From 382c28d2f41aa4213d5ff821a57fa00e26c90bf0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 21 Sep 2021 18:46:35 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SSH2-1656673 --- package-lock.json | 95 +++++++++++++++++++++++++---------------------- package.json | 2 +- 2 files changed, 52 insertions(+), 45 deletions(-) diff --git a/package-lock.json b/package-lock.json index f33a927..a63742a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15,7 +15,7 @@ "log4js": "^6.1.2", "open": "^7.0.4", "server-destroy": "^1.0.1", - "ssh2": "^0.8.4" + "ssh2": "^1.0.0" }, "devDependencies": { "@types/chai": "^4.1.6", @@ -1744,6 +1744,19 @@ "node": ">=6" } }, + "node_modules/cpu-features": { + "version": "0.0.2", + "resolved": "https://registry.npmjs.org/cpu-features/-/cpu-features-0.0.2.tgz", + "integrity": "sha512-/2yieBqvMcRj8McNzkycjW2v3OIUOibBfd2dLEJ0nWts8NobAxwiyw9phVNS6oDL8x8tz9F7uNVFEVpJncQpeA==", + "hasInstallScript": true, + "optional": true, + "dependencies": { + "nan": "^2.14.1" + }, + "engines": { + "node": ">=8.0.0" + } + }, "node_modules/cross-spawn": { "version": "6.0.5", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz", @@ -4949,6 +4962,12 @@ "integrity": "sha512-nnbWWOkoWyUsTjKrhgD0dcz22mdkSnpYqbEjIm2nhwhuxlSkpywJmBo8h0ZqJdkp73mb90SssHkN4rsRaBAfAA==", "dev": true }, + "node_modules/nan": { + "version": "2.15.0", + "resolved": "https://registry.npmjs.org/nan/-/nan-2.15.0.tgz", + "integrity": "sha512-8ZtvEnA2c5aYCZYd1cvgdnU6cqwixRoYg70xPLWUws5ORTa/lnw+u4amixRS/Ac5U5mQVgp9pnlSUnbNWFaWZQ==", + "optional": true + }, "node_modules/natural-compare": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", @@ -6820,27 +6839,20 @@ "dev": true }, "node_modules/ssh2": { - "version": "0.8.5", - "resolved": "https://registry.npmjs.org/ssh2/-/ssh2-0.8.5.tgz", - "integrity": "sha512-TkvzxSYYUSQ8jb//HbHnJVui4fVEW7yu/zwBxwro/QaK2EGYtwB+8gdEChwHHuj142c5+250poMC74aJiwApPw==", + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/ssh2/-/ssh2-1.0.0.tgz", + "integrity": "sha512-p3fH+3a8yB9f7r87OnPgTl2qu7BW7dOSSLG4gb41DxCNwlL+XJ0OBjBJWa2hDqrxJceL0LjB02l/0byey3OHlw==", + "hasInstallScript": true, "dependencies": { - "ssh2-streams": "~0.4.4" + "asn1": "^0.2.4", + "bcrypt-pbkdf": "^1.0.2" }, "engines": { - "node": ">=5.2.0" - } - }, - "node_modules/ssh2-streams": { - "version": "0.4.4", - "resolved": "https://registry.npmjs.org/ssh2-streams/-/ssh2-streams-0.4.4.tgz", - "integrity": "sha512-yNfPZgJO/N69TvYkpDHZBkXAXQzTpfzRkOphQu3PeUpZnrjp9VNa8RKDZkZDpjsWItay+I4NMAbZZ7DqHRt0AQ==", - "dependencies": { - "asn1": "~0.2.0", - "bcrypt-pbkdf": "^1.0.2", - "streamsearch": "~0.1.2" + "node": ">=10.16.0" }, - "engines": { - "node": ">=5.2.0" + "optionalDependencies": { + "cpu-features": "0.0.2", + "nan": "^2.14.2" } }, "node_modules/state-toggle": { @@ -6870,14 +6882,6 @@ "node": ">=4.0" } }, - "node_modules/streamsearch": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-0.1.2.tgz", - "integrity": "sha1-gIudDlb8Jz2Am6VzOOkpkZoanxo=", - "engines": { - "node": ">=0.8.0" - } - }, "node_modules/strict-uri-encode": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/strict-uri-encode/-/strict-uri-encode-2.0.0.tgz", @@ -9439,6 +9443,15 @@ "safe-buffer": "^5.0.1" } }, + "cpu-features": { + "version": "0.0.2", + "resolved": "https://registry.npmjs.org/cpu-features/-/cpu-features-0.0.2.tgz", + "integrity": "sha512-/2yieBqvMcRj8McNzkycjW2v3OIUOibBfd2dLEJ0nWts8NobAxwiyw9phVNS6oDL8x8tz9F7uNVFEVpJncQpeA==", + "optional": true, + "requires": { + "nan": "^2.14.1" + } + }, "cross-spawn": { "version": "6.0.5", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz", @@ -11965,6 +11978,12 @@ "integrity": "sha512-nnbWWOkoWyUsTjKrhgD0dcz22mdkSnpYqbEjIm2nhwhuxlSkpywJmBo8h0ZqJdkp73mb90SssHkN4rsRaBAfAA==", "dev": true }, + "nan": { + "version": "2.15.0", + "resolved": "https://registry.npmjs.org/nan/-/nan-2.15.0.tgz", + "integrity": "sha512-8ZtvEnA2c5aYCZYd1cvgdnU6cqwixRoYg70xPLWUws5ORTa/lnw+u4amixRS/Ac5U5mQVgp9pnlSUnbNWFaWZQ==", + "optional": true + }, "natural-compare": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", @@ -13458,21 +13477,14 @@ "dev": true }, "ssh2": { - "version": "0.8.5", - "resolved": "https://registry.npmjs.org/ssh2/-/ssh2-0.8.5.tgz", - "integrity": "sha512-TkvzxSYYUSQ8jb//HbHnJVui4fVEW7yu/zwBxwro/QaK2EGYtwB+8gdEChwHHuj142c5+250poMC74aJiwApPw==", - "requires": { - "ssh2-streams": "~0.4.4" - } - }, - "ssh2-streams": { - "version": "0.4.4", - "resolved": "https://registry.npmjs.org/ssh2-streams/-/ssh2-streams-0.4.4.tgz", - "integrity": "sha512-yNfPZgJO/N69TvYkpDHZBkXAXQzTpfzRkOphQu3PeUpZnrjp9VNa8RKDZkZDpjsWItay+I4NMAbZZ7DqHRt0AQ==", + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/ssh2/-/ssh2-1.0.0.tgz", + "integrity": "sha512-p3fH+3a8yB9f7r87OnPgTl2qu7BW7dOSSLG4gb41DxCNwlL+XJ0OBjBJWa2hDqrxJceL0LjB02l/0byey3OHlw==", "requires": { - "asn1": "~0.2.0", + "asn1": "^0.2.4", "bcrypt-pbkdf": "^1.0.2", - "streamsearch": "~0.1.2" + "cpu-features": "0.0.2", + "nan": "^2.14.2" } }, "state-toggle": { @@ -13498,11 +13510,6 @@ } } }, - "streamsearch": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-0.1.2.tgz", - "integrity": "sha1-gIudDlb8Jz2Am6VzOOkpkZoanxo=" - }, "strict-uri-encode": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/strict-uri-encode/-/strict-uri-encode-2.0.0.tgz", diff --git a/package.json b/package.json index 7a8913a..3b863c9 100644 --- a/package.json +++ b/package.json @@ -66,7 +66,7 @@ "log4js": "^6.1.2", "open": "^7.0.4", "server-destroy": "^1.0.1", - "ssh2": "^0.8.4" + "ssh2": "^1.0.0" }, "devDependencies": { "@types/chai": "^4.1.6",