From 1b9749a1de46243c7b739df9dcb0d09cb0e595dc Mon Sep 17 00:00:00 2001 From: Chirag Madlani <12962843+chirag-madlani@users.noreply.github.com> Date: Thu, 3 Jul 2025 20:08:38 +0530 Subject: [PATCH] fix: openmetadata-ui/src/main/resources/ui/package.json & openmetadata-ui/src/main/resources/ui/yarn.lock to reduce vulnerabilities (#22086) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 Co-authored-by: snyk-bot --- .../src/main/resources/ui/package.json | 2 +- .../src/main/resources/ui/yarn.lock | 47 ++++++++----------- 2 files changed, 21 insertions(+), 28 deletions(-) diff --git a/openmetadata-ui/src/main/resources/ui/package.json b/openmetadata-ui/src/main/resources/ui/package.json index ea8525a2730..e21b10162ef 100644 --- a/openmetadata-ui/src/main/resources/ui/package.json +++ b/openmetadata-ui/src/main/resources/ui/package.json @@ -53,7 +53,7 @@ "@github/g-emoji-element": "^1.1.5", "@inovua/reactdatagrid-community": "^5.10.2", "@melloware/react-logviewer": "^6.2.0", - "@okta/okta-auth-js": "^7.8.1", + "@okta/okta-auth-js": "^7.11.3", "@okta/okta-react": "^6.4.3", "@react-awesome-query-builder/antd": "^6.6.15", "@rjsf/core": "5.24.8", diff --git a/openmetadata-ui/src/main/resources/ui/yarn.lock b/openmetadata-ui/src/main/resources/ui/yarn.lock index 9f046fc1333..ba76aeb41fe 100644 --- a/openmetadata-ui/src/main/resources/ui/yarn.lock +++ b/openmetadata-ui/src/main/resources/ui/yarn.lock @@ -2191,10 +2191,10 @@ core-js-pure "^3.30.2" regenerator-runtime "^0.14.0" -"@babel/runtime@7.22.10": - version "7.22.10" - resolved "https://registry.npmjs.org/@babel/runtime/-/runtime-7.22.10.tgz" - integrity sha512-21t/fkKLMZI4pqP2wlmsQAWnYW1PDyKyyUV4vCi+B25ydmdaYTKXPwCj0BzSUnZf4seIiYvSA3jcZ3gdsMFkLQ== +"@babel/runtime@7.27.0", "@babel/runtime@^7.20.7", "@babel/runtime@^7.21.0", "@babel/runtime@^7.23.2", "@babel/runtime@^7.24.7": + version "7.27.0" + resolved "https://registry.npmjs.org/@babel/runtime/-/runtime-7.27.0.tgz" + integrity sha512-VtPOkrdPHZsKc/clNqyi9WUA8TINkZ4cGk63UUE3u4pmB2k+ZMQRDuIOagv8UVd6j7k0T3+RRIb7beKTebNbcw== dependencies: regenerator-runtime "^0.14.0" @@ -2233,13 +2233,6 @@ dependencies: regenerator-runtime "^0.13.4" -"@babel/runtime@^7.20.7", "@babel/runtime@^7.21.0", "@babel/runtime@^7.23.2", "@babel/runtime@^7.24.7": - version "7.27.0" - resolved "https://registry.npmjs.org/@babel/runtime/-/runtime-7.27.0.tgz" - integrity sha512-VtPOkrdPHZsKc/clNqyi9WUA8TINkZ4cGk63UUE3u4pmB2k+ZMQRDuIOagv8UVd6j7k0T3+RRIb7beKTebNbcw== - dependencies: - regenerator-runtime "^0.14.0" - "@babel/runtime@^7.27.0": version "7.27.1" resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.27.1.tgz#9fce313d12c9a77507f264de74626e87fd0dc541" @@ -2941,16 +2934,16 @@ "@nodelib/fs.scandir" "2.1.5" fastq "^1.6.0" -"@okta/okta-auth-js@^7.8.1": - version "7.10.1" - resolved "https://registry.npmjs.org/@okta/okta-auth-js/-/okta-auth-js-7.10.1.tgz" - integrity sha512-xCjSlz0G1StNCbSJjyX8e2dq38miW7fprOhaf51QXqPUQMnV1tjwvjRDUF20mtkaRio1ObsnqcKI4xXPA3YYew== +"@okta/okta-auth-js@^7.11.3": + version "7.12.1" + resolved "https://registry.yarnpkg.com/@okta/okta-auth-js/-/okta-auth-js-7.12.1.tgz#876b57d08c43b7cf6cae0d749e8edb9817daea57" + integrity sha512-5xFMgB5Z880adGi2DmnCnfeEkXzrptIfHzaeV1gYt1ifVYFmRoi0tcOVjXUho4KT8z4EbW/KbLEiQtENNoWlzA== dependencies: - "@babel/runtime" "^7.12.5" + "@babel/runtime" "^7.27.0" "@peculiar/webcrypto" "^1.4.0" Base64 "1.1.0" atob "^2.1.2" - broadcast-channel "~5.3.0" + broadcast-channel "^7.1.0" btoa "^1.2.1" core-js "^3.39.0" cross-fetch "^3.1.5" @@ -5916,13 +5909,13 @@ braces@^3.0.3, braces@~3.0.2: dependencies: fill-range "^7.1.1" -broadcast-channel@~5.3.0: - version "5.3.0" - resolved "https://registry.npmjs.org/broadcast-channel/-/broadcast-channel-5.3.0.tgz" - integrity sha512-0PmDYc/iUGZ4QbnCnV7u+WleygiS1bZ4oV6t4rANXYtSgEFtGhB5jimJPLOVpPtce61FVxrH8CYylfO5g7OLKw== +broadcast-channel@^7.1.0: + version "7.1.0" + resolved "https://registry.yarnpkg.com/broadcast-channel/-/broadcast-channel-7.1.0.tgz#fe64bea202f45d0fa91ad19498154527fd78cfbe" + integrity sha512-InJljddsYWbEL8LBnopnCg+qMQp9KcowvYWOt4YWrjD5HmxzDYKdVbDS1w/ji5rFZdRD58V5UxJPtBdpEbEJYw== dependencies: - "@babel/runtime" "7.22.10" - oblivious-set "1.1.1" + "@babel/runtime" "7.27.0" + oblivious-set "1.4.0" p-queue "6.6.2" unload "2.4.1" @@ -11119,10 +11112,10 @@ object.values@^1.2.0: define-properties "^1.2.1" es-object-atoms "^1.0.0" -oblivious-set@1.1.1: - version "1.1.1" - resolved "https://registry.npmjs.org/oblivious-set/-/oblivious-set-1.1.1.tgz" - integrity sha512-Oh+8fK09mgGmAshFdH6hSVco6KZmd1tTwNFWj35OvzdmJTMZtAkbn05zar2iG3v6sDs1JLEtOiBGNb6BHwkb2w== +oblivious-set@1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/oblivious-set/-/oblivious-set-1.4.0.tgz#1ee7c90f0605bb2a182fbcc8fffbe324d9994b43" + integrity sha512-szyd0ou0T8nsAqHtprRcP3WidfsN1TnAR5yWXf2mFCEr5ek3LEOkT6EZ/92Xfs74HIdyhG5WkGxIssMU0jBaeg== obuf@^1.0.0, obuf@^1.1.2: version "1.1.2"