fix(security): upgrade web3 to upgrade elliptic > 6.5.4

Upgrade the web3 packages in besu connector and the hermes ODAP plugin to eliminate some of the security vulnerabilities that were reported by the robots. Fixes #1639 Signed-off-by: Peter Somogyvari <peter.somogyvari@accenture.com>
hyperledger · Dec 11, 2021 · 5513848 · 5513848
1 parent 6203d3e
commit 5513848
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 360 deletions.
diff --git a/packages/cactus-plugin-ledger-connector-besu/package.json b/packages/cactus-plugin-ledger-connector-besu/package.json
@@ -92,7 +92,7 @@
     "@hyperledger/cactus-test-tooling": "1.0.0-rc.3",
     "@types/express": "4.17.13",
     "socket.io": "4.1.3",
-    "web3-core": "1.5.1",
-    "web3-eth": "1.5.1"
+    "web3-core": "1.5.2",
+    "web3-eth": "1.5.2"
   }
 }
diff --git a/packages/cactus-plugin-odap-hermes/package.json b/packages/cactus-plugin-odap-hermes/package.json
@@ -85,7 +85,7 @@
     "tape": "5.2.2",
     "ts-node": "8.9.1",
     "typescript-optional": "2.0.1",
-    "web3": "1.2.7",
-    "web3-utils": "1.2.7"
+    "web3": "1.5.2",
+    "web3-utils": "1.5.2"
   }
 }