Skip to content

Commit ada5188

Browse files
MikhusMikhus
committed
fix: vulerable deps
1 parent 83ecabf commit ada5188

File tree

8 files changed

+322
-325
lines changed

8 files changed

+322
-325
lines changed

package-lock.json

Lines changed: 252 additions & 307 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 13 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -39,36 +39,35 @@
3939
},
4040
"homepage": "https://github.com/imqueue/net",
4141
"dependencies": {
42-
"@types/node": "^24.0.10",
43-
"bigint-buffer": "^1.1.5",
42+
"@types/node": "^24.10.0",
4443
"ip-regex": "^5.0.0"
4544
},
4645
"devDependencies": {
4746
"@eslint/eslintrc": "^3.3.1",
48-
"@eslint/js": "^9.30.1",
49-
"@types/chai": "^5.2.2",
47+
"@eslint/js": "^9.39.1",
48+
"@types/chai": "^5.2.3",
5049
"@types/mocha": "^10.0.10",
5150
"@types/mock-require": "^3.0.0",
5251
"@types/sinon": "^17.0.4",
53-
"@typescript-eslint/eslint-plugin": "^8.35.1",
54-
"@typescript-eslint/parser": "^8.35.1",
55-
"@typescript-eslint/typescript-estree": "^8.35.1",
56-
"chai": "^5.2.0",
57-
"eslint": "^9.30.1",
52+
"@typescript-eslint/eslint-plugin": "^8.46.3",
53+
"@typescript-eslint/parser": "^8.46.3",
54+
"@typescript-eslint/typescript-estree": "^8.46.3",
55+
"chai": "^6.2.0",
56+
"eslint": "^9.39.1",
5857
"glob": "^11.0.3",
59-
"globals": "^16.3.0",
58+
"globals": "^16.5.0",
6059
"minimist": "^1.2.8",
61-
"mocha": "^11.7.1",
60+
"mocha": "^11.7.5",
6261
"mocha-lcov-reporter": "^1.3.0",
6362
"mock-require": "^3.0.3",
6463
"npm-scripts-help": "^0.8.0",
6564
"nyc": "^17.1.0",
66-
"open": "^10.1.2",
65+
"open": "^10.2.0",
6766
"sinon": "^21.0.0",
6867
"source-map-support": "^0.5.21",
6968
"ts-node": "^10.9.2",
70-
"typedoc": "^0.28.7",
71-
"typescript": "^5.8.3"
69+
"typedoc": "^0.28.14",
70+
"typescript": "^5.9.3"
7271
},
7372
"main": "index.js",
7473
"typescript": {

src/NetworkList.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@
2222
import { NetworkType, sizeOf } from './types';
2323
import { getType, ipToInt } from './ip-address';
2424
import { toBinaryList, toIntArray, toStringArray } from './binary-list';
25-
import { toBigIntLE } from 'bigint-buffer';
25+
import { toBigIntLE } from './bigint-buffer';
2626

2727
/**
2828
* Class NetworkList

src/bigint-buffer.ts

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
/*
2+
* Safe local replacements for bigint-buffer utilities: toBigIntLE and toBufferLE
3+
* Implemented to avoid dependency on vulnerable bigint-buffer package.
4+
*/
5+
6+
/**
7+
* Converts a little-endian buffer to a bigint value.
8+
*
9+
* @param {Buffer | Uint8Array} buf
10+
* @return {bigint}
11+
*/
12+
export function toBigIntLE(buf: Buffer | Uint8Array): bigint {
13+
const bytes = buf instanceof Buffer ? buf : Buffer.from(buf);
14+
let result = 0n;
15+
16+
for (let i = 0; i < bytes.length; i++) {
17+
result |= BigInt(bytes[i]) << (BigInt(i) * 8n);
18+
}
19+
20+
return result;
21+
}
22+
23+
/**
24+
* Converts a bigint value to a little-endian buffer of a given size.
25+
* Throws if the value does not fit into the requested size or is negative.
26+
*
27+
* @param {bigint} value
28+
* @param {number} size - number of bytes in the resulting buffer
29+
* @return {Buffer}
30+
*/
31+
export function toBufferLE(value: bigint, size: number): Buffer {
32+
if (!Number.isInteger(size) || size <= 0) {
33+
throw new RangeError('size must be a positive integer');
34+
}
35+
if (value < 0n) {
36+
throw new RangeError('value must be a non-negative bigint');
37+
}
38+
39+
const buf = Buffer.alloc(size);
40+
let v = value;
41+
42+
for (let i = 0; i < size; i++) {
43+
buf[i] = Number(v & 0xffn);
44+
v >>= 8n;
45+
}
46+
47+
if (v !== 0n) {
48+
throw new RangeError('value does not fit into the specified size');
49+
}
50+
51+
return buf;
52+
}

src/binary-list.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@
2222
import { NetworkType, sizeOf } from './types';
2323
import { getType } from './ip-address';
2424
import { cidrToRangeInt, intRangeToCidr } from './cidr';
25-
import { toBigIntLE, toBufferLE } from 'bigint-buffer';
25+
import { toBigIntLE, toBufferLE } from './bigint-buffer';
2626

2727
/**
2828
* Converts given array of CIDR networks to binary format, where all networks

src/index.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,3 +25,4 @@ export * from './types';
2525
export * from './binary-list';
2626
export * from './cidr';
2727
export * from './ip-address';
28+
export * from './bigint-buffer';

test/src/NetworkList.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@
2121
*/
2222
import { expect } from 'chai';
2323
import { NetworkList, NetworkType } from '../../src';
24-
import { toBufferLE } from 'bigint-buffer';
24+
import { toBufferLE } from '../../src';
2525
import ipv4mask32 from '../data/ipv4-32.json';
2626

2727
describe('NetworkList', () => {

test/src/Networks.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@
2121
*/
2222
import { expect } from 'chai';
2323
import { Networks, NetworkType } from '../../src';
24-
import { toBufferLE } from 'bigint-buffer';
24+
import { toBufferLE } from '../../src';
2525
import ipv4mask32 from '../data/ipv4-32.json';
2626

2727
describe('Networks', () => {

0 commit comments

Comments
 (0)