[Snyk] Security upgrade elliptic from 6.5.0 to 6.5.4

[rmhrisk]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	No	No Known Exploit
	Timing Attack SNYK-JS-ELLIPTIC-511941	No	No Known Exploit
	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	No	Proof of Concept

Commit messages

Package name: elliptic

The new version differs by 15 commits.

• 43ac7f2 6.5.4
• f4bc72b package: bump deps
• 441b742 ec: validate that a point before deriving keys
• e71b2d9 lib: relint using eslint
• 8421a01 build(deps): bump elliptic from 6.4.1 to 6.5.3 (#231)
• 8647803 6.5.3
• 856fe4d signature: prevent malleability and overflows
• 6048941 6.5.2
• 9984964 package: bump dependencies
• ec735ed utils: leak less information in `getNAF()`
• 71e4e8e 6.5.1
• 7ec66ff short: add infinity check before multiplying
• ee7970b travis: really move on
• 637d021 travis: move on
• 5ed0bab package: update deps

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[Kharya1337]

@microshine could we make the changes related to this PR to update the dependency?