From 34140a6a02876b02acab8e8d115c14ecbecf391f Mon Sep 17 00:00:00 2001
From: echo5-ci <33072162+echo5-ci@users.noreply.github.com>
Date: Mon, 24 Jul 2023 07:39:20 -0500
Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities (#96)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-PROTOBUFJS-5756498

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
---
 package.json |   2 +-
 yarn.lock    | 102 ++++++++++++++++++++++++---------------------------
 2 files changed, 49 insertions(+), 55 deletions(-)

diff --git a/package.json b/package.json
index c1dcc8f..9287b07 100644
--- a/package.json
+++ b/package.json
@@ -10,7 +10,7 @@
     "@mui/icons-material": "^5.11.16",
     "@mui/material": "^5.13.4",
     "@vertexvis/api-client-node": "^0.21.0",
-    "@vertexvis/viewer-react": "^0.17.3",
+    "@vertexvis/viewer-react": "^0.17.4",
     "next": "^12.3.4",
     "react": "^18.2.0",
     "react-dom": "^18.2.0",
diff --git a/yarn.lock b/yarn.lock
index 7f1ee31..3f0b9b3 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -742,11 +742,6 @@
   resolved "https://registry.yarnpkg.com/@types/json5/-/json5-0.0.29.tgz#ee28707ae94e11d2b827bcbe5270bcea7f3e71ee"
   integrity sha1-7ihweulOEdK4J7y+UnC86n8+ce4=
 
-"@types/long@^4.0.1":
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/@types/long/-/long-4.0.1.tgz#459c65fa1867dafe6a8f322c4c51695663cc55e9"
-  integrity sha512-5tXH6Bx/kNGd3MgffdmP4dy2Z+G4eaXw0SE81Tq3BNadtnMR5/ySMzX4SLEzHJzSmPNn4HIdpQsBvXMUykr58w==
-
 "@types/node@>=13.7.0":
   version "16.11.12"
   resolved "https://registry.yarnpkg.com/@types/node/-/node-16.11.12.tgz#ac7fb693ac587ee182c3780c26eb65546a1a3c10"
@@ -909,71 +904,71 @@
     axios "^0.27.2"
     p-limit "^3"
 
-"@vertexvis/frame-streaming-protos@^0.10.2":
+"@vertexvis/frame-streaming-protos@^0.10.4":
   version "0.10.4"
   resolved "https://registry.yarnpkg.com/@vertexvis/frame-streaming-protos/-/frame-streaming-protos-0.10.4.tgz#e5957305ce49ec02b79b62dad7321998b6be38c7"
   integrity sha512-GGcA06hcdT9I4UFYqiOW6O2hXXh2tL7qpPHFx5hp5IFmNPgMfBgo/ELnYUnz2gIHQu3xaBGOxLC+4NCyPoIaxg==
 
-"@vertexvis/geometry@0.17.3":
-  version "0.17.3"
-  resolved "https://registry.yarnpkg.com/@vertexvis/geometry/-/geometry-0.17.3.tgz#abd01cf6b16e0e9fbb61ab984de90f60adcfbf07"
-  integrity sha512-prgGHhI6x85+1o4WkpEEJzQ/jCptRivzogglz5SWHx83V/dGHCBpS/yCVNHQsFg8f86wfdkNbF88VjKtkxXTVw==
+"@vertexvis/geometry@0.17.4":
+  version "0.17.4"
+  resolved "https://registry.yarnpkg.com/@vertexvis/geometry/-/geometry-0.17.4.tgz#d62ac4ff17646e7a13360f8183d829231880f8b4"
+  integrity sha512-k+hREX3bXeYHZMa1yjWq26MZaK+tbMc4cDC9DLgaNMtHG63TFWOeP0SRKXM7/+H0FloM2niDTALDjfvHbLQIsA==
 
-"@vertexvis/html-templates@0.17.3":
-  version "0.17.3"
-  resolved "https://registry.yarnpkg.com/@vertexvis/html-templates/-/html-templates-0.17.3.tgz#c40fd08d8ba44f6d19224322da53bf8a9261a4e6"
-  integrity sha512-aGTDMwsTP/Sx7AVfhxCeaYbIXYxxc64DZFNZSw2a/FyYFZw0/PrBZTg1pg0SRVkGH2MGdHdpQ8mUYI5PtXtuJw==
+"@vertexvis/html-templates@0.17.4":
+  version "0.17.4"
+  resolved "https://registry.yarnpkg.com/@vertexvis/html-templates/-/html-templates-0.17.4.tgz#97415698775d274308c3c33ee6efcb06933640f9"
+  integrity sha512-kmp/mpgBS4rpR9suZy80IlO8/C8udzx4yKzzNIHMkkvge7vzk83xtBHKLc0tOtmxSeTp7R9BudHJAc5lEL6miQ==
   dependencies:
-    "@vertexvis/utils" "0.17.3"
+    "@vertexvis/utils" "0.17.4"
 
-"@vertexvis/scene-tree-protos@^0.1.15":
-  version "0.1.16"
-  resolved "https://registry.yarnpkg.com/@vertexvis/scene-tree-protos/-/scene-tree-protos-0.1.16.tgz#d1dcefbe503efac98d49cbf2f452af185242b534"
-  integrity sha512-wgdn+unrh87M8+U2rLlODjzeiGG7MlWRlOAt7S+fJz0ZXyC3HlB42ZgxGKl2nhb69a+z5K1s+LArc8vFQn1hsA==
+"@vertexvis/scene-tree-protos@^0.1.18":
+  version "0.1.18"
+  resolved "https://registry.yarnpkg.com/@vertexvis/scene-tree-protos/-/scene-tree-protos-0.1.18.tgz#b3d9f984040d6ef6bd74b77244c56f59ad71244b"
+  integrity sha512-Y/KKpgctXupXlJntLmbhvs+dHytDYSTRqnuewuqwFRlnZhri9HhLgbtC/Zw7pqAeE0sYNOfT2wK5cAIUKVXNBQ==
 
 "@vertexvis/scene-view-protos@^0.1.8":
   version "0.1.8"
   resolved "https://registry.yarnpkg.com/@vertexvis/scene-view-protos/-/scene-view-protos-0.1.8.tgz#eb676022c3323b8bbb1198a27cc7ad6849d1ac28"
   integrity sha512-R3HOVRYWTthiwxrndrbSlvqfmqobSvTsmMvohjihqv9toXWAdjRw/uFcL6ei2zQAq18NPenKqxU3hI1sa0MrjQ==
 
-"@vertexvis/stream-api@0.17.3":
-  version "0.17.3"
-  resolved "https://registry.yarnpkg.com/@vertexvis/stream-api/-/stream-api-0.17.3.tgz#1a13b061c32648de9f49282e9e59d4cd4cc5dd2d"
-  integrity sha512-TDKHITD5sS75UrtlzHS+lb0B2q8oKsxzMwen6aGWKQD0z5FNmGbjhcNUXi90sfiLCPD7bjou2SooDIhg/YNysg==
+"@vertexvis/stream-api@0.17.4":
+  version "0.17.4"
+  resolved "https://registry.yarnpkg.com/@vertexvis/stream-api/-/stream-api-0.17.4.tgz#4efa9518434f9983f721b40dd1fedbccdc5a6e4d"
+  integrity sha512-pF3HPxCiOIjw7orJR2J9NF5c+H3YrwIH0Yx0J1Bz1vyJL7pi9VP2R72WiSlvnlMdxMnzrI/k3Qk+b1mKRaQ6NA==
   dependencies:
-    "@vertexvis/frame-streaming-protos" "^0.10.2"
+    "@vertexvis/frame-streaming-protos" "^0.10.4"
 
-"@vertexvis/utils@0.17.3":
-  version "0.17.3"
-  resolved "https://registry.yarnpkg.com/@vertexvis/utils/-/utils-0.17.3.tgz#3a8d2255f596fe14ba1691f85a67f879ba9d219c"
-  integrity sha512-FryW7vAP4GghGaMSq/eabL6wBhF7s2SnHsenCluiLMw/7ca7gBuA40xqMTWdHdx2Gbh8gj5N5CpEH+jN4lOnKA==
+"@vertexvis/utils@0.17.4":
+  version "0.17.4"
+  resolved "https://registry.yarnpkg.com/@vertexvis/utils/-/utils-0.17.4.tgz#d8d942958856585ad669412c4e611199599ab2fc"
+  integrity sha512-KPRK6XYVKN/3xLJwpVkfKZtlUXeTlHYr6pO+QTbwtDg3gBJGfeQ1XThzYFCRGOj1vWu0lUIrvWYtrXDvLvLfTQ==
   dependencies:
     is-plain-object "^3.0.0"
     lodash.isequal "^4.5.0"
     uuid "^8.3.2"
 
-"@vertexvis/viewer-react@^0.17.3":
-  version "0.17.3"
-  resolved "https://registry.yarnpkg.com/@vertexvis/viewer-react/-/viewer-react-0.17.3.tgz#056d30f7cd04e1dc6aaa71ae68f896398fb7b894"
-  integrity sha512-eNoRX026dXBq+wKVHd24K206360UMYtfst8HlkXTn5kjQAeiQ0Gt1Blk4HnkGhR41WLr23U481qppzww202HKg==
+"@vertexvis/viewer-react@^0.17.4":
+  version "0.17.4"
+  resolved "https://registry.yarnpkg.com/@vertexvis/viewer-react/-/viewer-react-0.17.4.tgz#d5be931738ebff7d248acc4bf3e945feaae42d45"
+  integrity sha512-W2g39094Rhr8mOXOSSMTTehRsZtYi2zVEQx27YFJaJVv56vnkHmIRM0SxSWy992hFRSumOWsAdoOJn3XhNAHvQ==
   dependencies:
-    "@vertexvis/viewer" "0.17.3"
+    "@vertexvis/viewer" "0.17.4"
 
-"@vertexvis/viewer@0.17.3":
-  version "0.17.3"
-  resolved "https://registry.yarnpkg.com/@vertexvis/viewer/-/viewer-0.17.3.tgz#c489ec8efcbac8b1bf1f43de0e1ff6e4b7cc7975"
-  integrity sha512-6TBoshF3E5eKn/eWzAFQm1BipiQKJnSlXm2CudFLL2WMe3joOn07tteNc2J1se7ap8Hsnfk65UVz8kuRuMT7qg==
+"@vertexvis/viewer@0.17.4":
+  version "0.17.4"
+  resolved "https://registry.yarnpkg.com/@vertexvis/viewer/-/viewer-0.17.4.tgz#0f5563d94ba3b2a43edd235c2250ff9444260e19"
+  integrity sha512-htoHkHwEcxgxQT15v9N0YvLeJXiHZ5Jkfj+8t9ZCO/B6AHGsuv4xupAS0Xmd/4wehc4jZ2H2QZganYOZ+JNkZA==
   dependencies:
     "@improbable-eng/grpc-web" "^0.15.0"
     "@stencil/core" "^2.16.1"
     "@types/classnames" "^2.3.1"
-    "@vertexvis/frame-streaming-protos" "^0.10.2"
-    "@vertexvis/geometry" "0.17.3"
-    "@vertexvis/html-templates" "0.17.3"
-    "@vertexvis/scene-tree-protos" "^0.1.15"
+    "@vertexvis/frame-streaming-protos" "^0.10.4"
+    "@vertexvis/geometry" "0.17.4"
+    "@vertexvis/html-templates" "0.17.4"
+    "@vertexvis/scene-tree-protos" "^0.1.18"
     "@vertexvis/scene-view-protos" "^0.1.8"
-    "@vertexvis/stream-api" "0.17.3"
-    "@vertexvis/utils" "0.17.3"
+    "@vertexvis/stream-api" "0.17.4"
+    "@vertexvis/utils" "0.17.4"
     "@vertexvis/web-workers" "^0.1.0"
     camel-case "^4.1.2"
     classnames "^2.3.1"
@@ -982,7 +977,7 @@
     google-protobuf "3.19.4"
     jwt-decode "^3.1.2"
     param-case "^3.0.4"
-    protobufjs "^6.11.3"
+    protobufjs "^7.2.4"
     regl "^2.1.0"
     regl-shape "^1.1.0"
     requestidlecallback-polyfill "^1.0.2"
@@ -2415,10 +2410,10 @@ lodash.merge@^4.6.2:
   resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.2.tgz#558aa53b43b661e1925a0afdfa36a9a1085fe57a"
   integrity sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==
 
-long@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/long/-/long-4.0.0.tgz#9a7b71cfb7d361a194ea555241c92f7468d5bf28"
-  integrity sha512-XsP+KhQif4bjX1kbuSiySJFNAehNxgLb6hPRGJ9QsUr8ajHkuXGdrHmFUTUUXhDwVX2R5bY4JNZEwbUiMhV+MA==
+long@^5.0.0:
+  version "5.2.3"
+  resolved "https://registry.yarnpkg.com/long/-/long-5.2.3.tgz#a3ba97f3877cf1d778eccbcb048525ebb77499e1"
+  integrity sha512-lcHwpNoggQTObv5apGNCTdJrO69eHOZMi4BNC+rTLER8iHAqGrUVeLh/irVIM7zTw2bOXA8T6uNPeujwOLg/2Q==
 
 loose-envify@^1.1.0, loose-envify@^1.4.0:
   version "1.4.0"
@@ -2797,10 +2792,10 @@ prop-types@^15.8.1:
     object-assign "^4.1.1"
     react-is "^16.13.1"
 
-protobufjs@^6.11.3:
-  version "6.11.3"
-  resolved "https://registry.yarnpkg.com/protobufjs/-/protobufjs-6.11.3.tgz#637a527205a35caa4f3e2a9a4a13ddffe0e7af74"
-  integrity sha512-xL96WDdCZYdU7Slin569tFX712BxsxslWwAfAhCYjQKGTq7dAU91Lomy6nLLhh/dyGhk/YH4TwTSRxTzhuHyZg==
+protobufjs@^7.2.4:
+  version "7.2.4"
+  resolved "https://registry.yarnpkg.com/protobufjs/-/protobufjs-7.2.4.tgz#3fc1ec0cdc89dd91aef9ba6037ba07408485c3ae"
+  integrity sha512-AT+RJgD2sH8phPmCf7OUZR8xGdcJRga4+1cOaXJ64hvcSkVhNcRHOwIxUatPH15+nj59WAGTDv3LSGZPEQbJaQ==
   dependencies:
     "@protobufjs/aspromise" "^1.1.2"
     "@protobufjs/base64" "^1.1.2"
@@ -2812,9 +2807,8 @@ protobufjs@^6.11.3:
     "@protobufjs/path" "^1.1.2"
     "@protobufjs/pool" "^1.1.0"
     "@protobufjs/utf8" "^1.1.0"
-    "@types/long" "^4.0.1"
     "@types/node" ">=13.7.0"
-    long "^4.0.0"
+    long "^5.0.0"
 
 punycode@^2.1.0:
   version "2.1.1"