From 93f7b69d8e620c63d0fe9231bce18f2e155f0924 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 27 Dec 2023 14:58:38 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6124857 --- package-lock.json | 271 +++++++++++++++++++++++++++++++++++----------- package.json | 4 +- 2 files changed, 207 insertions(+), 68 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9195ad5d..cdbd48be 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@cheqd/sdk", - "version": "3.7.4-develop.1", + "version": "3.7.4", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@cheqd/sdk", - "version": "3.7.4-develop.1", + "version": "3.7.4", "license": "Apache-2.0", "dependencies": { "@cheqd/ts-proto": "^3.3.6", @@ -15,8 +15,8 @@ "@cosmjs/encoding": "^0.31.1", "@cosmjs/math": "^0.31.1", "@cosmjs/proto-signing": "^0.31.1", - "@cosmjs/stargate": "^0.31.1", - "@cosmjs/tendermint-rpc": "^0.31.1", + "@cosmjs/stargate": "^0.32.0", + "@cosmjs/tendermint-rpc": "^0.32.0", "@cosmjs/utils": "^0.31.1", "@stablelib/ed25519": "^1.0.3", "@types/secp256k1": "^4.0.5", @@ -803,11 +803,11 @@ } }, "node_modules/@cosmjs/json-rpc": { - "version": "0.31.1", - "resolved": "https://registry.npmjs.org/@cosmjs/json-rpc/-/json-rpc-0.31.1.tgz", - "integrity": "sha512-gIkCj2mUDHAxvmJnHtybXtMLZDeXrkDZlujjzhvJlWsIuj1kpZbKtYqh+eNlfwhMkMMAlQa/y4422jDmizW+ng==", + "version": "0.32.2", + "resolved": "https://registry.npmjs.org/@cosmjs/json-rpc/-/json-rpc-0.32.2.tgz", + "integrity": "sha512-lan2lOgmz4yVE/HR8eCOSiII/1OudIulk8836koyIDCsPEpt6eKBuctnAD168vABGArKccLAo7Mr2gy9nrKrOQ==", "dependencies": { - "@cosmjs/stream": "^0.31.1", + "@cosmjs/stream": "^0.32.2", "xstream": "^11.14.0" } }, @@ -834,85 +834,161 @@ } }, "node_modules/@cosmjs/socket": { - "version": "0.31.1", - "resolved": "https://registry.npmjs.org/@cosmjs/socket/-/socket-0.31.1.tgz", - "integrity": "sha512-XTtEr+x3WGbqkzoGX0sCkwVqf5n+bBqDwqNgb+DWaBABQxHVRuuainrTVp0Yc91D3Iy2twLQzeBA9OrRxDSerw==", + "version": "0.32.2", + "resolved": "https://registry.npmjs.org/@cosmjs/socket/-/socket-0.32.2.tgz", + "integrity": "sha512-Qc8jaw4uSBJm09UwPgkqe3g9TBFx4ZR9HkXpwT6Z9I+6kbLerXPR0Gy3NSJFSUgxIfTpO8O1yqoWAyf0Ay17Mw==", "dependencies": { - "@cosmjs/stream": "^0.31.1", + "@cosmjs/stream": "^0.32.2", "isomorphic-ws": "^4.0.1", "ws": "^7", "xstream": "^11.14.0" } }, "node_modules/@cosmjs/stargate": { - "version": "0.31.1", - "resolved": "https://registry.npmjs.org/@cosmjs/stargate/-/stargate-0.31.1.tgz", - "integrity": "sha512-TqOJZYOH5W3sZIjR6949GfjhGXO3kSHQ3/KmE+SuKyMMmQ5fFZ45beawiRtVF0/CJg5RyPFyFGJKhb1Xxv3Lcg==", + "version": "0.32.0", + "resolved": "https://registry.npmjs.org/@cosmjs/stargate/-/stargate-0.32.0.tgz", + "integrity": "sha512-Yo3l+A4vdy3ql30cIanY/j2uD3zxRXTQPrn2YUc67qCxacFkf7Fn3N9GdI7D/B2LQlguf/B5OwheizzWucapkw==", "dependencies": { "@confio/ics23": "^0.6.8", - "@cosmjs/amino": "^0.31.1", - "@cosmjs/encoding": "^0.31.1", - "@cosmjs/math": "^0.31.1", - "@cosmjs/proto-signing": "^0.31.1", - "@cosmjs/stream": "^0.31.1", - "@cosmjs/tendermint-rpc": "^0.31.1", - "@cosmjs/utils": "^0.31.1", - "cosmjs-types": "^0.8.0", - "long": "^4.0.0", - "protobufjs": "~6.11.3", + "@cosmjs/amino": "^0.32.0", + "@cosmjs/encoding": "^0.32.0", + "@cosmjs/math": "^0.32.0", + "@cosmjs/proto-signing": "^0.32.0", + "@cosmjs/stream": "^0.32.0", + "@cosmjs/tendermint-rpc": "^0.32.0", + "@cosmjs/utils": "^0.32.0", + "cosmjs-types": "^0.9.0", "xstream": "^11.14.0" } }, - "node_modules/@cosmjs/stargate/node_modules/protobufjs": { - "version": "6.11.4", - "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-6.11.4.tgz", - "integrity": "sha512-5kQWPaJHi1WoCpjTGszzQ32PG2F4+wRY6BmAT4Vfw56Q2FZ4YZzK20xUYQH4YkfehY1e6QSICrJquM6xXZNcrw==", - "hasInstallScript": true, + "node_modules/@cosmjs/stargate/node_modules/@cosmjs/amino": { + "version": "0.32.2", + "resolved": "https://registry.npmjs.org/@cosmjs/amino/-/amino-0.32.2.tgz", + "integrity": "sha512-lcK5RCVm4OfdAooxKcF2+NwaDVVpghOq6o/A40c2mHXDUzUoRZ33VAHjVJ9Me6vOFxshrw/XEFn1f4KObntjYA==", "dependencies": { - "@protobufjs/aspromise": "^1.1.2", - "@protobufjs/base64": "^1.1.2", - "@protobufjs/codegen": "^2.0.4", - "@protobufjs/eventemitter": "^1.1.0", - "@protobufjs/fetch": "^1.1.0", - "@protobufjs/float": "^1.0.2", - "@protobufjs/inquire": "^1.1.0", - "@protobufjs/path": "^1.1.2", - "@protobufjs/pool": "^1.1.0", - "@protobufjs/utf8": "^1.1.0", - "@types/long": "^4.0.1", - "@types/node": ">=13.7.0", - "long": "^4.0.0" - }, - "bin": { - "pbjs": "bin/pbjs", - "pbts": "bin/pbts" + "@cosmjs/crypto": "^0.32.2", + "@cosmjs/encoding": "^0.32.2", + "@cosmjs/math": "^0.32.2", + "@cosmjs/utils": "^0.32.2" + } + }, + "node_modules/@cosmjs/stargate/node_modules/@cosmjs/crypto": { + "version": "0.32.2", + "resolved": "https://registry.npmjs.org/@cosmjs/crypto/-/crypto-0.32.2.tgz", + "integrity": "sha512-RuxrYKzhrPF9g6NmU7VEq++Hn1vZJjqqJpZ9Tmw9lOYOV8BUsv+j/0BE86kmWi7xVJ7EwxiuxYsKuM8IR18CIA==", + "dependencies": { + "@cosmjs/encoding": "^0.32.2", + "@cosmjs/math": "^0.32.2", + "@cosmjs/utils": "^0.32.2", + "@noble/hashes": "^1", + "bn.js": "^5.2.0", + "elliptic": "^6.5.4", + "libsodium-wrappers-sumo": "^0.7.11" } }, + "node_modules/@cosmjs/stargate/node_modules/@cosmjs/encoding": { + "version": "0.32.2", + "resolved": "https://registry.npmjs.org/@cosmjs/encoding/-/encoding-0.32.2.tgz", + "integrity": "sha512-WX7m1wLpA9V/zH0zRcz4EmgZdAv1F44g4dbXOgNj1eXZw1PIGR12p58OEkLN51Ha3S4DKRtCv5CkhK1KHEvQtg==", + "dependencies": { + "base64-js": "^1.3.0", + "bech32": "^1.1.4", + "readonly-date": "^1.0.0" + } + }, + "node_modules/@cosmjs/stargate/node_modules/@cosmjs/math": { + "version": "0.32.2", + "resolved": "https://registry.npmjs.org/@cosmjs/math/-/math-0.32.2.tgz", + "integrity": "sha512-b8+ruAAY8aKtVKWSft2IvtCVCUH1LigIlf9ALIiY8n9jtM4kMASiaRbQ/27etnSAInV88IaezKK9rQZrtxTjcw==", + "dependencies": { + "bn.js": "^5.2.0" + } + }, + "node_modules/@cosmjs/stargate/node_modules/@cosmjs/proto-signing": { + "version": "0.32.2", + "resolved": "https://registry.npmjs.org/@cosmjs/proto-signing/-/proto-signing-0.32.2.tgz", + "integrity": "sha512-UV4WwkE3W3G3s7wwU9rizNcUEz2g0W8jQZS5J6/3fiN0mRPwtPKQ6EinPN9ASqcAJ7/VQH4/9EPOw7d6XQGnqw==", + "dependencies": { + "@cosmjs/amino": "^0.32.2", + "@cosmjs/crypto": "^0.32.2", + "@cosmjs/encoding": "^0.32.2", + "@cosmjs/math": "^0.32.2", + "@cosmjs/utils": "^0.32.2", + "cosmjs-types": "^0.9.0" + } + }, + "node_modules/@cosmjs/stargate/node_modules/@cosmjs/utils": { + "version": "0.32.2", + "resolved": "https://registry.npmjs.org/@cosmjs/utils/-/utils-0.32.2.tgz", + "integrity": "sha512-Gg5t+eR7vPJMAmhkFt6CZrzPd0EKpAslWwk5rFVYZpJsM8JG5KT9XQ99hgNM3Ov6ScNoIWbXkpX27F6A9cXR4Q==" + }, + "node_modules/@cosmjs/stargate/node_modules/cosmjs-types": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/cosmjs-types/-/cosmjs-types-0.9.0.tgz", + "integrity": "sha512-MN/yUe6mkJwHnCFfsNPeCfXVhyxHYW6c/xDUzrSbBycYzw++XvWDMJArXp2pLdgD6FQ8DW79vkPjeNKVrXaHeQ==" + }, "node_modules/@cosmjs/stream": { - "version": "0.31.1", - "resolved": "https://registry.npmjs.org/@cosmjs/stream/-/stream-0.31.1.tgz", - "integrity": "sha512-xsIGD9bpBvYYZASajCyOevh1H5pDdbOWmvb4UwGZ78doGVz3IC3Kb9BZKJHIX2fjq9CMdGVJHmlM+Zp5aM8yZA==", + "version": "0.32.2", + "resolved": "https://registry.npmjs.org/@cosmjs/stream/-/stream-0.32.2.tgz", + "integrity": "sha512-gpCufLfHAD8Zp1ZKge7AHbDf4RA0TZp66wZY6JaQR5bSiEF2Drjtp4mwXZPGejtaUMnaAgff3LrUzPJfKYdQwg==", "dependencies": { "xstream": "^11.14.0" } }, "node_modules/@cosmjs/tendermint-rpc": { - "version": "0.31.1", - "resolved": "https://registry.npmjs.org/@cosmjs/tendermint-rpc/-/tendermint-rpc-0.31.1.tgz", - "integrity": "sha512-KX+wwi725sSePqIxfMPPOqg+xTETV8BHGOBhRhCZXEl5Fq48UlXXq3/yG1sn7K67ADC0kqHqcCF41Wn1GxNNPA==", - "dependencies": { - "@cosmjs/crypto": "^0.31.1", - "@cosmjs/encoding": "^0.31.1", - "@cosmjs/json-rpc": "^0.31.1", - "@cosmjs/math": "^0.31.1", - "@cosmjs/socket": "^0.31.1", - "@cosmjs/stream": "^0.31.1", - "@cosmjs/utils": "^0.31.1", - "axios": "^0.21.2", + "version": "0.32.0", + "resolved": "https://registry.npmjs.org/@cosmjs/tendermint-rpc/-/tendermint-rpc-0.32.0.tgz", + "integrity": "sha512-bGH3C0CymIzkROltbqw1iXOEkXJkpjdngJu3hdCdB7bD9xbCWOqB9mT+aLpjNAkzSEAHR4nrWv1JF+3PU2Eggg==", + "dependencies": { + "@cosmjs/crypto": "^0.32.0", + "@cosmjs/encoding": "^0.32.0", + "@cosmjs/json-rpc": "^0.32.0", + "@cosmjs/math": "^0.32.0", + "@cosmjs/socket": "^0.32.0", + "@cosmjs/stream": "^0.32.0", + "@cosmjs/utils": "^0.32.0", + "axios": "^1.6.0", "readonly-date": "^1.0.0", "xstream": "^11.14.0" } }, + "node_modules/@cosmjs/tendermint-rpc/node_modules/@cosmjs/crypto": { + "version": "0.32.2", + "resolved": "https://registry.npmjs.org/@cosmjs/crypto/-/crypto-0.32.2.tgz", + "integrity": "sha512-RuxrYKzhrPF9g6NmU7VEq++Hn1vZJjqqJpZ9Tmw9lOYOV8BUsv+j/0BE86kmWi7xVJ7EwxiuxYsKuM8IR18CIA==", + "dependencies": { + "@cosmjs/encoding": "^0.32.2", + "@cosmjs/math": "^0.32.2", + "@cosmjs/utils": "^0.32.2", + "@noble/hashes": "^1", + "bn.js": "^5.2.0", + "elliptic": "^6.5.4", + "libsodium-wrappers-sumo": "^0.7.11" + } + }, + "node_modules/@cosmjs/tendermint-rpc/node_modules/@cosmjs/encoding": { + "version": "0.32.2", + "resolved": "https://registry.npmjs.org/@cosmjs/encoding/-/encoding-0.32.2.tgz", + "integrity": "sha512-WX7m1wLpA9V/zH0zRcz4EmgZdAv1F44g4dbXOgNj1eXZw1PIGR12p58OEkLN51Ha3S4DKRtCv5CkhK1KHEvQtg==", + "dependencies": { + "base64-js": "^1.3.0", + "bech32": "^1.1.4", + "readonly-date": "^1.0.0" + } + }, + "node_modules/@cosmjs/tendermint-rpc/node_modules/@cosmjs/math": { + "version": "0.32.2", + "resolved": "https://registry.npmjs.org/@cosmjs/math/-/math-0.32.2.tgz", + "integrity": "sha512-b8+ruAAY8aKtVKWSft2IvtCVCUH1LigIlf9ALIiY8n9jtM4kMASiaRbQ/27etnSAInV88IaezKK9rQZrtxTjcw==", + "dependencies": { + "bn.js": "^5.2.0" + } + }, + "node_modules/@cosmjs/tendermint-rpc/node_modules/@cosmjs/utils": { + "version": "0.32.2", + "resolved": "https://registry.npmjs.org/@cosmjs/utils/-/utils-0.32.2.tgz", + "integrity": "sha512-Gg5t+eR7vPJMAmhkFt6CZrzPd0EKpAslWwk5rFVYZpJsM8JG5KT9XQ99hgNM3Ov6ScNoIWbXkpX27F6A9cXR4Q==" + }, "node_modules/@cosmjs/utils": { "version": "0.31.1", "resolved": "https://registry.npmjs.org/@cosmjs/utils/-/utils-0.31.1.tgz", @@ -2427,12 +2503,19 @@ "integrity": "sha512-c5AMf34bKdvPhQ7tBGhqkgKNUzMr4WUs+WDtC2ZUGOUncbxKMTvqxYctiseW3+L4bA8ec+GcZ6/A/FW4m8ukng==", "dev": true }, + "node_modules/asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" + }, "node_modules/axios": { - "version": "0.21.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", - "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==", + "version": "1.6.3", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.3.tgz", + "integrity": "sha512-fWyNdeawGam70jXSVlKl+SUNVcL6j6W79CuSIPfi6HnDUmSCH6gyUys/HrqHeA/wU0Az41rRgean494d0Jb+ww==", "dependencies": { - "follow-redirects": "^1.14.0" + "follow-redirects": "^1.15.0", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" } }, "node_modules/babel-jest": { @@ -2867,6 +2950,17 @@ "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", "dev": true }, + "node_modules/combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dependencies": { + "delayed-stream": "~1.0.0" + }, + "engines": { + "node": ">= 0.8" + } + }, "node_modules/compare-func": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/compare-func/-/compare-func-2.0.0.tgz", @@ -3218,6 +3312,14 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", + "engines": { + "node": ">=0.4.0" + } + }, "node_modules/deprecation": { "version": "2.3.1", "resolved": "https://registry.npmjs.org/deprecation/-/deprecation-2.3.1.tgz", @@ -3734,6 +3836,19 @@ } } }, + "node_modules/form-data": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", + "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", + "dependencies": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" + }, + "engines": { + "node": ">= 6" + } + }, "node_modules/from2": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/from2/-/from2-2.3.0.tgz", @@ -5489,6 +5604,25 @@ "node": ">=10.0.0" } }, + "node_modules/mime-db": { + "version": "1.52.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", + "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/mime-types": { + "version": "2.1.35", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", + "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", + "dependencies": { + "mime-db": "1.52.0" + }, + "engines": { + "node": ">= 0.6" + } + }, "node_modules/mimic-fn": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", @@ -9472,6 +9606,11 @@ "resolved": "https://registry.npmjs.org/long/-/long-5.2.3.tgz", "integrity": "sha512-lcHwpNoggQTObv5apGNCTdJrO69eHOZMi4BNC+rTLER8iHAqGrUVeLh/irVIM7zTw2bOXA8T6uNPeujwOLg/2Q==" }, + "node_modules/proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, "node_modules/pure-rand": { "version": "6.0.4", "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.4.tgz", diff --git a/package.json b/package.json index 4f11d33c..a96ce8ad 100644 --- a/package.json +++ b/package.json @@ -58,8 +58,8 @@ "@cosmjs/encoding": "^0.31.1", "@cosmjs/math": "^0.31.1", "@cosmjs/proto-signing": "^0.31.1", - "@cosmjs/stargate": "^0.31.1", - "@cosmjs/tendermint-rpc": "^0.31.1", + "@cosmjs/stargate": "^0.32.0", + "@cosmjs/tendermint-rpc": "^0.32.0", "@cosmjs/utils": "^0.31.1", "@stablelib/ed25519": "^1.0.3", "@types/secp256k1": "^4.0.5",