From 652d4a0b839838efb1d222cd119d79e530a72174 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 27 Aug 2024 20:49:12 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-UNZIPSTREAM-7833828 --- package-lock.json | 64 +++++++++++++++++++++++------------------------ package.json | 2 +- 2 files changed, 33 insertions(+), 33 deletions(-) diff --git a/package-lock.json b/package-lock.json index cdea760c8..d917a8850 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4,12 +4,6 @@ "lockfileVersion": 1, "requires": true, "dependencies": { - "7zip-bin": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/7zip-bin/-/7zip-bin-4.1.0.tgz", - "integrity": "sha512-AsnBZN3a8/JcNt+KPkGGODaA4c7l3W5+WpeKgGSbstSLxqWtTXqd1ieJGBQ8IFCtRg8DmmKUcSkIkUc0A4p3YA==", - "dev": true - }, "@babel/cli": { "version": "7.4.4", "resolved": "https://registry.npmjs.org/@babel/cli/-/cli-7.4.4.tgz", @@ -1166,6 +1160,12 @@ "@types/unist": "*" } }, + "7zip-bin": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/7zip-bin/-/7zip-bin-4.1.0.tgz", + "integrity": "sha512-AsnBZN3a8/JcNt+KPkGGODaA4c7l3W5+WpeKgGSbstSLxqWtTXqd1ieJGBQ8IFCtRg8DmmKUcSkIkUc0A4p3YA==", + "dev": true + }, "accept": { "version": "2.1.4", "resolved": "https://registry.npmjs.org/accept/-/accept-2.1.4.tgz", @@ -2106,8 +2106,8 @@ "integrity": "sha512-LQMh36Cg0r4ZfKqNlaUclndS/IXxZ3OdCgmXvw1vdP3QwYT2NkyE7LfMikAFIHpXOs6zsVH+iW+Fe/AX1jfFag==", "dev": true, "requires": { - "7zip-bin": "~4.1.0", "@types/debug": "^4.1.4", + "7zip-bin": "~4.1.0", "app-builder-bin": "2.7.1", "bluebird-lst": "^1.0.9", "builder-util-runtime": "^8.2.5", @@ -2759,8 +2759,8 @@ "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" }, "concat-stream": { - "version": "github:hugomrdias/concat-stream#057bc7b5d6d8df26c8cf00a3f151b6721a0a8034", - "from": "github:hugomrdias/concat-stream#feat/smaller", + "version": "git+ssh://git@github.com/hugomrdias/concat-stream.git#057bc7b5d6d8df26c8cf00a3f151b6721a0a8034", + "from": "concat-stream@github:hugomrdias/concat-stream#feat/smaller", "requires": { "inherits": "^2.0.3", "readable-stream": "^3.0.2" @@ -5429,24 +5429,24 @@ "dev": true, "optional": true }, - "string-width": { - "version": "1.0.2", + "string_decoder": { + "version": "1.1.1", "bundled": true, "dev": true, "optional": true, "requires": { - "code-point-at": "^1.0.0", - "is-fullwidth-code-point": "^1.0.0", - "strip-ansi": "^3.0.0" + "safe-buffer": "~5.1.0" } }, - "string_decoder": { - "version": "1.1.1", + "string-width": { + "version": "1.0.2", "bundled": true, "dev": true, "optional": true, "requires": { - "safe-buffer": "~5.1.0" + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" } }, "strip-ansi": { @@ -5644,9 +5644,9 @@ } }, "go-ipfs-dep": { - "version": "0.4.21", - "resolved": "https://registry.npmjs.org/go-ipfs-dep/-/go-ipfs-dep-0.4.21.tgz", - "integrity": "sha512-6bbMCqS0drRnVjsgnpmRwXGqaJE/LhaC7DclyM2cXLu4eskSHmdSSXMKmfChdcZpCAILJCUSSIKBbplN0o9zfg==", + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/go-ipfs-dep/-/go-ipfs-dep-0.7.0.tgz", + "integrity": "sha512-qaUc3vyTS7wY/3C2JkJrEQFK9CYxZz8baObiak6ydrJD58zSF6/PBDrxKA0r1q7lZkRTlwBPI66dLpbv7EBbdQ==", "requires": { "go-platform": "^1.0.0", "gunzip-maybe": "^1.4.1", @@ -6223,8 +6223,8 @@ } }, "ipfs-http-client": { - "version": "github:ipfs/js-ipfs-http-client#fdbfb39c077fa9bfe1ea9ad2847a20bc77d4d4ec", - "from": "github:ipfs/js-ipfs-http-client#master", + "version": "git+ssh://git@github.com/ipfs/js-ipfs-http-client.git#fdbfb39c077fa9bfe1ea9ad2847a20bc77d4d4ec", + "from": "ipfs-http-client@github:ipfs/js-ipfs-http-client#master", "requires": { "async": "^2.6.1", "bignumber.js": "^9.0.0", @@ -7751,8 +7751,8 @@ "dev": true }, "ndjson": { - "version": "github:hugomrdias/ndjson#4db16da6b42e5b39bf300c3a7cde62abb3fa3a11", - "from": "github:hugomrdias/ndjson#feat/readable-stream3", + "version": "git+ssh://git@github.com/hugomrdias/ndjson.git#4db16da6b42e5b39bf300c3a7cde62abb3fa3a11", + "from": "ndjson@github:hugomrdias/ndjson#feat/readable-stream3", "requires": { "json-stringify-safe": "^5.0.1", "minimist": "^1.2.0", @@ -10384,6 +10384,14 @@ "pull-stream": "^3.2.3" } }, + "string_decoder": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", + "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", + "requires": { + "safe-buffer": "~5.1.0" + } + }, "string-width": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz", @@ -10420,14 +10428,6 @@ "function-bind": "^1.0.2" } }, - "string_decoder": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", - "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", - "requires": { - "safe-buffer": "~5.1.0" - } - }, "strip-ansi": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz", diff --git a/package.json b/package.json index 9096fff5e..e58c017ea 100644 --- a/package.json +++ b/package.json @@ -78,7 +78,7 @@ "electron-updater": "^4.0.14", "fix-path": "^2.1.0", "fs-extra": "^8.1.0", - "go-ipfs-dep": "0.4.21", + "go-ipfs-dep": "0.7.0", "i18next": "^17.0.4", "i18next-electron-language-detector": "0.0.10", "i18next-icu": "^1.1.2",