gnosis / dex-js / 1034
77%
develop: 100%

LAST BUILD BRANCH: master
DEFAULT BRANCH: develop
Ran
Jobs 1
Files 16
Run time 2s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
1034

push

travis-ci

web-flow 
[Security] Bump elliptic from 6.5.2 to 6.5.3 (#167)

Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3. **This update includes a security fix.**
<details>
<summary>Vulnerabilities fixed</summary>
<p><em>Sourced from <a href="https://github.com/advisories/GHSA-vh7m-p724-62c2">The GitHub Security Advisory Database</a>.</em></p>
<blockquote>
<p><strong>Signature Malleabillity in elliptic</strong>
The Elliptic package before version 6.5.3 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.</p>
<p>Affected versions: &lt; 6.5.3</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/indutny/elliptic/commit/8647803dc"><code>8647803</code></a> 6.5.3</li>
<li><a href="https://github.com/indutny/elliptic/commit/856fe4d99"><code>856fe4d</code></a> signature: prevent malleability and overflows</li>
<li>See full diff in <a href="https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=elliptic&package-manager=npm_and_yarn&previous-version=6.5.2&new-version=6.5.3)](https://dependabot.com/compatibility-score/?dependency-name=elliptic&package-manager=npm_and_yarn&previous-version=6.5.2&new-version=6.5.3)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase... (continued)

136 of 191 branches covered (71.2%)

Branch coverage included in aggregate %.

297 of 372 relevant lines covered (79.84%)

13.56 hits per line

Jobs
ID Job ID Ran Files Coverage
1 1034.1 0
76.91
 Travis Job 1034.1
Source Files on build 1034
Detailed source file information is not available for this build.