From da5b73c18bd2f6f760e836e3f9501290947c7a8e Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 5 Jan 2024 18:47:19 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AXIOS-6144788
---
 package-lock.json | 130 +++++++++++++++++++++++++++++++++-------------
 package.json      |   2 +-
 2 files changed, 96 insertions(+), 36 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 4cdd9b2a..2e9e7fdb 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -256,6 +256,22 @@
 					"resolved": "https://registry.npmjs.org/@types/node/-/node-14.14.7.tgz",
 					"integrity": "sha512-Zw1vhUSQZYw+7u5dAwNbIA9TuTotpzY/OF7sJM9FqPOF3SPjKnxrjoTktXDZgUjybf4cWVBP7O8wvKdSaGHweg=="
 				},
+				"axios": {
+					"version": "0.19.2",
+					"resolved": "https://registry.npmjs.org/axios/-/axios-0.19.2.tgz",
+					"integrity": "sha512-fjgm5MvRHLhx+osE2xoekY70AhARk3a6hkN+3Io1jc00jtquGvxYlKlsFUhmUET0V5te6CcZI7lcv2Ym61mjHA==",
+					"requires": {
+						"follow-redirects": "1.5.10"
+					}
+				},
+				"follow-redirects": {
+					"version": "1.5.10",
+					"resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.10.tgz",
+					"integrity": "sha512-0V5l4Cizzvqt5D44aTXbFZz+FtyXV1vrDN6qrelxtfYQKW0KO0W2T/hkE8xvGa/540LkZlkaUjO4ailYTFtHVQ==",
+					"requires": {
+						"debug": "=3.1.0"
+					}
+				},
 				"p-queue": {
 					"version": "6.6.2",
 					"resolved": "https://registry.npmjs.org/p-queue/-/p-queue-6.6.2.tgz",
@@ -288,6 +304,22 @@
 					"version": "14.14.7",
 					"resolved": "https://registry.npmjs.org/@types/node/-/node-14.14.7.tgz",
 					"integrity": "sha512-Zw1vhUSQZYw+7u5dAwNbIA9TuTotpzY/OF7sJM9FqPOF3SPjKnxrjoTktXDZgUjybf4cWVBP7O8wvKdSaGHweg=="
+				},
+				"axios": {
+					"version": "0.19.2",
+					"resolved": "https://registry.npmjs.org/axios/-/axios-0.19.2.tgz",
+					"integrity": "sha512-fjgm5MvRHLhx+osE2xoekY70AhARk3a6hkN+3Io1jc00jtquGvxYlKlsFUhmUET0V5te6CcZI7lcv2Ym61mjHA==",
+					"requires": {
+						"follow-redirects": "1.5.10"
+					}
+				},
+				"follow-redirects": {
+					"version": "1.5.10",
+					"resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.10.tgz",
+					"integrity": "sha512-0V5l4Cizzvqt5D44aTXbFZz+FtyXV1vrDN6qrelxtfYQKW0KO0W2T/hkE8xvGa/540LkZlkaUjO4ailYTFtHVQ==",
+					"requires": {
+						"debug": "=3.1.0"
+					}
 				}
 			}
 		},
@@ -1656,12 +1688,25 @@
 			"integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA=="
 		},
 		"axios": {
-			"version": "0.19.0",
-			"resolved": "https://registry.npmjs.org/axios/-/axios-0.19.0.tgz",
-			"integrity": "sha512-1uvKqKQta3KBxIz14F2v06AEHZ/dIoeKfbTRkK1E5oqjDnuEerLmYTgJB5AiQZHJcljpg1TuRzdjDR06qNk0DQ==",
+			"version": "1.6.4",
+			"resolved": "https://registry.npmjs.org/axios/-/axios-1.6.4.tgz",
+			"integrity": "sha512-heJnIs6N4aa1eSthhN9M5ioILu8Wi8vmQW9iHQ9NUvfkJb0lEEDUiIdQNAuBtfUt3FxReaKdpQA5DbmMOqzF/A==",
 			"requires": {
-				"follow-redirects": "1.5.10",
-				"is-buffer": "^2.0.2"
+				"follow-redirects": "^1.15.4",
+				"form-data": "^4.0.0",
+				"proxy-from-env": "^1.1.0"
+			},
+			"dependencies": {
+				"form-data": {
+					"version": "4.0.0",
+					"resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz",
+					"integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==",
+					"requires": {
+						"asynckit": "^0.4.0",
+						"combined-stream": "^1.0.8",
+						"mime-types": "^2.1.12"
+					}
+				}
 			}
 		},
 		"babel-code-frame": {
@@ -4867,12 +4912,9 @@
 			"integrity": "sha512-GRnmB5gPyJpAhTQdSZTSp9uaPSvl09KoYcMQtsB9rQoOmzs9dH6ffeccH+Z+cv6P68Hu5bC6JjRh4Ah/mHSNRw=="
 		},
 		"follow-redirects": {
-			"version": "1.5.10",
-			"resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.10.tgz",
-			"integrity": "sha512-0V5l4Cizzvqt5D44aTXbFZz+FtyXV1vrDN6qrelxtfYQKW0KO0W2T/hkE8xvGa/540LkZlkaUjO4ailYTFtHVQ==",
-			"requires": {
-				"debug": "=3.1.0"
-			}
+			"version": "1.15.4",
+			"resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.4.tgz",
+			"integrity": "sha512-Cr4D/5wlrb0z9dgERpUL3LrmPKVDsETIJhaCMeDfuFYcqa5bldGV6wBsAN6X/vxlXQtFBMrXdXxdL8CbDTGniw=="
 		},
 		"for-in": {
 			"version": "1.0.2",
@@ -5227,8 +5269,8 @@
 			"integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA=="
 		},
 		"gltf-pipeline": {
-			"version": "github:freezy/gltf-pipeline#8e7c1450d08374755b3abaf0eb0e3ae9a118c8f2",
-			"from": "github:freezy/gltf-pipeline#hotfix/dedupe",
+			"version": "git+ssh://git@github.com/freezy/gltf-pipeline.git#8e7c1450d08374755b3abaf0eb0e3ae9a118c8f2",
+			"from": "gltf-pipeline@github:freezy/gltf-pipeline#hotfix/dedupe",
 			"requires": {
 				"bluebird": "^3.5.3",
 				"cesium": "^1.54.0",
@@ -6072,6 +6114,11 @@
 			"resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
 			"integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g=="
 		},
+		"is_js": {
+			"version": "0.9.0",
+			"resolved": "https://registry.npmjs.org/is_js/-/is_js-0.9.0.tgz",
+			"integrity": "sha1-CrlFQFArp6+iTIVqqYVWFmnpxS0="
+		},
 		"is-accessor-descriptor": {
 			"version": "0.1.6",
 			"resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-0.1.6.tgz",
@@ -6403,11 +6450,6 @@
 			"resolved": "https://registry.npmjs.org/is-yarn-global/-/is-yarn-global-0.3.0.tgz",
 			"integrity": "sha512-VjSeb/lHmkoyd8ryPVIKvOCn4D1koMqY+vqyjjUfc3xyKtP4dYOxM44sZrnqQSzSds3xyOrUTLTC9LVCVgLngw=="
 		},
-		"is_js": {
-			"version": "0.9.0",
-			"resolved": "https://registry.npmjs.org/is_js/-/is_js-0.9.0.tgz",
-			"integrity": "sha1-CrlFQFArp6+iTIVqqYVWFmnpxS0="
-		},
 		"isarray": {
 			"version": "1.0.0",
 			"resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
@@ -11094,6 +11136,15 @@
 				"tough-cookie": "^2.3.3"
 			}
 		},
+		"require_optional": {
+			"version": "1.0.1",
+			"resolved": "https://registry.npmjs.org/require_optional/-/require_optional-1.0.1.tgz",
+			"integrity": "sha512-qhM/y57enGWHAe3v/NcwML6a3/vfESLe/sGM2dII+gEO0BpKRUkWZow/tyloNqJyN6kXSl3RyyM8Ll5D/sJP8g==",
+			"requires": {
+				"resolve-from": "^2.0.0",
+				"semver": "^5.1.0"
+			}
+		},
 		"require-ancestors": {
 			"version": "1.0.0",
 			"resolved": "https://registry.npmjs.org/require-ancestors/-/require-ancestors-1.0.0.tgz",
@@ -11150,15 +11201,6 @@
 				}
 			}
 		},
-		"require_optional": {
-			"version": "1.0.1",
-			"resolved": "https://registry.npmjs.org/require_optional/-/require_optional-1.0.1.tgz",
-			"integrity": "sha512-qhM/y57enGWHAe3v/NcwML6a3/vfESLe/sGM2dII+gEO0BpKRUkWZow/tyloNqJyN6kXSl3RyyM8Ll5D/sJP8g==",
-			"requires": {
-				"resolve-from": "^2.0.0",
-				"semver": "^5.1.0"
-			}
-		},
 		"resolve": {
 			"version": "1.19.0",
 			"resolved": "https://registry.npmjs.org/resolve/-/resolve-1.19.0.tgz",
@@ -13131,6 +13173,24 @@
 			"integrity": "sha512-jgw5Cojkq6UfHEqtDUt0QGuyFxIkuOceiVbtwA/NwZNqZzuuLZM4R6aO76Do3mCrPFHj7ocUOx6gMc2r1Kl14A==",
 			"requires": {
 				"axios": "^0.19.0"
+			},
+			"dependencies": {
+				"axios": {
+					"version": "0.19.2",
+					"resolved": "https://registry.npmjs.org/axios/-/axios-0.19.2.tgz",
+					"integrity": "sha512-fjgm5MvRHLhx+osE2xoekY70AhARk3a6hkN+3Io1jc00jtquGvxYlKlsFUhmUET0V5te6CcZI7lcv2Ym61mjHA==",
+					"requires": {
+						"follow-redirects": "1.5.10"
+					}
+				},
+				"follow-redirects": {
+					"version": "1.5.10",
+					"resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.10.tgz",
+					"integrity": "sha512-0V5l4Cizzvqt5D44aTXbFZz+FtyXV1vrDN6qrelxtfYQKW0KO0W2T/hkE8xvGa/540LkZlkaUjO4ailYTFtHVQ==",
+					"requires": {
+						"debug": "=3.1.0"
+					}
+				}
 			}
 		},
 		"squeak": {
@@ -13352,6 +13412,14 @@
 			"resolved": "https://registry.npmjs.org/strict-uri-encode/-/strict-uri-encode-1.1.0.tgz",
 			"integrity": "sha1-J5siXfHVgrH1TmWt3UNS4Y+qBxM="
 		},
+		"string_decoder": {
+			"version": "1.0.3",
+			"resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz",
+			"integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==",
+			"requires": {
+				"safe-buffer": "~5.1.0"
+			}
+		},
 		"string-width": {
 			"version": "3.1.0",
 			"resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz",
@@ -13432,14 +13500,6 @@
 				}
 			}
 		},
-		"string_decoder": {
-			"version": "1.0.3",
-			"resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz",
-			"integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==",
-			"requires": {
-				"safe-buffer": "~5.1.0"
-			}
-		},
 		"strip-ansi": {
 			"version": "5.2.0",
 			"resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz",
diff --git a/package.json b/package.json
index 743b1c1b..774f30c9 100644
--- a/package.json
+++ b/package.json
@@ -51,7 +51,7 @@
 		"acl": "0.4.11",
 		"adm-zip": "0.4.16",
 		"archiver": "3.1.1",
-		"axios": "0.19.0",
+		"axios": "1.6.4",
 		"base64-stream": "1.0.0",
 		"bluebird": "3.7.2",
 		"buffer-indexof": "1.1.1",