Skip to content

Commit

Permalink
fix: replace node-ipc with @achrinza/node-ipc to further secure t…
Browse files Browse the repository at this point in the history
…he dependency chain
  • Loading branch information
haoqunjiang committed Mar 22, 2022
1 parent c38e755 commit d7a9881
Show file tree
Hide file tree
Showing 5 changed files with 21 additions and 21 deletions.
2 changes: 1 addition & 1 deletion packages/@vue/cli-shared-utils/lib/ipc.js
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
const ipc = require('node-ipc')
const ipc = require('@achrinza/node-ipc')

const DEFAULT_ID = process.env.VUE_CLI_IPC || 'vue-cli'
const DEFAULT_IDLE_TIMEOUT = 3000
Expand Down
2 changes: 1 addition & 1 deletion packages/@vue/cli-shared-utils/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
"execa": "^1.0.0",
"launch-editor": "^2.2.1",
"lru-cache": "^5.1.1",
"node-ipc": "9.2.1",
"@achrinza/node-ipc": "9.2.2",
"open": "^6.3.0",
"ora": "^3.4.0",
"read-pkg": "^5.1.1",
Expand Down
2 changes: 1 addition & 1 deletion packages/@vue/cli-ui/apollo-server/util/ipc.js
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
const ipc = require('node-ipc')
const ipc = require('@achrinza/node-ipc')
// Utils
const { log, dumpObject } = require('../util/logger')

Expand Down
2 changes: 1 addition & 1 deletion packages/@vue/cli-ui/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@
"lodash.merge": "^4.6.1",
"lowdb": "^1.0.0",
"lru-cache": "^5.1.1",
"node-ipc": "9.2.1",
"@achrinza/node-ipc": "9.2.2",
"node-notifier": "^9.0.0",
"parse-git-config": "^2.0.2",
"portfinder": "^1.0.26",
Expand Down
34 changes: 17 additions & 17 deletions yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,15 @@
# yarn lockfile v1


"@achrinza/[email protected]":
version "9.2.2"
resolved "https://registry.yarnpkg.com/@achrinza/node-ipc/-/node-ipc-9.2.2.tgz#ae1b5d3d6a9362034eea60c8d946b93893c2e4ec"
integrity sha512-b90U39dx0cU6emsOvy5hxU4ApNXnE3+Tuo8XQZfiKTGelDwpMwBVgBP7QX6dGTcJgu/miyJuNJ/2naFBliNWEw==
dependencies:
"@node-ipc/js-queue" "2.0.3"
event-pubsub "4.3.0"
js-message "1.0.7"

"@akryum/winattr@^3.0.0":
version "3.0.0"
resolved "https://registry.yarnpkg.com/@akryum/winattr/-/winattr-3.0.0.tgz#c345d49f8415583897e345729c12b3503927dd11"
Expand Down Expand Up @@ -2302,6 +2311,13 @@
call-me-maybe "^1.0.1"
glob-to-regexp "^0.3.0"

"@node-ipc/[email protected]":
version "2.0.3"
resolved "https://registry.yarnpkg.com/@node-ipc/js-queue/-/js-queue-2.0.3.tgz#ac7fe33d766fa53e233ef8fedaf3443a01c5a4cd"
integrity sha512-fL1wpr8hhD5gT2dA1qifeVaoDFlQR5es8tFuKqjHX+kdOtdNHnxkVZbtIrR2rxnMFvehkjaZRNV2H/gPXlb0hw==
dependencies:
easy-stack "1.0.1"

"@nodelib/[email protected]":
version "2.1.3"
resolved "https://registry.yarnpkg.com/@nodelib/fs.scandir/-/fs.scandir-2.1.3.tgz#3a582bdb53804c6ba6d146579c46e52130cf4a3b"
Expand Down Expand Up @@ -8234,7 +8250,7 @@ duplexify@^3.4.2, duplexify@^3.6.0:
readable-stream "^2.0.0"
stream-shift "^1.0.0"

easy-stack@^1.0.1:
[email protected]:
version "1.0.1"
resolved "https://registry.yarnpkg.com/easy-stack/-/easy-stack-1.0.1.tgz#8afe4264626988cabb11f3c704ccd0c835411066"
integrity sha512-wK2sCs4feiiJeFXn3zvY0p41mdU5VUgbgs1rNsc/y5ngFUijdWd+iIN8eoyuZHKB8xN6BL4PdWmzqFmxNg6V2w==
Expand Down Expand Up @@ -12502,13 +12518,6 @@ [email protected]:
resolved "https://registry.yarnpkg.com/js-message/-/js-message-1.0.7.tgz#fbddd053c7a47021871bb8b2c95397cc17c20e47"
integrity sha512-efJLHhLjIyKRewNS9EGZ4UpI8NguuL6fKkhRxVuMmrGV2xN/0APGdQYwLFky5w9naebSZ0OwAGp0G6/2Cg90rA==

[email protected]:
version "2.0.2"
resolved "https://registry.yarnpkg.com/js-queue/-/js-queue-2.0.2.tgz#0be590338f903b36c73d33c31883a821412cd482"
integrity sha512-pbKLsbCfi7kriM3s1J4DDCo7jQkI58zPLHi0heXPzPlj0hjUsm+FesPUbE0DSbIVIK503A36aUBoCN7eMFedkA==
dependencies:
easy-stack "^1.0.1"

"js-tokens@^3.0.0 || ^4.0.0", js-tokens@^4.0.0:
version "4.0.0"
resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499"
Expand Down Expand Up @@ -14609,15 +14618,6 @@ node-int64@^0.4.0:
resolved "https://registry.yarnpkg.com/node-int64/-/node-int64-0.4.0.tgz#87a9065cdb355d3182d8f94ce11188b825c68a3b"
integrity sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=

[email protected]:
version "9.2.1"
resolved "https://registry.yarnpkg.com/node-ipc/-/node-ipc-9.2.1.tgz#b32f66115f9d6ce841dc4ec2009d6a733f98bb6b"
integrity sha512-mJzaM6O3xHf9VT8BULvJSbdVbmHUKRNOH7zDDkCrA1/T+CVjq2WVIDfLt0azZRXpgArJtl3rtmEozrbXPZ9GaQ==
dependencies:
event-pubsub "4.3.0"
js-message "1.0.7"
js-queue "2.0.2"

"node-libs-browser@^1.0.0 || ^2.0.0", node-libs-browser@^2.2.1:
version "2.2.1"
resolved "https://registry.yarnpkg.com/node-libs-browser/-/node-libs-browser-2.2.1.tgz#b64f513d18338625f90346d27b0d235e631f6425"
Expand Down

0 comments on commit d7a9881

Please sign in to comment.