From be0d8d9d8490faac1919c682a10d398152ef03fe Mon Sep 17 00:00:00 2001 From: Viktor U Date: Mon, 12 Feb 2024 10:57:06 +0200 Subject: [PATCH] fix(socks-proxy-agent): update socks package --- .changeset/heavy-planets-stare.md | 2 +- .changeset/mighty-scissors-peel.md | 5 ++++ packages/socks-proxy-agent/package.json | 2 +- pnpm-lock.yaml | 38 ++++++++++++++++--------- 4 files changed, 32 insertions(+), 15 deletions(-) create mode 100644 .changeset/mighty-scissors-peel.md diff --git a/.changeset/heavy-planets-stare.md b/.changeset/heavy-planets-stare.md index b230327..16ca368 100644 --- a/.changeset/heavy-planets-stare.md +++ b/.changeset/heavy-planets-stare.md @@ -2,4 +2,4 @@ 'pac-resolver': patch --- -fix [GHSA-78xj-cgh5-2h22](https://github.com/advisories/GHSA-78xj-cgh5-2h22) vulnerability +get rid of the `ip` package fix [GHSA-78xj-cgh5-2h22](https://github.com/advisories/GHSA-78xj-cgh5-2h22) vulnerability diff --git a/.changeset/mighty-scissors-peel.md b/.changeset/mighty-scissors-peel.md new file mode 100644 index 0000000..19c5553 --- /dev/null +++ b/.changeset/mighty-scissors-peel.md @@ -0,0 +1,5 @@ +--- +'socks-proxy-agent': patch +--- + +update `socks` package to fix [GHSA-78xj-cgh5-2h22](https://github.com/advisories/GHSA-78xj-cgh5-2h22) vulnerability diff --git a/packages/socks-proxy-agent/package.json b/packages/socks-proxy-agent/package.json index d01f156..904f18c 100644 --- a/packages/socks-proxy-agent/package.json +++ b/packages/socks-proxy-agent/package.json @@ -109,7 +109,7 @@ "dependencies": { "agent-base": "^7.0.2", "debug": "^4.3.4", - "socks": "^2.7.1" + "socks": "^2.7.3" }, "devDependencies": { "@types/async-retry": "^1.4.5", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index ead1b02..39cd11b 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -62,7 +62,7 @@ importers: version: 29.5.0(@types/node@14.18.45) ts-jest: specifier: ^29.1.0 - version: 29.1.0(@babel/core@7.22.5)(jest@29.5.0)(typescript@5.0.4) + version: 29.1.0(@babel/core@7.21.4)(jest@29.5.0)(typescript@5.0.4) tsconfig: specifier: workspace:* version: link:../tsconfig @@ -350,7 +350,7 @@ importers: version: 29.5.0(@types/node@14.18.52) ts-jest: specifier: ^29.1.0 - version: 29.1.0(@babel/core@7.21.4)(jest@29.5.0)(typescript@5.1.6) + version: 29.1.0(@babel/core@7.22.5)(jest@29.5.0)(typescript@5.1.6) tsconfig: specifier: workspace:* version: link:../tsconfig @@ -477,8 +477,8 @@ importers: specifier: ^4.3.4 version: 4.3.4 socks: - specifier: ^2.7.1 - version: 2.7.1 + specifier: ^2.7.3 + version: 2.7.3 devDependencies: '@types/async-retry': specifier: ^1.4.5 @@ -3517,8 +3517,12 @@ packages: side-channel: 1.0.4 dev: true - /ip@2.0.0: - resolution: {integrity: sha512-WKa+XuLG1A1R0UWhl2+1XQSi+fZWMsYKffMZTTYsiZaUD8k2yDAj5atimTUD2TZkyCkNEeYE5NhFZmupOGtjYQ==} + /ip-address@9.0.5: + resolution: {integrity: sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==} + engines: {node: '>= 12'} + dependencies: + jsbn: 1.1.0 + sprintf-js: 1.1.3 dev: false /ipv6@3.1.3: @@ -4277,6 +4281,10 @@ packages: esprima: 4.0.1 dev: true + /jsbn@1.1.0: + resolution: {integrity: sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==} + dev: false + /jsesc@2.5.2: resolution: {integrity: sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==} engines: {node: '>=4'} @@ -5110,11 +5118,11 @@ packages: yargs: 15.4.1 dev: true - /socks@2.7.1: - resolution: {integrity: sha512-7maUZy1N7uo6+WVEX6psASxtNlKaNVMlGQKkG/63nEDdLOWNbiUMoLK7X4uYoLhQstau72mLgfEWcXcwsaHbYQ==} - engines: {node: '>= 10.13.0', npm: '>= 3.0.0'} + /socks@2.7.3: + resolution: {integrity: sha512-vfuYK48HXCTFD03G/1/zkIls3Ebr2YNa4qU9gHDZdblHLiqhJrJGkY3+0Nx0JpN9qBhJbVObc1CNciT1bIZJxw==} + engines: {node: '>= 10.0.0', npm: '>= 3.0.0'} dependencies: - ip: 2.0.0 + ip-address: 9.0.5 smart-buffer: 4.2.0 dev: false @@ -5172,6 +5180,10 @@ packages: resolution: {integrity: sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==} dev: true + /sprintf-js@1.1.3: + resolution: {integrity: sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==} + dev: false + /sprintf@0.1.5: resolution: {integrity: sha512-4X5KsuXFQ7f+d7Y+bi4qSb6eI+YoifDTGr0MQJXRoYO7BO7evfRCjds6kk3z7l5CiJYxgDN1x5Er4WiyCt+zTQ==} engines: {node: '>=0.2.4'} @@ -5392,7 +5404,7 @@ packages: engines: {node: '>=8'} dev: true - /ts-jest@29.1.0(@babel/core@7.21.4)(jest@29.5.0)(typescript@5.1.6): + /ts-jest@29.1.0(@babel/core@7.21.4)(jest@29.5.0)(typescript@5.0.4): resolution: {integrity: sha512-ZhNr7Z4PcYa+JjMl62ir+zPiNJfXJN6E8hSLnaUKhOgqcn8vb3e537cpkd0FuAfRK3sR1LSqM1MOhliXNgOFPA==} engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0} hasBin: true @@ -5416,13 +5428,13 @@ packages: '@babel/core': 7.21.4 bs-logger: 0.2.6 fast-json-stable-stringify: 2.1.0 - jest: 29.5.0(@types/node@14.18.52) + jest: 29.5.0(@types/node@14.18.45) jest-util: 29.5.0 json5: 2.2.3 lodash.memoize: 4.1.2 make-error: 1.3.6 semver: 7.5.0 - typescript: 5.1.6 + typescript: 5.0.4 yargs-parser: 21.1.1 dev: true