woodpecker/docs/plugins/woodpecker-plugins/package.json

35 lines
993 B
JSON
Raw Normal View History

{
"name": "@woodpecker-ci/plugin-index",
"version": "0.1.0",
2021-11-27 14:13:00 +00:00
"private": true,
"main": "dist/index.js",
"typings": "dist/index.d.ts",
"scripts": {
"start": "pnpm run style && concurrently 'tsc -w' 'tsc -w -p tsconfig.jsx.json'",
"build": "pnpm run style && tsc && tsc -p tsconfig.jsx.json",
"style": "mkdir -p dist/theme/ && cp src/theme/style.css dist/theme/style.css"
},
"devDependencies": {
"@docusaurus/module-type-aliases": "^3.0.0",
"@docusaurus/theme-classic": "^3.0.0",
"@docusaurus/types": "^3.0.0",
"@tsconfig/docusaurus": "^2.0.0",
"@types/marked": "^5.0.0",
"@types/node": "^20.0.0",
"axios": "^1.6.0",
"concurrently": "^8.0.0",
"isomorphic-dompurify": "^1.11.0",
"marked": "^11.0.0",
Update docs deps to address cves (#2080) Related-to: https://github.com/woodpecker-ci/woodpecker/pull/2078 Remaining CVEs: ``` ❯ trivy fs --exit-code 1 --skip-dirs node_modules/,plugins/woodpecker-plugins/node_modules/ docs/ 2023-08-01T10:02:36.911+0200 INFO Vulnerability scanning is enabled 2023-08-01T10:02:36.911+0200 INFO Secret scanning is enabled 2023-08-01T10:02:36.911+0200 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning 2023-08-01T10:02:36.911+0200 INFO Please see also https://aquasecurity.github.io/trivy/v0.43/docs/scanner/secret/#recommendation for faster secret detection 2023-08-01T10:02:36.963+0200 INFO Number of language-specific files: 1 2023-08-01T10:02:36.963+0200 INFO Detecting pnpm vulnerabilities... pnpm-lock.yaml (pnpm) Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 1, CRITICAL: 0) ┌─────────┬────────────────┬──────────┬───────────────────┬────────────────┬──────────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │ ├─────────┼────────────────┼──────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤ │ got │ CVE-2022-33987 │ MEDIUM │ 9.6.0 │ 11.8.5, 12.1.0 │ missing verification of requested URLs allows redirects to │ │ │ │ │ │ │ UNIX sockets │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-33987 │ ├─────────┼────────────────┼──────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤ │ trim │ CVE-2020-7753 │ HIGH │ 0.0.1 │ 0.0.3 │ nodejs-trim: Regular Expression Denial of Service (ReDoS) in │ │ │ │ │ │ │ trim function │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2020-7753 │ └─────────┴────────────────┴──────────┴───────────────────┴────────────────┴──────────────────────────────────────────────────────────────┘ ``` - `trim` is pulled in by `@docusaurus/theme-classic` and can be ignored due to https://github.com/facebook/docusaurus/issues/7275#issuecomment-1113997259 - `got` can be ignored as well, see `trim`
2023-08-01 11:30:44 +00:00
"tslib": "^2.6.1",
"typescript": "^5.0.0"
},
"peerDependencies": {
"react": "^17.0.2 || ^18.0.0",
"react-dom": "^17.0.2 || ^18.0.0"
},
"dependencies": {
"fuse.js": "^7.0.0",
Update docs deps to address cves (#2080) Related-to: https://github.com/woodpecker-ci/woodpecker/pull/2078 Remaining CVEs: ``` ❯ trivy fs --exit-code 1 --skip-dirs node_modules/,plugins/woodpecker-plugins/node_modules/ docs/ 2023-08-01T10:02:36.911+0200 INFO Vulnerability scanning is enabled 2023-08-01T10:02:36.911+0200 INFO Secret scanning is enabled 2023-08-01T10:02:36.911+0200 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning 2023-08-01T10:02:36.911+0200 INFO Please see also https://aquasecurity.github.io/trivy/v0.43/docs/scanner/secret/#recommendation for faster secret detection 2023-08-01T10:02:36.963+0200 INFO Number of language-specific files: 1 2023-08-01T10:02:36.963+0200 INFO Detecting pnpm vulnerabilities... pnpm-lock.yaml (pnpm) Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 1, CRITICAL: 0) ┌─────────┬────────────────┬──────────┬───────────────────┬────────────────┬──────────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │ ├─────────┼────────────────┼──────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤ │ got │ CVE-2022-33987 │ MEDIUM │ 9.6.0 │ 11.8.5, 12.1.0 │ missing verification of requested URLs allows redirects to │ │ │ │ │ │ │ UNIX sockets │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-33987 │ ├─────────┼────────────────┼──────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤ │ trim │ CVE-2020-7753 │ HIGH │ 0.0.1 │ 0.0.3 │ nodejs-trim: Regular Expression Denial of Service (ReDoS) in │ │ │ │ │ │ │ trim function │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2020-7753 │ └─────────┴────────────────┴──────────┴───────────────────┴────────────────┴──────────────────────────────────────────────────────────────┘ ``` - `trim` is pulled in by `@docusaurus/theme-classic` and can be ignored due to https://github.com/facebook/docusaurus/issues/7275#issuecomment-1113997259 - `got` can be ignored as well, see `trim`
2023-08-01 11:30:44 +00:00
"yaml": "^2.3.1"
}
}