Manually update elliptic to v6.5.7 for security update #774
Commits on Aug 14, 2024
-
Manually update elliptic to v6.5.7 for security update
Use `npm audit fix` to update one dependency in the lock. elliptic v2.0.0 - 6.5.6 affected: - Elliptic's ECDSA missing check for whether leading bit of r and s is zero - GHSA-977x-g7h5-7qgw - Elliptic's EDDSA missing signature length check - GHSA-f7q4-pwc6-w24p - Elliptic allows BER-encoded signatures - GHSA-49q7-c7j4-3p7m
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.