From 6820e8741df7b787c5ff1bfb80ec956d6260ea7a Mon Sep 17 00:00:00 2001
From: Brian Gough <briangough@users.noreply.github.com>
Date: Fri, 21 Oct 2022 14:15:07 +0100
Subject: [PATCH] Merge pull request #10108 from overleaf/bg-upgrade-minimist

security upgrade for minimist

GitOrigin-RevId: 57c66b8db9f3bb0b1551c5953c29cbbe2fa9e919
---
 package-lock.json         | 42 ++++++++++++++++++++++-----------------
 services/web/package.json |  2 +-
 2 files changed, 25 insertions(+), 19 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 0dffa647c9..0736f0c3e3 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -31775,7 +31775,7 @@
         "joi": "^17.2.1",
         "json2csv": "^4.5.4",
         "lodash": "^4.17.21",
-        "minimist": "^1.2.6",
+        "minimist": "^1.2.7",
         "mixpanel": "^0.13.0",
         "moment": "^2.29.4",
         "mongodb": "^3.6.6",
@@ -31806,9 +31806,12 @@
       }
     },
     "services/analytics/node_modules/minimist": {
-      "version": "1.2.6",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz",
-      "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q=="
+      "version": "1.2.7",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.7.tgz",
+      "integrity": "sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g==",
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
     },
     "services/analytics/node_modules/p-limit": {
       "version": "2.3.0",
@@ -34844,7 +34847,7 @@
         "match-sorter": "^6.2.0",
         "mathjax": "^2.7.9",
         "method-override": "^2.3.3",
-        "minimist": "1.2.5",
+        "minimist": "^1.2.7",
         "mmmagic": "^0.5.3",
         "moment": "^2.29.4",
         "mongodb": "~3.6.0",
@@ -36029,9 +36032,12 @@
       }
     },
     "services/web/node_modules/minimist": {
-      "version": "1.2.5",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
-      "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw=="
+      "version": "1.2.7",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.7.tgz",
+      "integrity": "sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g==",
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
     },
     "services/web/node_modules/mongodb": {
       "version": "3.6.12",
@@ -39715,7 +39721,7 @@
         "json2csv": "^4.5.4",
         "lodash": "^4.17.21",
         "lolex": "^6.0.0",
-        "minimist": "^1.2.6",
+        "minimist": "1.2.7",
         "mixpanel": "^0.13.0",
         "mocha": "^8.4.0",
         "moment": "^2.29.4",
@@ -39738,9 +39744,9 @@
       },
       "dependencies": {
         "minimist": {
-          "version": "1.2.6",
-          "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz",
-          "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q=="
+          "version": "1.2.7",
+          "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.7.tgz",
+          "integrity": "sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g=="
         },
         "p-limit": {
           "version": "2.3.0",
@@ -40634,7 +40640,7 @@
       "version": "file:services/idp",
       "requires": {
         "express": "^4.17.1",
-        "samlp": "7.0.2"
+        "samlp": "^7.0.2"
       }
     },
     "@overleaf/k8s-debugger": {
@@ -42549,7 +42555,7 @@
         "mensch": "^0.3.4",
         "method-override": "^2.3.3",
         "mini-css-extract-plugin": "^2.6.0",
-        "minimist": "1.2.5",
+        "minimist": "^1.2.7",
         "mmmagic": "^0.5.3",
         "mocha": "^8.4.0",
         "mock-fs": "^5.1.2",
@@ -42602,7 +42608,7 @@
         "requirejs": "^2.3.6",
         "rimraf": "2.2.6",
         "rolling-rate-limiter": "^0.2.10",
-        "samlp": "7.0.2",
+        "samlp": "^7.0.2",
         "sandboxed-module": "https://github.com/overleaf/node-sandboxed-module/archive/cafa2d60f17ce75cc023e6f296eb8de79d92d35d.tar.gz",
         "sanitize-html": "^1.27.1",
         "scroll-into-view-if-needed": "^2.2.25",
@@ -43393,9 +43399,9 @@
           }
         },
         "minimist": {
-          "version": "1.2.5",
-          "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
-          "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw=="
+          "version": "1.2.7",
+          "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.7.tgz",
+          "integrity": "sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g=="
         },
         "mongodb": {
           "version": "3.6.12",
diff --git a/services/web/package.json b/services/web/package.json
index b5dc7fdc13..5405a4fca5 100644
--- a/services/web/package.json
+++ b/services/web/package.json
@@ -162,7 +162,7 @@
     "match-sorter": "^6.2.0",
     "mathjax": "^2.7.9",
     "method-override": "^2.3.3",
-    "minimist": "1.2.5",
+    "minimist": "^1.2.7",
     "mmmagic": "^0.5.3",
     "moment": "^2.29.4",
     "mongodb": "~3.6.0",