From 487769fd116a6a1320609ecfef6c02e515b1138e Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Thu, 19 Mar 2020 12:06:49 +0000 Subject: [PATCH] security(js-dependency): update sshpk to 1.13.2 --- client/package.json | 1 + client/yarn.lock | 15 ++++++++------- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/client/package.json b/client/package.json index 92fa2a0b7..3d8d544a8 100644 --- a/client/package.json +++ b/client/package.json @@ -43,6 +43,7 @@ "reqwest": "2.0.5", "reselect": "4.0.0", "reselect-map": "1.0.4", + "sshpk": "^1.13.2", "styled-components": "4.3.2", "weaveworks-ui-components": "^0.22.0", "whatwg-fetch": "3.0.0", diff --git a/client/yarn.lock b/client/yarn.lock index 28354f807..f9865761c 100644 --- a/client/yarn.lock +++ b/client/yarn.lock @@ -7006,7 +7006,7 @@ safe-regex@^1.1.0: dependencies: ret "~0.1.10" -"safer-buffer@>= 2.1.2 < 3": +"safer-buffer@>= 2.1.2 < 3", safer-buffer@^2.0.2: version "2.1.2" resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a" @@ -7309,18 +7309,19 @@ sprintf-js@~1.0.2: version "1.0.3" resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" -sshpk@^1.7.0: - version "1.13.1" - resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.13.1.tgz#512df6da6287144316dc4c18fe1cf1d940739be3" +sshpk@^1.13.2, sshpk@^1.7.0: + version "1.16.1" + resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.16.1.tgz#fb661c0bef29b39db40769ee39fa70093d6f6877" + integrity sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg== dependencies: asn1 "~0.2.3" assert-plus "^1.0.0" - dashdash "^1.12.0" - getpass "^0.1.1" - optionalDependencies: bcrypt-pbkdf "^1.0.0" + dashdash "^1.12.0" ecc-jsbn "~0.1.1" + getpass "^0.1.1" jsbn "~0.1.0" + safer-buffer "^2.0.2" tweetnacl "~0.14.0" ssri@^6.0.1: