From 8c14ca7ad1525df73d762be2c4702ecf8a118414 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E0=A4=95=E0=A4=BE=E0=A4=B0=E0=A4=A4=E0=A5=8B=E0=A4=AB?= =?UTF-8?q?=E0=A5=8D=E0=A4=AB=E0=A5=87=E0=A4=B2=E0=A4=B8=E0=A5=8D=E0=A4=95?= =?UTF-8?q?=E0=A5=8D=E0=A4=B0=E0=A4=BF=E0=A4=AA=E0=A5=8D=E0=A4=9F=E2=84=A2?= Date: Thu, 22 Feb 2024 21:00:58 +0100 Subject: [PATCH] ci: Upgrade `ip` to address CVE-2023-42282 (no-changelog) (#8704) --- package.json | 1 + pnpm-lock.yaml | 9 +++++---- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/package.json b/package.json index dc3da30b0b..78237e3134 100644 --- a/package.json +++ b/package.json @@ -80,6 +80,7 @@ "@types/node": "^18.16.16", "axios": "1.6.7", "chokidar": "3.5.2", + "ip": "2.0.1", "jsonwebtoken": "9.0.0", "prettier": "^3.1.0", "semver": "^7.5.4", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 893fd27377..9f217fdee0 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -11,6 +11,7 @@ overrides: '@types/node': ^18.16.16 axios: 1.6.7 chokidar: 3.5.2 + ip: 2.0.1 jsonwebtoken: 9.0.0 prettier: ^3.1.0 semver: ^7.5.4 @@ -8861,7 +8862,7 @@ packages: express: 4.18.2 fs-extra: 11.1.1 globby: 11.1.0 - ip: 2.0.0 + ip: 2.0.1 lodash: 4.17.21 open: 8.4.0 pretty-hrtime: 1.0.3 @@ -16761,8 +16762,8 @@ packages: transitivePeerDependencies: - supports-color - /ip@2.0.0: - resolution: {integrity: sha512-WKa+XuLG1A1R0UWhl2+1XQSi+fZWMsYKffMZTTYsiZaUD8k2yDAj5atimTUD2TZkyCkNEeYE5NhFZmupOGtjYQ==} + /ip@2.0.1: + resolution: {integrity: sha512-lJUL9imLTNi1ZfXT+DU6rBBdbiKGBuay9B6xGSPVjUeQwaH1RIGqef8RZkUtHioLmSNpPR5M4HVKJGm1j8FWVQ==} /ipaddr.js@1.9.1: resolution: {integrity: sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==} @@ -23654,7 +23655,7 @@ packages: resolution: {integrity: sha512-7maUZy1N7uo6+WVEX6psASxtNlKaNVMlGQKkG/63nEDdLOWNbiUMoLK7X4uYoLhQstau72mLgfEWcXcwsaHbYQ==} engines: {node: '>= 10.13.0', npm: '>= 3.0.0'} dependencies: - ip: 2.0.0 + ip: 2.0.1 smart-buffer: 4.2.0 dev: false optional: true