fix(deps): bump deps to avoid subdependency problems (#419)

We have some two moderate security issues with current subdependencies that would be good to fix before the cybersecurity audits. I found the deps that had the subdependencies that were causing the issues and upped their versions to the minimum version that didn't have the security issues: a little nicer than just using `resolutions` to override the subdependencies. ## Changes - `"axios": "^1.6.7"` => `"axios": "^1.6.8"` - `"start-server-and-test": "2.0.0"` => `"start-server-and-test": "^2.0.3"` - `"vitest": "0.31.0"` => `"vitest": "^0.34.6"` - `"vite": "^4.4.9"` => `"vite": "^4.5.3"` - `"@vitejs/plugin-react": "4.0.0"` => `"@vitejs/plugin-react": "4.2.1"` ## How to test this PR 1. Checkout the PR 2. Run `yarn install` 3. Run `yarn npm audit` 4. Success! 🎉 ## Screenshots ### Current behavior ![Screenshot 2024-04-24 at 11 56 38 AM](https://github.com/cfpb/sbl-frontend/assets/19983248/06ee8d41-2bae-4647-8343-8884286eaa83) ### Expected behavior ![Screenshot 2024-04-24 at 11 57 01 AM](https://github.com/cfpb/sbl-frontend/assets/19983248/6da0bbda-e939-4948-883c-6ae3b9bc450a)
cfpb · Apr 30, 2024 · 2cc433a · 2cc433a
1 parent 687e466
commit 2cc433a
Show file tree

Hide file tree

Showing 82 changed files with 1,661 additions and 492 deletions.
diff --git a/.pnp.cjs b/.pnp.cjs
diff --git a/.yarn/cache/@babel-code-frame-npm-7.24.2-e104352cc7-70e867340c.zip b/.yarn/cache/@babel-code-frame-npm-7.24.2-e104352cc7-70e867340c.zip
diff --git a/.yarn/cache/@babel-core-npm-7.24.4-5e34d46aa7-15ecad7581.zip b/.yarn/cache/@babel-core-npm-7.24.4-5e34d46aa7-15ecad7581.zip
diff --git a/.yarn/cache/@babel-generator-npm-7.24.4-0bda5be79e-1b6146c313.zip b/.yarn/cache/@babel-generator-npm-7.24.4-0bda5be79e-1b6146c313.zip
diff --git a/.yarn/cache/@babel-helper-plugin-utils-npm-7.24.0-24ea3c3608-e2baa0eede.zip b/.yarn/cache/@babel-helper-plugin-utils-npm-7.24.0-24ea3c3608-e2baa0eede.zip
diff --git a/.yarn/cache/@babel-helpers-npm-7.24.4-2ebaac1a34-ecd2dc0b3b.zip b/.yarn/cache/@babel-helpers-npm-7.24.4-2ebaac1a34-ecd2dc0b3b.zip
diff --git a/.yarn/cache/@babel-highlight-npm-7.24.2-d2e9453f0c-5f17b131cc.zip b/.yarn/cache/@babel-highlight-npm-7.24.2-d2e9453f0c-5f17b131cc.zip
diff --git a/.yarn/cache/@babel-parser-npm-7.24.4-f329cbb36f-94c9e3e592.zip b/.yarn/cache/@babel-parser-npm-7.24.4-f329cbb36f-94c9e3e592.zip
diff --git a/.yarn/cache/@babel-plugin-transform-react-jsx-self-npm-7.23.3-2352452d70-882bf56bc9.zip b/.yarn/cache/@babel-plugin-transform-react-jsx-self-npm-7.23.3-2352452d70-882bf56bc9.zip
diff --git a/.yarn/cache/@babel-plugin-transform-react-jsx-self-npm-7.24.1-f8f4855dc7-a0ff893b94.zip b/.yarn/cache/@babel-plugin-transform-react-jsx-self-npm-7.24.1-f8f4855dc7-a0ff893b94.zip
diff --git a/.yarn/cache/@babel-plugin-transform-react-jsx-source-npm-7.23.3-6d660a728e-92287fb797.zip b/.yarn/cache/@babel-plugin-transform-react-jsx-source-npm-7.23.3-6d660a728e-92287fb797.zip
diff --git a/.yarn/cache/@babel-plugin-transform-react-jsx-source-npm-7.24.1-e820d18c2f-396ce878dc.zip b/.yarn/cache/@babel-plugin-transform-react-jsx-source-npm-7.24.1-e820d18c2f-396ce878dc.zip
diff --git a/.yarn/cache/@babel-template-npm-7.24.0-674650c96c-f257b003c0.zip b/.yarn/cache/@babel-template-npm-7.24.0-674650c96c-f257b003c0.zip
diff --git a/.yarn/cache/@babel-traverse-npm-7.24.1-8b235322a8-92a5ca906a.zip b/.yarn/cache/@babel-traverse-npm-7.24.1-8b235322a8-92a5ca906a.zip
diff --git a/.yarn/cache/@babel-types-npm-7.24.0-a0508cb308-4b574a37d4.zip b/.yarn/cache/@babel-types-npm-7.24.0-a0508cb308-4b574a37d4.zip
diff --git a/.yarn/cache/@esbuild-darwin-x64-npm-0.20.2-f4f3a851d1-8.zip b/.yarn/cache/@esbuild-darwin-x64-npm-0.20.2-f4f3a851d1-8.zip
diff --git a/.yarn/cache/@esbuild-linux-x64-npm-0.20.2-54b0127370-8.zip b/.yarn/cache/@esbuild-linux-x64-npm-0.20.2-54b0127370-8.zip
diff --git a/.yarn/cache/@jridgewell-gen-mapping-npm-0.3.5-d8b85ebeaf-ff7a1764eb.zip b/.yarn/cache/@jridgewell-gen-mapping-npm-0.3.5-d8b85ebeaf-ff7a1764eb.zip
diff --git a/.yarn/cache/@jridgewell-set-array-npm-1.2.1-2312928209-832e513a85.zip b/.yarn/cache/@jridgewell-set-array-npm-1.2.1-2312928209-832e513a85.zip
diff --git a/.yarn/cache/@jridgewell-trace-mapping-npm-0.3.25-c076fd2279-9d3c40d225.zip b/.yarn/cache/@jridgewell-trace-mapping-npm-0.3.25-c076fd2279-9d3c40d225.zip
diff --git a/.yarn/cache/@rollup-rollup-darwin-x64-npm-4.16.4-7c5da33d07-8.zip b/.yarn/cache/@rollup-rollup-darwin-x64-npm-4.16.4-7c5da33d07-8.zip
diff --git a/...dress-npm-4.1.4-32f94bc9f5-b9fca2a93a.zip → ...dress-npm-4.1.5-a3852745c8-3e3ea0f00b.zip b/...dress-npm-4.1.4-32f94bc9f5-b9fca2a93a.zip → ...dress-npm-4.1.5-a3852745c8-3e3ea0f00b.zip
diff --git a/.yarn/cache/@types-babel__core-npm-7.20.5-4d95f75eab-a3226f7930.zip b/.yarn/cache/@types-babel__core-npm-7.20.5-4d95f75eab-a3226f7930.zip
diff --git a/.yarn/cache/@types-babel__generator-npm-7.6.8-61be1197d9-5b332ea336.zip b/.yarn/cache/@types-babel__generator-npm-7.6.8-61be1197d9-5b332ea336.zip
diff --git a/.yarn/cache/@types-babel__template-npm-7.4.4-f34eba762c-d7a02d2a9b.zip b/.yarn/cache/@types-babel__template-npm-7.4.4-f34eba762c-d7a02d2a9b.zip
diff --git a/.yarn/cache/@types-babel__traverse-npm-7.20.5-472b912b02-608e0ab4fc.zip b/.yarn/cache/@types-babel__traverse-npm-7.20.5-472b912b02-608e0ab4fc.zip
diff --git a/.yarn/cache/@types-chai-npm-4.3.14-9fd73bb9b7-962c67d129.zip b/.yarn/cache/@types-chai-npm-4.3.14-9fd73bb9b7-962c67d129.zip
diff --git a/.yarn/cache/@vitejs-plugin-react-npm-4.0.0-e0a2ed08ce-575298f665.zip b/.yarn/cache/@vitejs-plugin-react-npm-4.0.0-e0a2ed08ce-575298f665.zip
diff --git a/.yarn/cache/@vitejs-plugin-react-npm-4.2.1-8b9705c544-08d227d27f.zip b/.yarn/cache/@vitejs-plugin-react-npm-4.2.1-8b9705c544-08d227d27f.zip
diff --git a/.yarn/cache/@vitest-expect-npm-0.31.0-d7219f0669-a752592040.zip b/.yarn/cache/@vitest-expect-npm-0.31.0-d7219f0669-a752592040.zip
diff --git a/.yarn/cache/@vitest-expect-npm-0.34.6-f670aedbd1-37a526f4af.zip b/.yarn/cache/@vitest-expect-npm-0.34.6-f670aedbd1-37a526f4af.zip
diff --git a/.yarn/cache/@vitest-runner-npm-0.31.0-96e394e8cc-69d87de1ee.zip b/.yarn/cache/@vitest-runner-npm-0.31.0-96e394e8cc-69d87de1ee.zip
diff --git a/.yarn/cache/@vitest-runner-npm-0.34.6-dae9162b5c-0357f0a11f.zip b/.yarn/cache/@vitest-runner-npm-0.34.6-dae9162b5c-0357f0a11f.zip
diff --git a/.yarn/cache/@vitest-snapshot-npm-0.31.0-112049957a-0a8481c243.zip b/.yarn/cache/@vitest-snapshot-npm-0.31.0-112049957a-0a8481c243.zip
diff --git a/.yarn/cache/@vitest-snapshot-npm-0.34.6-93feacb2e2-c2f164b237.zip b/.yarn/cache/@vitest-snapshot-npm-0.34.6-93feacb2e2-c2f164b237.zip
diff --git a/.yarn/cache/@vitest-spy-npm-0.31.0-9001effa3c-5edb20d666.zip b/.yarn/cache/@vitest-spy-npm-0.31.0-9001effa3c-5edb20d666.zip
diff --git a/.yarn/cache/@vitest-spy-npm-0.34.6-cbb3bb93a2-b05e5906f2.zip b/.yarn/cache/@vitest-spy-npm-0.34.6-cbb3bb93a2-b05e5906f2.zip
diff --git a/.yarn/cache/@vitest-utils-npm-0.31.0-92875731ed-18197132d6.zip b/.yarn/cache/@vitest-utils-npm-0.31.0-92875731ed-18197132d6.zip
diff --git a/.yarn/cache/@vitest-utils-npm-0.34.6-06b1b9ea99-acf716af2b.zip b/.yarn/cache/@vitest-utils-npm-0.34.6-06b1b9ea99-acf716af2b.zip
diff --git a/.yarn/cache/acorn-npm-8.11.3-0d7ab48b38-76d8e7d559.zip b/.yarn/cache/acorn-npm-8.11.3-0d7ab48b38-76d8e7d559.zip
diff --git a/.yarn/cache/axios-npm-0.27.2-dbe3a48aea-38cb754046.zip b/.yarn/cache/axios-npm-0.27.2-dbe3a48aea-38cb754046.zip
diff --git a/.yarn/cache/axios-npm-1.6.7-d7b9974d1b-87d4d42992.zip b/.yarn/cache/axios-npm-1.6.7-d7b9974d1b-87d4d42992.zip
diff --git a/.yarn/cache/axios-npm-1.6.8-85cf1e7152-bf007fa4b2.zip b/.yarn/cache/axios-npm-1.6.8-85cf1e7152-bf007fa4b2.zip
diff --git a/.yarn/cache/blueimp-md5-npm-2.19.0-0a19585c8c-28095dcbd2.zip b/.yarn/cache/blueimp-md5-npm-2.19.0-0a19585c8c-28095dcbd2.zip
diff --git a/.yarn/cache/chai-npm-4.3.10-96f52a35f0-536668c60a.zip b/.yarn/cache/chai-npm-4.3.10-96f52a35f0-536668c60a.zip
diff --git a/.yarn/cache/chai-npm-4.4.1-ffd006b4b1-9ab84f36eb.zip b/.yarn/cache/chai-npm-4.4.1-ffd006b4b1-9ab84f36eb.zip
diff --git a/.yarn/cache/concordance-npm-5.0.4-e641405dd9-749153ba71.zip b/.yarn/cache/concordance-npm-5.0.4-e641405dd9-749153ba71.zip
diff --git a/.yarn/cache/date-time-npm-3.1.0-50f6af7aef-f9cfcd1b15.zip b/.yarn/cache/date-time-npm-3.1.0-50f6af7aef-f9cfcd1b15.zip
diff --git a/.yarn/cache/esbuild-npm-0.20.2-1923187a7f-bc88050fc1.zip b/.yarn/cache/esbuild-npm-0.20.2-1923187a7f-bc88050fc1.zip
diff --git a/.yarn/cache/follow-redirects-npm-1.15.3-ca69c47b72-584da22ec5.zip b/.yarn/cache/follow-redirects-npm-1.15.3-ca69c47b72-584da22ec5.zip
diff --git a/...ects-npm-1.15.5-9d14db76ca-5ca49b5ce6.zip → ...ects-npm-1.15.6-50635fe51d-a62c378dfc.zip b/...ects-npm-1.15.5-9d14db76ca-5ca49b5ce6.zip → ...ects-npm-1.15.6-50635fe51d-a62c378dfc.zip
diff --git a/.yarn/cache/joi-npm-17.11.0-66efd6d755-3a4e9ecba3.zip b/.yarn/cache/joi-npm-17.11.0-66efd6d755-3a4e9ecba3.zip
diff --git a/.yarn/cache/joi-npm-17.13.0-400350b36d-ecde54b070.zip b/.yarn/cache/joi-npm-17.13.0-400350b36d-ecde54b070.zip
diff --git a/.yarn/cache/js-string-escape-npm-1.0.1-8b8d76add3-f11e0991bf.zip b/.yarn/cache/js-string-escape-npm-1.0.1-8b8d76add3-f11e0991bf.zip
diff --git a/.yarn/cache/magic-string-npm-0.30.10-f4e92e6784-456fd47c39.zip b/.yarn/cache/magic-string-npm-0.30.10-f4e92e6784-456fd47c39.zip
diff --git a/.yarn/cache/md5-hex-npm-3.0.1-d9f5f267ed-6799a19e8b.zip b/.yarn/cache/md5-hex-npm-3.0.1-d9f5f267ed-6799a19e8b.zip
diff --git a/.yarn/cache/mlly-npm-1.6.1-947df259c8-c40a547dba.zip b/.yarn/cache/mlly-npm-1.6.1-947df259c8-c40a547dba.zip
diff --git a/.yarn/cache/pathe-npm-1.1.2-b80d94db55-ec5f778d97.zip b/.yarn/cache/pathe-npm-1.1.2-b80d94db55-ec5f778d97.zip
diff --git a/.yarn/cache/postcss-npm-8.4.38-495621b279-649f9e60a7.zip b/.yarn/cache/postcss-npm-8.4.38-495621b279-649f9e60a7.zip
diff --git a/.yarn/cache/rollup-npm-4.16.4-b0760b4ee2-fe19998a00.zip b/.yarn/cache/rollup-npm-4.16.4-b0760b4ee2-fe19998a00.zip
diff --git a/.yarn/cache/source-map-js-npm-1.2.0-6e63f357e5-791a43306d.zip b/.yarn/cache/source-map-js-npm-1.2.0-6e63f357e5-791a43306d.zip
diff --git a/.yarn/cache/start-server-and-test-npm-2.0.0-f210f7edcd-8788e59ad7.zip b/.yarn/cache/start-server-and-test-npm-2.0.0-f210f7edcd-8788e59ad7.zip
diff --git a/.yarn/cache/start-server-and-test-npm-2.0.3-0dbea6192f-8e2844a1fa.zip b/.yarn/cache/start-server-and-test-npm-2.0.3-0dbea6192f-8e2844a1fa.zip
diff --git a/.yarn/cache/time-zone-npm-1.0.0-0522e3467f-e46f5a69b8.zip b/.yarn/cache/time-zone-npm-1.0.0-0522e3467f-e46f5a69b8.zip
diff --git a/.yarn/cache/tinybench-npm-2.5.1-0c7b25aad4-6d98526c00.zip b/.yarn/cache/tinybench-npm-2.5.1-0c7b25aad4-6d98526c00.zip
diff --git a/.yarn/cache/tinybench-npm-2.8.0-e63baae395-024a307c6a.zip b/.yarn/cache/tinybench-npm-2.8.0-e63baae395-024a307c6a.zip
diff --git a/.yarn/cache/tinypool-npm-0.5.0-f0c857eb2f-4e0dfd8f28.zip b/.yarn/cache/tinypool-npm-0.5.0-f0c857eb2f-4e0dfd8f28.zip
diff --git a/.yarn/cache/tinypool-npm-0.7.0-725c438ec5-fdcccd5c75.zip b/.yarn/cache/tinypool-npm-0.7.0-725c438ec5-fdcccd5c75.zip
diff --git a/.yarn/cache/tinyspy-npm-2.2.0-226debb582-36431acaa6.zip b/.yarn/cache/tinyspy-npm-2.2.0-226debb582-36431acaa6.zip
diff --git a/.yarn/cache/tinyspy-npm-2.2.1-1079b8de54-170d6232e8.zip b/.yarn/cache/tinyspy-npm-2.2.1-1079b8de54-170d6232e8.zip
diff --git a/.yarn/cache/ufo-npm-1.5.3-8c9d710312-2f54fa543b.zip b/.yarn/cache/ufo-npm-1.5.3-8c9d710312-2f54fa543b.zip
diff --git a/.yarn/cache/vite-node-npm-0.31.0-0b476529fb-8b4975382b.zip b/.yarn/cache/vite-node-npm-0.31.0-0b476529fb-8b4975382b.zip
diff --git a/.yarn/cache/vite-node-npm-0.34.6-f0f2e1349b-46eba82bf8.zip b/.yarn/cache/vite-node-npm-0.34.6-f0f2e1349b-46eba82bf8.zip
diff --git a/.../vite-npm-4.5.1-567bbcf9ff-72b3584b3d.zip → .../vite-npm-4.5.3-5cedc7cb8f-fd3f512ce4.zip b/.../vite-npm-4.5.1-567bbcf9ff-72b3584b3d.zip → .../vite-npm-4.5.3-5cedc7cb8f-fd3f512ce4.zip
diff --git a/.yarn/cache/vite-npm-5.2.10-08834d3974-feb11be2b9.zip b/.yarn/cache/vite-npm-5.2.10-08834d3974-feb11be2b9.zip
diff --git a/.yarn/cache/vitest-npm-0.31.0-3daa7a7193-9e612a8953.zip b/.yarn/cache/vitest-npm-0.31.0-3daa7a7193-9e612a8953.zip
diff --git a/.yarn/cache/vitest-npm-0.34.6-48e1d6f80a-45f5c1987f.zip b/.yarn/cache/vitest-npm-0.34.6-48e1d6f80a-45f5c1987f.zip
diff --git a/.yarn/cache/wait-on-npm-7.0.1-c9a68ea82f-1e8a17d8ee.zip b/.yarn/cache/wait-on-npm-7.0.1-c9a68ea82f-1e8a17d8ee.zip
diff --git a/.yarn/cache/wait-on-npm-7.2.0-672226c2e5-69ec1432bb.zip b/.yarn/cache/wait-on-npm-7.2.0-672226c2e5-69ec1432bb.zip
diff --git a/.yarn/cache/well-known-symbols-npm-2.0.0-16fb8dedc6-4f54bbc301.zip b/.yarn/cache/well-known-symbols-npm-2.0.0-16fb8dedc6-4f54bbc301.zip
diff --git a/package.json b/package.json
@@ -35,7 +35,7 @@
     "@hookform/resolvers": "^3.2.0",
     "@tanstack/react-query": "4.29.7",
     "@tanstack/react-table": "^8.9.1",
-    "axios": "^1.6.7",
+    "axios": "^1.6.8",
     "classnames": "^2.3.2",
     "design-system-react": "https://github.com/cfpb/design-system-react",
     "immer": "^10.0.2",
@@ -74,7 +74,7 @@
     "@types/testing-library__jest-dom": "5.14.5",
     "@typescript-eslint/eslint-plugin": "^6.2.0",
     "@typescript-eslint/parser": "^6.2.0",
-    "@vitejs/plugin-react": "4.0.0",
+    "@vitejs/plugin-react": "4.2.1",
     "@vitest/coverage-istanbul": "0.31.0",
     "add": "^2.0.6",
     "autoprefixer": "^10.4.14",
@@ -106,16 +106,16 @@
     "postcss": "^8.4.27",
     "prettier": "^3.0.0",
     "prettier-plugin-tailwindcss": "^0.4.1",
-    "start-server-and-test": "2.0.0",
+    "start-server-and-test": "^2.0.3",
     "stylelint": "15.6.1",
     "stylelint-config-prettier": "9.0.5",
     "stylelint-config-standard": "33.0.0",
     "tailwindcss": "^3.3.3",
     "typescript": "5.0.4",
-    "vite": "^4.4.9",
+    "vite": "^4.5.3",
     "vite-plugin-pwa": "0.14.7",
     "vite-tsconfig-paths": "4.2.0",
-    "vitest": "0.31.0",
+    "vitest": "^0.34.6",
     "whatwg-fetch": "3.6.2",
     "workbox-build": "6.5.4",
     "workbox-window": "6.5.4"