chore: update vulnerable dependencies (#2861)

Cherry-pick dependencies with security issues to update. Signed-off-by: Akash Satheesan <akash@coder.com>
2021-03-12 01:46:40 +05:30 · 2021-03-12 01:46:40 +05:30 · 702485139a
parent fa71191dbf
commit 702485139a
3 changed files with 552 additions and 344 deletions
--- a/lib/vscode/yarn.lock
+++ b/lib/vscode/yarn.lock
@ -3813,7 +3813,7 @@ fsevents@~2.3.1:
  resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-2.3.1.tgz#b209ab14c61012636c8863507edf7fb68cc54e9f"
  integrity sha512-YR47Eg4hChJGAB1O3yEAOkGO+rlzutoICGqGo9EZ4lKWokzZRSyIW1QmTzqjtw8MJdj9srP869CuWw/hyzSiBw==

-fstream@^1.0.2:
+fstream@^1.0.12:
  version "1.0.12"
  resolved "https://registry.yarnpkg.com/fstream/-/fstream-1.0.12.tgz#4e8ba8ee2d48be4f7d0de505455548eae5932045"
  integrity sha512-WvJ193OHa0GHPEL+AycEJgxvBEwyfRkN1vhjca23OaPVMCaLCXTd5qAu82AjTcgP1UJmytkOKb63Ypde7raDIg==
@ -8967,12 +8967,12 @@ tar-stream@^2.1.4:
    readable-stream "^3.1.1"

 tar@^2.2.1:
-  version "2.2.1"
-  resolved "https://registry.yarnpkg.com/tar/-/tar-2.2.1.tgz#8e4d2a256c0e2185c6b18ad694aec968b83cb1d1"
-  integrity sha1-jk0qJWwOIYXGsYrWlK7JaLg8sdE=
+  version "2.2.2"
+  resolved "https://registry.yarnpkg.com/tar/-/tar-2.2.2.tgz#0ca8848562c7299b8b446ff6a4d60cdbb23edc40"
+  integrity sha512-FCEhQ/4rE1zYv9rYXJw/msRqsnmlje5jHP6huWeBZ704jUTy02c5AZyWujpMR1ax6mVw9NyJMfuK2CMDWVIfgA==
  dependencies:
    block-stream "*"
-    fstream "^1.0.2"
+    fstream "^1.0.12"
    inherits "2"

 tar@^6.0.2:
--- a/package.json
+++ b/package.json
@ -71,7 +71,8 @@
  "resolutions": {
    "@types/node": "^12.12.7",
    "safe-buffer": "^5.1.1",
-    "vfile-message": "^2.0.2"
+    "vfile-message": "^2.0.2",
+    "node-forge": "^0.10.0"
  },
  "dependencies": {
    "@coder/logger": "1.1.16",
--- a/yarn.lock
+++ b/yarn.lock