Skip to content

Commit

Permalink
fix: replace ip dependency due to security bug CVE-2024-29415
Browse files Browse the repository at this point in the history
  • Loading branch information
@bashmish
bashmish committed Jun 26, 2024
1 parent c4a1044 commit 39ff6ff
Show file tree
Hide file tree
Showing 11 changed files with 254 additions and 35 deletions.
8 changes: 8 additions & 0 deletions .changeset/lemon-suns-sneeze.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
'@web/test-runner-browserstack': patch
'@web/test-runner-saucelabs': patch
'@web/test-runner-core': patch
'@web/dev-server': patch
---

replace ip dependency due to security bug CVE-2024-29415
245 changes: 225 additions & 20 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion packages/dev-server/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@
"command-line-usage": "^7.0.1",
"debounce": "^1.2.0",
"deepmerge": "^4.2.2",
"ip": "^2.0.1",
"internal-ip": "^6.2.0",
"nanocolors": "^0.2.1",
"open": "^8.0.2",
"portfinder": "^1.0.32"
Expand Down
4 changes: 2 additions & 2 deletions packages/dev-server/src/logger/logStartMessage.ts
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
import { DevServerConfig } from '../config/DevServerConfig';
import { Logger } from '@web/dev-server-core';
import ip from 'ip';
import internalIp from 'internal-ip';
import { bold, cyan, white } from 'nanocolors';

const createAddress = (config: DevServerConfig, host: string, path: string) =>
`http${config.http2 ? 's' : ''}://${host}:${config.port}${path}`;

function logNetworkAddress(config: DevServerConfig, logger: Logger, openPath: string) {
try {
const address = ip.address();
const address = internalIp.v4.sync();
if (typeof address === 'string') {
logger.log(`${white('Network:')} ${cyan(createAddress(config, address, openPath))}`);
}
Expand Down
2 changes: 1 addition & 1 deletion packages/test-runner-browserstack/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@
"dependencies": {
"@web/test-runner-webdriver": "^0.8.0",
"browserstack-local": "^1.4.8",
"ip": "^2.0.1",
"internal-ip": "^6.2.0",
"nanoid": "^3.1.25"
},
"devDependencies": {
Expand Down
Loading

0 comments on commit 39ff6ff

Please sign in to comment.