search

privacy-scaling-explorations / multisetups

A simple, IPFS-based multi-party trusted setup utility for snarkjs
27 stars 10 forks source link

run npm audit fix #2

Open aspiers opened 3 years ago

aspiers commented 3 years ago

Fixes 6 moderate severity vulnerabilities:

# npm audit report                                                                                                                                  

ansi-regex  >2.1.1 <5.0.1
Severity: moderate
 Inefficient Regular Expression Complexity in chalk/ansi-regex - https://github.com/advisories/GHSA-93q8-gq69-wqmw
fix available via `npm audit fix`
node_modules/ansi-regex

browserslist  4.0.0 - 4.16.4
Severity: moderate
Regular Expression Denial of Service in browserslist - https://github.com/advisories/GHSA-w8qv-6jwh-64r5
fix available via `npm audit fix`
node_modules/browserslist

hosted-git-info  <2.8.9
Severity: moderate
Regular Expression Denial of Service in hosted-git-info - https://github.com/advisories/GHSA-43f8-2h32-f4cj
fix available via `npm audit fix`
node_modules/hosted-git-info

path-parse  <1.0.7
Severity: moderate
Regular Expression Denial of Service in path-parse - https://github.com/advisories/GHSA-hj48-42vr-x3v9
fix available via `npm audit fix`
node_modules/path-parse

tmpl  <1.0.5
Severity: moderate
Regular Expression Denial of Service in tmpl - https://github.com/advisories/GHSA-jgrx-mgxx-jf9v
fix available via `npm audit fix`
node_modules/tmpl

ws  7.0.0 - 7.4.5
Severity: moderate
ReDoS in Sec-Websocket-Protocol header - https://github.com/advisories/GHSA-6fc8-4gx4-v693
fix available via `npm audit fix`
node_modules/ws
aspiers commented 2 years ago

@weijiekoh To create this I simply ran rpm audit fix. Presumably it's doing the correct thing - at least the security warnings have gone ;-)