@sudoplatform/sudo-secure-communications 5.5.1 → 5.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +96 -126
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sudoplatform/sudo-secure-communications",
|
|
3
|
-
"version": "5.5.
|
|
3
|
+
"version": "5.5.2",
|
|
4
4
|
"author": "Anonyome Labs, Inc.",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"repository": {
|
|
@@ -71,7 +71,7 @@
|
|
|
71
71
|
"@aws-sdk/credential-provider-cognito-identity": "^3.965.0",
|
|
72
72
|
"@aws-sdk/credential-providers": "^3.965.0",
|
|
73
73
|
"@aws-sdk/lib-storage": "^3.965.0",
|
|
74
|
-
"@matrix-org/matrix-sdk-crypto-wasm": "
|
|
74
|
+
"@matrix-org/matrix-sdk-crypto-wasm": "18.0.0",
|
|
75
75
|
"@sudoplatform/sudo-web-crypto-provider": "^10.0.1",
|
|
76
76
|
"@types/md5": "^2.3.6",
|
|
77
77
|
"async-mutex": "^0.5.0",
|
|
@@ -127,7 +127,7 @@
|
|
|
127
127
|
"@graphql-codegen/typed-document-node": "^6.1.4",
|
|
128
128
|
"@graphql-codegen/typescript": "^5.0.6",
|
|
129
129
|
"@graphql-codegen/typescript-operations": "^5.0.6",
|
|
130
|
-
"@matrix-org/matrix-sdk-crypto-nodejs": "
|
|
130
|
+
"@matrix-org/matrix-sdk-crypto-nodejs": "0.5.1",
|
|
131
131
|
"@sudoplatform/sudo-api-client": "^16.0.0",
|
|
132
132
|
"@sudoplatform/sudo-common": "^12.2.0",
|
|
133
133
|
"@sudoplatform/sudo-entitlements": "^18.0.0",
|
|
@@ -169,203 +169,173 @@
|
|
|
169
169
|
"packageManager": "yarn@4.12.0+sha512.f45ab632439a67f8bc759bf32ead036a1f413287b9042726b7cc4818b7b49e14e9423ba49b18f9e06ea4941c1ad062385b1d8760a8d5091a1a31e5f6219afca8",
|
|
170
170
|
"auditSuppressions": {
|
|
171
171
|
"1111987": {
|
|
172
|
-
"until":
|
|
173
|
-
"untilISO": "2026-
|
|
172
|
+
"until": 1785460570,
|
|
173
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
174
174
|
"reason": "Waiting for patch - @smithy/config-resolver"
|
|
175
175
|
},
|
|
176
|
-
"1112255": {
|
|
177
|
-
"until": 1777593599,
|
|
178
|
-
"untilISO": "2026-04-30T23:59:59Z",
|
|
179
|
-
"reason": "node-tar used by bufferutil by websocket"
|
|
180
|
-
},
|
|
181
|
-
"1112329": {
|
|
182
|
-
"until": 1777593599,
|
|
183
|
-
"untilISO": "2026-04-30T23:59:59Z",
|
|
184
|
-
"reason": "node-tar used by bufferutil by websocket"
|
|
185
|
-
},
|
|
186
176
|
"1112455": {
|
|
187
|
-
"until":
|
|
188
|
-
"untilISO": "2026-
|
|
177
|
+
"until": 1785460570,
|
|
178
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
189
179
|
"reason": "Waiting for patch - Lodash used by other sudo packages"
|
|
190
180
|
},
|
|
191
|
-
"1112659": {
|
|
192
|
-
"until": 1777593599,
|
|
193
|
-
"untilISO": "2026-04-30T23:59:59Z",
|
|
194
|
-
"reason": "node-tar used by node-gyp - requires tar >=7.5.8"
|
|
195
|
-
},
|
|
196
181
|
"1112686": {
|
|
197
|
-
"until":
|
|
198
|
-
"untilISO": "2026-
|
|
182
|
+
"until": 1785460570,
|
|
183
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
199
184
|
"reason": "eslint advisory - suppress until eslint can be upgraded to >=9.26.0"
|
|
200
185
|
},
|
|
201
186
|
"1112818": {
|
|
202
|
-
"until":
|
|
203
|
-
"untilISO": "2026-
|
|
187
|
+
"until": 1785460570,
|
|
188
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
204
189
|
"reason": "eslint advisory - suppress until eslint can be upgraded"
|
|
205
190
|
},
|
|
206
191
|
"1112862": {
|
|
207
|
-
"until":
|
|
208
|
-
"untilISO": "2026-
|
|
192
|
+
"until": 1785460570,
|
|
193
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
209
194
|
"reason": "eslint advisory - suppress until eslint can be upgraded"
|
|
210
195
|
},
|
|
211
196
|
"1112954": {
|
|
212
|
-
"until":
|
|
213
|
-
"untilISO": "2026-
|
|
197
|
+
"until": 1785460570,
|
|
198
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
214
199
|
"reason": "eslint advisory - suppress until eslint can be upgraded"
|
|
215
200
|
},
|
|
216
201
|
"1113190": {
|
|
217
|
-
"until":
|
|
218
|
-
"untilISO": "2026-
|
|
202
|
+
"until": 1785460570,
|
|
203
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
219
204
|
"reason": "markdown-it advisory used by typedoc"
|
|
220
205
|
},
|
|
221
|
-
"1113300": {
|
|
222
|
-
"until": 1777593599,
|
|
223
|
-
"untilISO": "2026-04-30T23:59:59Z",
|
|
224
|
-
"reason": "node-tar used by node-gyp"
|
|
225
|
-
},
|
|
226
|
-
"1113331": {
|
|
227
|
-
"until": 1777593599,
|
|
228
|
-
"untilISO": "2026-04-30T23:59:59Z",
|
|
229
|
-
"reason": "fast-xml-parser advisory - suppress until fast-xml-parser >=5.3.6"
|
|
230
|
-
},
|
|
231
206
|
"1113371": {
|
|
232
|
-
"until":
|
|
233
|
-
"untilISO": "2026-
|
|
207
|
+
"until": 1785460570,
|
|
208
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
234
209
|
"reason": "minimatch advisory used by tooling deps (typescript-eslint, eslint-plugin-import, glob, typedoc)"
|
|
235
210
|
},
|
|
236
|
-
"1113375": {
|
|
237
|
-
"until": 1777593599,
|
|
238
|
-
"untilISO": "2026-04-30T23:59:59Z",
|
|
239
|
-
"reason": "node-tar used by node-gyp"
|
|
240
|
-
},
|
|
241
211
|
"1113398": {
|
|
242
|
-
"until":
|
|
243
|
-
"untilISO": "2026-
|
|
212
|
+
"until": 1785460570,
|
|
213
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
244
214
|
"reason": "eslint advisory - suppress until eslint can be upgraded"
|
|
245
215
|
},
|
|
246
|
-
"1113407": {
|
|
247
|
-
"until": 1777593599,
|
|
248
|
-
"untilISO": "2026-04-30T23:59:59Z",
|
|
249
|
-
"reason": "fast-xml-parser advisory - suppress until fast-xml-parser can be bumped"
|
|
250
|
-
},
|
|
251
216
|
"1113459": {
|
|
252
|
-
"until":
|
|
253
|
-
"untilISO": "2026-
|
|
217
|
+
"until": 1785460570,
|
|
218
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
254
219
|
"reason": "minimatch ReDoS - transitive via eslint-plugin-import"
|
|
255
220
|
},
|
|
256
221
|
"1113465": {
|
|
257
|
-
"until":
|
|
258
|
-
"untilISO": "2026-
|
|
222
|
+
"until": 1785460570,
|
|
223
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
259
224
|
"reason": "minimatch ReDoS - transitive via typescript-eslint, typedoc"
|
|
260
225
|
},
|
|
261
226
|
"1113466": {
|
|
262
|
-
"until":
|
|
263
|
-
"untilISO": "2026-
|
|
227
|
+
"until": 1785460570,
|
|
228
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
264
229
|
"reason": "minimatch ReDoS - transitive via glob"
|
|
265
230
|
},
|
|
266
231
|
"1113538": {
|
|
267
|
-
"until":
|
|
268
|
-
"untilISO": "2026-
|
|
232
|
+
"until": 1785460570,
|
|
233
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
269
234
|
"reason": "minimatch ReDoS matchOne - transitive via eslint-plugin-import"
|
|
270
235
|
},
|
|
271
236
|
"1113544": {
|
|
272
|
-
"until":
|
|
273
|
-
"untilISO": "2026-
|
|
237
|
+
"until": 1785460570,
|
|
238
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
274
239
|
"reason": "minimatch ReDoS matchOne - transitive via typescript-eslint, typedoc"
|
|
275
240
|
},
|
|
276
241
|
"1113545": {
|
|
277
|
-
"until":
|
|
278
|
-
"untilISO": "2026-
|
|
242
|
+
"until": 1785460570,
|
|
243
|
+
"untilISO": "2026-07-31T01:16:10Z",
|
|
279
244
|
"reason": "minimatch ReDoS matchOne - transitive via glob"
|
|
280
245
|
},
|
|
281
246
|
"1113546": {
|
|
282
|
-
"until":
|
|
283
|
-
"untilISO": "2026-
|
|
247
|
+
"until": 1785460571,
|
|
248
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
284
249
|
"reason": "minimatch ReDoS extglobs - transitive via eslint-plugin-import"
|
|
285
250
|
},
|
|
286
251
|
"1113552": {
|
|
287
|
-
"until":
|
|
288
|
-
"untilISO": "2026-
|
|
252
|
+
"until": 1785460571,
|
|
253
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
289
254
|
"reason": "minimatch ReDoS extglobs - transitive via typescript-eslint, typedoc"
|
|
290
255
|
},
|
|
291
256
|
"1113553": {
|
|
292
|
-
"until":
|
|
293
|
-
"untilISO": "2026-
|
|
257
|
+
"until": 1785460571,
|
|
258
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
294
259
|
"reason": "minimatch ReDoS extglobs - transitive via glob"
|
|
295
260
|
},
|
|
296
|
-
"1113568": {
|
|
297
|
-
"until": 1777593599,
|
|
298
|
-
"untilISO": "2026-04-30T23:59:59Z",
|
|
299
|
-
"reason": "fast-xml-parser entity encoding bypass - transitive via @aws-sdk/xml-builder"
|
|
300
|
-
},
|
|
301
|
-
"1113569": {
|
|
302
|
-
"until": 1777593599,
|
|
303
|
-
"untilISO": "2026-04-30T23:59:59Z",
|
|
304
|
-
"reason": "fast-xml-parser DoS via entity expansion - transitive via @aws-sdk/xml-builder"
|
|
305
|
-
},
|
|
306
261
|
"1113714": {
|
|
307
|
-
"until":
|
|
308
|
-
"untilISO": "2026-
|
|
262
|
+
"until": 1785460571,
|
|
263
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
309
264
|
"reason": "ajv ReDoS via $data - transitive via eslint"
|
|
310
265
|
},
|
|
311
266
|
"1113977": {
|
|
312
|
-
"until":
|
|
313
|
-
"untilISO": "2026-
|
|
267
|
+
"until": 1785460571,
|
|
268
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
314
269
|
"reason": "http-proxy-agenty - suppress low severity advisory"
|
|
315
270
|
},
|
|
316
|
-
"1114153": {
|
|
317
|
-
"until": 1777593599,
|
|
318
|
-
"untilISO": "2026-04-30T23:59:59Z",
|
|
319
|
-
"reason": "fast-xml-parser stack overflow in XMLBuilder - transitive via @aws-sdk/xml-builder"
|
|
320
|
-
},
|
|
321
271
|
"1114158": {
|
|
322
|
-
"until":
|
|
323
|
-
"untilISO": "2026-
|
|
272
|
+
"until": 1785460571,
|
|
273
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
324
274
|
"reason": "immutable prototype pollution - suppress low severity advisory"
|
|
325
275
|
},
|
|
326
|
-
"1114200": {
|
|
327
|
-
"until": 1777593599,
|
|
328
|
-
"untilISO": "2026-04-30T23:59:59Z",
|
|
329
|
-
"reason": "tar hardlink path traversal - transitive via node-gyp"
|
|
330
|
-
},
|
|
331
|
-
"1114526": {
|
|
332
|
-
"until": 1777593599,
|
|
333
|
-
"untilISO": "2026-04-30T23:59:59Z",
|
|
334
|
-
"reason": "flatted: vulnerable to unbounded recursion DoS in parse() revive phase"
|
|
335
|
-
},
|
|
336
|
-
"1114680": {
|
|
337
|
-
"until": 1777593599,
|
|
338
|
-
"untilISO": "2026-04-30T23:59:59Z",
|
|
339
|
-
"reason": "Race Condition in node-tar: Path Reservations via Unicode Ligature Collisions on macOS APFS"
|
|
340
|
-
},
|
|
341
276
|
"1115339": {
|
|
342
|
-
"until":
|
|
343
|
-
"untilISO": "2026-
|
|
277
|
+
"until": 1785460571,
|
|
278
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
344
279
|
"reason": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections"
|
|
345
280
|
},
|
|
346
|
-
"
|
|
347
|
-
"until":
|
|
348
|
-
"untilISO": "2026-
|
|
349
|
-
"reason": "
|
|
281
|
+
"1115538": {
|
|
282
|
+
"until": 1785460571,
|
|
283
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
284
|
+
"reason": "handlebars JavaScript Injection via ts-jest@29.4.6 - suppress until ts-jest ships with fixed handlebars"
|
|
350
285
|
},
|
|
351
|
-
"
|
|
352
|
-
"until":
|
|
353
|
-
"untilISO": "2026-
|
|
354
|
-
"reason": "
|
|
286
|
+
"1115539": {
|
|
287
|
+
"until": 1785460571,
|
|
288
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
289
|
+
"reason": "handlebars JavaScript Injection via ts-jest@29.4.6 - suppress until ts-jest ships with fixed handlebars"
|
|
290
|
+
},
|
|
291
|
+
"1115540": {
|
|
292
|
+
"until": 1785460571,
|
|
293
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
294
|
+
"reason": "brace-expansion DoS via minimatch@3.1.2 - suppress until minimatch can be upgraded"
|
|
355
295
|
},
|
|
356
296
|
"1115541": {
|
|
357
|
-
"until":
|
|
358
|
-
"untilISO": "2026-
|
|
297
|
+
"until": 1785460571,
|
|
298
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
359
299
|
"reason": "brace-expansion DoS - suppress low severity advisory"
|
|
360
300
|
},
|
|
301
|
+
"1115544": {
|
|
302
|
+
"until": 1785460571,
|
|
303
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
304
|
+
"reason": "handlebars Prototype Pollution via ts-jest@29.4.6 - suppress until ts-jest ships with fixed handlebars"
|
|
305
|
+
},
|
|
306
|
+
"1115549": {
|
|
307
|
+
"until": 1785460571,
|
|
308
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
309
|
+
"reason": "picomatch POSIX Method Injection via micromatch - suppress until micromatch ships with picomatch >=2.3.2"
|
|
310
|
+
},
|
|
311
|
+
"1115551": {
|
|
312
|
+
"until": 1785460571,
|
|
313
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
314
|
+
"reason": "picomatch POSIX Method Injection via tinyglobby - suppress until tinyglobby ships with picomatch >=4.0.4"
|
|
315
|
+
},
|
|
316
|
+
"1115552": {
|
|
317
|
+
"until": 1785460571,
|
|
318
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
319
|
+
"reason": "picomatch ReDoS via micromatch - suppress until micromatch ships with picomatch >=2.3.2"
|
|
320
|
+
},
|
|
321
|
+
"1115554": {
|
|
322
|
+
"until": 1785460571,
|
|
323
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
324
|
+
"reason": "picomatch ReDoS via tinyglobby - suppress until tinyglobby ships with picomatch >=4.0.4"
|
|
325
|
+
},
|
|
361
326
|
"1115556": {
|
|
362
|
-
"until":
|
|
363
|
-
"untilISO": "2026-
|
|
327
|
+
"until": 1785460571,
|
|
328
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
364
329
|
"reason": "yaml stack overflow via deeply nested collections - suppress low severity advisory"
|
|
365
330
|
},
|
|
331
|
+
"1115588": {
|
|
332
|
+
"until": 1785460571,
|
|
333
|
+
"untilISO": "2026-07-31T01:16:11Z",
|
|
334
|
+
"reason": "handlebars Prototype Method Access Control Gap via ts-jest@29.4.6 - suppress until ts-jest ships with fixed handlebars"
|
|
335
|
+
},
|
|
366
336
|
"1117066": {
|
|
367
|
-
"until":
|
|
368
|
-
"untilISO": "2026-
|
|
337
|
+
"until": 1785460572,
|
|
338
|
+
"untilISO": "2026-07-31T01:16:12Z",
|
|
369
339
|
"reason": "immutable prototype pollution - transitive via @ardatan/relay-compiler, resolved via resolution override"
|
|
370
340
|
}
|
|
371
341
|
}
|