diff --git a/docsconfig.json b/docsconfig.json index 27e3b3cce..ae6c7f38b 100644 --- a/docsconfig.json +++ b/docsconfig.json @@ -7,6 +7,7 @@ "did-jwt", "did-manager", "did-provider-ethr", + "did-provider-key", "did-provider-web", "did-resolver", "key-manager", diff --git a/packages/core/src/types/IKeyManager.ts b/packages/core/src/types/IKeyManager.ts index 847900f34..154e61fb4 100644 --- a/packages/core/src/types/IKeyManager.ts +++ b/packages/core/src/types/IKeyManager.ts @@ -164,7 +164,7 @@ export interface IKeyManager extends IPluginMethodMap { /** * Signs JWT */ - keyManagerSignJWT(args: IKeyManagerSignJWTArgs): Promise + keyManagerSignJWT(args: IKeyManagerSignJWTArgs): Promise /** Signs Ethereum transaction */ keyManagerSignEthTX(args: IKeyManagerSignEthTXArgs): Promise diff --git a/packages/credential-w3c/src/action-handler.ts b/packages/credential-w3c/src/action-handler.ts index 01149a304..ef31a812a 100644 --- a/packages/credential-w3c/src/action-handler.ts +++ b/packages/credential-w3c/src/action-handler.ts @@ -210,7 +210,7 @@ export class CredentialIssuer implements IAgentPlugin { //FIXME: if the identifier is not found, the error message should reflect that. const identifier = await context.agent.didManagerGet({ did: presentation.holder }) //FIXME: `args` should allow picking a key or key type - const key = identifier.keys.find((k) => k.type === 'Secp256k1') + const key = identifier.keys.find((k) => k.type === 'Secp256k1' || k.type === 'Ed25519') if (!key) throw Error('No signing key for ' + identifier.did) //FIXME: Throw an `unsupported_format` error if the `args.proofFormat` is not `jwt` const signer = (data: string) => context.agent.keyManagerSignJWT({ kid: key.kid, data }) @@ -246,13 +246,18 @@ export class CredentialIssuer implements IAgentPlugin { //FIXME: if the identifier is not found, the error message should reflect that. const identifier = await context.agent.didManagerGet({ did: credential.issuer.id }) //FIXME: `args` should allow picking a key or key type - const key = identifier.keys.find((k) => k.type === 'Secp256k1') + const key = identifier.keys.find((k) => k.type === 'Secp256k1' || k.type === 'Ed25519') if (!key) throw Error('No signing key for ' + identifier.did) //FIXME: Throw an `unsupported_format` error if the `args.proofFormat` is not `jwt` const signer = (data: string) => context.agent.keyManagerSignJWT({ kid: key.kid, data }) debug('Signing VC with', identifier.did) - const jwt = await createVerifiableCredentialJwt(credential, { did: identifier.did, signer }) + let alg = 'ES256K' + if (key.type === 'Ed25519') { + alg = 'EdDSA' + } + + const jwt = await createVerifiableCredentialJwt(credential, { did: identifier.did, signer, alg }) //FIXME: flagging this as a potential privacy leak. debug(jwt) const verifiableCredential = normalizeCredential(jwt) diff --git a/packages/did-provider-key/LICENSE b/packages/did-provider-key/LICENSE new file mode 100644 index 000000000..fd815d7f8 --- /dev/null +++ b/packages/did-provider-key/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2019 Consensys AG + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/did-provider-key/README.md b/packages/did-provider-key/README.md new file mode 100644 index 000000000..56731bd4b --- /dev/null +++ b/packages/did-provider-key/README.md @@ -0,0 +1,4 @@ +# Veramo did:web provider + +This package contains an implementation of `AbstractIdentifierProvider` for the `did:key` method. +This enables creation and control of `did:key` entities. diff --git a/packages/did-provider-key/api-extractor.json b/packages/did-provider-key/api-extractor.json new file mode 100644 index 000000000..409d7f16c --- /dev/null +++ b/packages/did-provider-key/api-extractor.json @@ -0,0 +1,18 @@ +{ + "$schema": "https://developer.microsoft.com/json-schemas/api-extractor/v7/api-extractor.schema.json", + "apiReport": { + "enabled": true, + "reportFolder": "./api", + "reportTempFolder": "./api" + }, + + "docModel": { + "enabled": true, + "apiJsonFilePath": "./api/.api.json" + }, + + "dtsRollup": { + "enabled": false + }, + "mainEntryPointFilePath": "/build/index.d.ts" +} diff --git a/packages/did-provider-key/package.json b/packages/did-provider-key/package.json new file mode 100644 index 000000000..cff16e675 --- /dev/null +++ b/packages/did-provider-key/package.json @@ -0,0 +1,36 @@ +{ + "name": "@veramo/did-provider-key", + "description": "Veramo plugin that can enable creation and control of did:key identifiers.", + "version": "1.0.1", + "main": "build/index.js", + "types": "build/index.d.ts", + "scripts": { + "build": "tsc", + "extract-api": "yarn veramo dev extract-api" + }, + "dependencies": { + "@veramo/core": "^1.0.1", + "@veramo/did-manager": "^1.0.1", + "debug": "^4.1.1", + "multibase": "^3.1.1", + "multicodec": "^2.1.0" + }, + "devDependencies": { + "@types/debug": "4.1.5", + "typescript": "4.1.3" + }, + "files": [ + "build/**/*", + "src/**/*", + "README.md", + "LICENSE" + ], + "publishConfig": { + "access": "public" + }, + "repository": "git@github.com:uport-project/veramo.git", + "author": "Oliver Terbu ", + "contributors": [], + "license": "Apache-2.0", + "keywords": [] +} diff --git a/packages/did-provider-key/src/index.ts b/packages/did-provider-key/src/index.ts new file mode 100644 index 000000000..9dccd2eff --- /dev/null +++ b/packages/did-provider-key/src/index.ts @@ -0,0 +1,7 @@ +/** + * Provides `did:key` {@link @veramo/did-provider-key#KeyDIDProvider | identifier provider } for the + * {@link @veramo/did-manager#DIDManager} + * + * @packageDocumentation + */ +export { KeyDIDProvider } from './key-did-provider' diff --git a/packages/did-provider-key/src/key-did-provider.ts b/packages/did-provider-key/src/key-did-provider.ts new file mode 100644 index 000000000..a5dabdd21 --- /dev/null +++ b/packages/did-provider-key/src/key-did-provider.ts @@ -0,0 +1,81 @@ +import { IIdentifier, IKey, IService, IAgentContext, IKeyManager } from '@veramo/core' +import { AbstractIdentifierProvider } from '@veramo/did-manager' +import Multibase from 'multibase' +import Multicodec from 'multicodec' + +import Debug from 'debug' +const debug = Debug('veramo:did-key:identifier-provider') + +type IContext = IAgentContext + +/** + * {@link @veramo/did-manager#DIDManager} identifier provider for `did:key` identifiers + * + * @alpha + */ +export class KeyDIDProvider extends AbstractIdentifierProvider { + private defaultKms: string + + constructor(options: { defaultKms: string }) { + super() + this.defaultKms = options.defaultKms + } + + async createIdentifier( + { kms, options }: { kms?: string; options?: any }, + context: IContext, + ): Promise> { + const key = await context.agent.keyManagerCreate({ kms: kms || this.defaultKms, type: 'Ed25519' }) + + const methodSpecificId = Buffer.from( + Multibase.encode( + 'base58btc', + Multicodec.addPrefix('ed25519-pub', Buffer.from(key.publicKeyHex, 'hex')), + ), + ).toString() + + const identifier: Omit = { + did: 'did:key:' + methodSpecificId, + controllerKeyId: key.kid, + keys: [key], + services: [], + } + debug('Created', identifier.did) + return identifier + } + + async deleteIdentifier(identifier: IIdentifier, context: IContext): Promise { + for (const { kid } of identifier.keys) { + await context.agent.keyManagerDelete({ kid }) + } + return true + } + + async addKey( + { identifier, key, options }: { identifier: IIdentifier; key: IKey; options?: any }, + context: IContext, + ): Promise { + throw Error('KeyDIDProvider deleteIdentity not supported') + } + + async addService( + { identifier, service, options }: { identifier: IIdentifier; service: IService; options?: any }, + context: IContext, + ): Promise { + throw Error('KeyDIDProvider addService not supported') + } + + async removeKey( + args: { identifier: IIdentifier; kid: string; options?: any }, + context: IContext, + ): Promise { + throw Error('KeyDIDProvider removeKey not supported') + } + + async removeService( + args: { identifier: IIdentifier; id: string; options?: any }, + context: IContext, + ): Promise { + throw Error('KeyDIDProvider removeService not supported') + } +} diff --git a/packages/did-provider-key/tsconfig.json b/packages/did-provider-key/tsconfig.json new file mode 100644 index 000000000..3b2ed1492 --- /dev/null +++ b/packages/did-provider-key/tsconfig.json @@ -0,0 +1,9 @@ +{ + "extends": "../tsconfig.settings.json", + "compilerOptions": { + "rootDir": "src", + "outDir": "build", + "declarationDir": "build" + }, + "references": [{ "path": "../core" }, { "path": "../did-manager" }] +} diff --git a/packages/key-manager/src/abstract-key-management-system.ts b/packages/key-manager/src/abstract-key-management-system.ts index dd4ee701a..480085ee0 100644 --- a/packages/key-manager/src/abstract-key-management-system.ts +++ b/packages/key-manager/src/abstract-key-management-system.ts @@ -5,6 +5,6 @@ export abstract class AbstractKeyManagementSystem { abstract deleteKey(args: { kid: string }): Promise abstract encryptJWE(args: { key: IKey; to: Omit; data: string }): Promise abstract decryptJWE(args: { key: IKey; data: string }): Promise - abstract signJWT(args: { key: IKey; data: string }): Promise + abstract signJWT(args: { key: IKey; data: string }): Promise abstract signEthTX(args: { key: IKey; transaction: object }): Promise } diff --git a/packages/key-manager/src/key-manager.ts b/packages/key-manager/src/key-manager.ts index 2a3fc74b7..1edf724d5 100644 --- a/packages/key-manager/src/key-manager.ts +++ b/packages/key-manager/src/key-manager.ts @@ -106,7 +106,7 @@ export class KeyManager implements IAgentPlugin { } /** {@inheritDoc @veramo/core#IKeyManager.keyManagerSignJWT} */ - async keyManagerSignJWT({ kid, data }: IKeyManagerSignJWTArgs): Promise { + async keyManagerSignJWT({ kid, data }: IKeyManagerSignJWTArgs): Promise { const key = await this.store.get({ kid }) const kms = this.getKms(key.kms) return kms.signJWT({ key, data }) diff --git a/packages/kms-local-react-native/src/key-management-system.ts b/packages/kms-local-react-native/src/key-management-system.ts index a96930f37..840758b2d 100644 --- a/packages/kms-local-react-native/src/key-management-system.ts +++ b/packages/kms-local-react-native/src/key-management-system.ts @@ -1,7 +1,7 @@ import { TKeyType, IKey, EcdsaSignature } from '@veramo/core' import { AbstractKeyManagementSystem } from '@veramo/key-manager' import sodium from 'react-native-sodium' -import { SimpleSigner } from 'did-jwt' +import { NaclSigner, SimpleSigner } from 'did-jwt' const EC = require('elliptic').ec const secp256k1 = new EC('secp256k1') import { DIDComm } from './didcomm' @@ -72,9 +72,21 @@ export class KeyManagementSystem extends AbstractKeyManagementSystem { return sign(transaction, '0x' + key.privateKeyHex) } - async signJWT({ key, data }: { key: IKey; data: string }): Promise { + async signJWT({ key, data }: { key: IKey; data: string }): Promise { if (!key.privateKeyHex) throw Error('No private key for kid: ' + key.kid) - const signer = SimpleSigner(key.privateKeyHex) - return (signer(data) as any) as EcdsaSignature + + if (key.type === 'Ed25519') { + const b64Key = sodium.to_base64( + Uint8Array.from(Buffer.from(key.privateKeyHex, 'hex')), + sodium.base64_variants.ORIGINAL, + ) + const signer = NaclSigner(b64Key) + return (signer(data) as any) as string + } else if (key.type === 'Secp256k1') { + const signer = SimpleSigner(key.privateKeyHex) + return (signer(data) as any) as EcdsaSignature + } else { + throw Error('Cannot sign JWT with key of type ' + key.type) + } } } diff --git a/packages/kms-local/src/key-management-system.ts b/packages/kms-local/src/key-management-system.ts index 83b34d495..a4f821d49 100644 --- a/packages/kms-local/src/key-management-system.ts +++ b/packages/kms-local/src/key-management-system.ts @@ -1,7 +1,7 @@ import { TKeyType, IKey, EcdsaSignature } from '@veramo/core' import { AbstractKeyManagementSystem } from '@veramo/key-manager' import sodium from 'libsodium-wrappers' -import { SimpleSigner } from 'did-jwt' +import { NaclSigner, SimpleSigner } from 'did-jwt' const EC = require('elliptic').ec const secp256k1 = new EC('secp256k1') import { DIDComm } from './didcomm' @@ -72,9 +72,21 @@ export class KeyManagementSystem extends AbstractKeyManagementSystem { return sign(transaction, '0x' + key.privateKeyHex) } - async signJWT({ key, data }: { key: IKey; data: string }): Promise { + async signJWT({ key, data }: { key: IKey; data: string }): Promise { if (!key.privateKeyHex) throw Error('No private key for kid: ' + key.kid) - const signer = SimpleSigner(key.privateKeyHex) - return (signer(data) as any) as EcdsaSignature + + if (key.type === 'Ed25519') { + const b64Key = sodium.to_base64( + Uint8Array.from(Buffer.from(key.privateKeyHex, 'hex')), + sodium.base64_variants.ORIGINAL, + ) + const signer = NaclSigner(b64Key) + return (signer(data) as any) as string + } else if (key.type === 'Secp256k1') { + const signer = SimpleSigner(key.privateKeyHex) + return (signer(data) as any) as EcdsaSignature + } else { + throw Error('Cannot sign JWT with key of type ' + key.type) + } } } diff --git a/packages/tsconfig.json b/packages/tsconfig.json index 42a85875d..e63147650 100644 --- a/packages/tsconfig.json +++ b/packages/tsconfig.json @@ -8,6 +8,7 @@ { "path": "did-jwt" }, { "path": "did-manager" }, { "path": "did-provider-ethr" }, + { "path": "did-provider-key" }, { "path": "did-provider-web" }, { "path": "did-resolver" }, { "path": "key-manager" }, diff --git a/yarn.lock b/yarn.lock index 4b9d6be66..53501edf8 100644 --- a/yarn.lock +++ b/yarn.lock @@ -7826,6 +7826,22 @@ multibase@^3.0.0: "@multiformats/base-x" "^4.0.1" web-encoding "^1.0.4" +multibase@^3.1.1: + version "3.1.1" + resolved "https://registry.yarnpkg.com/multibase/-/multibase-3.1.1.tgz#fb4c0fc169c2d89d80cbf0cbbec4e00ffed8cf3a" + integrity sha512-kkSd8jWGznDNEC2eDwtnvSGlZeTeEt0+oHieNWUhv8rIi8JU3voIUo02HpJBNOtgmtxT2CPwkElub7Y9kz3nrw== + dependencies: + "@multiformats/base-x" "^4.0.1" + web-encoding "^1.0.6" + +multicodec@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/multicodec/-/multicodec-2.1.0.tgz#b66dff2184e91e74ac68981e0deba2591bbf1f87" + integrity sha512-7AYpK/avswOWvnqQ9/jOkQCS7Fp4aKxw5ojvn5gyK2VQTZz3YVXeLMzoIZDBy745JSfJMXkTS0ptnHci5Mt1mA== + dependencies: + uint8arrays "1.1.0" + varint "^6.0.0" + multimatch@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/multimatch/-/multimatch-3.0.0.tgz#0e2534cc6bc238d9ab67e1b9cd5fcd85a6dbf70b" @@ -11113,7 +11129,7 @@ uid-number@0.0.6: resolved "https://registry.yarnpkg.com/uid-number/-/uid-number-0.0.6.tgz#0ea10e8035e8eb5b8e4449f06da1c730663baa81" integrity sha1-DqEOgDXo61uOREnwbaHHMGY7qoE= -uint8arrays@^1.1.0: +uint8arrays@1.1.0, uint8arrays@^1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/uint8arrays/-/uint8arrays-1.1.0.tgz#d034aa65399a9fd213a1579e323f0b29f67d0ed2" integrity sha512-cLdlZ6jnFczsKf5IH1gPHTtcHtPGho5r4CvctohmQjw8K7Q3gFdfIGHxSTdTaCKrL4w09SsPRJTqRS0drYeszA== @@ -11346,6 +11362,11 @@ validator@^8.0.0: resolved "https://registry.yarnpkg.com/validator/-/validator-8.2.0.tgz#3c1237290e37092355344fef78c231249dab77b9" integrity sha512-Yw5wW34fSv5spzTXNkokD6S6/Oq92d8q/t14TqsS3fAiA1RYnxSFSIZ+CY3n6PGGRCq5HhJTSepQvFUS2QUDxA== +varint@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/varint/-/varint-6.0.0.tgz#9881eb0ce8feaea6512439d19ddf84bf551661d0" + integrity sha512-cXEIW6cfr15lFv563k4GuVuW/fiwjknytD37jIOLSdSWuOI6WnO/oKwmP2FQTU2l01LP8/M5TSAJpzUaGe3uWg== + vary@^1, vary@~1.1.2: version "1.1.2" resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.2.tgz#2299f02c6ded30d4a5961b0b9f74524a18f634fc" @@ -11401,7 +11422,7 @@ web-encoding@^1.0.2, web-encoding@^1.0.4: resolved "https://registry.yarnpkg.com/web-encoding/-/web-encoding-1.0.4.tgz#0398d39ce2cbef5ed2617080750ed874e6153aea" integrity sha512-DcXs2lbVPzuJmn2kuDEwul2oZg7p4YMa5J2f0YzsOBHaAnBYGPNUB/rJ74DTjTKpw7F0+lSsVM8sFHE2UyBixg== -web-encoding@^1.0.5: +web-encoding@^1.0.5, web-encoding@^1.0.6: version "1.0.6" resolved "https://registry.yarnpkg.com/web-encoding/-/web-encoding-1.0.6.tgz#ec631356ee523b4474ecbcae680440bd1e79416a" integrity sha512-26wEnRPEFAc5d5lmH1Q/DuvWEYsRF1D2alX2jlKpdmqv7cj+BbANL7Xlcl9r4s72Eg9kItZa9RWVbBMC9dMv4w==