diff --git a/.changeset/new-beds-argue.md b/.changeset/new-beds-argue.md new file mode 100644 index 0000000000..8aa8acf09d --- /dev/null +++ b/.changeset/new-beds-argue.md @@ -0,0 +1,5 @@ +--- +'@backstage/plugin-api-docs': patch +--- + +Bumped @asyncapi/react-component > openapi-sampler > json-pointer to resolve security vulnerability CVE-2021-23820 diff --git a/plugins/api-docs/package.json b/plugins/api-docs/package.json index bd6d75ae5d..faa55d74c5 100644 --- a/plugins/api-docs/package.json +++ b/plugins/api-docs/package.json @@ -33,7 +33,7 @@ "clean": "backstage-cli package clean" }, "dependencies": { - "@asyncapi/react-component": "1.0.0-next.34", + "@asyncapi/react-component": "1.0.0-next.36", "@backstage/catalog-model": "^1.0.1-next.1", "@backstage/core-components": "^0.9.3-next.2", "@backstage/core-plugin-api": "^1.0.1-next.0", diff --git a/yarn.lock b/yarn.lock index 41b0df8425..e2cc67df43 100644 --- a/yarn.lock +++ b/yarn.lock @@ -75,7 +75,7 @@ dependencies: "@openapi-contrib/openapi-schema-to-json-schema" "^3.0.0" -"@asyncapi/parser@^1.14.0": +"@asyncapi/parser@^1.14.1": version "1.14.1" resolved "https://registry.npmjs.org/@asyncapi/parser/-/parser-1.14.1.tgz#2f474f9d5ba1ce5b144e487fd956c0809ab11a9e" integrity sha512-ZsNQc/HXmGDrxkYBRrGou/JrWn+FLHYdQQI0WPOylSL+LNfaWtLlIcYwbcj61l+jLLFqIe0DK/yZbmjxm0ydqw== @@ -90,19 +90,19 @@ node-fetch "^2.6.0" tiny-merge-patch "^0.1.2" -"@asyncapi/react-component@1.0.0-next.34": - version "1.0.0-next.34" - resolved "https://registry.npmjs.org/@asyncapi/react-component/-/react-component-1.0.0-next.34.tgz#8922fa7f315730694ce1e5ab95a9a9307a39931a" - integrity sha512-4ZkF3vsKjaAaZ2qIPLfkmw73vCrop+qF2krPtAFSmk4wy8B+uMRK9bsObrf+QUSj4gSIQHezznMIZKAU91JTQw== +"@asyncapi/react-component@1.0.0-next.36": + version "1.0.0-next.36" + resolved "https://registry.npmjs.org/@asyncapi/react-component/-/react-component-1.0.0-next.36.tgz#81b2099381f8e77d175a6e04933299f2dd24d97b" + integrity sha512-2ruMfFHCJGnIlbmB/x1qBcg9eLhqDUSzWs7OjSoVPEoJQgtyFGy+Wkow7Liu0cYwPFJJfHCu+VOvLVKXmUUTxw== dependencies: "@asyncapi/avro-schema-parser" "^0.3.0" "@asyncapi/openapi-schema-parser" "^2.0.0" - "@asyncapi/parser" "^1.14.0" + "@asyncapi/parser" "^1.14.1" highlight.js "^10.7.2" isomorphic-dompurify "^0.13.0" - marked "^4.0.10" - openapi-sampler "^1.1.0" - use-resize-observer "^7.0.0" + marked "^4.0.14" + openapi-sampler "^1.2.1" + use-resize-observer "^8.0.0" "@asyncapi/specs@^2.13.0": version "2.13.0" @@ -15921,10 +15921,10 @@ json-parse-even-better-errors@^2.3.0, json-parse-even-better-errors@^2.3.1: resolved "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz#7c47805a94319928e05777405dc12e1f7a4ee02d" integrity sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w== -json-pointer@^0.6.1: - version "0.6.1" - resolved "https://registry.npmjs.org/json-pointer/-/json-pointer-0.6.1.tgz#3c6caa6ac139e2599f5a1659d39852154015054d" - integrity sha512-3OvjqKdCBvH41DLpV4iSt6v2XhZXV1bPB4OROuknvUXI7ZQNofieCPkmE26stEJ9zdQuvIxDHCuYhfgxFAAs+Q== +json-pointer@0.6.2: + version "0.6.2" + resolved "https://registry.npmjs.org/json-pointer/-/json-pointer-0.6.2.tgz#f97bd7550be5e9ea901f8c9264c9d436a22a93cd" + integrity sha512-vLWcKbOaXlO+jvRy4qNd+TI1QUPZzfJj1tpJ3vAXDych5XJf93ftpUKe5pKCrzyIIwgBJcOcCVRUfqQP25afBw== dependencies: foreach "^2.0.4" @@ -17241,10 +17241,10 @@ markdown-table@^3.0.0: resolved "https://registry.npmjs.org/markdown-table/-/markdown-table-3.0.1.tgz#88c48957aaf2a8014ccb2ba026776a1d736fe3dc" integrity sha512-CBbaYXKSGnE1uLRpKA1SWgIRb2PQrpkllNWpZtZe6VojOJ4ysqiq7/2glYcmKsOYN09QgH/HEBX5hIshAeiK6A== -marked@^4.0.10: - version "4.0.10" - resolved "https://registry.npmjs.org/marked/-/marked-4.0.10.tgz#423e295385cc0c3a70fa495e0df68b007b879423" - integrity sha512-+QvuFj0nGgO970fySghXGmuw+Fd0gD2x3+MqCWLIPf5oxdv1Ka6b2q+z9RP01P/IaKPMEramy+7cNy/Lw8c3hw== +marked@^4.0.14: + version "4.0.14" + resolved "https://registry.npmjs.org/marked/-/marked-4.0.14.tgz#7a3a5fa5c80580bac78c1ed2e3b84d7bd6fc3870" + integrity sha512-HL5sSPE/LP6U9qKgngIIPTthuxC0jrfxpYMZ3LdGDD3vTnLs59m2Z7r6+LNDR3ToqEQdkKd6YaaEfJhodJmijQ== match-sorter@^6.0.2: version "6.3.1" @@ -18986,13 +18986,13 @@ open@^8.0.0, open@^8.0.9, open@^8.4.0: is-docker "^2.1.1" is-wsl "^2.2.0" -openapi-sampler@^1.1.0: - version "1.1.1" - resolved "https://registry.npmjs.org/openapi-sampler/-/openapi-sampler-1.1.1.tgz#7bba7000a03cd8a4630bfbe5b3ef258990c78400" - integrity sha512-WAFsl5SPYuhQwaMTDFOcKhnEY1G1rmamrMiPmJdqwfl1lr81g63/befcsN9BNi0w5/R0L+hfcUj13PANEBeLgg== +openapi-sampler@^1.2.1: + version "1.2.1" + resolved "https://registry.npmjs.org/openapi-sampler/-/openapi-sampler-1.2.1.tgz#2ca9eea527f8f2ddb32c3ae1dda31afd8bf0833f" + integrity sha512-mHrYmyvcLD0qrfqPkPRBAL2z16hGT2rW0d0B7nklfoTcc3pmkJLkSZlKSeFgerUM41E5c7jlxf0Y19xrM7mWQQ== dependencies: "@types/json-schema" "^7.0.7" - json-pointer "^0.6.1" + json-pointer "0.6.2" openid-client@^4.1.1: version "4.9.0" @@ -24780,10 +24780,10 @@ use-memo-one@^1.1.1: resolved "https://registry.npmjs.org/use-memo-one/-/use-memo-one-1.1.1.tgz#39e6f08fe27e422a7d7b234b5f9056af313bd22c" integrity sha512-oFfsyun+bP7RX8X2AskHNTxu+R3QdE/RC5IefMbqptmACAA/gfol1KDD5KRzPsGMa62sWxGZw+Ui43u6x4ddoQ== -use-resize-observer@^7.0.0: - version "7.1.0" - resolved "https://registry.npmjs.org/use-resize-observer/-/use-resize-observer-7.1.0.tgz#709ea7540fbe0a60ceae41ee2bef933d7782e4d4" - integrity sha512-6DGWOnZpjAGP/MtslGg7OunZptyueQduMi0i8DC5nVKXtJ8Bdt0wR/1tSxugFRndzYCi/jtD+SlNs5PK8ijvXQ== +use-resize-observer@^8.0.0: + version "8.0.0" + resolved "https://registry.npmjs.org/use-resize-observer/-/use-resize-observer-8.0.0.tgz#69bd80c1ddd94f3758563fe107efb25fed85067a" + integrity sha512-n0iKSeiQpJCyaFh5JA0qsVLBIovsF4EIIR1G6XiBwKJN66ZrD4Oj62bjcuTAATPKiSp6an/2UZZxCf/67fk3sQ== dependencies: "@juggle/resize-observer" "^3.3.1"