From dfe17432250fc57497a3df0a2943e7cb02af5e2b Mon Sep 17 00:00:00 2001 From: "live-github-bot[bot]" <105061298+live-github-bot[bot]@users.noreply.github.com> Date: Fri, 3 Jan 2025 22:42:43 +0000 Subject: [PATCH] chore(deps): update dependency secp256k1 [security] --- apps/ledger-live-desktop/package.json | 2 +- .../packages/hw-app-exchange/package.json | 2 +- pnpm-lock.yaml | 110 +++++++++++------- 3 files changed, 71 insertions(+), 43 deletions(-) diff --git a/apps/ledger-live-desktop/package.json b/apps/ledger-live-desktop/package.json index 53211f1652b3..082adff6faef 100644 --- a/apps/ledger-live-desktop/package.json +++ b/apps/ledger-live-desktop/package.json @@ -143,7 +143,7 @@ "reselect": "4.1.8", "rimraf": "4.4.1", "rxjs": "7.8.1", - "secp256k1": "4.0.3", + "secp256k1": "4.0.4", "semver": "7.5.4", "storyly-web": "3.6.7", "styled-components": "5.3.11", diff --git a/libs/ledgerjs/packages/hw-app-exchange/package.json b/libs/ledgerjs/packages/hw-app-exchange/package.json index 599d7292b778..0e283f4b7081 100644 --- a/libs/ledgerjs/packages/hw-app-exchange/package.json +++ b/libs/ledgerjs/packages/hw-app-exchange/package.json @@ -40,7 +40,7 @@ "bip32-path": "^0.4.2", "documentation": "14.0.2", "jest": "^29.7.0", - "secp256k1": "5.0.0", + "secp256k1": "5.0.1", "ts-jest": "^29.1.1", "ts-node": "^10.4.0" }, diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index b5b10982a7fb..86e97fe475ef 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -569,8 +569,8 @@ importers: specifier: 7.8.1 version: 7.8.1 secp256k1: - specifier: 4.0.3 - version: 4.0.3 + specifier: 4.0.4 + version: 4.0.4 semver: specifier: 7.5.4 version: 7.5.4 @@ -1940,7 +1940,7 @@ importers: version: 7.8.1 secp256k1: specifier: ^4.0.3 - version: 4.0.3 + version: 4.0.4 sha.js: specifier: ^2.4.11 version: 2.4.11 @@ -3764,7 +3764,7 @@ importers: version: 1.1.7 secp256k1: specifier: ^5.0.0 - version: 5.0.0 + version: 4.0.4 tiny-secp256k1: specifier: 1.1.7 version: 1.1.7 @@ -4192,7 +4192,7 @@ importers: version: 7.8.1 secp256k1: specifier: ^4.0.3 - version: 4.0.3 + version: 4.0.4 semver: specifier: ^7.3.5 version: 7.5.4 @@ -4982,8 +4982,8 @@ importers: specifier: ^29.7.0 version: 29.7.0(@types/node@20.12.12)(ts-node@10.9.2(@types/node@20.12.12)(typescript@5.4.3)) secp256k1: - specifier: 5.0.0 - version: 5.0.0 + specifier: 5.0.1 + version: 4.0.4 ts-jest: specifier: ^29.1.1 version: 29.1.5(jest@29.7.0(@types/node@20.12.12)(ts-node@10.9.2(@types/node@20.12.12)(typescript@5.4.3)))(typescript@5.4.3) @@ -14716,7 +14716,7 @@ packages: metro-react-native-babel-preset: '*' react: ^16.8.0 || ^17.0.0 || ^18.0.0 react-dom: ^16.8.0 || ^17.0.0 || ^18.0.0 - webpack: '*' + webpack: '5' peerDependenciesMeta: react: optional: true @@ -16890,7 +16890,7 @@ packages: resolution: {integrity: sha512-/FQM1EDkTsf63Ub2C6O7GuYFDsSXUwsaZDurV0np41ocwq0jthUAYCmhBX9f+KwlaCgIuWyr/4WlUQUBfKfZog==} engines: {node: '>=6'} peerDependencies: - rxjs: '*' + rxjs: ^5.5.10 zenObservable: '*' peerDependenciesMeta: rxjs: @@ -17547,6 +17547,9 @@ packages: bn.js@4.12.0: resolution: {integrity: sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==} + bn.js@4.12.1: + resolution: {integrity: sha512-k8TVBiPkPJT9uHLdOKfFpqcfprwBFOAAXXozRubr7R7PfIuKvQlzcI4M0pALeqXN09vdaMbUdUj+pass+uULAg==} + bn.js@5.2.1: resolution: {integrity: sha512-eXRvHzWyYPBuB4NBy0cmYQjGitUrtqwbvlzP3G6VFnNRbsZQIxQ10PbKKHt8gZ/HW/D/747aDl+QkDqg3KQLMQ==} @@ -19584,6 +19587,9 @@ packages: elliptic@6.5.5: resolution: {integrity: sha512-7EjbcmUm17NQFu4Pmgmq2olYMj8nwMnpcddByChSUjArp8F5DQWcIcpriwO4ZToLNAJig0yiyjswfyGNje/ixw==} + elliptic@6.6.1: + resolution: {integrity: sha512-RaddvvMatK2LJHqFJ+YA4WysVN5Ita9E35botqIYspQ4TkRAlCicdzKOjlyv/1Za5RyTNn7di//eEV0uTAfe3g==} + embla-carousel-autoplay@8.4.0: resolution: {integrity: sha512-AJHXrnaY+Tf4tb/+oItmJSpz4P0WvS62GrW5Z4iFY3zsH0mkKcijzd04LIkj0P4DkTazIBEuXple+nUVmuMsrQ==} peerDependencies: @@ -19952,7 +19958,7 @@ packages: peerDependencies: '@typescript-eslint/eslint-plugin': ^4.0.0 || ^5.0.0 eslint: ^6.0.0 || ^7.0.0 || ^8.0.0 - jest: '*' + jest: ^27.0.0 peerDependenciesMeta: '@typescript-eslint/eslint-plugin': optional: true @@ -20569,8 +20575,8 @@ packages: peerDependencies: expo-modules-autolinking: '*' expo-modules-core: '*' - react: '*' - react-native: '*' + react: 18.2.0 + react-native: 0.74.5 peerDependenciesMeta: expo-modules-autolinking: optional: true @@ -24740,6 +24746,10 @@ packages: resolution: {integrity: sha512-u6fs2AEUljNho3EYTJNBfImO5QTo/J/1Etd+NVdCj7qWKUSN/bSLkZwhDv7I+w/MSC6qJ4cknepkAYykDdK8og==} hasBin: true + node-gyp-build@4.8.4: + resolution: {integrity: sha512-LA4ZjwlnUblHVgq0oBF3Jl/6h/Nvs5fzBLwdEF4nuxnFdsfajde4WfxtJr3CaiH+F6ewcIB/q4jQ4UzPyid+CQ==} + hasBin: true + node-hid@2.1.2: resolution: {integrity: sha512-qhCyQqrPpP93F/6Wc/xUR7L8mAJW0Z6R7HMQV8jCHHksAxNDe/4z4Un/H9CpLOT+5K39OPyt9tIQlavxWES3lg==} engines: {node: '>=10'} @@ -26162,6 +26172,7 @@ packages: engines: {node: '>=0.6.0', teleport: '>=0.2.0'} deprecated: |- You or someone you depend on is using Q, the JavaScript Promise library that gave JavaScript developers strong feelings about promises. They can almost certainly migrate to the native JavaScript promise now. Thank you literally everyone for joining me in this bet against the odds. Be excellent to each other. + (For a CapTP with native promises, see @endo/eventual-send and @endo/captp) qrcode-terminal@0.11.0: @@ -26395,7 +26406,7 @@ packages: resolution: {integrity: sha512-kBGxI+MIZGBf4wZhNCWwHkMcVP+kbpmrLWH/SkO0qCKc7D7eSPcxQbfpsmsCo8v2KCBYjuGSou+xTqK44D/jMg==} engines: {npm: ^3.0.0} peerDependencies: - prop-types: '*' + prop-types: ^15.6.1 react: '>=15.0.0' peerDependenciesMeta: prop-types: @@ -26419,8 +26430,8 @@ packages: react-native-animatable@1.3.3: resolution: {integrity: sha512-2ckIxZQAsvWn25Ho+DK3d1mXIgj7tITkrS4pYDvx96WyOttSvzzFeQnM2od0+FUMzILbdHDsDEqZvnz1DYNQ1w==} peerDependencies: - react: '*' - react-native: '*' + react: 16.9.0 + react-native: 0.61.2 peerDependenciesMeta: react: optional: true @@ -26430,8 +26441,8 @@ packages: react-native-animatable@1.4.0: resolution: {integrity: sha512-DZwaDVWm2NBvBxf7I0wXKXLKb/TxDnkV53sWhCvei1pRyTX3MVFpkvdYBknNBqPrxYuAIlPxEp7gJOidIauUkw==} peerDependencies: - react: '*' - react-native: '*' + react: 18.2.0 + react-native: 0.72.6 peerDependenciesMeta: react: optional: true @@ -27507,9 +27518,9 @@ packages: scrypt-js@3.0.1: resolution: {integrity: sha512-cdwTTnqPu0Hyvf5in5asVdZocVDTNRmR7XEcJuIzMjJeSHybHl7vpB66AzwTaIg6CLSbtjcxc8fqcySfnTkccA==} - secp256k1@4.0.3: - resolution: {integrity: sha512-NLZVf+ROMxwtEj3Xa562qgv2BK5e2WNmXPiOdVIPLgs6lyTzMvBq0aWTYMI5XCP9jZMVKOcqZLw/Wc4vDkuxhA==} - engines: {node: '>=10.0.0'} + secp256k1@4.0.4: + resolution: {integrity: sha512-6JfvwvjUOn8F/jUoBY2Q1v5WY5XS+rj8qSe0v8Y4ezH4InLgTEeOOPQsRll9OV429Pvo6BCHGavIyJfr3TAhsw==} + engines: {node: '>=18.0.0'} secp256k1@5.0.0: resolution: {integrity: sha512-TKWX8xvoGHrxVdqbYeZM9w+izTF4b9z3NhSaDkdn81btvuh+ivbIMGT/zQvDtTFWhRlThpoz6LEYTr7n8A5GcA==} @@ -28321,12 +28332,15 @@ packages: sudo-prompt@8.2.5: resolution: {integrity: sha512-rlBo3HU/1zAJUrkY6jNxDOC9eVYliG6nS4JA8u8KAshITd07tafMc/Br7xQwCSseXwJ2iCcHCE8SNWX3q8Z+kw==} + deprecated: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info. sudo-prompt@9.1.1: resolution: {integrity: sha512-es33J1g2HjMpyAhz8lOR+ICmXXAqTuKbuXuUWLhOLew20oN9oUCgCJx615U/v7aioZg7IX5lIh9x34vwneu4pA==} + deprecated: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info. sudo-prompt@9.2.1: resolution: {integrity: sha512-Mu7R0g4ig9TUuGSxJavny5Rv0egCEtpZRNMrZaYS1vxkiIxGiGUwoezU3LazIQ+KE04hTrTfNPgxU5gzi7F5Pw==} + deprecated: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info. sumchecker@3.0.1: resolution: {integrity: sha512-MvjXzkz/BOfyVDkG0oFOtBxHX2u3gKbMHIF/dXblZsgD3BWOFLmHovIpZY7BykJdAjcqRCBi1WYBNdEC9yI7vg==} @@ -33569,7 +33583,7 @@ snapshots: '@cosmjs/math': 0.24.1 '@cosmjs/utils': 0.24.1 bip39: 3.1.0 - bn.js: 4.12.0 + bn.js: 4.12.1 elliptic: 6.5.5 js-sha3: 0.8.0 libsodium-wrappers: 0.7.13 @@ -33632,7 +33646,7 @@ snapshots: '@cosmjs/math@0.24.1': dependencies: - bn.js: 4.12.0 + bn.js: 4.12.1 '@cosmjs/math@0.26.8': dependencies: @@ -35850,7 +35864,7 @@ snapshots: dependencies: '@iov/encoding': 2.1.0 bip39: 3.1.0 - bn.js: 4.12.0 + bn.js: 4.12.1 elliptic: 6.5.5 js-sha3: 0.8.0 libsodium-wrappers: 0.7.13 @@ -35864,7 +35878,7 @@ snapshots: dependencies: base64-js: 1.5.1 bech32: 1.1.4 - bn.js: 4.12.0 + bn.js: 4.12.1 readonly-date: 1.0.0 '@iov/utils@2.0.2': {} @@ -45989,7 +46003,7 @@ snapshots: asn1.js@4.10.1: dependencies: - bn.js: 4.12.0 + bn.js: 4.12.1 inherits: 2.0.4 minimalistic-assert: 1.0.1 @@ -46751,6 +46765,8 @@ snapshots: bn.js@4.12.0: {} + bn.js@4.12.1: {} + bn.js@5.2.1: {} body-parser@1.20.2: @@ -47944,7 +47960,7 @@ snapshots: create-ecdh@4.0.4: dependencies: - bn.js: 4.12.0 + bn.js: 4.12.1 elliptic: 6.5.5 create-hash@1.2.0: @@ -48833,7 +48849,7 @@ snapshots: diffie-hellman@5.0.3: dependencies: - bn.js: 4.12.0 + bn.js: 4.12.1 miller-rabin: 4.0.1 randombytes: 2.1.0 @@ -49210,6 +49226,16 @@ snapshots: minimalistic-assert: 1.0.1 minimalistic-crypto-utils: 1.0.1 + elliptic@6.6.1: + dependencies: + bn.js: 4.12.1 + brorand: 1.1.0 + hash.js: 1.1.7 + hmac-drbg: 1.0.1 + inherits: 2.0.4 + minimalistic-assert: 1.0.1 + minimalistic-crypto-utils: 1.0.1 + embla-carousel-autoplay@8.4.0(embla-carousel@8.0.0-rc17): dependencies: embla-carousel: 8.0.0-rc17 @@ -50144,7 +50170,7 @@ snapshots: eth-lib@0.1.29: dependencies: - bn.js: 4.12.0 + bn.js: 4.12.1 elliptic: 6.5.5 nano-json-stream-parser: 0.1.2 servify: 0.1.12 @@ -50157,7 +50183,7 @@ snapshots: eth-lib@0.2.8: dependencies: - bn.js: 4.12.0 + bn.js: 4.12.1 elliptic: 6.5.5 xhr-request-promise: 0.1.3 @@ -50180,7 +50206,7 @@ snapshots: randombytes: 2.1.0 safe-buffer: 5.2.1 scrypt-js: 3.0.1 - secp256k1: 4.0.3 + secp256k1: 4.0.4 setimmediate: 1.0.5 ethereum-cryptography@1.2.0: @@ -55217,13 +55243,13 @@ snapshots: keccak@3.0.2: dependencies: node-addon-api: 2.0.2 - node-gyp-build: 4.8.0 + node-gyp-build: 4.8.4 readable-stream: 3.6.2 keccak@3.0.4: dependencies: node-addon-api: 2.0.2 - node-gyp-build: 4.8.0 + node-gyp-build: 4.8.4 readable-stream: 3.6.2 key-encoder@2.0.3: @@ -56890,7 +56916,7 @@ snapshots: miller-rabin@4.0.1: dependencies: - bn.js: 4.12.0 + bn.js: 4.12.1 brorand: 1.1.0 mime-db@1.33.0: {} @@ -57374,6 +57400,8 @@ snapshots: node-gyp-build@4.8.0: {} + node-gyp-build@4.8.4: {} + node-hid@2.1.2: dependencies: bindings: 1.5.0 @@ -58943,7 +58971,7 @@ snapshots: public-encrypt@4.0.3: dependencies: - bn.js: 4.12.0 + bn.js: 4.12.1 browserify-rsa: 4.1.0 create-hash: 1.2.0 parse-asn1: 5.1.7 @@ -60882,17 +60910,17 @@ snapshots: scrypt-js@3.0.1: {} - secp256k1@4.0.3: + secp256k1@4.0.4: dependencies: - elliptic: 6.5.5 - node-addon-api: 2.0.2 - node-gyp-build: 4.8.0 + elliptic: 6.6.1 + node-addon-api: 5.1.0 + node-gyp-build: 4.8.4 secp256k1@5.0.0: dependencies: elliptic: 6.5.5 node-addon-api: 5.1.0 - node-gyp-build: 4.8.0 + node-gyp-build: 4.8.4 secretjs@0.17.8: dependencies: @@ -61236,7 +61264,7 @@ snapshots: sodium-native@4.1.1: dependencies: - node-gyp-build: 4.8.0 + node-gyp-build: 4.8.4 optional: true sonic-boom@4.0.1: @@ -63614,7 +63642,7 @@ snapshots: utf-8-validate@5.0.10: dependencies: - node-gyp-build: 4.8.0 + node-gyp-build: 4.8.4 utf-8-validate@6.0.3: dependencies: