Merge pull request #328 from Mastermindzh/snyk-fix-5b834b0a172c91c6dbd6e4c6b03d9877

[Snyk] Security upgrade axios from 1.6.1 to 1.6.4
fix: package.json & package-lock.json to reduce vulnerabilities
2025-09-12 14:49:40 +02:00 · 2024-01-05 17:08:50 +01:00 · 2024-01-05 14:45:13 +00:00 · 2024-01-03 11:13:26 +01:00 · 2023-12-27 18:46:12 +01:00 · 2023-12-27 17:22:47 +00:00
3 changed files with 32 additions and 32 deletions
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,23 +1,23 @@
 {
-  "name": "TIDAL Hi-Fi",
+  "name": "tidal-hifi",
  "version": "5.7.1",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
-      "name": "TIDAL Hi-Fi",
+      "name": "tidal-hifi",
      "version": "5.7.1",
      "license": "MIT",
      "dependencies": {
-        "@electron/remote": "^2.0.10",
-        "axios": "^1.4.0",
+        "@electron/remote": "^2.1.0",
+        "axios": "^1.6.4",
        "discord-rpc": "^4.0.1",
        "electron-store": "^8.1.0",
        "express": "^4.18.2",
-        "hotkeys-js": "^3.12.0",
+        "hotkeys-js": "^3.12.1",
        "mpris-service": "^2.1.2",
        "request": "^2.88.2",
-        "sass": "^1.64.1"
+        "sass": "^1.69.5"
      },
      "devDependencies": {
        "@mastermindzh/prettier-config": "^1.0.0",
@@ -510,9 +510,9 @@
      }
    },
    "node_modules/@electron/remote": {
-      "version": "2.0.10",
-      "resolved": "https://registry.npmjs.org/@electron/remote/-/remote-2.0.10.tgz",
-      "integrity": "sha512-3SFKKaQXcyWgwmibud+UqJl/XlHOgLcI3fwtB9pNelPSJAcTxocOJrF6FaxBIQaj1+R05Di6xuAswZpXAW7xhA==",
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/@electron/remote/-/remote-2.1.0.tgz",
+      "integrity": "sha512-38jzz2beoYTo0DNS+aoaGyLS/fHeNTAc1Aom6HlYsxKnvVWjcg4xriC7J2IUkYSEDHGKX/D7jUst+mH4dHR6QA==",
      "peerDependencies": {
        "electron": ">= 13.0.0"
      }
@@ -1976,11 +1976,11 @@
      "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg=="
    },
    "node_modules/axios": {
-      "version": "1.4.0",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.4.0.tgz",
-      "integrity": "sha512-S4XCWMEmzvo64T9GfvQDOXgYRDJ/wsSZc7Jvdgx5u1sd0JwsuPLqb3SYmusag+edF6ziyMensPVqLTSc1PiSEA==",
+      "version": "1.6.4",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.4.tgz",
+      "integrity": "sha512-heJnIs6N4aa1eSthhN9M5ioILu8Wi8vmQW9iHQ9NUvfkJb0lEEDUiIdQNAuBtfUt3FxReaKdpQA5DbmMOqzF/A==",
      "dependencies": {
-        "follow-redirects": "^1.15.0",
+        "follow-redirects": "^1.15.4",
        "form-data": "^4.0.0",
        "proxy-from-env": "^1.1.0"
      }
@@ -4234,9 +4234,9 @@
      "dev": true
    },
    "node_modules/follow-redirects": {
-      "version": "1.15.2",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz",
-      "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==",
+      "version": "1.15.4",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.4.tgz",
+      "integrity": "sha512-Cr4D/5wlrb0z9dgERpUL3LrmPKVDsETIJhaCMeDfuFYcqa5bldGV6wBsAN6X/vxlXQtFBMrXdXxdL8CbDTGniw==",
      "funding": [
        {
          "type": "individual",
@@ -4855,9 +4855,9 @@
      }
    },
    "node_modules/hotkeys-js": {
-      "version": "3.12.0",
-      "resolved": "https://registry.npmjs.org/hotkeys-js/-/hotkeys-js-3.12.0.tgz",
-      "integrity": "sha512-Z+N573ycUKIGwFYS3ID1RzMJiGmtWMGKMiaNLyJS8B1ei+MllF4ZYmKS2T0kMWBktOz+WZLVNikftEgnukOrXg=="
+      "version": "3.12.1",
+      "resolved": "https://registry.npmjs.org/hotkeys-js/-/hotkeys-js-3.12.1.tgz",
+      "integrity": "sha512-Z0yc462GuhzPGVTveM3QIW/lg8pshmopLRX8DPG8rm67CPMSRqXmdkVzcSmhqSu4ULivhkUeJy9umTPE6i73lg=="
    },
    "node_modules/html-tags": {
      "version": "3.3.1",
@@ -6977,9 +6977,9 @@
      }
    },
    "node_modules/postcss": {
-      "version": "8.4.25",
-      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.25.tgz",
-      "integrity": "sha512-7taJ/8t2av0Z+sQEvNzCkpDynl0tX3uJMCODi6nT3PfASC7dYCWV9aQ+uiCf+KBD4SEFcu+GvJdGdwzQ6OSjCw==",
+      "version": "8.4.31",
+      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.31.tgz",
+      "integrity": "sha512-PS08Iboia9mts/2ygV3eLpY5ghnUcfLV/EXTOW1E2qYxJKGGBUtNjN76FYHnMs36RmARn41bC0AZmn+rR0OVpQ==",
      "dev": true,
      "funding": [
        {
@@ -7794,9 +7794,9 @@
      }
    },
    "node_modules/sass": {
-      "version": "1.64.1",
-      "resolved": "https://registry.npmjs.org/sass/-/sass-1.64.1.tgz",
-      "integrity": "sha512-16rRACSOFEE8VN7SCgBu1MpYCyN7urj9At898tyzdXFhC+a+yOX5dXwAR7L8/IdPJ1NB8OYoXmD55DM30B2kEQ==",
+      "version": "1.69.5",
+      "resolved": "https://registry.npmjs.org/sass/-/sass-1.69.5.tgz",
+      "integrity": "sha512-qg2+UCJibLr2LCVOt3OlPhr/dqVHWOa9XtZf2OjbLs/T4VPSJ00udtgJxH3neXZm+QqX8B+3cU7RaLqp1iVfcQ==",
      "dependencies": {
        "chokidar": ">=3.0.0 <4.0.0",
        "immutable": "^4.0.0",
@@ -9340,4 +9340,4 @@
      }
    }
  }
-}
+}
--- a/package.json
+++ b/package.json
@@ -38,15 +38,15 @@
  "homepage": "https://github.com/Mastermindzh/tidal-hifi",
  "license": "MIT",
  "dependencies": {
-    "@electron/remote": "^2.0.10",
-    "axios": "^1.4.0",
+    "@electron/remote": "^2.1.0",
+    "axios": "^1.6.4",
    "discord-rpc": "^4.0.1",
    "electron-store": "^8.1.0",
    "express": "^4.18.2",
-    "hotkeys-js": "^3.12.0",
+    "hotkeys-js": "^3.12.1",
    "mpris-service": "^2.1.2",
    "request": "^2.88.2",
-    "sass": "^1.64.1"
+    "sass": "^1.69.5"
  },
  "devDependencies": {
    "@mastermindzh/prettier-config": "^1.0.0",
--- a/src/pages/settings/settings.html
+++ b/src/pages/settings/settings.html
@@ -389,7 +389,7 @@
          <img alt="tidal icon" class="about-section__icon" src="./icon.png" />
          <h4>TIDAL Hi-Fi</h4>
          <div class="about-section__version">
-            <a href="">5.7.0</a>
+            <a href="">5.7.1</a>
          </div>
          <div class="about-section__links">
            <a href="https://github.com/mastermindzh/tidal-hifi/" class="about-section__button">Github <i
@@ -411,4 +411,4 @@
  </div>
 </body>

-</html>
+</html>
Author	SHA1	Message	Date
Rick van Lieshout	98f75418eb	Merge pull request #328 from Mastermindzh/snyk-fix-5b834b0a172c91c6dbd6e4c6b03d9877 [Snyk] Security upgrade axios from 1.6.1 to 1.6.4	2024-01-05 17:08:50 +01:00
snyk-bot	0d1a533f71	fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6144788	2024-01-05 14:45:13 +00:00
Rick van Lieshout	000bade444	Merge pull request #318 from Mastermindzh/snyk-upgrade-a7dcb80854fc3341d7e4a4c9b2d140dd [Snyk] Upgrade hotkeys-js from 3.12.0 to 3.12.1	2024-01-03 11:13:26 +01:00
Rick van Lieshout	69f2e26ca9	Merge pull request #322 from Mastermindzh/snyk-fix-ac9b86db7e6eed757b21e57b4b9f4d50 [Snyk] Security upgrade axios from 1.6.1 to 1.6.3	2023-12-27 18:46:12 +01:00
snyk-bot	60d7da4652	fix: package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6124857	2023-12-27 17:22:47 +00:00
snyk-bot	6ef6bc0d40	fix: upgrade hotkeys-js from 3.12.0 to 3.12.1 Snyk has created this PR to upgrade hotkeys-js from 3.12.0 to 3.12.1. See this package in npm: https://www.npmjs.com/package/hotkeys-js See this project in Snyk: https://app.snyk.io/org/mastermindzh/project/dade8f03-2064-49a3-8957-edbacec3887c?utm_source=github&utm_medium=referral&page=upgrade-pr	2023-12-16 18:05:45 +00:00
Rick van Lieshout	89592bcf4d	Merge pull request #315 from Mastermindzh/snyk-upgrade-5b80ec2bed8c1f70adc33a0a4a10d7e0 [Snyk] Upgrade sass from 1.68.0 to 1.69.5	2023-12-11 09:51:26 +01:00
Rick van Lieshout	f5185c6627	Merge pull request #316 from Mastermindzh/snyk-upgrade-c73d2072bad8c0ab65966f379416a611 [Snyk] Upgrade @electron/remote from 2.0.10 to 2.1.0	2023-12-11 09:51:15 +01:00
snyk-bot	a01fcd0791	fix: upgrade @electron/remote from 2.0.10 to 2.1.0 Snyk has created this PR to upgrade @electron/remote from 2.0.10 to 2.1.0. See this package in npm: https://www.npmjs.com/package/@electron/remote See this project in Snyk: https://app.snyk.io/org/mastermindzh/project/dade8f03-2064-49a3-8957-edbacec3887c?utm_source=github&utm_medium=referral&page=upgrade-pr	2023-12-06 21:30:41 +00:00
snyk-bot	69eef58f8e	fix: upgrade sass from 1.68.0 to 1.69.5 Snyk has created this PR to upgrade sass from 1.68.0 to 1.69.5. See this package in npm: https://www.npmjs.com/package/sass See this project in Snyk: https://app.snyk.io/org/mastermindzh/project/dade8f03-2064-49a3-8957-edbacec3887c?utm_source=github&utm_medium=referral&page=upgrade-pr	2023-12-06 21:30:36 +00:00
Rick van Lieshout	ff060a31e5	Merge pull request #303 from Mastermindzh/snyk-upgrade-f365250579f36ba9d4c0e6f3c2d02d6c [Snyk] Upgrade sass from 1.67.0 to 1.68.0	2023-12-05 15:23:41 +01:00
Rick van Lieshout	cbc7fc4a4e	Merge pull request #308 from Strum355/bump-settings-html-version Bump tidal version string in settings.html	2023-12-05 15:23:24 +01:00
Rick van Lieshout	173c502143	Merge pull request #313 from Mastermindzh/snyk-upgrade-3196835d8546696d8f3d985ff9b04773 [Snyk] Upgrade axios from 1.6.0 to 1.6.1	2023-12-05 15:22:24 +01:00
snyk-bot	5111af6a71	fix: upgrade axios from 1.6.0 to 1.6.1 Snyk has created this PR to upgrade axios from 1.6.0 to 1.6.1. See this package in npm: https://www.npmjs.com/package/axios See this project in Snyk: https://app.snyk.io/org/mastermindzh/project/dade8f03-2064-49a3-8957-edbacec3887c?utm_source=github&utm_medium=referral&page=upgrade-pr	2023-11-29 16:31:32 +00:00
Noah Santschi-Cooney	f094139794	Bump tidal version string in settings.html	2023-11-08 12:58:37 +00:00
Rick van Lieshout	b3d9b187c1	Merge pull request #304 from Mastermindzh/snyk-fix-200f82c042bab393c56350118c69a58e [Snyk] Security upgrade axios from 1.5.1 to 1.6.0	2023-10-28 22:28:30 +02:00
snyk-bot	276632ea9d	fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6032459	2023-10-27 17:23:08 +00:00
snyk-bot	c298b73773	fix: upgrade sass from 1.67.0 to 1.68.0 Snyk has created this PR to upgrade sass from 1.67.0 to 1.68.0. See this package in npm: https://www.npmjs.com/package/sass See this project in Snyk: https://app.snyk.io/org/mastermindzh/project/dade8f03-2064-49a3-8957-edbacec3887c?utm_source=github&utm_medium=referral&page=upgrade-pr	2023-10-24 06:35:47 +00:00
Rick van Lieshout	d14dbad9ea	Merge pull request #298 from Mastermindzh/snyk-upgrade-3e4ac8a7e4360e5de1c0538d47c8656a [Snyk] Upgrade sass from 1.66.1 to 1.67.0	2023-10-23 12:50:08 +02:00
Rick van Lieshout	9e8f6a61f3	Merge pull request #299 from Mastermindzh/dependabot/npm_and_yarn/postcss-8.4.31 chore(deps-dev): bump postcss from 8.4.25 to 8.4.31	2023-10-23 12:49:56 +02:00
Rick van Lieshout	387a544b0f	Merge pull request #301 from Mastermindzh/snyk-upgrade-1427d58228aba014cc2ab24ae2c5a2b0 [Snyk] Upgrade axios from 1.5.0 to 1.5.1	2023-10-23 12:49:47 +02:00
snyk-bot	76fa8de96c	fix: upgrade axios from 1.5.0 to 1.5.1 Snyk has created this PR to upgrade axios from 1.5.0 to 1.5.1. See this package in npm: https://www.npmjs.com/package/axios See this project in Snyk: https://app.snyk.io/org/mastermindzh/project/dade8f03-2064-49a3-8957-edbacec3887c?utm_source=github&utm_medium=referral&page=upgrade-pr	2023-10-18 04:44:56 +00:00
dependabot[bot]	fc2d5d20ca	chore(deps-dev): bump postcss from 8.4.25 to 8.4.31 Bumps [postcss](https://github.com/postcss/postcss) from 8.4.25 to 8.4.31. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/8.4.25...8.4.31) --- updated-dependencies: - dependency-name: postcss dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2023-10-07 22:57:03 +00:00
snyk-bot	9ba2d0fe26	fix: upgrade sass from 1.66.1 to 1.67.0 Snyk has created this PR to upgrade sass from 1.66.1 to 1.67.0. See this package in npm: https://www.npmjs.com/package/sass See this project in Snyk: https://app.snyk.io/org/mastermindzh/project/dade8f03-2064-49a3-8957-edbacec3887c?utm_source=github&utm_medium=referral&page=upgrade-pr	2023-10-05 04:01:35 +00:00
Rick van Lieshout	d94d42e2bd	Merge pull request #294 from Mastermindzh/snyk-upgrade-824dc5a15cb4adae0ec625cbc576dbfb [Snyk] Upgrade sass from 1.64.2 to 1.66.1	2023-09-20 13:51:08 +02:00
snyk-bot	00db9f753e	fix: upgrade sass from 1.64.2 to 1.66.1 Snyk has created this PR to upgrade sass from 1.64.2 to 1.66.1. See this package in npm: https://www.npmjs.com/package/sass See this project in Snyk: https://app.snyk.io/org/mastermindzh/project/dade8f03-2064-49a3-8957-edbacec3887c?utm_source=github&utm_medium=referral&page=upgrade-pr	2023-09-19 04:49:03 +00:00
Rick van Lieshout	696a2730be	Merge pull request #278 from Mastermindzh/snyk-upgrade-8ee3a208d13f6a6df49e7a13d3e6ac99 [Snyk] Upgrade sass from 1.64.1 to 1.64.2	2023-09-18 09:32:58 +02:00
Rick van Lieshout	6a5814c446	Merge pull request #293 from Mastermindzh/snyk-upgrade-9d38cbb1535d5013d209793378f2adbd [Snyk] Upgrade axios from 1.4.0 to 1.5.0	2023-09-18 09:32:40 +02:00
snyk-bot	2326c6dd6a	fix: upgrade axios from 1.4.0 to 1.5.0 Snyk has created this PR to upgrade axios from 1.4.0 to 1.5.0. See this package in npm: https://www.npmjs.com/package/axios See this project in Snyk: https://app.snyk.io/org/mastermindzh/project/dade8f03-2064-49a3-8957-edbacec3887c?utm_source=github&utm_medium=referral&page=upgrade-pr	2023-09-17 07:09:49 +00:00
snyk-bot	b3fffc78ec	fix: upgrade sass from 1.64.1 to 1.64.2 Snyk has created this PR to upgrade sass from 1.64.1 to 1.64.2. See this package in npm: https://www.npmjs.com/package/sass See this project in Snyk: https://app.snyk.io/org/mastermindzh/project/dade8f03-2064-49a3-8957-edbacec3887c?utm_source=github&utm_medium=referral&page=upgrade-pr	2023-08-22 17:35:19 +00:00