Skip to content

Commit

Permalink
fix: security advisories in browserify-sign and crypto-js (#1548)
Browse files Browse the repository at this point in the history
  • Loading branch information
@strophy
strophy authored Nov 1, 2023
1 parent f51906a commit f285b02
Show file tree
Hide file tree
Showing 8 changed files with 48 additions and 27 deletions.
28 changes: 19 additions & 9 deletions .pnp.cjs
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Binary file removed .yarn/cache/browserify-sign-npm-4.2.1-9a8530ca87-0221f190e3.zip
View file
Binary file not shown.
Binary file added .yarn/cache/browserify-sign-npm-4.2.2-92f50c6d35-b622730c0f.zip
View file
Binary file not shown.
Binary file removed .yarn/cache/crypto-js-npm-4.1.1-38a3b8c19d-b3747c12ee.zip
View file
Binary file not shown.
Binary file added .yarn/cache/crypto-js-npm-4.2.0-d6f7744e63-f051666dbc.zip
View file
Binary file not shown.
Binary file added .yarn/cache/readable-stream-npm-3.6.2-d2a6069158-bdcbe6c22e.zip
View file
Binary file not shown.
2 changes: 1 addition & 1 deletion packages/wallet-lib/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@
"@dashevo/wasm-dpp": "workspace:*",
"@yarnpkg/pnpify": "^4.0.0-rc.42",
"cbor": "^8.0.0",
"crypto-js": "^4.0.0",
"crypto-js": "^4.2.0",
"lodash": "^4.17.21",
"pbkdf2": "^3.1.1",
"setimmediate": "^1.0.5",
Expand Down
45 changes: 28 additions & 17 deletions yarn.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1876,7 +1876,7 @@ __metadata:
chai: ^4.3.9
chai-as-promised: ^7.1.1
crypto-browserify: ^3.12.0
crypto-js: ^4.0.0
crypto-js: ^4.2.0
dirty-chai: ^2.0.1
dotenv-safe: ^8.2.0
eslint: ^7.32.0
Expand Down Expand Up @@ -4768,7 +4768,7 @@ __metadata:
languageName: node
linkType: hard

"browserify-rsa@npm:^4.0.0, browserify-rsa@npm:^4.0.1":
"browserify-rsa@npm:^4.0.0, browserify-rsa@npm:^4.1.0":
version: 4.1.0
resolution: "browserify-rsa@npm:4.1.0"
dependencies:
Expand All @@ -4779,19 +4779,19 @@ __metadata:
linkType: hard

"browserify-sign@npm:^4.0.0":
version: 4.2.1
resolution: "browserify-sign@npm:4.2.1"
version: 4.2.2
resolution: "browserify-sign@npm:4.2.2"
dependencies:
bn.js: ^5.1.1
browserify-rsa: ^4.0.1
bn.js: ^5.2.1
browserify-rsa: ^4.1.0
create-hash: ^1.2.0
create-hmac: ^1.1.7
elliptic: ^6.5.3
elliptic: ^6.5.4
inherits: ^2.0.4
parse-asn1: ^5.1.5
readable-stream: ^3.6.0
safe-buffer: ^5.2.0
checksum: 0221f190e3f5b2d40183fa51621be7e838d9caa329fe1ba773406b7637855f37b30f5d83e52ff8f244ed12ffe6278dd9983638609ed88c841ce547e603855707
parse-asn1: ^5.1.6
readable-stream: ^3.6.2
safe-buffer: ^5.2.1
checksum: b622730c0fc183328c3a1c9fdaaaa5118821ed6822b266fa6b0375db7e20061ebec87301d61931d79b9da9a96ada1cab317fce3c68f233e5e93ed02dbb35544c
languageName: node
linkType: hard

Expand Down Expand Up @@ -6066,10 +6066,10 @@ __metadata:
languageName: node
linkType: hard

"crypto-js@npm:^4.0.0":
version: 4.1.1
resolution: "crypto-js@npm:4.1.1"
checksum: b3747c12ee3a7632fab3b3e171ea50f78b182545f0714f6d3e7e2858385f0f4101a15f2517e033802ce9d12ba50a391575ff4638c9de3dd9b2c4bc47768d5425
"crypto-js@npm:^4.2.0":
version: 4.2.0
resolution: "crypto-js@npm:4.2.0"
checksum: f051666dbc077c8324777f44fbd3aaea2986f198fe85092535130d17026c7c2ccf2d23ee5b29b36f7a4a07312db2fae23c9094b644cc35f7858b1b4fcaf27774
languageName: node
linkType: hard

Expand Down Expand Up @@ -11948,7 +11948,7 @@ fsevents@~2.3.2:
languageName: node
linkType: hard

"parse-asn1@npm:^5.0.0, parse-asn1@npm:^5.1.5":
"parse-asn1@npm:^5.0.0, parse-asn1@npm:^5.1.6":
version: 5.1.6
resolution: "parse-asn1@npm:5.1.6"
dependencies:
Expand Down Expand Up @@ -12636,6 +12636,17 @@ fsevents@~2.3.2:
languageName: node
linkType: hard

"readable-stream@npm:^3.6.2":
version: 3.6.2
resolution: "readable-stream@npm:3.6.2"
dependencies:
inherits: ^2.0.3
string_decoder: ^1.1.1
util-deprecate: ^1.0.1
checksum: bdcbe6c22e846b6af075e32cf8f4751c2576238c5043169a1c221c92ee2878458a816a4ea33f4c67623c0b6827c8a400409bfb3cf0bf3381392d0b1dfb52ac8d
languageName: node
linkType: hard

"readable-stream@npm:~1.0.2":
version: 1.0.34
resolution: "readable-stream@npm:1.0.34"
Expand Down Expand Up @@ -13040,7 +13051,7 @@ fsevents@~2.3.2:
languageName: node
linkType: hard

"safe-buffer@npm:^5.0.1, safe-buffer@npm:^5.1.0, safe-buffer@npm:^5.1.1, safe-buffer@npm:^5.1.2, safe-buffer@npm:^5.2.0, safe-buffer@npm:~5.2.0":
"safe-buffer@npm:^5.0.1, safe-buffer@npm:^5.1.0, safe-buffer@npm:^5.1.1, safe-buffer@npm:^5.1.2, safe-buffer@npm:^5.2.0, safe-buffer@npm:^5.2.1, safe-buffer@npm:~5.2.0":
version: 5.2.1
resolution: "safe-buffer@npm:5.2.1"
checksum: b99c4b41fdd67a6aaf280fcd05e9ffb0813654894223afb78a31f14a19ad220bba8aba1cb14eddce1fcfb037155fe6de4e861784eb434f7d11ed58d1e70dd491
Expand Down

0 comments on commit f285b02

Please sign in to comment.