fix(core): Remove jwks-rsa/jose to address CVE-2024-28176 (no-changelog) (#8868)

This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™ 2024-03-12 17:22:31 +01:00 committed by GitHub
parent f8442858e0
commit c9b3fa1d0f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 1 additions and 40 deletions

View file

@ -134,7 +134,6 @@
"json-diff": "1.0.6",
"jsonschema": "1.4.1",
"jsonwebtoken": "9.0.0",
"jwks-rsa": "3.0.1",
"ldapts": "4.2.6",
"lodash": "4.17.21",
"luxon": "3.3.0",

View file

@ -521,9 +521,6 @@ importers:
jsonwebtoken:
specifier: 9.0.0
version: 9.0.0
jwks-rsa:
specifier: 3.0.1
version: 3.0.1
ldapts:
specifier: 4.2.6
version: 4.2.6
@ -10354,6 +10351,7 @@ packages:
resolution: {integrity: sha512-c5ltxazpWabia/4UzhIoaDcIza4KViOQhdbjRlfcIGVnsE3c3brkz9Z+F/EeJIECOQP7W7US2hNE930cWWkPiw==}
dependencies:
'@types/node': 18.16.16
dev: true
/@types/linkify-it@3.0.2:
resolution: {integrity: sha512-HZQYqbiFVWufzCwexrvh694SOim8z2d+xJl5UNamcvQFejLY/2YUtzXHYi3cHdI7PMlS8ejH2slRAOJQ32aNbA==}
@ -18373,10 +18371,6 @@ packages:
resolution: {integrity: sha512-bF7vcQxbODoGK1imE2P9GS9aw4zD0Sd+Hni68IMZLj7zRnquH7dXUmMw9hDI5S/Jzt7q+IyTXN0rSg2GI0IKhQ==}
dev: false
/jose@4.11.4:
resolution: {integrity: sha512-94FdcR8felat4vaTJyL/WVdtlWLlsnLMZP8v+A0Vru18K3bQ22vn7TtpVh3JlgBFNIlYOUlGqwp/MjRPOnIyCQ==}
dev: false
/js-base64@3.7.2:
resolution: {integrity: sha512-NnRs6dsyqUXejqk/yv2aiXlAvOs56sLkX6nUdeaNezI5LFFLlsZjOThmwnrcwh5ZZRwZlCMnVAY3CvhIhoVEKQ==}
dev: false
@ -18788,20 +18782,6 @@ packages:
safe-buffer: 5.2.1
dev: false
/jwks-rsa@3.0.1:
resolution: {integrity: sha512-UUOZ0CVReK1QVU3rbi9bC7N5/le8ziUj0A2ef1Q0M7OPD2KvjEYizptqIxGIo6fSLYDkqBrazILS18tYuRc8gw==}
engines: {node: '>=14'}
dependencies:
'@types/express': 4.17.21
'@types/jsonwebtoken': 9.0.1
debug: 4.3.4(supports-color@8.1.1)
jose: 4.11.4
limiter: 1.1.5
lru-memoizer: 2.1.4
transitivePeerDependencies:
- supports-color
dev: false
/jws@3.2.2:
resolution: {integrity: sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==}
dependencies:
@ -19281,10 +19261,6 @@ packages:
engines: {node: '>=14'}
dev: true
/limiter@1.1.5:
resolution: {integrity: sha512-FWWMIEOxz3GwUI4Ts/IvgVy6LPvoMPgjMdQ185nN6psJyBJ4yOpzqm695/h5umdLJg2vW3GR5iG11MAkR2AzJA==}
dev: false
/lines-and-columns@1.2.4:
resolution: {integrity: sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==}
dev: true
@ -19543,13 +19519,6 @@ packages:
dependencies:
tslib: 2.6.1
/lru-cache@4.0.2:
resolution: {integrity: sha512-uQw9OqphAGiZhkuPlpFGmdTU2tEuhxTourM/19qGJrxBPHAr/f8BT1a0i/lOclESnGatdJG/UCkP9kZB/Lh1iw==}
dependencies:
pseudomap: 1.0.2
yallist: 2.1.2
dev: false
/lru-cache@4.1.5:
resolution: {integrity: sha512-sWZlbEP2OsHNkXrMl5GYk/jKk70MBng6UU4YI/qGDYbgf6YbP4EvmqISbXCoJiRKs+1bSpFHVgQxvJ17F2li5g==}
dependencies:
@ -19577,13 +19546,6 @@ packages:
resolution: {integrity: sha512-ERJq3FOzJTxBbFjZ7iDs+NiK4VI9Wz+RdrrAB8dio1oV+YvdPzUEE4QNiT2VD51DkIbCYRUUzCRkssXCHqSnKQ==}
engines: {node: 14 || >=16.14}
/lru-memoizer@2.1.4:
resolution: {integrity: sha512-IXAq50s4qwrOBrXJklY+KhgZF+5y98PDaNo0gi/v2KQBFLyWr+JyFvijZXkGKjQj/h9c0OwoE+JZbwUXce76hQ==}
dependencies:
lodash.clonedeep: 4.5.0
lru-cache: 4.0.2
dev: false
/lunr@2.3.9:
resolution: {integrity: sha512-zTU3DaZaF3Rt9rhN3uBMGQD3dD2/vFQqnvZCDv4dl5iOzq2IZQqTxu90r4E5J+nP70J3ilqVCrbho2eWaeW8Ow==}
dev: true