From f4da0fe342215fafb104a66e8994c53e6c2a2eec Mon Sep 17 00:00:00 2001 From: Rafael Mestre Date: Wed, 2 Jul 2025 13:42:55 -0400 Subject: [PATCH 1/2] chore: bump cdxgen from 11.4.1 to 11.4.2 --- package-lock.json | 122 +++++++++++++++++++++------------------------- package.json | 2 +- 2 files changed, 56 insertions(+), 68 deletions(-) diff --git a/package-lock.json b/package-lock.json index cb0c2fcc..f459074a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10,7 +10,7 @@ "license": "MIT", "dependencies": { "@apollo/client": "^3.13.8", - "@cyclonedx/cdxgen": "^11.4.1", + "@cyclonedx/cdxgen": "^11.4.2", "@oclif/core": "^4.4.0", "@oclif/plugin-help": "^6.2.29", "@oclif/plugin-update": "^4.6.45", @@ -151,16 +151,16 @@ } }, "node_modules/@appthreat/cdx-proto": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@appthreat/cdx-proto/-/cdx-proto-1.0.1.tgz", - "integrity": "sha512-r/X6RRn3B4hzRmdvuEmVbqfPV2fItY5y6+J3JJO7hrMMT4bMjYAu1J0rNcT1tbQ1yP91MpgJzyoHTzCqpmw5/A==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@appthreat/cdx-proto/-/cdx-proto-1.1.0.tgz", + "integrity": "sha512-dLUcN8ZZJeY0LQN/hPlB6CuQFDpcumjkuQnmEffIqWKdD6yGTB6zzC5wUmQknLjkv/JAI2txFtmJoqIpxsZ9jw==", "license": "Apache-2.0", "optional": true, "dependencies": { - "@bufbuild/protobuf": "1.7.2" + "@bufbuild/protobuf": "2.5.2" }, "engines": { - "node": ">=18" + "node": ">=20" } }, "node_modules/@aws-crypto/crc32": { @@ -1150,21 +1150,30 @@ } }, "node_modules/@babel/generator": { - "version": "7.27.5", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.27.5.tgz", - "integrity": "sha512-ZGhA37l0e/g2s1Cnzdix0O3aLYm66eF8aufiVteOgnwxgnRP8GoyMj7VWsgWnQbVKXyge7hqrFh2K2TQM6t1Hw==", + "version": "7.28.0", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.28.0.tgz", + "integrity": "sha512-lJjzvrbEeWrhB4P3QBsH7tey117PjLZnDbLiQEKjQ/fNJTjuq4HSqgFA+UNSwZT8D7dxxbnuSBMsa1lrWzKlQg==", "license": "MIT", "dependencies": { - "@babel/parser": "^7.27.5", - "@babel/types": "^7.27.3", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", + "@babel/parser": "^7.28.0", + "@babel/types": "^7.28.0", + "@jridgewell/gen-mapping": "^0.3.12", + "@jridgewell/trace-mapping": "^0.3.28", "jsesc": "^3.0.2" }, "engines": { "node": ">=6.9.0" } }, + "node_modules/@babel/helper-globals": { + "version": "7.28.0", + "resolved": "https://registry.npmjs.org/@babel/helper-globals/-/helper-globals-7.28.0.tgz", + "integrity": "sha512-+W6cISkXFa1jXsDEdYA8HeevQT/FULhxzR99pxphltZcVaugps53THCeiWA8SguxxpSp3gKPiuYfSWopkLQ4hw==", + "license": "MIT", + "engines": { + "node": ">=6.9.0" + } + }, "node_modules/@babel/helper-string-parser": { "version": "7.27.1", "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz", @@ -1184,12 +1193,12 @@ } }, "node_modules/@babel/parser": { - "version": "7.27.5", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.27.5.tgz", - "integrity": "sha512-OsQd175SxWkGlzbny8J3K8TnnDD0N3lrIUtB92xwyRpzaenGZhxDvxN/JgU00U3CDZNj9tPuDJ5H0WS4Nt3vKg==", + "version": "7.28.0", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.28.0.tgz", + "integrity": "sha512-jVZGvOxOuNSsuQuLRTh13nU0AogFlw32w/MT+LV6D3sP5WdbW61E77RnkbaO2dUvmPAYrBDJXGn5gGS6tH4j8g==", "license": "MIT", "dependencies": { - "@babel/types": "^7.27.3" + "@babel/types": "^7.28.0" }, "bin": { "parser": "bin/babel-parser.js" @@ -1213,27 +1222,27 @@ } }, "node_modules/@babel/traverse": { - "version": "7.27.4", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.27.4.tgz", - "integrity": "sha512-oNcu2QbHqts9BtOWJosOVJapWjBDSxGCpFvikNR5TGDYDQf3JwpIoMzIKrvfoti93cLfPJEG4tH9SPVeyCGgdA==", + "version": "7.28.0", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.28.0.tgz", + "integrity": "sha512-mGe7UK5wWyh0bKRfupsUchrQGqvDbZDbKJw+kcRGSmdHVYrv+ltd0pnpDTVpiTqnaBru9iEvA8pz8W46v0Amwg==", "license": "MIT", "dependencies": { "@babel/code-frame": "^7.27.1", - "@babel/generator": "^7.27.3", - "@babel/parser": "^7.27.4", + "@babel/generator": "^7.28.0", + "@babel/helper-globals": "^7.28.0", + "@babel/parser": "^7.28.0", "@babel/template": "^7.27.2", - "@babel/types": "^7.27.3", - "debug": "^4.3.1", - "globals": "^11.1.0" + "@babel/types": "^7.28.0", + "debug": "^4.3.1" }, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/types": { - "version": "7.27.6", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.27.6.tgz", - "integrity": "sha512-ETyHEk2VHHvl9b9jZP5IHPavHYk57EhanlRRuae9XCpb/j5bDCbPPMOBfCWhnl/7EDJz0jEMCi/RhccCE8r1+Q==", + "version": "7.28.0", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.28.0.tgz", + "integrity": "sha512-jYnje+JyZG5YThjHiF28oT4SIZLnYOcSBb6+SDaFIyzDVSkXQmQQYclJ2R+YxcdmK0AX6x1E5OQNtuh3jHDrUg==", "license": "MIT", "dependencies": { "@babel/helper-string-parser": "^7.27.1", @@ -1408,9 +1417,9 @@ } }, "node_modules/@bufbuild/protobuf": { - "version": "1.7.2", - "resolved": "https://registry.npmjs.org/@bufbuild/protobuf/-/protobuf-1.7.2.tgz", - "integrity": "sha512-i5GE2Dk5ekdlK1TR7SugY4LWRrKSfb5T1Qn4unpIMbfxoeGKERKQ59HG3iYewacGD10SR7UzevfPnh6my4tNmQ==", + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/@bufbuild/protobuf/-/protobuf-2.5.2.tgz", + "integrity": "sha512-foZ7qr0IsUBjzWIq+SuBLfdQCpJ1j8cTuNNT4owngTHoN5KsJb8L9t65fzz7SCeSWzescoOil/0ldqiL041ABg==", "license": "(Apache-2.0 AND BSD-3-Clause)", "optional": true }, @@ -1439,13 +1448,13 @@ } }, "node_modules/@cyclonedx/cdxgen": { - "version": "11.4.1", - "resolved": "https://registry.npmjs.org/@cyclonedx/cdxgen/-/cdxgen-11.4.1.tgz", - "integrity": "sha512-lr2NndaeyviMgGQwRUx2K8U7tP3HJFkpbepldaOCcFhj6LSQdokDinkmhSoaaXLJeiiwq+T/H2IJ3jm6oBeiAQ==", + "version": "11.4.2", + "resolved": "https://registry.npmjs.org/@cyclonedx/cdxgen/-/cdxgen-11.4.2.tgz", + "integrity": "sha512-kmyGNaRa3LjpidLNrH2S5VR8qWJlpIL4TVcpy1f8SOrjcyu2hJU+QljjgGXOiikmC0W/x9BokYnB7Ku8KsqBJg==", "license": "Apache-2.0", "dependencies": { - "@babel/parser": "^7.27.4", - "@babel/traverse": "^7.27.4", + "@babel/parser": "^7.27.7", + "@babel/traverse": "^7.27.7", "@iarna/toml": "2.2.5", "@npmcli/arborist": "^9.1.2", "ajv": "^8.17.1", @@ -1487,7 +1496,8 @@ }, "optionalDependencies": { "@appthreat/atom": "2.2.5", - "@appthreat/cdx-proto": "1.0.1", + "@appthreat/cdx-proto": "1.1.0", + "@bufbuild/protobuf": "2.5.2", "@cyclonedx/cdxgen-plugins-bin": "1.6.12", "@cyclonedx/cdxgen-plugins-bin-darwin-amd64": "1.6.12", "@cyclonedx/cdxgen-plugins-bin-darwin-arm64": "1.6.12", @@ -1500,7 +1510,7 @@ "@cyclonedx/cdxgen-plugins-bin-windows-amd64": "1.6.12", "@cyclonedx/cdxgen-plugins-bin-windows-arm64": "1.6.12", "body-parser": "^2.2.0", - "compression": "^1.7.5", + "compression": "^1.8.0", "connect": "^3.7.0", "jsonata": "^2.0.6", "sequelize": "^6.37.7", @@ -3304,17 +3314,13 @@ "license": "ISC" }, "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.8", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.8.tgz", - "integrity": "sha512-imAbBGkb+ebQyxKgzv5Hu2nmROxoDOXHh80evxdoXNOrvAnVx7zimzc1Oo5h9RlfV4vPXaE2iM5pOFbvOCClWA==", + "version": "0.3.12", + "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.12.tgz", + "integrity": "sha512-OuLGC46TjB5BbN1dH8JULVVZY4WTdkF7tV9Ys6wLL1rubZnCMstOhNHueU5bLCrnRuDhKPDM4g6sw4Bel5Gzqg==", "license": "MIT", "dependencies": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", + "@jridgewell/sourcemap-codec": "^1.5.0", "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" } }, "node_modules/@jridgewell/resolve-uri": { @@ -3326,15 +3332,6 @@ "node": ">=6.0.0" } }, - "node_modules/@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "license": "MIT", - "engines": { - "node": ">=6.0.0" - } - }, "node_modules/@jridgewell/sourcemap-codec": { "version": "1.5.0", "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz", @@ -3342,9 +3339,9 @@ "license": "MIT" }, "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", + "version": "0.3.29", + "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.29.tgz", + "integrity": "sha512-uw6guiW/gcAGPDhLmd77/6lW8QLeiV5RUTsAX46Db6oLhGaVj4lhnPwb184s1bkc8kdVg/+h988dro8GRDpmYQ==", "license": "MIT", "dependencies": { "@jridgewell/resolve-uri": "^3.1.0", @@ -7775,15 +7772,6 @@ "node": "^14.17.0 || ^16.13.0 || >=18.0.0" } }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "license": "MIT", - "engines": { - "node": ">=4" - } - }, "node_modules/globalthis": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/globalthis/-/globalthis-1.0.4.tgz", diff --git a/package.json b/package.json index 23e7c32c..a85bee05 100644 --- a/package.json +++ b/package.json @@ -37,7 +37,7 @@ ], "dependencies": { "@apollo/client": "^3.13.8", - "@cyclonedx/cdxgen": "^11.4.1", + "@cyclonedx/cdxgen": "^11.4.2", "@oclif/core": "^4.4.0", "@oclif/plugin-help": "^6.2.29", "@oclif/plugin-update": "^4.6.45", From 52cac09d2cca0d91a3f684974c42e737b2998a90 Mon Sep 17 00:00:00 2001 From: Rafael Mestre Date: Wed, 2 Jul 2025 16:08:28 -0400 Subject: [PATCH 2/2] chore: bump to 11.4.3; issue upstream with previous release --- package-lock.json | 8 ++++---- package.json | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index f459074a..1dab8b14 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10,7 +10,7 @@ "license": "MIT", "dependencies": { "@apollo/client": "^3.13.8", - "@cyclonedx/cdxgen": "^11.4.2", + "@cyclonedx/cdxgen": "^11.4.3", "@oclif/core": "^4.4.0", "@oclif/plugin-help": "^6.2.29", "@oclif/plugin-update": "^4.6.45", @@ -1448,9 +1448,9 @@ } }, "node_modules/@cyclonedx/cdxgen": { - "version": "11.4.2", - "resolved": "https://registry.npmjs.org/@cyclonedx/cdxgen/-/cdxgen-11.4.2.tgz", - "integrity": "sha512-kmyGNaRa3LjpidLNrH2S5VR8qWJlpIL4TVcpy1f8SOrjcyu2hJU+QljjgGXOiikmC0W/x9BokYnB7Ku8KsqBJg==", + "version": "11.4.3", + "resolved": "https://registry.npmjs.org/@cyclonedx/cdxgen/-/cdxgen-11.4.3.tgz", + "integrity": "sha512-Knt3VO3MDsgoHfw0rMfZsEARxsnZLcJ5REH5XJ8yB36h5RFxNMvTkYeIEcNnbZ7Olvh+PgC8qIhBiEg/YFxTpg==", "license": "Apache-2.0", "dependencies": { "@babel/parser": "^7.27.7", diff --git a/package.json b/package.json index a85bee05..ef7fa0e9 100644 --- a/package.json +++ b/package.json @@ -37,7 +37,7 @@ ], "dependencies": { "@apollo/client": "^3.13.8", - "@cyclonedx/cdxgen": "^11.4.2", + "@cyclonedx/cdxgen": "^11.4.3", "@oclif/core": "^4.4.0", "@oclif/plugin-help": "^6.2.29", "@oclif/plugin-update": "^4.6.45",