From 5303e1565f150fe32e1ea677927ab4ec215a0435 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 12 Jun 2021 10:10:09 +0000 Subject: [PATCH 1/6] chore(deps): bump glob-parent from 5.1.1 to 5.1.2 Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2) --- updated-dependencies: - dependency-name: glob-parent dependency-type: indirect ... Signed-off-by: dependabot[bot] --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index d847fc26a..9eea8fe23 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4772,9 +4772,9 @@ } }, "glob-parent": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.1.tgz", - "integrity": "sha512-FnI+VGOpnlGHWZxthPGR+QhR78fuiK0sNLkHQv+bL9fQi57lNNdquIbna/WrfROrolq8GK5Ek6BiMwqL/voRYQ==", + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==", "dev": true, "requires": { "is-glob": "^4.0.1" From acbe3ba6a0ba045f905ea4d1d50e02a9816fc8a4 Mon Sep 17 00:00:00 2001 From: Marcel Raschke <42359664+MarcelRaschke@users.noreply.github.com> Date: Thu, 17 Jun 2021 04:37:40 +0200 Subject: [PATCH 2/6] Create codeql-analysis.yml --- .github/workflows/codeql-analysis.yml | 71 +++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 000000000..c131c55ed --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,71 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" + +on: + push: + branches: [ master ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ master ] + schedule: + - cron: '41 4 * * 2' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'javascript' ] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] + # Learn more: + # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # queries: ./path/to/local/query, your-org/your-repo/queries@main + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 From 51882fbef33a81b15843ba304a7025cdbfb2a914 Mon Sep 17 00:00:00 2001 From: Marcel Raschke <42359664+MarcelRaschke@users.noreply.github.com> Date: Thu, 17 Jun 2021 04:38:00 +0200 Subject: [PATCH 3/6] Create codacy-analysis.yml --- .github/workflows/codacy-analysis.yml | 49 +++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 .github/workflows/codacy-analysis.yml diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml new file mode 100644 index 000000000..ca12b3f8a --- /dev/null +++ b/.github/workflows/codacy-analysis.yml @@ -0,0 +1,49 @@ +# This workflow checks out code, performs a Codacy security scan +# and integrates the results with the +# GitHub Advanced Security code scanning feature. For more information on +# the Codacy security scan action usage and parameters, see +# https://github.com/codacy/codacy-analysis-cli-action. +# For more information on Codacy Analysis CLI in general, see +# https://github.com/codacy/codacy-analysis-cli. + +name: Codacy Security Scan + +on: + push: + branches: [ master ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ master ] + schedule: + - cron: '25 10 * * 3' + +jobs: + codacy-security-scan: + name: Codacy Security Scan + runs-on: ubuntu-latest + steps: + # Checkout the repository to the GitHub Actions runner + - name: Checkout code + uses: actions/checkout@v2 + + # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis + - name: Run Codacy Analysis CLI + uses: codacy/codacy-analysis-cli-action@1.1.0 + with: + # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository + # You can also omit the token and run the tools that support default configurations + project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} + verbose: true + output: results.sarif + format: sarif + # Adjust severity of non-security issues + gh-code-scanning-compat: true + # Force 0 exit code to allow SARIF file generation + # This will handover control about PR rejection to the GitHub side + max-allowed-issues: 2147483647 + + # Upload the SARIF file generated in the previous step + - name: Upload SARIF results file + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: results.sarif From d0f2f8d077246602eb5aa16e5c16fb4051b1ba18 Mon Sep 17 00:00:00 2001 From: Marcel Raschke <42359664+MarcelRaschke@users.noreply.github.com> Date: Thu, 17 Jun 2021 04:38:25 +0200 Subject: [PATCH 4/6] Create codescan-analysis.yml --- .github/workflows/codescan-analysis.yml | 37 +++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 .github/workflows/codescan-analysis.yml diff --git a/.github/workflows/codescan-analysis.yml b/.github/workflows/codescan-analysis.yml new file mode 100644 index 000000000..28687186e --- /dev/null +++ b/.github/workflows/codescan-analysis.yml @@ -0,0 +1,37 @@ +# This workflow requires that you have an existing account with codescan.io +# For more information about configuring your workflow, +# read our documentation at https://github.com/codescan-io/codescan-scanner-action +name: CodeScan + +on: + push: + branches: [ master ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ master ] + schedule: + - cron: '36 23 * * 3' + +jobs: + CodeScan: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v2 + - name: Cache files + uses: actions/cache@v2 + with: + path: | + ~/.sonar + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Run Analysis + uses: codescan-io/codescan-scanner-action@master + with: + login: ${{ secrets.CODESCAN_AUTH_TOKEN }} + organization: ${{ secrets.CODESCAN_ORGANIZATION_KEY }} + projectKey: ${{ secrets.CODESCAN_PROJECT_KEY }} + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: codescan.sarif From 701f109bdd696c16b7fdacf344180d3b68127ddd Mon Sep 17 00:00:00 2001 From: Marcel Raschke <42359664+MarcelRaschke@users.noreply.github.com> Date: Thu, 17 Jun 2021 04:38:58 +0200 Subject: [PATCH 5/6] Create xanitizer-analysis.yml --- .github/workflows/xanitizer-analysis.yml | 87 ++++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100644 .github/workflows/xanitizer-analysis.yml diff --git a/.github/workflows/xanitizer-analysis.yml b/.github/workflows/xanitizer-analysis.yml new file mode 100644 index 000000000..57013db00 --- /dev/null +++ b/.github/workflows/xanitizer-analysis.yml @@ -0,0 +1,87 @@ +# This workflow downloads and installs the latest version of Xanitizer, builds your project, runs a Xanitizer security analysis on it, +# and then archives the findings list reports and uploads the findings into the GitHub code scanning alert section of your repository. +# +# Documentation for the `RIGS-IT/xanitizer-action` is located here: https://github.com/RIGS-IT/xanitizer-action +# +# To use this basic workflow, you will need to complete the following setup steps: +# +# 1. The underlying Xanitizer, used in this workflow, needs a separate license file. +# Licenses are free of charge for open source projects and for educational usage. +# To get more information about the Xanitizer licenses and how to obtain a license file, +# please consult https://www.xanitizer.com/xanitizer-pricing/. +# +# 2. The content of the license file has to be stored as a GitHub secret (e.g. XANITIZER_LICENSE) on this repository. +# Please consult https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets for details. +# +# 3. Reference the GitHub secret in the step using the `RIGS-IT/xanitizer-action` GitHub action. +# Example: +# - name: Xanitizer Security Analysis +# uses: RIGS-IT/xanitizer-action@v1 +# with: +# license: ${{ secrets.XANITIZER_LICENSE }} +# +# 4. As a static application security testing (SAST) tool, +# Xanitizer requires that all dependencies of the artifacts being analyzed can be resolved successfully. +# So you have to install all used libraries and build your project before running the security analysis, +# e.g. via `mvn compile` for Java or `npm install` for JavaScript + +name: "Xanitizer Security Analysis" + +on: + push: + branches: [ master ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ master ] + schedule: + - cron: '45 2 * * 5' + workflow_dispatch: + +jobs: + xanitizer-security-analysis: + # Xanitizer runs on ubuntu-latest and windows-latest. + runs-on: ubuntu-latest + + steps: + # Check out the repository + - name: Checkout + uses: actions/checkout@v2 + + # Set up the correct Java version for your project + # Please comment out, if your project does not contain Java source code. + - name: Set up JDK 11 + uses: actions/setup-java@v1 + with: + java-version: 11 + + # Compile the code for Java projects and get all libraries, e.g. via Maven + # Please adapt, if your project uses another build system to compile Java source code. + # Please comment out, if your project does not contain Java source code. + - name: Compile Java code + run: mvn -B compile + + # Install all dependent libraries for JavaScript/TypeScript projects, e.g. via npm + # Please adapt to run `npm install` in the correct directories. + # Please adapt, if your project uses another package manager for getting JavaScript libraries. + # Please comment out, if your project does not use a package manager for getting JavaScript libraries. + - name: Install JavaScript libraries + run: npm install + + # Run the security analysis with default settings + - name: Xanitizer Security Analysis + uses: RIGS-IT/xanitizer-action@v1 + with: + license: ${{ secrets.XANITIZER_LICENSE }} + + # Archiving the findings list reports + - uses: actions/upload-artifact@v2 + with: + name: Xanitizer-Reports + path: | + *-Findings-List.pdf + *-Findings-List.sarif + + # Uploads the findings into the GitHub code scanning alert section using the upload-sarif action + - uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: Xanitizer-Findings-List.sarif From 42fc6cebe46f64b5ac68bfb9367ae96e30b1087c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 9 Jul 2022 09:15:44 +0000 Subject: [PATCH 6/6] feat: upgrade is-ipfs from 3.0.0 to 6.0.2 Snyk has created this PR to upgrade is-ipfs from 3.0.0 to 6.0.2. See this package in npm: https://www.npmjs.com/package/is-ipfs See this project in Snyk: https://app.snyk.io/org/marcelraschke/project/baeee53f-8ae8-46ae-8a73-fa9cfc22ff92?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 233 ++++++++++++++++++++++++++++++++++------------ package.json | 2 +- 2 files changed, 174 insertions(+), 61 deletions(-) diff --git a/package-lock.json b/package-lock.json index 6188834e6..2a43e1b1a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5,6 +5,7 @@ "requires": true, "packages": { "": { + "name": "ipfs-desktop", "version": "0.15.0", "hasInstallScript": true, "license": "MIT", @@ -23,7 +24,7 @@ "intl-messageformat": "^9.6.8", "ipfs-http-client": "47.0.1", "ipfsd-ctl": "^7.2.0", - "is-ipfs": "^3.0.0", + "is-ipfs": "^6.0.2", "it-all": "^1.0.5", "it-concat": "^1.0.2", "multiaddr": "^8.1.2", @@ -3665,15 +3666,23 @@ } }, "node_modules/dns-over-http-resolver": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/dns-over-http-resolver/-/dns-over-http-resolver-1.2.1.tgz", - "integrity": "sha512-bYGLGLraOc1tllkC0Xaw+zBiQBnPyooNDpaXNYZprLn0bI6zLmX73QfR+jODz6rZ9oAUn1pw5OWxlEsSoho5TQ==", + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/dns-over-http-resolver/-/dns-over-http-resolver-1.2.3.tgz", + "integrity": "sha512-miDiVSI6KSNbi4SVifzO/reD8rMnxgrlnkrlkugOLQpWQTe2qMdHsZp5DmfKjxNE+/T3VAAYLQUZMv9SMr6+AA==", "dependencies": { - "debug": "^4.2.0", - "native-fetch": "^2.0.1", + "debug": "^4.3.1", + "native-fetch": "^3.0.0", "receptacle": "^1.3.2" } }, + "node_modules/dns-over-http-resolver/node_modules/native-fetch": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/native-fetch/-/native-fetch-3.0.0.tgz", + "integrity": "sha512-G3Z7vx0IFb/FQ4JxvtqGABsOTIqRWvgQz6e+erkB+JJD6LrszQtMozEHI4EkmgZQvnGHrpLVzUWk7t4sJCIkVw==", + "peerDependencies": { + "node-fetch": "*" + } + }, "node_modules/doctrine": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", @@ -6690,38 +6699,53 @@ } }, "node_modules/is-ipfs": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-ipfs/-/is-ipfs-3.0.0.tgz", - "integrity": "sha512-AwOnxpT9p0wl8/xJL7MAZpjg+wcCdp5O+JDYY8GimSKIkFF9TY3eJvq8hen+VF3x1ISGZQCK9tiGQgx4LtOl8w==", + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/is-ipfs/-/is-ipfs-6.0.2.tgz", + "integrity": "sha512-RinUnsggL4hlLoHlZcvs2+92OE46Uflg/YVU1m5fXhyDBS/zh3bq+i6Aw7IbzJZ9oZXJx26TgxpqCuCr+LH/DA==", "dependencies": { - "cids": "^1.1.5", - "iso-url": "^1.0.0", - "mafmt": "^8.0.4", - "multiaddr": "^8.1.2", - "multibase": "^3.1.1", - "multihashes": "^3.1.2", - "uint8arrays": "^2.0.5" + "iso-url": "^1.1.3", + "mafmt": "^10.0.0", + "multiaddr": "^10.0.0", + "multiformats": "^9.0.0", + "uint8arrays": "^3.0.0" }, "engines": { "node": ">=14.0.0", "npm": ">=6.0.0" } }, + "node_modules/is-ipfs/node_modules/err-code": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/err-code/-/err-code-3.0.1.tgz", + "integrity": "sha512-GiaH0KJUewYok+eeY05IIgjtAe4Yltygk9Wqp1V5yVWLdhf0hYZchRjNIT9bb0mSwRcIusT3cx7PJUf3zEIfUA==" + }, "node_modules/is-ipfs/node_modules/iso-url": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/iso-url/-/iso-url-1.0.0.tgz", - "integrity": "sha512-n/MsHgKOoHcFrhsxfbM3aaSdUujoFrrZ3537p3RW80AL7axL36acCseoMwIW4tNOl0n0SnkzNyVh4bREwmHoPQ==", + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/iso-url/-/iso-url-1.2.1.tgz", + "integrity": "sha512-9JPDgCN4B7QPkLtYAAOrEuAWvP9rWvR5offAr0/SeF046wIkglqH3VXgYYP6NcsKslH80UIVgmPqNe3j7tG2ng==", "engines": { - "node": ">=10" + "node": ">=12" + } + }, + "node_modules/is-ipfs/node_modules/multiaddr": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/multiaddr/-/multiaddr-10.0.1.tgz", + "integrity": "sha512-G5upNcGzEGuTHkzxezPrrD6CaIHR9uo+7MwqhNVcXTs33IInon4y7nMiGxl2CY5hG7chvYQUQhz5V52/Qe3cbg==", + "dependencies": { + "dns-over-http-resolver": "^1.2.3", + "err-code": "^3.0.1", + "is-ip": "^3.1.0", + "multiformats": "^9.4.5", + "uint8arrays": "^3.0.0", + "varint": "^6.0.0" } }, "node_modules/is-ipfs/node_modules/uint8arrays": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-2.1.2.tgz", - "integrity": "sha512-/VcLZbPMs/dk23u22IZlPWycfBxntpwrvISHQs93/OdRlUTnQw9Uzmzaoq7DgJAZl1SlP/kw+NhbjFAEED42rQ==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-3.0.0.tgz", + "integrity": "sha512-HRCx0q6O9Bfbp+HHSfQQKD7wU70+lydKVt4EghkdOvlK/NlrF90z+eXV34mUd48rNvVJXwkrMSPpCATkct8fJA==", "dependencies": { - "multibase": "^3.0.0", - "web-encoding": "^1.0.5" + "multiformats": "^9.4.2" } }, "node_modules/is-negative-zero": { @@ -7531,11 +7555,37 @@ } }, "node_modules/mafmt": { - "version": "8.0.4", - "resolved": "https://registry.npmjs.org/mafmt/-/mafmt-8.0.4.tgz", - "integrity": "sha512-wwZ5+PU0vQw10kwQRyZin1Z0dqVOp0BnYlX1xvXHS2fmLwrrQCfU1+3tlW5MRcihUwGz1virnVhbRAU1biKfiw==", + "version": "10.0.0", + "resolved": "https://registry.npmjs.org/mafmt/-/mafmt-10.0.0.tgz", + "integrity": "sha512-K1bziJOXcnepfztu+2Xy9FLKVLaFMDuspmiyJIYRxnO0WOxFSV7XKSdMxMrVZxcvg1+YjlTIvSGTImUHU2k4Aw==", "dependencies": { - "multiaddr": "^8.0.0" + "multiaddr": "^10.0.0" + } + }, + "node_modules/mafmt/node_modules/err-code": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/err-code/-/err-code-3.0.1.tgz", + "integrity": "sha512-GiaH0KJUewYok+eeY05IIgjtAe4Yltygk9Wqp1V5yVWLdhf0hYZchRjNIT9bb0mSwRcIusT3cx7PJUf3zEIfUA==" + }, + "node_modules/mafmt/node_modules/multiaddr": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/multiaddr/-/multiaddr-10.0.1.tgz", + "integrity": "sha512-G5upNcGzEGuTHkzxezPrrD6CaIHR9uo+7MwqhNVcXTs33IInon4y7nMiGxl2CY5hG7chvYQUQhz5V52/Qe3cbg==", + "dependencies": { + "dns-over-http-resolver": "^1.2.3", + "err-code": "^3.0.1", + "is-ip": "^3.1.0", + "multiformats": "^9.4.5", + "uint8arrays": "^3.0.0", + "varint": "^6.0.0" + } + }, + "node_modules/mafmt/node_modules/uint8arrays": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-3.0.0.tgz", + "integrity": "sha512-HRCx0q6O9Bfbp+HHSfQQKD7wU70+lydKVt4EghkdOvlK/NlrF90z+eXV34mUd48rNvVJXwkrMSPpCATkct8fJA==", + "dependencies": { + "multiformats": "^9.4.2" } }, "node_modules/make-dir": { @@ -8044,6 +8094,11 @@ "varint": "^6.0.0" } }, + "node_modules/multiformats": { + "version": "9.7.0", + "resolved": "https://registry.npmjs.org/multiformats/-/multiformats-9.7.0.tgz", + "integrity": "sha512-uv/tcgwk0yN4DStopnBN4GTgvaAlYdy6KnZpuzEPFOYQd71DYFJjs0MN1ERElAflrZaYyGBWXyGxL5GgrxIx0Q==" + }, "node_modules/multihashes": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/multihashes/-/multihashes-3.1.2.tgz", @@ -14470,7 +14525,9 @@ "version": "2.0.2", "resolved": "https://registry.npmjs.org/ajv-formats/-/ajv-formats-2.0.2.tgz", "integrity": "sha512-Brah4Uo5/U8v76c6euTwtjVFFaVishwnJrQBYpev1JRh4vjA1F4HY3UzQez41YUCszUCXKagG8v6eVRBHV1gkw==", - "requires": {} + "requires": { + "ajv": "^8.0.0" + } }, "json-schema-traverse": { "version": "1.0.0", @@ -15057,13 +15114,21 @@ } }, "dns-over-http-resolver": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/dns-over-http-resolver/-/dns-over-http-resolver-1.2.1.tgz", - "integrity": "sha512-bYGLGLraOc1tllkC0Xaw+zBiQBnPyooNDpaXNYZprLn0bI6zLmX73QfR+jODz6rZ9oAUn1pw5OWxlEsSoho5TQ==", + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/dns-over-http-resolver/-/dns-over-http-resolver-1.2.3.tgz", + "integrity": "sha512-miDiVSI6KSNbi4SVifzO/reD8rMnxgrlnkrlkugOLQpWQTe2qMdHsZp5DmfKjxNE+/T3VAAYLQUZMv9SMr6+AA==", "requires": { - "debug": "^4.2.0", - "native-fetch": "^2.0.1", + "debug": "^4.3.1", + "native-fetch": "^3.0.0", "receptacle": "^1.3.2" + }, + "dependencies": { + "native-fetch": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/native-fetch/-/native-fetch-3.0.0.tgz", + "integrity": "sha512-G3Z7vx0IFb/FQ4JxvtqGABsOTIqRWvgQz6e+erkB+JJD6LrszQtMozEHI4EkmgZQvnGHrpLVzUWk7t4sJCIkVw==", + "requires": {} + } } }, "doctrine": { @@ -16455,9 +16520,9 @@ } }, "glob-parent": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", - "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==", + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.1.tgz", + "integrity": "sha512-FnI+VGOpnlGHWZxthPGR+QhR78fuiK0sNLkHQv+bL9fQi57lNNdquIbna/WrfROrolq8GK5Ek6BiMwqL/voRYQ==", "dev": true, "requires": { "is-glob": "^4.0.1" @@ -17528,31 +17593,46 @@ } }, "is-ipfs": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-ipfs/-/is-ipfs-3.0.0.tgz", - "integrity": "sha512-AwOnxpT9p0wl8/xJL7MAZpjg+wcCdp5O+JDYY8GimSKIkFF9TY3eJvq8hen+VF3x1ISGZQCK9tiGQgx4LtOl8w==", + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/is-ipfs/-/is-ipfs-6.0.2.tgz", + "integrity": "sha512-RinUnsggL4hlLoHlZcvs2+92OE46Uflg/YVU1m5fXhyDBS/zh3bq+i6Aw7IbzJZ9oZXJx26TgxpqCuCr+LH/DA==", "requires": { - "cids": "^1.1.5", - "iso-url": "^1.0.0", - "mafmt": "^8.0.4", - "multiaddr": "^8.1.2", - "multibase": "^3.1.1", - "multihashes": "^3.1.2", - "uint8arrays": "^2.0.5" + "iso-url": "^1.1.3", + "mafmt": "^10.0.0", + "multiaddr": "^10.0.0", + "multiformats": "^9.0.0", + "uint8arrays": "^3.0.0" }, "dependencies": { + "err-code": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/err-code/-/err-code-3.0.1.tgz", + "integrity": "sha512-GiaH0KJUewYok+eeY05IIgjtAe4Yltygk9Wqp1V5yVWLdhf0hYZchRjNIT9bb0mSwRcIusT3cx7PJUf3zEIfUA==" + }, "iso-url": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/iso-url/-/iso-url-1.0.0.tgz", - "integrity": "sha512-n/MsHgKOoHcFrhsxfbM3aaSdUujoFrrZ3537p3RW80AL7axL36acCseoMwIW4tNOl0n0SnkzNyVh4bREwmHoPQ==" + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/iso-url/-/iso-url-1.2.1.tgz", + "integrity": "sha512-9JPDgCN4B7QPkLtYAAOrEuAWvP9rWvR5offAr0/SeF046wIkglqH3VXgYYP6NcsKslH80UIVgmPqNe3j7tG2ng==" + }, + "multiaddr": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/multiaddr/-/multiaddr-10.0.1.tgz", + "integrity": "sha512-G5upNcGzEGuTHkzxezPrrD6CaIHR9uo+7MwqhNVcXTs33IInon4y7nMiGxl2CY5hG7chvYQUQhz5V52/Qe3cbg==", + "requires": { + "dns-over-http-resolver": "^1.2.3", + "err-code": "^3.0.1", + "is-ip": "^3.1.0", + "multiformats": "^9.4.5", + "uint8arrays": "^3.0.0", + "varint": "^6.0.0" + } }, "uint8arrays": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-2.1.2.tgz", - "integrity": "sha512-/VcLZbPMs/dk23u22IZlPWycfBxntpwrvISHQs93/OdRlUTnQw9Uzmzaoq7DgJAZl1SlP/kw+NhbjFAEED42rQ==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-3.0.0.tgz", + "integrity": "sha512-HRCx0q6O9Bfbp+HHSfQQKD7wU70+lydKVt4EghkdOvlK/NlrF90z+eXV34mUd48rNvVJXwkrMSPpCATkct8fJA==", "requires": { - "multibase": "^3.0.0", - "web-encoding": "^1.0.5" + "multiformats": "^9.4.2" } } } @@ -18247,11 +18327,39 @@ } }, "mafmt": { - "version": "8.0.4", - "resolved": "https://registry.npmjs.org/mafmt/-/mafmt-8.0.4.tgz", - "integrity": "sha512-wwZ5+PU0vQw10kwQRyZin1Z0dqVOp0BnYlX1xvXHS2fmLwrrQCfU1+3tlW5MRcihUwGz1virnVhbRAU1biKfiw==", + "version": "10.0.0", + "resolved": "https://registry.npmjs.org/mafmt/-/mafmt-10.0.0.tgz", + "integrity": "sha512-K1bziJOXcnepfztu+2Xy9FLKVLaFMDuspmiyJIYRxnO0WOxFSV7XKSdMxMrVZxcvg1+YjlTIvSGTImUHU2k4Aw==", "requires": { - "multiaddr": "^8.0.0" + "multiaddr": "^10.0.0" + }, + "dependencies": { + "err-code": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/err-code/-/err-code-3.0.1.tgz", + "integrity": "sha512-GiaH0KJUewYok+eeY05IIgjtAe4Yltygk9Wqp1V5yVWLdhf0hYZchRjNIT9bb0mSwRcIusT3cx7PJUf3zEIfUA==" + }, + "multiaddr": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/multiaddr/-/multiaddr-10.0.1.tgz", + "integrity": "sha512-G5upNcGzEGuTHkzxezPrrD6CaIHR9uo+7MwqhNVcXTs33IInon4y7nMiGxl2CY5hG7chvYQUQhz5V52/Qe3cbg==", + "requires": { + "dns-over-http-resolver": "^1.2.3", + "err-code": "^3.0.1", + "is-ip": "^3.1.0", + "multiformats": "^9.4.5", + "uint8arrays": "^3.0.0", + "varint": "^6.0.0" + } + }, + "uint8arrays": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-3.0.0.tgz", + "integrity": "sha512-HRCx0q6O9Bfbp+HHSfQQKD7wU70+lydKVt4EghkdOvlK/NlrF90z+eXV34mUd48rNvVJXwkrMSPpCATkct8fJA==", + "requires": { + "multiformats": "^9.4.2" + } + } } }, "make-dir": { @@ -18666,6 +18774,11 @@ "varint": "^6.0.0" } }, + "multiformats": { + "version": "9.7.0", + "resolved": "https://registry.npmjs.org/multiformats/-/multiformats-9.7.0.tgz", + "integrity": "sha512-uv/tcgwk0yN4DStopnBN4GTgvaAlYdy6KnZpuzEPFOYQd71DYFJjs0MN1ERElAflrZaYyGBWXyGxL5GgrxIx0Q==" + }, "multihashes": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/multihashes/-/multihashes-3.1.2.tgz", diff --git a/package.json b/package.json index 7584b73d0..0f52a8963 100644 --- a/package.json +++ b/package.json @@ -88,7 +88,7 @@ "intl-messageformat": "^9.6.8", "ipfs-http-client": "47.0.1", "ipfsd-ctl": "^7.2.0", - "is-ipfs": "^3.0.0", + "is-ipfs": "^6.0.2", "it-all": "^1.0.5", "it-concat": "^1.0.2", "multiaddr": "^8.1.2",