[Snyk] Upgrade ipfs-http-server from 0.1.4 to 0.15.1

[X-oss-byte]

Snyk has created this PR to upgrade ipfs-http-server from 0.1.4 to 0.15.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 231 versions ahead of your current version.

• The recommended version was released 2 years ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Information Exposure SNYK-JS-NODEFETCH-2342118	539	No Known Exploit

Release notes

Package name: ipfs-http-server

• 0.15.1 - 2023-05-25
  

  Bug Fixes

  • add deprecation notice to readmes (#4362) (7b79c1b)

  Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • ipfs-core-types bumped from ^0.14.0 to ^0.14.1
      • ipfs-message-port-protocol bumped from ^0.15.0 to ^0.15.1
• 0.15.0 - 2023-01-12
• 0.15.0-e64813f6 - 2023-05-24
• 0.15.0-b64d4af0 - 2023-02-01
• 0.15.0-ab02e8f8 - 2023-01-17
• 0.15.0-7b79c1b8 - 2023-05-25
• 0.15.0-6eeb1be5 - 2023-01-13
• 0.15.0-6d95ce08 - 2023-05-25
• 0.15.0-4694e806 - 2023-05-25
• 0.15.0-3bcabe38 - 2023-01-17
• 0.14.1-a77e40cc.0 - 2022-10-25
• 0.14.1-6be59068.0 - 2022-11-17
• 0.14.1-6ae5eb7d.0 - 2022-10-28
• 0.14.1-58e6f468.0 - 2022-10-25
• 0.14.0 - 2022-10-24
• 0.14.0-fa578bac - 2023-01-11
• 0.14.0-d1c3abb3 - 2023-01-11
• 0.14.0-789ee585 - 2023-01-11
• 0.14.0-5f73ecad - 2023-01-10
• 0.14.0-4b4c124c - 2023-01-11
• 0.13.3-dfc43d4e.0 - 2022-09-26
• 0.13.3-d75e0a39.0 - 2022-09-22
• 0.13.3-d1b0a8a7.0 - 2022-09-22
• 0.13.3-acbc1c62.0 - 2022-09-22
• 0.13.3-0cee4a4c.0 - 2022-10-24
• 0.13.2 - 2022-09-21
• 0.13.2-7304a0f4.0 - 2022-09-21
• 0.13.2-2a830bf5.0 - 2022-09-21
• 0.13.1 - 2022-09-21
  

  Bug Fixes

  • add deprecation notice to readmes (#4362) (7b79c1b)

  Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • ipfs-core-types bumped from ^0.14.0 to ^0.14.1
      • ipfs-http-response bumped from ^6.0.0 to ^6.0.1
• 0.13.1-b5456882.0 - 2022-09-16
• 0.13.1-7c676f63.0 - 2022-09-21
• 0.13.0 - 2022-09-07
• 0.12.6-a05695fc.0 - 2022-07-20
• 0.12.6-8f351a89.0 - 2022-08-17
• 0.12.6-83f9882e.0 - 2022-09-06
• 0.12.6-39dbf708.0 - 2022-08-17
• 0.12.6-051da161.0 - 2022-09-07
• 0.12.5 - 2022-06-24
• 0.12.5-00bd3dd0.0 - 2022-06-24
• 0.12.4 - 2022-06-23
• 0.12.4-7be50bd1.0 - 2022-06-22
• 0.12.3 - 2022-06-14
• 0.12.3-70e142ac.0 - 2022-06-13
• 0.12.2 - 2022-06-01
• 0.12.2-be025c89.0 - 2022-06-01
• 0.12.2-87e00a69.0 - 2022-06-01
• 0.12.2-764b4adc.0 - 2022-06-01
• 0.12.1 - 2022-05-30
  

  Bug Fixes

  • add deprecation notice to readmes (#4362) (7b79c1b)

  Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • ipfs-core-types bumped from ^0.14.0 to ^0.14.1
      • ipfs-grpc-protocol bumped from ^0.8.0 to ^0.8.1
    • devDependencies
      • ipfs-core bumped from ^0.18.0 to ^0.18.1
• 0.12.1-ddfb899f.0 - 2022-05-30
• 0.12.0 - 2022-05-30
• 0.11.4-919b27a8.0 - 2022-05-27
• 0.11.4-7165bf71.0 - 2022-05-16
• 0.11.4-4e93dd5d.0 - 2022-05-27
• 0.11.3 - 2022-04-26
• 0.11.3-e90b8f13.0 - 2022-04-05
• 0.11.3-8f7ce23c.0 - 2022-04-20
• 0.11.2 - 2022-04-05
• 0.11.2-df1bd1bb.0 - 2022-03-01
• 0.11.2-125d42ba.0 - 2022-03-01
• 0.11.2-1082fce9.0 - 2022-02-18
• 0.11.1 - 2022-02-07
• 0.11.1-8d260215.0 - 2022-01-27
• 0.11.1-709831f6.0 - 2022-02-06
• 0.11.1-3a74c110.0 - 2022-02-04
• 0.11.1-3a5d61d4.0 - 2022-01-27
• 0.11.1-383dc07d.0 - 2022-02-04
• 0.11.1-2c8ec080.0 - 2022-01-28
• 0.11.1-2afef2eb.0 - 2022-01-27
• 0.11.0 - 2022-01-27
• 0.10.1-rc.5 - 2022-01-21
• 0.10.1-rc.4 - 2022-01-20
• 0.10.1-rc.3 - 2022-01-13
• 0.10.1-rc.2 - 2021-12-17
• 0.10.1-rc.1 - 2021-12-16
• 0.10.1-rc.0 - 2021-12-15
• 0.10.1-fbe14923.0 - 2022-01-27
• 0.10.1-cca6e321.0 - 2022-01-27
• 0.10.1-a6b201af.0 - 2022-01-27
• 0.10.1-7fe0da57f.0 - 2022-01-26
• 0.10.1-6cb3a87e.0 - 2022-01-27
• 0.10.1-5439a0e.0 - 2022-01-26
• 0.10.0 - 2021-12-15
• 0.9.3-rc.13 - 2021-12-15
• 0.9.3-rc.12 - 2021-12-15
• 0.9.3-rc.11 - 2021-12-15
• 0.9.3-rc.10 - 2021-12-15
• 0.9.3-rc.9 - 2021-12-13
• 0.9.3-rc.8 - 2021-12-13
• 0.9.3-rc.7 - 2021-12-06
• 0.9.3-rc.6 - 2021-12-06
• 0.9.3-rc.5 - 2021-12-06
• 0.9.3-rc.4 - 2021-12-03
• 0.9.3-rc.3 - 2021-12-03
• 0.9.3-rc.2 - 2021-12-03
• 0.9.3-rc.1 - 2021-12-03
• 0.9.3-rc.0 - 2021-11-24
• 0.9.2 - 2021-11-24
• 0.9.2-rc.3 - 2021-11-24
• 0.9.2-rc.2 - 2021-11-22
• 0.9.2-rc.1 - 2021-11-19
• 0.9.2-rc.0 - 2021-11-19
• 0.9.1 - 2021-11-19
• 0.9.1-rc.1 - 2021-11-19
• 0.9.1-rc.0 - 2021-11-12
• 0.9.0 - 2021-11-12
• 0.8.2-rc.6 - 2021-11-12
• 0.8.2-rc.5 - 2021-11-04
• 0.8.2-rc.4 - 2021-10-08
• 0.8.2-rc.3 - 2021-10-02
• 0.8.2-rc.2 - 2021-09-30
• 0.8.2-rc.1 - 2021-09-30
• 0.8.2-rc.0 - 2021-09-28
• 0.8.1 - 2021-09-28
  

  Bug Fixes

  • add deprecation notice to readmes (#4362) (7b79c1b)
• 0.8.1-rc.5 - 2021-09-28
• 0.8.1-rc.3 - 2021-09-27
• 0.8.1-rc.2 - 2021-09-25
• 0.8.1-rc.1 - 2021-09-25
• 0.8.1-rc.0 - 2021-09-24
• 0.8.0 - 2021-09-24
• 0.7.7-rc.18 - 2021-09-24
• 0.7.7-rc.17 - 2021-09-24
• 0.7.7-rc.16 - 2021-09-23
• 0.7.7-rc.15 - 2021-09-23
• 0.7.7-rc.14 - 2021-09-23
• 0.7.7-rc.13 - 2021-09-23
• 0.7.7-rc.12 - 2021-09-23
• 0.7.7-rc.1 - 2021-09-21
• 0.7.7-rc.0 - 2021-09-17
• 0.7.6 - 2021-09-17
• 0.7.6-rc.0 - 2021-09-17
• 0.7.5 - 2021-09-17
• 0.7.5-rc.4 - 2021-09-17
• 0.7.5-rc.1 - 2021-09-14
• 0.7.4 - 2021-09-08
• 0.7.4-rc.5 - 2021-09-08
• 0.7.4-rc.4 - 2021-09-07
• 0.7.4-rc.2 - 2021-09-06
• 0.7.4-rc.1 - 2021-09-06
• 0.7.3 - 2021-09-02
• 0.7.3-rc.8 - 2021-09-02
• 0.7.3-rc.7 - 2021-09-02
• 0.7.3-rc.6 - 2021-08-31
• 0.7.3-rc.5 - 2021-08-26
• 0.7.3-rc.4 - 2021-08-26
• 0.7.3-rc.3 - 2021-08-26
• 0.7.3-rc.2 - 2021-08-26
• 0.7.2 - 2021-08-25
• 0.7.2-rc.7 - 2021-08-25
• 0.7.2-rc.6 - 2021-08-25
• 0.7.2-rc.4 - 2021-08-17
• 0.7.2-rc.1 - 2021-08-17
• 0.7.1 - 2021-08-17
• 0.7.1-rc.10 - 2021-08-17
• 0.7.1-rc.9 - 2021-08-17
• 0.7.1-rc.7 - 2021-08-16
• 0.7.1-rc.6 - 2021-08-12
• 0.7.1-rc.5 - 2021-08-12
• 0.7.1-rc.4 - 2021-08-12
• 0.7.0 - 2021-08-11
• 0.6.2-rc.11 - 2021-08-11
• 0.6.2-rc.10 - 2021-08-10
• 0.6.2-rc.8 - 2021-08-10
• 0.6.2-rc.6 - 2021-08-09
• 0.6.2-rc.3 - 2021-08-05
• 0.6.2-rc.2 - 2021-08-04
• 0.6.2-rc.1 - 2021-07-30
• 0.6.1 - 2021-07-30
• 0.6.1-rc.7 - 2021-07-30
• 0.6.1-rc.5 - 2021-07-28
• 0.6.1-rc.2 - 2021-07-28
• 0.6.1-rc.1 - 2021-07-28
• 0.6.0 - 2021-07-27
• 0.5.3-rc.17 - 2021-07-27
• 0.5.3-rc.14 - 2021-07-27
• 0.5.3-rc.11 - 2021-07-27
• 0.5.3-rc.9 - 2021-07-27
• 0.5.3-rc.8 - 2021-07-27
• 0.5.3-rc.6 - 2021-07-19
• 0.5.3-rc.3 - 2021-07-01
• 0.5.3-rc.2 - 2021-06-25
• 0.5.3-rc.1 - 2021-06-18
• 0.5.2 - 2021-06-18
• 0.5.2-rc.4 - 2021-06-18
• 0.5.2-rc.3 - 2021-06-18
• 0.5.2-rc.2 - 2021-06-15
• 0.5.2-rc.1 - 2021-06-10
• 0.5.1 - 2021-06-05
• 0.5.1-rc.4 - 2021-06-05
• 0.5.1-rc.3 - 2021-06-01
• 0.5.1-rc.1 - 2021-05-26
• 0.5.0 - 2021-05-26
• 0.4.1-rc.11 - 2021-05-25
• 0.4.1-rc.7 - 2021-05-25
• 0.4.1-rc.6 - 2021-05-13
• 0.4.1-rc.5 - 2021-05-11
• 0.4.1-rc.1 - 2021-05-11
• 0.4.0 - 2021-05-10
• 0.3.5 - 2021-05-07
• 0.3.5-rc.32 - 2021-05-10
• 0.3.5-rc.31 - 2021-05-10
• 0.3.5-rc.30 - 2021-05-07
• 0.3.5-rc.29 - 2021-05-07
• 0.3.5-rc.28 - 2021-05-06
• 0.3.5-rc.27 - 2021-05-06
• 0.3.5-rc.26 - 2021-05-04
• 0.3.5-rc.25 - 2021-05-04
• 0.3.5-rc.24 - 2021-05-04
• 0.3.5-rc.22 - 2021-05-04
• 0.3.5-rc.21 - 2021-05-02
• 0.3.5-rc.20 - 2021-05-01
• 0.3.5-rc.19 - 2021-04-30
• 0.3.5-rc.18 - 2021-04-30
• 0.3.5-rc.17 - 2021-04-29
• 0.3.5-rc.14 - 2021-04-28
• 0.3.5-rc.11 - 2021-04-28
• 0.3.5-rc.3 - 2021-03-31
• 0.3.4 - 2021-03-10
• 0.3.3 - 2021-03-09
• 0.3.3-rc.5 - 2021-02-22
• 0.3.3-rc.4 - 2021-02-21
• 0.3.2 - 2021-02-08
• 0.3.1 - 2021-02-02
• 0.3.0 - 2021-02-01
• 0.2.3-rc.3 - 2021-01-30
• 0.2.2 - 2021-01-22
• 0.2.1 - 2021-01-20
• 0.2.0 - 2021-01-15
• 0.1.5-rc.6 - 2021-01-15
• 0.1.5-rc.5 - 2021-01-13
• 0.1.5-rc.4 - 2020-12-18
• 0.1.5-rc.1 - 2020-12-18
• 0.1.4 - 2020-12-16

from ipfs-http-server GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Summary by Sourcery

Upgrade ipfs-http-server to version 0.15.1 to resolve a security vulnerability and update the lockfile accordingly.

Bug Fixes:

• Address medium severity information exposure vulnerability (SNYK-JS-NODEFETCH-2342118) by upgrading ipfs-http-server.

Enhancements:

• Upgrade ipfs-http-server dependency from 0.1.4 to 0.15.1.

Chores:

• Regenerate package-lock.json to reflect the dependency update.

[bolt-new-by-stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 67f5778

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[sourcery-ai]

Reviewer's Guide

This PR updates the ipfs-http-server dependency from v0.1.4 to v0.15.1 by bumping the version in package.json and regenerating the lock file to include the patched release addressing an information exposure vulnerability.

Sequence Diagram: Snyk's Automated Dependency Upgrade Process

sequenceDiagram
    actor Snyk as "Snyk Platform"
    participant Repository as "Code Repository"

    Snyk->>Repository: Periodically scans 'package.json'
    activate Snyk
    Repository-->>Snyk: Provides 'ipfs-http-server v0.1.4' and other dependencies
    deactivate Snyk

    Snyk->>Snyk: Detects 'Information Exposure' vulnerability in 'ipfs-http-server v0.1.4'
    Snyk->>Snyk: Identifies 'v0.15.1' as patched version

    Snyk->>Repository: Creates Pull Request to upgrade 'ipfs-http-server' to 'v0.15.1'
    activate Repository
    Note over Repository: PR contains changes to 'package.json' and 'package-lock.json'
    Repository-->>Snyk: Confirms PR creation
    deactivate Repository

Loading

File-Level Changes

Change	Details	Files
Bump ipfs-http-server version in dependencies	Updated version string from 0.1.4 to 0.15.1 Ensured compatibility with existing ipfs package	src/chains/filecoin/filecoin/package.json
Regenerate lock file for new dependency version	Updated ipfs-http-server entries to the new version Refreshed the dependency tree to reflect transitive changes	src/chains/filecoin/filecoin/package-lock.json

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.