fix node-forge vulnerability (#13389)

3 years ago · ec8a9384c9
parent c366dd67b0
commit ec8a9384c9
2 changed files with 6 additions and 6 deletions
--- a/package.json
+++ b/package.json
@ -83,8 +83,8 @@
    "3box/ipfs/ipld-zcash/zcash-bitcore-lib/elliptic": "^6.5.4",
    "3box/ipfs/libp2p-mdns/multicast-dns/dns-packet": "^5.2.2",
    "3box/ipfs/prometheus-gc-stats/gc-stats/node-pre-gyp/tar": "^6.1.2",
-    "3box/**/libp2p-crypto/node-forge": "^0.10.0",
-    "3box/**/libp2p-keychain/node-forge": "^0.10.0",
+    "3box/**/libp2p-crypto/node-forge": "^1.0.0",
+    "3box/**/libp2p-keychain/node-forge": "^1.0.0",
    "analytics-node/axios": "^0.21.2",
    "ganache-core/lodash": "^4.17.21",
    "netmask": "^2.0.1",
--- a/yarn.lock
+++ b/yarn.lock
@ -19296,10 +19296,10 @@ node-fetch@2.6.1, node-fetch@^2.3.0, node-fetch@^2.6.0, node-fetch@^2.6.1:
  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.1.tgz#045bd323631f76ed2e2b55573394416b639a0052"
  integrity sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw==

-node-forge@^0.10.0, node-forge@^0.7.1, node-forge@^0.7.5, node-forge@~0.7.6:
-  version "0.10.0"
-  resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.10.0.tgz#32dea2afb3e9926f02ee5ce8794902691a676bf3"
-  integrity sha512-PPmu8eEeG9saEUvI97fm4OYxXVB6bFvyNTyiUOBichBpFG8A1Ljw3bY62+5oOjDEMHRnd0Y7HQ+x7uzxOzC6JA==
+node-forge@^0.7.1, node-forge@^0.7.5, node-forge@^1.0.0, node-forge@~0.7.6:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-1.2.1.tgz#82794919071ef2eb5c509293325cec8afd0fd53c"
+  integrity sha512-Fcvtbb+zBcZXbTTVwqGA5W+MKBj56UjVRevvchv5XrcyXbmNdesfZL37nlcWOfpgHhgmxApw3tQbTr4CqNmX4w==

 node-gyp-build@4.3.0, node-gyp-build@^4.2.0, node-gyp-build@^4.2.2, node-gyp-build@^4.2.3, node-gyp-build@^4.3.0:
  version "4.3.0"