b14e896f80cc39e62087b88500c3ac3b"
69777018
integrity sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==
@@ -8067,17 +8108,17 @@ foreground-child@^3.1.0:
80678108
cross-spawn "^7.0.0"
80688109
signal-exit "^4.0.1"
80698110

8070-
forest-cli@5.1.3:
8071-
version "5.1.3"
8072-
resolved "https://registry.yarnpkg.com/forest-cli/-/forest-cli-5.1.3.tgz#5742c20c5ab9fe509bf069fe6fd36203c4f6e05f"
8073-
integrity sha512-ge3jLp2J8IYp72Dv06fkZhrTgu+i3RZlPlDOQFrXMpZoE3juLZ6/TD7iW/30cTJBW2MQuesQdA5g/HzX453g2w==
8111+
forest-cli@5.1.6:
8112+
version "5.1.6"
8113+
resolved "https://registry.yarnpkg.com/forest-cli/-/forest-cli-5.1.6.tgz#478ad53455f15fef061f7f7d9a8a0ccba48edf2d"
8114+
integrity sha512-wZJ7HO5+BDBrSfegZ5u9u0ieIAgdtc1+KeMBa/OqQ2xABuD3+hdUBos6ROJHE5G6SAy1tYbEHK9UgikHNj7Ffg==
80748115
dependencies:
80758116
"@forestadmin/context" "1.37.1"
80768117
"@forestadmin/datasource-sql" "1.6.4"
80778118
"@oclif/core" "3.18.2"
80788119
"@oclif/plugin-help" "6.0.12"
80798120
"@oclif/plugin-not-found" "3.0.10"
8080-
"@oclif/plugin-warn-if-update-available" "3.0.10"
8121+
"@oclif/plugin-warn-if-update-available" "3.0.19"
80818122
app-root-path "3.0.0"
80828123
atob "2.1.2"
80838124
bluebird "3.5.2"
@@ -8096,7 +8137,7 @@ forest-cli@5.1.3:
80968137
lodash "4.17.21"
80978138
mkdirp "1.0.4"
80988139
mongodb "4.17.2"
8099-
mysql2 "3.9.7"
8140+
mysql2 "3.9.8"
81008141
open "7.3.0"
81018142
openid-client "4.2.2"
81028143
pg "8.11.2"
@@ -10708,11 +10749,6 @@ locate-path@^6.0.0:
1070810749
dependencies:
1070910750
p-locate "^5.0.0"
1071010751

10711-
lodash._reinterpolate@^3.0.0:
10712-
version "3.0.0"
10713-
resolved "https://registry.yarnpkg.com/lodash._reinterpolate/-/lodash._reinterpolate-3.0.0.tgz#0ccf2d89166af03b3663c796538b75ac6e114d9d"
10714-
integrity sha512-xYHt68QRoYGjeeM/XOE1uJtvXQAgvszfBhjV4yvsQH0u2i9I6cI6c6/eG4Hh3UAOVn0y/xAXwmTzEay49Q//HA==
10715-
1071610752
lodash.camelcase@^4.3.0:
1071710753
version "4.3.0"
1071810754
resolved "https://registry.yarnpkg.com/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz#b28aa6288a2b9fc651035c7711f65ab6190331a6"
@@ -10828,21 +10864,6 @@ lodash.startcase@^4.4.0:
1082810864
resolved "https://registry.yarnpkg.com/lodash.startcase/-/lodash.startcase-4.4.0.tgz#9436e34ed26093ed7ffae1936144350915d9add8"
1082910865
integrity sha512-+WKqsK294HMSc2jEbNgpHpd0JfIBhp7rEV4aqXWqFr6AlXov+SlcgB1Fv01y2kGe3Gc8nMW7VA0SrGuSkRfIEg==
1083010866

10831-
lodash.template@^4.5.0:
10832-
version "4.5.0"
10833-
resolved "https://registry.yarnpkg.com/lodash.template/-/lodash.template-4.5.0.tgz#f976195cf3f347d0d5f52483569fe8031ccce8ab"
10834-
integrity sha512-84vYFxIkmidUiFxidA/KjjH9pAycqW+h980j7Fuz5qxRtO9pgB7MDFTdys1N7A5mcucRiDyEq4fusljItR1T/A==
10835-
dependencies:
10836-
lodash._reinterpolate "^3.0.0"
10837-
lodash.templatesettings "^4.0.0"
10838-
10839-
lodash.templatesettings@^4.0.0:
10840-
version "4.2.0"
10841-
resolved "https://registry.yarnpkg.com/lodash.templatesettings/-/lodash.templatesettings-4.2.0.tgz#e481310f049d3cf6d47e912ad09313b154f0fb33"
10842-
integrity sha512-stgLz+i3Aa9mZgnjr/O+v9ruKZsPsndy7qPZOchbqk2cnTU1ZaldKK+v7m54WoKIyxiuMZTKT2H81F8BeAc3ZQ==
10843-
dependencies:
10844-
lodash._reinterpolate "^3.0.0"
10845-
1084610867
lodash.uniq@^4.5.0:
1084710868
version "4.5.0"
1084810869
resolved "https://registry.yarnpkg.com/lodash.uniq/-/lodash.uniq-4.5.0.tgz#d0225373aeb652adc1bc82e4945339a842754773"
@@ -11443,6 +11464,13 @@ minimatch@^9.0.0, minimatch@^9.0.1:
1144311464
dependencies:
1144411465
brace-expansion "^2.0.1"
1144511466

11467+
minimatch@^9.0.4:
11468+
version "9.0.4"
11469+
resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-9.0.4.tgz#8e49c731d1749cbec05050ee5145147b32496a51"
11470+
integrity sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==
11471+
dependencies:
11472+
brace-expansion "^2.0.1"
11473+
1144611474
minimist-options@4.1.0:
1144711475
version "4.1.0"
1144811476
resolved "https://registry.yarnpkg.com/minimist-options/-/minimist-options-4.1.0.tgz#c0655713c53a8a2ebd77ffa247d342c40f010619"
@@ -11730,10 +11758,24 @@ mute-stream@0.0.8, mute-stream@~0.0.4:
1173011758
resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.8.tgz#1630c42b2251ff81e2a283de96a5497ea92e5e0d"
1173111759
integrity sha512-nnbWWOkoWyUsTjKrhgD0dcz22mdkSnpYqbEjIm2nhwhuxlSkpywJmBo8h0ZqJdkp73mb90SssHkN4rsRaBAfAA==
1173211760

11733-
mysql2@3.9.7, mysql2@^3.0.1:
11734-
version "3.9.7"
11735-
resolved "https://registry.yarnpkg.com/mysql2/-/mysql2-3.9.7.tgz#843755daf65b5ef08afe545fe14b8fb62824741a"
11736-
integrity sha512-KnJT8vYRcNAZv73uf9zpXqNbvBG7DJrs+1nACsjZP1HMJ1TgXEy8wnNilXAn/5i57JizXKtrUtwDB7HxT9DDpw==
11761+
mysql2@3.9.8:
11762+
version "3.9.8"
11763+
resolved "https://registry.yarnpkg.com/mysql2/-/mysql2-3.9.8.tgz#fe8a0f975f2c495ed76ca988ddc5505801dc49ce"
11764+
integrity sha512-+5JKNjPuks1FNMoy9TYpl77f+5frbTklz7eb3XDwbpsERRLEeXiW2PDEkakYF50UuKU2qwfGnyXpKYvukv8mGA==
11765+
dependencies:
11766+
denque "^2.1.0"
11767+
generate-function "^2.3.1"
11768+
iconv-lite "^0.6.3"
11769+
long "^5.2.1"
11770+
lru-cache "^8.0.0"
11771+
named-placeholders "^1.1.3"
11772+
seq-queue "^0.0.5"
11773+
sqlstring "^2.3.2"
11774+
11775+
mysql2@^3.0.1:
11776+
version "3.10.0"
11777+
resolved "https://registry.yarnpkg.com/mysql2/-/mysql2-3.10.0.tgz#5109449fda3dc03fb7d6bdf2cf91f97477081987"
11778+
integrity sha512-qx0mfWYt1DpTPkw8mAcHW/OwqqyNqBLBHvY5IjN8+icIYTjt6znrgYJ+gxqNNRpVknb5Wc/gcCM4XjbCR0j5tw==
1173711779
dependencies:
1173811780
denque "^2.1.0"
1173911781
generate-function "^2.3.1"

0 commit comments

Comments
 (0)