From 6bca341d505c9ca6e5a5dfd24599b526b6083255 Mon Sep 17 00:00:00 2001 From: theoleuthardt Date: Sat, 22 Feb 2025 15:30:49 +0100 Subject: [PATCH] fix: severity vulnerability issues on bg remove package --- backend/package-lock.json | 47 +++++++++++++++++---------------------- backend/package.json | 2 +- 2 files changed, 21 insertions(+), 28 deletions(-) diff --git a/backend/package-lock.json b/backend/package-lock.json index 730f3a5..2691090 100644 --- a/backend/package-lock.json +++ b/backend/package-lock.json @@ -11,7 +11,7 @@ "dependencies": { "@fastify/cors": "^10.0.2", "@fastify/multipart": "^9.0.3", - "@imgly/background-removal-node": "^1.4.5", + "@imgly/background-removal-node": "^1.4.3", "dotenv": "^16.4.7", "fastify": "^5.2.1", "fastify-cors": "^6.0.3", @@ -585,19 +585,18 @@ } }, "node_modules/@imgly/background-removal-node": { - "version": "1.4.5", - "resolved": "https://registry.npmjs.org/@imgly/background-removal-node/-/background-removal-node-1.4.5.tgz", - "integrity": "sha512-/s9K88qhKy1jPhrSkBxurUqCVqJ8KHWCc+5yWdppdC4fuSrGC8mK8WQtmULs2ASEr8naY1qpvZu0EL5jr2Hqtg==", + "version": "1.4.3", + "resolved": "https://registry.npmjs.org/@imgly/background-removal-node/-/background-removal-node-1.4.3.tgz", + "integrity": "sha512-oLt4HlNDcpL4M7v7Z+aLeNnK/g0vPmyGyZmkRgzomPvr/jEo56xNS5o+WArapNZliEaZv2LtF34KlghdLgNtuQ==", "license": "SEE LICENSE IN LICENSE.md", "dependencies": { - "@types/lodash": "~4.14.195", - "@types/ndarray": "~1.0.14", - "@types/node": "~20.3.1", - "lodash": "~4.17.21", - "ndarray": "~1.0.19", - "onnxruntime-node": "~1.17.0", - "sharp": "~0.32.4", - "zod": "~3.21.4" + "@types/lodash": "^4.14.195", + "@types/node": "^20.3.1", + "lodash": "^4.17.21", + "ndarray": "^1.0.19", + "onnxruntime-node": "^1.15.1", + "sharp": "^0.32.4", + "zod": "^3.21.4" } }, "node_modules/@imgly/background-removal-node/node_modules/@types/node": { @@ -629,15 +628,6 @@ "url": "https://opencollective.com/libvips" } }, - "node_modules/@imgly/background-removal-node/node_modules/zod": { - "version": "3.21.4", - "resolved": "https://registry.npmjs.org/zod/-/zod-3.21.4.tgz", - "integrity": "sha512-m46AKbrzKVzOzs/DZgVnG5H55N1sv1M8qZU3A8RIKbs3mrACDNeIOeilDymVb2HdmP8uwshOCF4uJ8uM9rCqJw==", - "license": "MIT", - "funding": { - "url": "https://github.com/sponsors/colinhacks" - } - }, "node_modules/@isaacs/cliui": { "version": "8.0.2", "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", @@ -825,12 +815,6 @@ "dev": true, "license": "MIT" }, - "node_modules/@types/ndarray": { - "version": "1.0.14", - "resolved": "https://registry.npmjs.org/@types/ndarray/-/ndarray-1.0.14.tgz", - "integrity": "sha512-oANmFZMnFQvb219SSBIhI1Ih/r4CvHDOzkWyJS/XRqkMrGH5/kaPSA1hQhdIBzouaE+5KpE/f5ylI9cujmckQg==", - "license": "MIT" - }, "node_modules/@types/node": { "version": "22.13.4", "resolved": "https://registry.npmjs.org/@types/node/-/node-22.13.4.tgz", @@ -2924,6 +2908,15 @@ "engines": { "node": ">=6" } + }, + "node_modules/zod": { + "version": "3.24.2", + "resolved": "https://registry.npmjs.org/zod/-/zod-3.24.2.tgz", + "integrity": "sha512-lY7CDW43ECgW9u1TcT3IoXHflywfVqDYze4waEz812jR/bZ8FHDsl7pFQoSZTz5N+2NqRXs8GBwnAwo3ZNxqhQ==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/colinhacks" + } } } } diff --git a/backend/package.json b/backend/package.json index d616ed5..18deae4 100644 --- a/backend/package.json +++ b/backend/package.json @@ -14,7 +14,7 @@ "dependencies": { "@fastify/cors": "^10.0.2", "@fastify/multipart": "^9.0.3", - "@imgly/background-removal-node": "^1.4.5", + "@imgly/background-removal-node": "^1.4.3", "dotenv": "^16.4.7", "fastify": "^5.2.1", "fastify-cors": "^6.0.3",