From d5cd59fd25f210e953d93bfbbc98b97e5c8e09fe Mon Sep 17 00:00:00 2001 From: Sander Declerck Date: Wed, 17 Sep 2025 14:14:04 +0200 Subject: [PATCH] Use strict dependency versions --- package-lock.json | 17 +++++++---------- packages/safe-chain/package.json | 12 ++++++------ test/e2e/package-lock.json | 32 -------------------------------- 3 files changed, 13 insertions(+), 48 deletions(-) delete mode 100644 test/e2e/package-lock.json diff --git a/package-lock.json b/package-lock.json index 4993cc4..4840448 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4875,12 +4875,12 @@ "version": "1.0.0", "license": "AGPL-3.0-or-later", "dependencies": { - "abbrev": "^3.0.1", - "chalk": "^5.4.1", - "make-fetch-happen": "^14.0.3", - "npm-registry-fetch": "^18.0.2", - "ora": "^8.2.0", - "semver": "^7.7.2" + "abbrev": "3.0.1", + "chalk": "5.4.1", + "make-fetch-happen": "14.0.3", + "npm-registry-fetch": "18.0.2", + "ora": "8.2.0", + "semver": "7.7.2" }, "bin": { "aikido-npm": "bin/aikido-npm.js", @@ -4896,8 +4896,7 @@ "version": "1.0.0", "license": "AGPL-3.0-or-later", "dependencies": { - "@aikidosec/safe-chain": "file:../safe-chain", - "make-fetch-happen": "^14.0.3" + "@aikidosec/safe-chain": "file:../safe-chain" }, "peerDependencies": { "bun": ">=1.2.21" @@ -4908,8 +4907,6 @@ "version": "1.0.0", "license": "AGPL-3.0-or-later", "dependencies": { - "@aikidosec/safe-chain": "file:../../packages/safe-chain", - "make-fetch-happen": "^14.0.3", "node-pty": "^1.0.0" } } diff --git a/packages/safe-chain/package.json b/packages/safe-chain/package.json index 9f0a37a..32228e7 100644 --- a/packages/safe-chain/package.json +++ b/packages/safe-chain/package.json @@ -28,12 +28,12 @@ "license": "AGPL-3.0-or-later", "description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), and [pnpx](https://pnpm.io/cli/dlx) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, or pnpx from downloading or running the malware.", "dependencies": { - "abbrev": "^3.0.1", - "chalk": "^5.4.1", - "make-fetch-happen": "^14.0.3", - "npm-registry-fetch": "^18.0.2", - "ora": "^8.2.0", - "semver": "^7.7.2" + "abbrev": "3.0.1", + "chalk": "5.4.1", + "make-fetch-happen": "14.0.3", + "npm-registry-fetch": "18.0.2", + "ora": "8.2.0", + "semver": "7.7.2" }, "main": "src/main.js", "bugs": { diff --git a/test/e2e/package-lock.json b/test/e2e/package-lock.json deleted file mode 100644 index 55aabb7..0000000 --- a/test/e2e/package-lock.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "name": "@aikidosec/safe-chain-e2e-tests", - "version": "1.0.0", - "lockfileVersion": 3, - "requires": true, - "packages": { - "": { - "name": "@aikidosec/safe-chain-e2e-tests", - "version": "1.0.0", - "license": "AGPL-3.0-or-later", - "dependencies": { - "node-pty": "^1.0.0" - } - }, - "node_modules/nan": { - "version": "2.23.0", - "resolved": "https://registry.npmjs.org/nan/-/nan-2.23.0.tgz", - "integrity": "sha512-1UxuyYGdoQHcGg87Lkqm3FzefucTa0NAiOcuRsDmysep3c1LVCRK2krrUDafMWtjSG04htvAmvg96+SDknOmgQ==", - "license": "MIT" - }, - "node_modules/node-pty": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/node-pty/-/node-pty-1.0.0.tgz", - "integrity": "sha512-wtBMWWS7dFZm/VgqElrTvtfMq4GzJ6+edFI0Y0zyzygUSZMgZdraDUMUhCIvkjhJjme15qWmbyJbtAx4ot4uZA==", - "hasInstallScript": true, - "license": "MIT", - "dependencies": { - "nan": "^2.17.0" - } - } - } -}