diff --git a/CHANGELOG.md b/CHANGELOG.md index ce42bfee1..4efa63464 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # Changelog Fab-manager +- Updated environment documentation +- Fix a bug: a sentence was not linked to a translation key +- Fix a security issue: updated image_processing to 1.12.2 to fix [CVE-2022-24720](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24720) +- Fix a security issue: updated url-parse to 1.5.10 to fix [CVE-2022-0686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0686), [CVE-2022-0691](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0691), [CVE-2022-0639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0639) and [CVE-2022-0512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0512) +- Fix a security issue: updated rails to 5.2.6.3 to fix [CVE-2022-21831](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831), [CVE-2022-23633](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633) +- Fix a security issue: updated sidekiq to 6.4.0 to fix [CVE-2022-23837](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23837) + ## v5.3.5 2022 March 02 - Added [an option](doc/environment.md#OPENLAB_SSL_VERIFY) to allow set verify ssl option for OpenLab diff --git a/Gemfile.lock b/Gemfile.lock index da4f14345..a6427235c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -4,46 +4,46 @@ GEM Ascii85 (1.0.3) aasm (5.0.8) concurrent-ruby (~> 1.0) - actioncable (5.2.6) - actionpack (= 5.2.6) + actioncable (5.2.6.3) + actionpack (= 5.2.6.3) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailer (5.2.6) - actionpack (= 5.2.6) - actionview (= 5.2.6) - activejob (= 5.2.6) + actionmailer (5.2.6.3) + actionpack (= 5.2.6.3) + actionview (= 5.2.6.3) + activejob (= 5.2.6.3) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (5.2.6) - actionview (= 5.2.6) - activesupport (= 5.2.6) + actionpack (5.2.6.3) + actionview (= 5.2.6.3) + activesupport (= 5.2.6.3) rack (~> 2.0, >= 2.0.8) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.2) actionpack-page_caching (1.2.2) actionpack (>= 5.0.0) - actionview (5.2.6) - activesupport (= 5.2.6) + actionview (5.2.6.3) + activesupport (= 5.2.6.3) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.3) active_record_query_trace (1.7) - activejob (5.2.6) - activesupport (= 5.2.6) + activejob (5.2.6.3) + activesupport (= 5.2.6.3) globalid (>= 0.3.6) - activemodel (5.2.6) - activesupport (= 5.2.6) - activerecord (5.2.6) - activemodel (= 5.2.6) - activesupport (= 5.2.6) + activemodel (5.2.6.3) + activesupport (= 5.2.6.3) + activerecord (5.2.6.3) + activemodel (= 5.2.6.3) + activesupport (= 5.2.6.3) arel (>= 9.0) - activestorage (5.2.6) - actionpack (= 5.2.6) - activerecord (= 5.2.6) + activestorage (5.2.6.3) + actionpack (= 5.2.6.3) + activerecord (= 5.2.6.3) marcel (~> 1.0.0) - activesupport (5.2.6) + activesupport (5.2.6.3) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) @@ -91,7 +91,7 @@ GEM cldr-plurals-runtime-rb (1.0.1) coercible (1.0.0) descendants_tracker (~> 0.0.1) - concurrent-ruby (1.1.8) + concurrent-ruby (1.1.9) connection_pool (2.2.5) coveralls_reborn (0.18.0) simplecov (>= 0.18.1, < 0.20.0) @@ -143,7 +143,7 @@ GEM i18n (>= 1.6, < 2) faraday (0.17.3) multipart-post (>= 1.2, < 3) - ffi (1.15.4) + ffi (1.15.5) foreman (0.87.0) forgery (0.7.0) friendly_id (5.1.0) @@ -151,8 +151,8 @@ GEM fugit (1.3.1) et-orbi (~> 1.1, >= 1.1.8) raabro (~> 1.1) - globalid (0.4.2) - activesupport (>= 4.2.0) + globalid (1.0.0) + activesupport (>= 5.0) hashdiff (1.0.1) hashery (2.1.2) hashie (4.1.0) @@ -160,13 +160,13 @@ GEM httparty (0.20.0) mime-types (~> 3.0) multi_xml (>= 0.5.2) - i18n (1.8.10) + i18n (1.10.0) concurrent-ruby (~> 1.0) icalendar (2.5.3) ice_cube (~> 0.16) ice_cube (0.16.3) ice_nine (0.11.2) - image_processing (1.12.1) + image_processing (1.12.2) mini_magick (>= 4.9.5, < 5) ruby-vips (>= 2.0.17, < 3) jaro_winkler (1.5.4) @@ -193,12 +193,12 @@ GEM listen (3.0.8) rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) - loofah (2.9.1) + loofah (2.14.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) mini_mime (>= 0.1.1) - marcel (1.0.1) + marcel (1.0.2) message_format (0.0.6) twitter_cldr (~> 5.0) method_source (1.0.0) @@ -209,9 +209,9 @@ GEM nokogiri (~> 1) rake mini_magick (4.10.1) - mini_mime (1.1.0) + mini_mime (1.1.2) mini_portile2 (2.8.0) - minitest (5.14.4) + minitest (5.15.0) minitest-reporters (1.4.2) ansi builder @@ -281,23 +281,23 @@ GEM rack-test (1.1.0) rack (>= 1.0, < 3) railroady (1.5.3) - rails (5.2.6) - actioncable (= 5.2.6) - actionmailer (= 5.2.6) - actionpack (= 5.2.6) - actionview (= 5.2.6) - activejob (= 5.2.6) - activemodel (= 5.2.6) - activerecord (= 5.2.6) - activestorage (= 5.2.6) - activesupport (= 5.2.6) + rails (5.2.6.3) + actioncable (= 5.2.6.3) + actionmailer (= 5.2.6.3) + actionpack (= 5.2.6.3) + actionview (= 5.2.6.3) + activejob (= 5.2.6.3) + activemodel (= 5.2.6.3) + activerecord (= 5.2.6.3) + activestorage (= 5.2.6.3) + activesupport (= 5.2.6.3) bundler (>= 1.3.0) - railties (= 5.2.6) + railties (= 5.2.6.3) sprockets-rails (>= 2.0.0) rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) - rails-html-sanitizer (1.3.0) + rails-html-sanitizer (1.4.2) loofah (~> 2.3) rails-observers (0.1.5) activemodel (>= 4.0) @@ -306,14 +306,14 @@ GEM rails_stdout_logging rails_serve_static_assets (0.0.5) rails_stdout_logging (0.0.5) - railties (5.2.6) - actionpack (= 5.2.6) - activesupport (= 5.2.6) + railties (5.2.6.3) + actionpack (= 5.2.6.3) + activesupport (= 5.2.6.3) method_source rake (>= 0.8.7) thor (>= 0.19.0, < 2.0) rainbow (3.0.0) - rake (13.0.3) + rake (13.0.6) rb-fsevent (0.10.3) rb-inotify (0.10.1) ffi (~> 1.0) @@ -321,7 +321,7 @@ GEM recurrence (1.3.0) activesupport i18n - redis (4.4.0) + redis (4.5.1) repost (0.3.2) responders (2.4.1) actionpack (>= 4.2.0, < 6.0) @@ -337,8 +337,8 @@ GEM unicode-display_width (~> 1.4.0) ruby-progressbar (1.10.1) ruby-rc4 (0.1.5) - ruby-vips (2.0.17) - ffi (~> 1.9) + ruby-vips (2.1.4) + ffi (~> 1.12) rubyXL (3.4.14) nokogiri (>= 1.10.8) rubyzip (>= 1.3.0) @@ -351,7 +351,7 @@ GEM activesupport (>= 4) semantic_range (2.3.0) sha3 (1.0.1) - sidekiq (6.2.1) + sidekiq (6.4.0) connection_pool (>= 2.2.2) rack (~> 2.0) redis (>= 4.2.0) @@ -371,12 +371,12 @@ GEM spring-watcher-listen (2.0.1) listen (>= 2.7, < 4.0) spring (>= 1.2, < 3.0) - sprockets (4.0.2) + sprockets (4.0.3) concurrent-ruby (~> 1.0) rack (> 1, < 3) - sprockets-rails (3.2.2) - actionpack (>= 4.0) - activesupport (>= 4.0) + sprockets-rails (3.4.2) + actionpack (>= 5.2) + activesupport (>= 5.2) sprockets (>= 3.0.0) ssrf_filter (1.0.7) stripe (5.29.0) @@ -422,7 +422,7 @@ GEM rack-proxy (>= 0.6.1) railties (>= 5.2) semantic_range (>= 2.3.0) - websocket-driver (0.7.3) + websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) diff --git a/app/frontend/src/stylesheets/modules/cookies.scss b/app/frontend/src/stylesheets/modules/cookies.scss index 039bf2c60..eb386d59c 100644 --- a/app/frontend/src/stylesheets/modules/cookies.scss +++ b/app/frontend/src/stylesheets/modules/cookies.scss @@ -1,25 +1,28 @@ .cookies-consent { display: flex; position: fixed; - bottom: 3rem; - left: 3rem; - width: 40rem; + right: 0; + bottom: 0; + left: 0; background-color: #f5f5f5; padding: 3rem; flex-direction: column; z-index: 100; - -webkit-box-shadow: 0 4px 10px 2px rgba(224, 224, 224, 0.43); - -moz-box-shadow: 0 4px 10px 2px rgba(224, 224, 224, 0.43); - box-shadow: 0 4px 10px 2px rgba(224, 224, 224, 0.43); + -webkit-box-shadow: 0 4px 10px 2px rgba(0, 0, 0, 0.25); + -moz-box-shadow: 0 4px 10px 2px rgba(0, 0, 0, 0.25); + box-shadow: 0 4px 10px 2px rgba(0, 0, 0, 0.25); .cookies-actions { + flex-wrap: wrap; display: flex; - height: 45px; - + justify-content: space-between; + gap: 1rem; + margin-top: 1rem; + button { - flex-basis: 50%; + @extend .fab-button; + flex: 1; } - button.decline { background-color: transparent; border: 0; @@ -31,4 +34,10 @@ font-size: 17px; } } + + @media (min-width: 480px) { + bottom: 3rem; + left: 3rem; + width: 40rem; + } } diff --git a/app/frontend/templates/projects/index.html b/app/frontend/templates/projects/index.html index d9d88b243..953dd0c34 100644 --- a/app/frontend/templates/projects/index.html +++ b/app/frontend/templates/projects/index.html @@ -42,7 +42,7 @@
- +
diff --git a/config/locales/app.public.en.yml b/config/locales/app.public.en.yml index 22482bae2..b6fc12eab 100644 --- a/config/locales/app.public.en.yml +++ b/config/locales/app.public.en.yml @@ -165,6 +165,7 @@ en: openlab_search_not_available_at_the_moment: "Search over the whole network is not available at the moment. You still can search over the projects of this platform." project_search_result_is_empty: "Sorry, we found no results matching your search criteria." reset_all_filters: "Reset all filters" + keywords: "Keywords" search: "Search" all_projects: "All projects" my_projects: "My projects" diff --git a/config/locales/mails.de.yml b/config/locales/mails.de.yml index 9888ffc2f..b44103d8d 100644 --- a/config/locales/mails.de.yml +++ b/config/locales/mails.de.yml @@ -313,13 +313,13 @@ de: body: remember: "Gemäß dem Zahlungsplan von %{REFERENCE} wurde für %{DATE} eine Belastung der Karte in Höhe von %{AMOUNT} geplant." error: "Leider konnte die Abbuchung über die Karte nicht erfolgreich abgeschlossen werden." - action: "Bitte kontaktieren Sie das Mitglied so bald wie möglich und lösen Sie dann das Problem in der Verwaltung der Zahlungsfristen. Nach etwa 24 Stunden wird das Kartenabonnement storniert." + action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After a certain period of time, the card subscription could be cancelled." notify_member_payment_schedule_failed: subject: "[URGENT] Kartenbelastungsfehler" body: remember: "Gemäß Ihrem Zahlungsplan von %{REFERENCE} wurde für %{DATE} eine Belastung der Karte in Höhe von %{AMOUNT} geplant." error: "Leider konnte die Abbuchung über die Karte nicht erfolgreich abgeschlossen werden." - action_html: "Bitte überprüfen Sie %{DASHBOARD} oder kontaktieren Sie einen Manager innerhalb von 24 Stunden. Andernfalls kann Ihr Abonnement unterbrochen werden." + action_html: "Please check %{DASHBOARD} or contact a manager quickly, otherwise your subscription may be interrupted." your_dashboard: "Ihr Dashboard" notify_admin_payment_schedule_gateway_canceled: subject: "[URGENT] Zahlungsplan vom Zahlungs-Gateway abgebrochen" diff --git a/config/locales/mails.en.yml b/config/locales/mails.en.yml index 149f681d5..92cf1b735 100644 --- a/config/locales/mails.en.yml +++ b/config/locales/mails.en.yml @@ -313,13 +313,13 @@ en: body: remember: "In accordance with the %{REFERENCE} payment schedule, a debit by card of %{AMOUNT} was scheduled on %{DATE}." error: "Unfortunately, this card debit was unable to complete successfully." - action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After about 24 hours, the card subscription will be cancelled." + action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After a certain period of time, the card subscription could be cancelled." notify_member_payment_schedule_failed: subject: "[URGENT] Card debit failure" body: remember: "In accordance with your %{REFERENCE} payment schedule, a debit by card of %{AMOUNT} was scheduled on %{DATE}." error: "Unfortunately, this card debit was unable to complete successfully." - action_html: "Please check %{DASHBOARD} or contact a manager before 24 hours, otherwise your subscription may be interrupted." + action_html: "Please check %{DASHBOARD} or contact a manager quickly, otherwise your subscription may be interrupted." your_dashboard: "your dashboard" notify_admin_payment_schedule_gateway_canceled: subject: "[URGENT] Payment schedule canceled by the payment gateway" diff --git a/config/locales/mails.es.yml b/config/locales/mails.es.yml index f0d05d3f7..f82ec81ac 100644 --- a/config/locales/mails.es.yml +++ b/config/locales/mails.es.yml @@ -313,13 +313,13 @@ es: body: remember: "In accordance with the %{REFERENCE} payment schedule, a debit by card of %{AMOUNT} was scheduled on %{DATE}." error: "Unfortunately, this card debit was unable to complete successfully." - action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After about 24 hours, the card subscription will be cancelled." + action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After a certain period of time, the card subscription could be cancelled." notify_member_payment_schedule_failed: subject: "[URGENT] Card debit failure" body: remember: "In accordance with your %{REFERENCE} payment schedule, a debit by card of %{AMOUNT} was scheduled on %{DATE}." error: "Unfortunately, this card debit was unable to complete successfully." - action_html: "Please check %{DASHBOARD} or contact a manager before 24 hours, otherwise your subscription may be interrupted." + action_html: "Please check %{DASHBOARD} or contact a manager quickly, otherwise your subscription may be interrupted." your_dashboard: "your dashboard" notify_admin_payment_schedule_gateway_canceled: subject: "[URGENT] Payment schedule canceled by the payment gateway" diff --git a/config/locales/mails.fr.yml b/config/locales/mails.fr.yml index 3de801a1d..3611b3d80 100644 --- a/config/locales/mails.fr.yml +++ b/config/locales/mails.fr.yml @@ -313,13 +313,13 @@ fr: body: remember: "Conformément à l'échéancier de paiement %{REFERENCE}, un prélèvement par carte de %{AMOUNT} était prévu le %{DATE}." error: "Malheureusement, ce prélèvement n'a pas pu être effectué correctement." - action: "Veuillez vous mettre en relation avec le membre au plus tôt, puis vous rendre dans l'interface de gestion des échéanciers afin de régler le problème. Au delà d'environ 24 heures, l'abonnement par carte bancaire sera annulé." + action: "Veuillez vous mettre en relation avec le membre au plus tôt, puis vous rendre dans l'interface de gestion des échéanciers afin de régler le problème. Au delà d'un certain délai, l'abonnement par carte bancaire pourrait être annulé." notify_member_payment_schedule_failed: subject: "[URGENT] Échec du prélèvement par carte" body: remember: "Conformément à votre échéancier de paiement %{REFERENCE}, un prélèvement par carte de %{AMOUNT} était prévu le %{DATE}." error: "Malheureusement, ce prélèvement n'a pas pu être effectué correctement." - action_html: "Veuillez vous rendre dans %{DASHBOARD} ou prendre contact avec un gestionnaire sous 24 heures, faute de quoi votre abonnement risque d'être interrompu." + action_html: "Veuillez vous rendre dans %{DASHBOARD} ou prendre contact avec un gestionnaire rapidement, faute de quoi votre abonnement risque d'être interrompu." your_dashboard: "votre tableau de bord" notify_admin_payment_schedule_gateway_canceled: subject: "[URGENT] Échéancier de paiement annulé par la passerelle de paiement" diff --git a/config/locales/mails.no.yml b/config/locales/mails.no.yml index 3685f5538..b02fdc717 100644 --- a/config/locales/mails.no.yml +++ b/config/locales/mails.no.yml @@ -313,13 +313,13 @@ body: remember: "In accordance with the %{REFERENCE} payment schedule, a debit by card of %{AMOUNT} was scheduled on %{DATE}." error: "Unfortunately, this card debit was unable to complete successfully." - action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After about 24 hours, the card subscription will be cancelled." + action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After a certain period of time, the card subscription could be cancelled." notify_member_payment_schedule_failed: subject: "[URGENT] Card debit failure" body: remember: "In accordance with your %{REFERENCE} payment schedule, a debit by card of %{AMOUNT} was scheduled on %{DATE}." error: "Unfortunately, this card debit was unable to complete successfully." - action_html: "Please check %{DASHBOARD} or contact a manager before 24 hours, otherwise your subscription may be interrupted." + action_html: "Please check %{DASHBOARD} or contact a manager quickly, otherwise your subscription may be interrupted." your_dashboard: "your dashboard" notify_admin_payment_schedule_gateway_canceled: subject: "[URGENT] Payment schedule canceled by the payment gateway" diff --git a/config/locales/mails.pt.yml b/config/locales/mails.pt.yml index fcc81dda8..112b236f5 100755 --- a/config/locales/mails.pt.yml +++ b/config/locales/mails.pt.yml @@ -313,13 +313,13 @@ pt: body: remember: "De acordo com o calendário de pagamento de %{REFERENCE}, um débito por cartão de %{AMOUNT} foi agendado em %{DATE}." error: "Infelizmente, não foi possível completar o débito no cartão com sucesso." - action: "Por favor, entre em contato com o membro assim que possível, depois vá à interface de gestão de horários de pagamento para resolver o problema. Após cerca de 24 horas, a assinatura do cartão será cancelada." + action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After a certain period of time, the card subscription could be cancelled." notify_member_payment_schedule_failed: subject: "[URGENT] Falha no débito do cartão" body: remember: "De acordo com a sua agenda de pagamentos %{REFERENCE}, um débito por cartão de %{AMOUNT} foi agendado para %{DATE}." error: "Infelizmente, não foi possível completar o débito no cartão com sucesso." - action_html: "Por favor, verifique %{DASHBOARD} ou entre em contato com um gerente antes de 24 horas, caso contrário sua assinatura pode ser interrompida." + action_html: "Please check %{DASHBOARD} or contact a manager quickly, otherwise your subscription may be interrupted." your_dashboard: "seu dashboard" notify_admin_payment_schedule_gateway_canceled: subject: "[URGENT] Payment schedule canceled by the payment gateway" diff --git a/config/locales/mails.zu.yml b/config/locales/mails.zu.yml index d01b5f847..aebe7a467 100644 --- a/config/locales/mails.zu.yml +++ b/config/locales/mails.zu.yml @@ -313,13 +313,13 @@ zu: body: remember: "crwdns21134:0%{REFERENCE}crwdnd21134:0%{AMOUNT}crwdnd21134:0%{DATE}crwdne21134:0" error: "crwdns21136:0crwdne21136:0" - action: "crwdns21138:0crwdne21138:0" + action: "crwdns22400:0crwdne22400:0" notify_member_payment_schedule_failed: subject: "crwdns21140:0[URGENT]crwdne21140:0" body: remember: "crwdns21142:0%{REFERENCE}crwdnd21142:0%{AMOUNT}crwdnd21142:0%{DATE}crwdne21142:0" error: "crwdns21144:0crwdne21144:0" - action_html: "crwdns21146:0%{DASHBOARD}crwdne21146:0" + action_html: "crwdns22402:0%{DASHBOARD}crwdne22402:0" your_dashboard: "crwdns21148:0crwdne21148:0" notify_admin_payment_schedule_gateway_canceled: subject: "crwdns22389:0[URGENT]crwdne22389:0" diff --git a/db/migrate/20220225143203_drop_table_open_api_calls_count_tracings.rb b/db/migrate/20220225143203_drop_table_open_api_calls_count_tracings.rb index 444074bce..9c73380e6 100644 --- a/db/migrate/20220225143203_drop_table_open_api_calls_count_tracings.rb +++ b/db/migrate/20220225143203_drop_table_open_api_calls_count_tracings.rb @@ -1,3 +1,6 @@ +# frozen_string_literal: true + +# OpenApiCallsCountTracings was an unused table probably from a wrong copy/paste. We removed this dead code. class DropTableOpenAPICallsCountTracings < ActiveRecord::Migration[5.2] def up drop_table :open_api_calls_count_tracings diff --git a/doc/environment.md b/doc/environment.md index 33bdf5030..d1dc87088 100644 --- a/doc/environment.md +++ b/doc/environment.md @@ -278,13 +278,16 @@ Set this variable to `https://openprojects.fab-manager.com` if you want to use t Typically, `DEFAULT_PROTOCOL` will be `https` (`http` if you are in development, or if you set `ALLOW_INSECURE_HTTP`). The variable `DEFAULT_HOST` should be your domain name (eg. fabmanager.example.com), and is also used for visits statistics (configuration of Google Analytics). These two variables are also used for SSO authentication. - - OPENLAB_SSL_VERIFY, OPENLAB_SSL_VERIFY_PEER + OPENLAB_SSL_VERIFY -Set this variable to `false` if you want to disable verify ssl certs. +Set this variable to `false` if you do not want to verify the OpenLab's server's certificate against the CA certificate. + + OPENLAB_SSL_VERIFY_PEER + +Set this variable to `false` if you want to turn off the OpenLab's server's verification but still send client certificate. ## Other settings diff --git a/yarn.lock b/yarn.lock index 047f00494..52a761b1f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -8832,9 +8832,9 @@ urix@^0.1.0: integrity sha1-2pN/emLiH+wf0Y1Js1wpNQZ6bHI= url-parse@^1.4.3, url-parse@^1.5.1: - version "1.5.3" - resolved "https://registry.yarnpkg.com/url-parse/-/url-parse-1.5.3.tgz#71c1303d38fb6639ade183c2992c8cc0686df862" - integrity sha512-IIORyIQD9rvj0A4CLWsHkBBJuNqWpFQe224b6j9t/ABmquIS0qDU2pY6kl6AuOrL5OkCXHMCFNe1jBcuAggjvQ== + version "1.5.10" + resolved "https://registry.yarnpkg.com/url-parse/-/url-parse-1.5.10.tgz#9d3c2f736c1d75dd3bd2be507dcc111f1e2ea9c1" + integrity sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ== dependencies: querystringify "^2.1.1" requires-port "^1.0.0"