nexus/bip39
2
0
Fork 0
mirror of https://github.com/OneKeyHQ/bip39.git synced 2026-04-05 18:43:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: libs/stellar-util/package.json & libs/stellar-util/package-lock.json to reduce vulnerabilities

Browse Source 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-CIPHERBASE-12084814
- https://snyk.io/vuln/SNYK-JS-SHAJS-12089400
This commit is contained in:
snyk-bot
2025-08-25 06:08:35 +00:00
parent cbe03c549c
commit 547be5f76f
2 changed files with 195 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

311
libs/stellar-util/package-lock.json generated
View File

@@ -8,14 +8,20 @@
"name": "stellar-util",
"version": "0.0.1",
"dependencies": {
"ed25519-hd-key": "^1.0.0",
"stellar-base": "^0.10.0"
"ed25519-hd-key": "^1.2.1",
"stellar-base": "^13.1.0"
},
"devDependencies": {
"browserify": "^16.2.3",
"uglify-es": "^3.3.9"
}
},
"node_modules/@stellar/js-xdr": {
"version": "3.1.2",
"resolved": "https://registry.npmjs.org/@stellar/js-xdr/-/js-xdr-3.1.2.tgz",
"integrity": "sha512-VVolPL5goVEIsvuGqDc5uiKxV03lzfWdvYg1KikvwheDmTBO68CKDji3bAZ/kppZrx5iTA8z3Ld5yuytcvhvOQ==",
"license": "Apache-2.0"
},
"node_modules/acorn": {
"version": "6.4.1",
"resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.1.tgz",
@@ -118,6 +124,80 @@
"integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=",
"dev": true
},
"node_modules/bare-addon-resolve": {
"version": "1.9.4",
"resolved": "https://registry.npmjs.org/bare-addon-resolve/-/bare-addon-resolve-1.9.4.tgz",
"integrity": "sha512-unn6Vy/Yke6F99vg/7tcrvM2KUvIhTNniaSqDbam4AWkd4NhvDVSrQiRYVlNzUV2P7SPobkCK7JFVxrJk9btCg==",
"license": "Apache-2.0",
"optional": true,
"dependencies": {
"bare-module-resolve": "^1.10.0",
"bare-semver": "^1.0.0"
},
"peerDependencies": {
"bare-url": "*"
},
"peerDependenciesMeta": {
"bare-url": {
"optional": true
}
}
},
"node_modules/bare-module-resolve": {
"version": "1.11.1",
"resolved": "https://registry.npmjs.org/bare-module-resolve/-/bare-module-resolve-1.11.1.tgz",
"integrity": "sha512-DCxeT9i8sTs3vUMA3w321OX/oXtNEu5EjObQOnTmCdNp5RXHBAvAaBDHvAi9ta0q/948QPz+co6SsGi6aQMYRg==",
"license": "Apache-2.0",
"optional": true,
"dependencies": {
"bare-semver": "^1.0.0"
},
"peerDependencies": {
"bare-url": "*"
},
"peerDependenciesMeta": {
"bare-url": {
"optional": true
}
}
},
"node_modules/bare-os": {
"version": "3.6.2",
"resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.2.tgz",
"integrity": "sha512-T+V1+1srU2qYNBmJCXZkUY5vQ0B4FSlL3QDROnKQYOqeiQR8UbjNHlPa+TIbM4cuidiN9GaTaOZgSEgsvPbh5A==",
"license": "Apache-2.0",
"optional": true,
"engines": {
"bare": ">=1.14.0"
}
},
"node_modules/bare-path": {
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz",
"integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==",
"license": "Apache-2.0",
"optional": true,
"dependencies": {
"bare-os": "^3.0.1"
}
},
"node_modules/bare-semver": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/bare-semver/-/bare-semver-1.0.1.tgz",
"integrity": "sha512-UtggzHLiTrmFOC/ogQ+Hy7VfoKoIwrP1UFcYtTxoCUdLtsIErT8+SWtOC2DH/snT9h+xDrcBEPcwKei1mzemgg==",
"license": "Apache-2.0",
"optional": true
},
"node_modules/bare-url": {
"version": "2.2.2",
"resolved": "https://registry.npmjs.org/bare-url/-/bare-url-2.2.2.tgz",
"integrity": "sha512-g+ueNGKkrjMazDG3elZO1pNs3HY5+mMmOet1jtKyhOaCnkLzitxf26z7hoAEkDNgdNmnc1KIlt/dw6Po6xZMpA==",
"license": "Apache-2.0",
"optional": true,
"dependencies": {
"bare-path": "^3.0.0"
}
},
"node_modules/base32.js": {
"version": "0.1.0",
"resolved": "https://registry.npmjs.org/base32.js/-/base32.js-0.1.0.tgz",
@@ -127,37 +207,34 @@
}
},
"node_modules/base64-js": {
"version": "1.3.0",
"resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.0.tgz",
"integrity": "sha512-ccav/yGvoa80BQDljCxsmmQ3Xvx60/UpBIij5QN21W3wBi/hhIC9OoO+KLpu9IJTS9j4DRVJ3aDDF9cMSoa2lw==",
"dev": true
"version": "1.5.1",
"resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz",
"integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==",
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/feross"
},
{
"type": "patreon",
"url": "https://www.patreon.com/feross"
},
{
"type": "consulting",
"url": "https://feross.org/support"
}
],
"license": "MIT"
},
"node_modules/bignumber.js": {
"version": "4.1.0",
"resolved": "https://registry.npmjs.org/bignumber.js/-/bignumber.js-4.1.0.tgz",
"integrity": "sha512-eJzYkFYy9L4JzXsbymsFn3p54D+llV27oTQ+ziJG7WFRheJcNZilgVXMG0LoZtlQSKBsJdWtLFqOD0u+U0jZKA==",
"version": "9.3.1",
"resolved": "https://registry.npmjs.org/bignumber.js/-/bignumber.js-9.3.1.tgz",
"integrity": "sha512-Ko0uX15oIUS7wJ3Rb30Fs6SkVbLmPBAKdlm7q9+ak9bbIeFf0MwuBsQV6z7+X768/cHsfg+WlysDWJcmthjsjQ==",
"license": "MIT",
"engines": {
"node": "*"
}
},
"node_modules/bindings": {
"version": "1.3.1",
"resolved": "https://registry.npmjs.org/bindings/-/bindings-1.3.1.tgz",
"integrity": "sha512-i47mqjF9UbjxJhxGf+pZ6kSxrnI3wBLlnGI2ArWJ4r0VrvDS7ZYXkprq/pLaBWYq4GM0r4zdHY+NNRqEMU7uew==",
"optional": true
},
"node_modules/bip39": {
"version": "2.5.0",
"resolved": "https://registry.npmjs.org/bip39/-/bip39-2.5.0.tgz",
"integrity": "sha512-xwIx/8JKoT2+IPJpFEfXoWdYwP7UVAoUxxLNfGCfVowaJE7yg1Y5B1BVPqlUNsBq5/nGwmFkwRJ8xDW4sX8OdA==",
"dependencies": {
"create-hash": "^1.1.0",
"pbkdf2": "^3.0.9",
"randombytes": "^2.0.1",
"safe-buffer": "^5.0.1",
"unorm": "^1.3.3"
}
},
"node_modules/bn.js": {
"version": "4.11.8",
"resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.11.8.tgz",
@@ -454,11 +531,6 @@
"integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=",
"dev": true
},
"node_modules/crc": {
"version": "3.5.0",
"resolved": "https://registry.npmjs.org/crc/-/crc-3.5.0.tgz",
"integrity": "sha1-mLi6fUiWZbo5efWbITgTdBAaGWQ="
},
"node_modules/create-ecdh": {
"version": "4.0.3",
"resolved": "https://registry.npmjs.org/create-ecdh/-/create-ecdh-4.0.3.tgz",
@@ -516,11 +588,6 @@
"node": "*"
}
},
"node_modules/cursor": {
"version": "0.1.5",
"resolved": "https://registry.npmjs.org/cursor/-/cursor-0.1.5.tgz",
"integrity": "sha1-6neMKwnTPC5WT9khRwdnUEg+uyw="
},
"node_modules/date-now": {
"version": "0.1.4",
"resolved": "https://registry.npmjs.org/date-now/-/date-now-0.1.4.tgz",
@@ -605,25 +672,14 @@
"readable-stream": "^2.0.2"
}
},
"node_modules/ed25519": {
"version": "0.0.4",
"resolved": "https://registry.npmjs.org/ed25519/-/ed25519-0.0.4.tgz",
"integrity": "sha1-5WIYrOL8kD0llZOu8LKpY59HW+s=",
"hasInstallScript": true,
"optional": true,
"dependencies": {
"bindings": "^1.2.1",
"nan": "^2.0.9"
}
},
"node_modules/ed25519-hd-key": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/ed25519-hd-key/-/ed25519-hd-key-1.0.0.tgz",
"integrity": "sha512-PbL2RemtcV6UzhJv9lCAFraa3V/M8mxlRJlJeqpaRDtFaHObt43x6nIm8/NMc0Wc70NHee4K9x4V9H5T+MM69Q==",
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/ed25519-hd-key/-/ed25519-hd-key-1.2.1.tgz",
"integrity": "sha512-M3SiXF4Wd0yZV9iTYqNn7HGUNgXcEctHcRfNjue15POYVfAiU56UaCURH3n0NRZMaK+wL0F1VlW8p5vSSpoeZA==",
"license": "MIT",
"dependencies": {
"bip39": "^2.4.0",
"create-hmac": "^1.1.6",
"js-nacl": "^1.2.2"
"create-hmac": "1.1.7",
"tweetnacl": "1.0.3"
}
},
"node_modules/elliptic": {
@@ -757,10 +813,24 @@
"dev": true
},
"node_modules/ieee754": {
"version": "1.1.12",
"resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.12.tgz",
"integrity": "sha512-GguP+DRY+pJ3soyIiGPTvdiVXjZ+DbXOxGpXn3eMvNW4x4irjqXm4wHKscC+TfxSJ0yw/S1F24tqdMNsMZTiLA==",
"dev": true
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz",
"integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==",
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/feross"
},
{
"type": "patreon",
"url": "https://www.patreon.com/feross"
},
{
"type": "consulting",
"url": "https://feross.org/support"
}
],
"license": "BSD-3-Clause"
},
"node_modules/inflight": {
"version": "1.0.6",
@@ -820,25 +890,6 @@
"integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=",
"dev": true
},
"node_modules/js-nacl": {
"version": "1.3.2",
"resolved": "https://registry.npmjs.org/js-nacl/-/js-nacl-1.3.2.tgz",
"integrity": "sha512-XEV2slQ60lLhtL8X+PfFYFfen3b0eg+IU3deWKXKF285nqAf/f24Z15LvlLkVogpAb/9eAxe7o1AtThhKGvQkg==",
"engines": {
"node": "*"
}
},
"node_modules/js-xdr": {
"version": "1.0.5",
"resolved": "https://registry.npmjs.org/js-xdr/-/js-xdr-1.0.5.tgz",
"integrity": "sha512-v0jffMa8bko3uFcGYt1lHrtpd1adhH6qk41RfLPsNPj77/K8fi7LOi4+lUUY3MBEIFnJgaGHrbc6sxdTwHImxQ==",
"deprecated": "⚠️ This package has moved to @stellar/js-xdr! 🚚",
"dependencies": {
"cursor": "^0.1.5",
"lodash": "^4.17.5",
"long": "^2.2.3"
}
},
"node_modules/json-stable-stringify": {
"version": "0.0.1",
"resolved": "https://registry.npmjs.org/json-stable-stringify/-/json-stable-stringify-0.0.1.tgz",
@@ -899,25 +950,12 @@
"integrity": "sha512-GMxXOiUirWg1xTKRipM0Ek07rX+ubx4nNVElTJdNLYmNO/2YrDkgJGw9CljXn+r4EWiDQg/8lsRdHyg2PJuUaA==",
"dev": true
},
"node_modules/lodash": {
"version": "4.17.19",
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz",
"integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ=="
},
"node_modules/lodash.memoize": {
"version": "3.0.4",
"resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-3.0.4.tgz",
"integrity": "sha1-LcvSwofLwKVcxCMovQxzYVDVPj8=",
"dev": true
},
"node_modules/long": {
"version": "2.4.0",
"resolved": "https://registry.npmjs.org/long/-/long-2.4.0.tgz",
"integrity": "sha1-n6GAux2VAM3CnEFWdmoZleH0Uk8=",
"engines": {
"node": ">=0.6"
}
},
"node_modules/md5.js": {
"version": "1.3.5",
"resolved": "https://registry.npmjs.org/md5.js/-/md5.js-1.3.5.tgz",
@@ -1019,12 +1057,6 @@
"node": ">= 0.8.0"
}
},
"node_modules/nan": {
"version": "2.12.0",
"resolved": "https://registry.npmjs.org/nan/-/nan-2.12.0.tgz",
"integrity": "sha512-zT5nC0JhbljmyEf+Z456nvm7iO7XgRV2hYxoBtPpnyp+0Q4aCoP6uWNn76v/I6k2kCYNLWqWbwBWQcjsNI/bjw==",
"optional": true
},
"node_modules/once": {
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
@@ -1102,6 +1134,7 @@
"version": "3.0.17",
"resolved": "https://registry.npmjs.org/pbkdf2/-/pbkdf2-3.0.17.tgz",
"integrity": "sha512-U/il5MsrZp7mGg3mSQfn742na2T+1/vHDCG5/iTI3X9MKUuYUZVLQhyRsg06mCgDBTd57TxzgZt7P+fYfjRLtA==",
"dev": true,
"dependencies": {
"create-hash": "^1.1.2",
"create-hmac": "^1.1.4",
@@ -1171,6 +1204,7 @@
"version": "2.0.6",
"resolved": "https://registry.npmjs.org/randombytes/-/randombytes-2.0.6.tgz",
"integrity": "sha512-CIQ5OFxf4Jou6uOKe9t1AOgqpeU5fd70A8NPdHSGeYXqXsPe6peOwI0cUl88RWZ6sP1vPMV3avd/R6cZ5/sP1A==",
"dev": true,
"dependencies": {
"safe-buffer": "^5.1.0"
}
@@ -1218,6 +1252,20 @@
"safe-buffer": "~5.1.0"
}
},
"node_modules/require-addon": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/require-addon/-/require-addon-1.1.0.tgz",
"integrity": "sha512-KbXAD5q2+v1GJnkzd8zzbOxchTkStSyJZ9QwoCq3QwEXAaIlG3wDYRZGzVD357jmwaGY7hr5VaoEAL0BkF0Kvg==",
"license": "Apache-2.0",
"optional": true,
"dependencies": {
"bare-addon-resolve": "^1.3.0",
"bare-url": "^2.1.0"
},
"engines": {
"bare": ">=1.10.0"
}
},
"node_modules/resolve": {
"version": "1.8.1",
"resolved": "https://registry.npmjs.org/resolve/-/resolve-1.8.1.tgz",
@@ -1281,6 +1329,16 @@
"integrity": "sha1-c0TLuLbib7J9ZrL8hvn21Zl1IcY=",
"dev": true
},
"node_modules/sodium-native": {
"version": "4.3.3",
"resolved": "https://registry.npmjs.org/sodium-native/-/sodium-native-4.3.3.tgz",
"integrity": "sha512-OnxSlN3uyY8D0EsLHpmm2HOFmKddQVvEMmsakCrXUzSd8kjjbzL413t4ZNF3n0UxSwNgwTyUvkmZHTfuCeiYSw==",
"license": "MIT",
"optional": true,
"dependencies": {
"require-addon": "^1.1.0"
}
},
"node_modules/source-map": {
"version": "0.5.7",
"resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz",
@@ -1291,24 +1349,48 @@
}
},
"node_modules/stellar-base": {
"version": "0.10.0",
"resolved": "https://registry.npmjs.org/stellar-base/-/stellar-base-0.10.0.tgz",
"integrity": "sha512-PPuVWAc9t63q9eiMrV3czO2Q2ZozcU7dEMJX8Hu8AIVuV4DbDMyGk5a4nzsJajVsSZyq2Tyccv3dqVudKkBZUA==",
"version": "13.1.0",
"resolved": "https://registry.npmjs.org/stellar-base/-/stellar-base-13.1.0.tgz",
"integrity": "sha512-CAXhSFJfGC1EKrGiHm0F/OQoYmSLLq4wucCaI7EZM2oe/Hg06mK2XWHddIN+yuZgIyDjgDQAdbUtHqVR5Irw/w==",
"deprecated": "⚠️ This package has moved to @stellar/stellar-base! 🚚",
"license": "Apache-2.0",
"dependencies": {
"base32.js": "~0.1.0",
"bignumber.js": "^4.0.0",
"crc": "3.5.0",
"js-xdr": "^1.0.5",
"lodash": "^4.17.10",
"@stellar/js-xdr": "^3.1.2",
"base32.js": "^0.1.0",
"bignumber.js": "^9.1.2",
"buffer": "^6.0.3",
"sha.js": "^2.3.6",
"tweetnacl": "^1.0.0"
"tweetnacl": "^1.0.3"
},
"engines": {
"node": ">=4"
"node": ">=18.0.0"
},
"optionalDependencies": {
"ed25519": "0.0.4"
"sodium-native": "^4.3.3"
}
},
"node_modules/stellar-base/node_modules/buffer": {
"version": "6.0.3",
"resolved": "https://registry.npmjs.org/buffer/-/buffer-6.0.3.tgz",
"integrity": "sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==",
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/feross"
},
{
"type": "patreon",
"url": "https://www.patreon.com/feross"
},
{
"type": "consulting",
"url": "https://feross.org/support"
}
],
"license": "MIT",
"dependencies": {
"base64-js": "^1.3.1",
"ieee754": "^1.2.1"
}
},
"node_modules/stream-browserify": {
@@ -1422,9 +1504,10 @@
"dev": true
},
"node_modules/tweetnacl": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-1.0.0.tgz",
"integrity": "sha1-cT2LgY2kIGh0C/aDhtBHnmb8ins="
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-1.0.3.tgz",
"integrity": "sha512-6rt+RN7aOi1nGMyC4Xa5DdYiukl2UWCbcJft7YhxReBGQD7OAM8Pbxw6YMo4r2diNEA8FEmu32YOn9rhaiE5yw==",
"license": "Unlicense"
},
"node_modules/typedarray": {
"version": "0.0.6",
@@ -1482,14 +1565,6 @@
"undeclared-identifiers": "bin.js"
}
},
"node_modules/unorm": {
"version": "1.4.1",
"resolved": "https://registry.npmjs.org/unorm/-/unorm-1.4.1.tgz",
"integrity": "sha1-NkIA1fE2RsqLzURJAnEzVhR5IwA=",
"engines": {
"node": ">= 0.4.0"
}
},
"node_modules/url": {
"version": "0.11.0",
"resolved": "https://registry.npmjs.org/url/-/url-0.11.0.tgz",

4
libs/stellar-util/package.json
View File

@@ -5,8 +5,8 @@
"build": "browserify stellar-util.js > /tmp/stellar-util.js"
},
"dependencies": {
"ed25519-hd-key": "^1.0.0",
"stellar-base": "^0.10.0"
"ed25519-hd-key": "^1.2.1",
"stellar-base": "^13.1.0"
},
"devDependencies": {
"browserify": "^16.2.3",