diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml new file mode 100644 index 000000000..ca12b3f8a --- /dev/null +++ b/.github/workflows/codacy-analysis.yml @@ -0,0 +1,49 @@ +# This workflow checks out code, performs a Codacy security scan +# and integrates the results with the +# GitHub Advanced Security code scanning feature. For more information on +# the Codacy security scan action usage and parameters, see +# https://github.com/codacy/codacy-analysis-cli-action. +# For more information on Codacy Analysis CLI in general, see +# https://github.com/codacy/codacy-analysis-cli. + +name: Codacy Security Scan + +on: + push: + branches: [ master ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ master ] + schedule: + - cron: '25 10 * * 3' + +jobs: + codacy-security-scan: + name: Codacy Security Scan + runs-on: ubuntu-latest + steps: + # Checkout the repository to the GitHub Actions runner + - name: Checkout code + uses: actions/checkout@v2 + + # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis + - name: Run Codacy Analysis CLI + uses: codacy/codacy-analysis-cli-action@1.1.0 + with: + # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository + # You can also omit the token and run the tools that support default configurations + project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} + verbose: true + output: results.sarif + format: sarif + # Adjust severity of non-security issues + gh-code-scanning-compat: true + # Force 0 exit code to allow SARIF file generation + # This will handover control about PR rejection to the GitHub side + max-allowed-issues: 2147483647 + + # Upload the SARIF file generated in the previous step + - name: Upload SARIF results file + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: results.sarif diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 000000000..c131c55ed --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,71 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" + +on: + push: + branches: [ master ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ master ] + schedule: + - cron: '41 4 * * 2' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'javascript' ] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] + # Learn more: + # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # queries: ./path/to/local/query, your-org/your-repo/queries@main + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/codescan-analysis.yml b/.github/workflows/codescan-analysis.yml new file mode 100644 index 000000000..28687186e --- /dev/null +++ b/.github/workflows/codescan-analysis.yml @@ -0,0 +1,37 @@ +# This workflow requires that you have an existing account with codescan.io +# For more information about configuring your workflow, +# read our documentation at https://github.com/codescan-io/codescan-scanner-action +name: CodeScan + +on: + push: + branches: [ master ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ master ] + schedule: + - cron: '36 23 * * 3' + +jobs: + CodeScan: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v2 + - name: Cache files + uses: actions/cache@v2 + with: + path: | + ~/.sonar + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Run Analysis + uses: codescan-io/codescan-scanner-action@master + with: + login: ${{ secrets.CODESCAN_AUTH_TOKEN }} + organization: ${{ secrets.CODESCAN_ORGANIZATION_KEY }} + projectKey: ${{ secrets.CODESCAN_PROJECT_KEY }} + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: codescan.sarif diff --git a/.github/workflows/xanitizer-analysis.yml b/.github/workflows/xanitizer-analysis.yml new file mode 100644 index 000000000..57013db00 --- /dev/null +++ b/.github/workflows/xanitizer-analysis.yml @@ -0,0 +1,87 @@ +# This workflow downloads and installs the latest version of Xanitizer, builds your project, runs a Xanitizer security analysis on it, +# and then archives the findings list reports and uploads the findings into the GitHub code scanning alert section of your repository. +# +# Documentation for the `RIGS-IT/xanitizer-action` is located here: https://github.com/RIGS-IT/xanitizer-action +# +# To use this basic workflow, you will need to complete the following setup steps: +# +# 1. The underlying Xanitizer, used in this workflow, needs a separate license file. +# Licenses are free of charge for open source projects and for educational usage. +# To get more information about the Xanitizer licenses and how to obtain a license file, +# please consult https://www.xanitizer.com/xanitizer-pricing/. +# +# 2. The content of the license file has to be stored as a GitHub secret (e.g. XANITIZER_LICENSE) on this repository. +# Please consult https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets for details. +# +# 3. Reference the GitHub secret in the step using the `RIGS-IT/xanitizer-action` GitHub action. +# Example: +# - name: Xanitizer Security Analysis +# uses: RIGS-IT/xanitizer-action@v1 +# with: +# license: ${{ secrets.XANITIZER_LICENSE }} +# +# 4. As a static application security testing (SAST) tool, +# Xanitizer requires that all dependencies of the artifacts being analyzed can be resolved successfully. +# So you have to install all used libraries and build your project before running the security analysis, +# e.g. via `mvn compile` for Java or `npm install` for JavaScript + +name: "Xanitizer Security Analysis" + +on: + push: + branches: [ master ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ master ] + schedule: + - cron: '45 2 * * 5' + workflow_dispatch: + +jobs: + xanitizer-security-analysis: + # Xanitizer runs on ubuntu-latest and windows-latest. + runs-on: ubuntu-latest + + steps: + # Check out the repository + - name: Checkout + uses: actions/checkout@v2 + + # Set up the correct Java version for your project + # Please comment out, if your project does not contain Java source code. + - name: Set up JDK 11 + uses: actions/setup-java@v1 + with: + java-version: 11 + + # Compile the code for Java projects and get all libraries, e.g. via Maven + # Please adapt, if your project uses another build system to compile Java source code. + # Please comment out, if your project does not contain Java source code. + - name: Compile Java code + run: mvn -B compile + + # Install all dependent libraries for JavaScript/TypeScript projects, e.g. via npm + # Please adapt to run `npm install` in the correct directories. + # Please adapt, if your project uses another package manager for getting JavaScript libraries. + # Please comment out, if your project does not use a package manager for getting JavaScript libraries. + - name: Install JavaScript libraries + run: npm install + + # Run the security analysis with default settings + - name: Xanitizer Security Analysis + uses: RIGS-IT/xanitizer-action@v1 + with: + license: ${{ secrets.XANITIZER_LICENSE }} + + # Archiving the findings list reports + - uses: actions/upload-artifact@v2 + with: + name: Xanitizer-Reports + path: | + *-Findings-List.pdf + *-Findings-List.sarif + + # Uploads the findings into the GitHub code scanning alert section using the upload-sarif action + - uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: Xanitizer-Findings-List.sarif diff --git a/package-lock.json b/package-lock.json index 87dae62e9..2a43e1b1a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5,6 +5,7 @@ "requires": true, "packages": { "": { + "name": "ipfs-desktop", "version": "0.15.0", "hasInstallScript": true, "license": "MIT", @@ -23,7 +24,7 @@ "intl-messageformat": "^9.6.8", "ipfs-http-client": "47.0.1", "ipfsd-ctl": "^7.2.0", - "is-ipfs": "^3.0.0", + "is-ipfs": "^6.0.2", "it-all": "^1.0.5", "it-concat": "^1.0.2", "multiaddr": "^8.1.2", @@ -3665,15 +3666,23 @@ } }, "node_modules/dns-over-http-resolver": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/dns-over-http-resolver/-/dns-over-http-resolver-1.2.1.tgz", - "integrity": "sha512-bYGLGLraOc1tllkC0Xaw+zBiQBnPyooNDpaXNYZprLn0bI6zLmX73QfR+jODz6rZ9oAUn1pw5OWxlEsSoho5TQ==", + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/dns-over-http-resolver/-/dns-over-http-resolver-1.2.3.tgz", + "integrity": "sha512-miDiVSI6KSNbi4SVifzO/reD8rMnxgrlnkrlkugOLQpWQTe2qMdHsZp5DmfKjxNE+/T3VAAYLQUZMv9SMr6+AA==", "dependencies": { - "debug": "^4.2.0", - "native-fetch": "^2.0.1", + "debug": "^4.3.1", + "native-fetch": "^3.0.0", "receptacle": "^1.3.2" } }, + "node_modules/dns-over-http-resolver/node_modules/native-fetch": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/native-fetch/-/native-fetch-3.0.0.tgz", + "integrity": "sha512-G3Z7vx0IFb/FQ4JxvtqGABsOTIqRWvgQz6e+erkB+JJD6LrszQtMozEHI4EkmgZQvnGHrpLVzUWk7t4sJCIkVw==", + "peerDependencies": { + "node-fetch": "*" + } + }, "node_modules/doctrine": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", @@ -6690,38 +6699,53 @@ } }, "node_modules/is-ipfs": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-ipfs/-/is-ipfs-3.0.0.tgz", - "integrity": "sha512-AwOnxpT9p0wl8/xJL7MAZpjg+wcCdp5O+JDYY8GimSKIkFF9TY3eJvq8hen+VF3x1ISGZQCK9tiGQgx4LtOl8w==", + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/is-ipfs/-/is-ipfs-6.0.2.tgz", + "integrity": "sha512-RinUnsggL4hlLoHlZcvs2+92OE46Uflg/YVU1m5fXhyDBS/zh3bq+i6Aw7IbzJZ9oZXJx26TgxpqCuCr+LH/DA==", "dependencies": { - "cids": "^1.1.5", - "iso-url": "^1.0.0", - "mafmt": "^8.0.4", - "multiaddr": "^8.1.2", - "multibase": "^3.1.1", - "multihashes": "^3.1.2", - "uint8arrays": "^2.0.5" + "iso-url": "^1.1.3", + "mafmt": "^10.0.0", + "multiaddr": "^10.0.0", + "multiformats": "^9.0.0", + "uint8arrays": "^3.0.0" }, "engines": { "node": ">=14.0.0", "npm": ">=6.0.0" } }, + "node_modules/is-ipfs/node_modules/err-code": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/err-code/-/err-code-3.0.1.tgz", + "integrity": "sha512-GiaH0KJUewYok+eeY05IIgjtAe4Yltygk9Wqp1V5yVWLdhf0hYZchRjNIT9bb0mSwRcIusT3cx7PJUf3zEIfUA==" + }, "node_modules/is-ipfs/node_modules/iso-url": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/iso-url/-/iso-url-1.0.0.tgz", - "integrity": "sha512-n/MsHgKOoHcFrhsxfbM3aaSdUujoFrrZ3537p3RW80AL7axL36acCseoMwIW4tNOl0n0SnkzNyVh4bREwmHoPQ==", + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/iso-url/-/iso-url-1.2.1.tgz", + "integrity": "sha512-9JPDgCN4B7QPkLtYAAOrEuAWvP9rWvR5offAr0/SeF046wIkglqH3VXgYYP6NcsKslH80UIVgmPqNe3j7tG2ng==", "engines": { - "node": ">=10" + "node": ">=12" + } + }, + "node_modules/is-ipfs/node_modules/multiaddr": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/multiaddr/-/multiaddr-10.0.1.tgz", + "integrity": "sha512-G5upNcGzEGuTHkzxezPrrD6CaIHR9uo+7MwqhNVcXTs33IInon4y7nMiGxl2CY5hG7chvYQUQhz5V52/Qe3cbg==", + "dependencies": { + "dns-over-http-resolver": "^1.2.3", + "err-code": "^3.0.1", + "is-ip": "^3.1.0", + "multiformats": "^9.4.5", + "uint8arrays": "^3.0.0", + "varint": "^6.0.0" } }, "node_modules/is-ipfs/node_modules/uint8arrays": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-2.1.2.tgz", - "integrity": "sha512-/VcLZbPMs/dk23u22IZlPWycfBxntpwrvISHQs93/OdRlUTnQw9Uzmzaoq7DgJAZl1SlP/kw+NhbjFAEED42rQ==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-3.0.0.tgz", + "integrity": "sha512-HRCx0q6O9Bfbp+HHSfQQKD7wU70+lydKVt4EghkdOvlK/NlrF90z+eXV34mUd48rNvVJXwkrMSPpCATkct8fJA==", "dependencies": { - "multibase": "^3.0.0", - "web-encoding": "^1.0.5" + "multiformats": "^9.4.2" } }, "node_modules/is-negative-zero": { @@ -7531,11 +7555,37 @@ } }, "node_modules/mafmt": { - "version": "8.0.4", - "resolved": "https://registry.npmjs.org/mafmt/-/mafmt-8.0.4.tgz", - "integrity": "sha512-wwZ5+PU0vQw10kwQRyZin1Z0dqVOp0BnYlX1xvXHS2fmLwrrQCfU1+3tlW5MRcihUwGz1virnVhbRAU1biKfiw==", + "version": "10.0.0", + "resolved": "https://registry.npmjs.org/mafmt/-/mafmt-10.0.0.tgz", + "integrity": "sha512-K1bziJOXcnepfztu+2Xy9FLKVLaFMDuspmiyJIYRxnO0WOxFSV7XKSdMxMrVZxcvg1+YjlTIvSGTImUHU2k4Aw==", "dependencies": { - "multiaddr": "^8.0.0" + "multiaddr": "^10.0.0" + } + }, + "node_modules/mafmt/node_modules/err-code": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/err-code/-/err-code-3.0.1.tgz", + "integrity": "sha512-GiaH0KJUewYok+eeY05IIgjtAe4Yltygk9Wqp1V5yVWLdhf0hYZchRjNIT9bb0mSwRcIusT3cx7PJUf3zEIfUA==" + }, + "node_modules/mafmt/node_modules/multiaddr": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/multiaddr/-/multiaddr-10.0.1.tgz", + "integrity": "sha512-G5upNcGzEGuTHkzxezPrrD6CaIHR9uo+7MwqhNVcXTs33IInon4y7nMiGxl2CY5hG7chvYQUQhz5V52/Qe3cbg==", + "dependencies": { + "dns-over-http-resolver": "^1.2.3", + "err-code": "^3.0.1", + "is-ip": "^3.1.0", + "multiformats": "^9.4.5", + "uint8arrays": "^3.0.0", + "varint": "^6.0.0" + } + }, + "node_modules/mafmt/node_modules/uint8arrays": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-3.0.0.tgz", + "integrity": "sha512-HRCx0q6O9Bfbp+HHSfQQKD7wU70+lydKVt4EghkdOvlK/NlrF90z+eXV34mUd48rNvVJXwkrMSPpCATkct8fJA==", + "dependencies": { + "multiformats": "^9.4.2" } }, "node_modules/make-dir": { @@ -8044,6 +8094,11 @@ "varint": "^6.0.0" } }, + "node_modules/multiformats": { + "version": "9.7.0", + "resolved": "https://registry.npmjs.org/multiformats/-/multiformats-9.7.0.tgz", + "integrity": "sha512-uv/tcgwk0yN4DStopnBN4GTgvaAlYdy6KnZpuzEPFOYQd71DYFJjs0MN1ERElAflrZaYyGBWXyGxL5GgrxIx0Q==" + }, "node_modules/multihashes": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/multihashes/-/multihashes-3.1.2.tgz", @@ -14470,7 +14525,9 @@ "version": "2.0.2", "resolved": "https://registry.npmjs.org/ajv-formats/-/ajv-formats-2.0.2.tgz", "integrity": "sha512-Brah4Uo5/U8v76c6euTwtjVFFaVishwnJrQBYpev1JRh4vjA1F4HY3UzQez41YUCszUCXKagG8v6eVRBHV1gkw==", - "requires": {} + "requires": { + "ajv": "^8.0.0" + } }, "json-schema-traverse": { "version": "1.0.0", @@ -15057,13 +15114,21 @@ } }, "dns-over-http-resolver": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/dns-over-http-resolver/-/dns-over-http-resolver-1.2.1.tgz", - "integrity": "sha512-bYGLGLraOc1tllkC0Xaw+zBiQBnPyooNDpaXNYZprLn0bI6zLmX73QfR+jODz6rZ9oAUn1pw5OWxlEsSoho5TQ==", + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/dns-over-http-resolver/-/dns-over-http-resolver-1.2.3.tgz", + "integrity": "sha512-miDiVSI6KSNbi4SVifzO/reD8rMnxgrlnkrlkugOLQpWQTe2qMdHsZp5DmfKjxNE+/T3VAAYLQUZMv9SMr6+AA==", "requires": { - "debug": "^4.2.0", - "native-fetch": "^2.0.1", + "debug": "^4.3.1", + "native-fetch": "^3.0.0", "receptacle": "^1.3.2" + }, + "dependencies": { + "native-fetch": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/native-fetch/-/native-fetch-3.0.0.tgz", + "integrity": "sha512-G3Z7vx0IFb/FQ4JxvtqGABsOTIqRWvgQz6e+erkB+JJD6LrszQtMozEHI4EkmgZQvnGHrpLVzUWk7t4sJCIkVw==", + "requires": {} + } } }, "doctrine": { @@ -17528,31 +17593,46 @@ } }, "is-ipfs": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-ipfs/-/is-ipfs-3.0.0.tgz", - "integrity": "sha512-AwOnxpT9p0wl8/xJL7MAZpjg+wcCdp5O+JDYY8GimSKIkFF9TY3eJvq8hen+VF3x1ISGZQCK9tiGQgx4LtOl8w==", + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/is-ipfs/-/is-ipfs-6.0.2.tgz", + "integrity": "sha512-RinUnsggL4hlLoHlZcvs2+92OE46Uflg/YVU1m5fXhyDBS/zh3bq+i6Aw7IbzJZ9oZXJx26TgxpqCuCr+LH/DA==", "requires": { - "cids": "^1.1.5", - "iso-url": "^1.0.0", - "mafmt": "^8.0.4", - "multiaddr": "^8.1.2", - "multibase": "^3.1.1", - "multihashes": "^3.1.2", - "uint8arrays": "^2.0.5" + "iso-url": "^1.1.3", + "mafmt": "^10.0.0", + "multiaddr": "^10.0.0", + "multiformats": "^9.0.0", + "uint8arrays": "^3.0.0" }, "dependencies": { + "err-code": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/err-code/-/err-code-3.0.1.tgz", + "integrity": "sha512-GiaH0KJUewYok+eeY05IIgjtAe4Yltygk9Wqp1V5yVWLdhf0hYZchRjNIT9bb0mSwRcIusT3cx7PJUf3zEIfUA==" + }, "iso-url": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/iso-url/-/iso-url-1.0.0.tgz", - "integrity": "sha512-n/MsHgKOoHcFrhsxfbM3aaSdUujoFrrZ3537p3RW80AL7axL36acCseoMwIW4tNOl0n0SnkzNyVh4bREwmHoPQ==" + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/iso-url/-/iso-url-1.2.1.tgz", + "integrity": "sha512-9JPDgCN4B7QPkLtYAAOrEuAWvP9rWvR5offAr0/SeF046wIkglqH3VXgYYP6NcsKslH80UIVgmPqNe3j7tG2ng==" + }, + "multiaddr": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/multiaddr/-/multiaddr-10.0.1.tgz", + "integrity": "sha512-G5upNcGzEGuTHkzxezPrrD6CaIHR9uo+7MwqhNVcXTs33IInon4y7nMiGxl2CY5hG7chvYQUQhz5V52/Qe3cbg==", + "requires": { + "dns-over-http-resolver": "^1.2.3", + "err-code": "^3.0.1", + "is-ip": "^3.1.0", + "multiformats": "^9.4.5", + "uint8arrays": "^3.0.0", + "varint": "^6.0.0" + } }, "uint8arrays": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-2.1.2.tgz", - "integrity": "sha512-/VcLZbPMs/dk23u22IZlPWycfBxntpwrvISHQs93/OdRlUTnQw9Uzmzaoq7DgJAZl1SlP/kw+NhbjFAEED42rQ==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-3.0.0.tgz", + "integrity": "sha512-HRCx0q6O9Bfbp+HHSfQQKD7wU70+lydKVt4EghkdOvlK/NlrF90z+eXV34mUd48rNvVJXwkrMSPpCATkct8fJA==", "requires": { - "multibase": "^3.0.0", - "web-encoding": "^1.0.5" + "multiformats": "^9.4.2" } } } @@ -18247,11 +18327,39 @@ } }, "mafmt": { - "version": "8.0.4", - "resolved": "https://registry.npmjs.org/mafmt/-/mafmt-8.0.4.tgz", - "integrity": "sha512-wwZ5+PU0vQw10kwQRyZin1Z0dqVOp0BnYlX1xvXHS2fmLwrrQCfU1+3tlW5MRcihUwGz1virnVhbRAU1biKfiw==", + "version": "10.0.0", + "resolved": "https://registry.npmjs.org/mafmt/-/mafmt-10.0.0.tgz", + "integrity": "sha512-K1bziJOXcnepfztu+2Xy9FLKVLaFMDuspmiyJIYRxnO0WOxFSV7XKSdMxMrVZxcvg1+YjlTIvSGTImUHU2k4Aw==", "requires": { - "multiaddr": "^8.0.0" + "multiaddr": "^10.0.0" + }, + "dependencies": { + "err-code": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/err-code/-/err-code-3.0.1.tgz", + "integrity": "sha512-GiaH0KJUewYok+eeY05IIgjtAe4Yltygk9Wqp1V5yVWLdhf0hYZchRjNIT9bb0mSwRcIusT3cx7PJUf3zEIfUA==" + }, + "multiaddr": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/multiaddr/-/multiaddr-10.0.1.tgz", + "integrity": "sha512-G5upNcGzEGuTHkzxezPrrD6CaIHR9uo+7MwqhNVcXTs33IInon4y7nMiGxl2CY5hG7chvYQUQhz5V52/Qe3cbg==", + "requires": { + "dns-over-http-resolver": "^1.2.3", + "err-code": "^3.0.1", + "is-ip": "^3.1.0", + "multiformats": "^9.4.5", + "uint8arrays": "^3.0.0", + "varint": "^6.0.0" + } + }, + "uint8arrays": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-3.0.0.tgz", + "integrity": "sha512-HRCx0q6O9Bfbp+HHSfQQKD7wU70+lydKVt4EghkdOvlK/NlrF90z+eXV34mUd48rNvVJXwkrMSPpCATkct8fJA==", + "requires": { + "multiformats": "^9.4.2" + } + } } }, "make-dir": { @@ -18666,6 +18774,11 @@ "varint": "^6.0.0" } }, + "multiformats": { + "version": "9.7.0", + "resolved": "https://registry.npmjs.org/multiformats/-/multiformats-9.7.0.tgz", + "integrity": "sha512-uv/tcgwk0yN4DStopnBN4GTgvaAlYdy6KnZpuzEPFOYQd71DYFJjs0MN1ERElAflrZaYyGBWXyGxL5GgrxIx0Q==" + }, "multihashes": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/multihashes/-/multihashes-3.1.2.tgz", diff --git a/package.json b/package.json index 7584b73d0..0f52a8963 100644 --- a/package.json +++ b/package.json @@ -88,7 +88,7 @@ "intl-messageformat": "^9.6.8", "ipfs-http-client": "47.0.1", "ipfsd-ctl": "^7.2.0", - "is-ipfs": "^3.0.0", + "is-ipfs": "^6.0.2", "it-all": "^1.0.5", "it-concat": "^1.0.2", "multiaddr": "^8.1.2",