Update the versions of node-forge and follow-redirects due to vulnerabilities.

2026-04-18 12:32:06 +09:00 · 2026-04-18 12:32:06 +09:00 · c642fd986c
parent 45995fd2ae
commit c642fd986c
3 changed files with 18 additions and 18 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -1,18 +1,18 @@
 {
  "name": "zgapdfsigner",
-  "version": "2.7.3",
+  "version": "2.7.6",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "zgapdfsigner",
-      "version": "2.7.3",
+      "version": "2.7.6",
      "license": "MIT",
      "dependencies": {
-        "follow-redirects": "1.15.6",
-        "node-forge": "1.3.1",
-        "pdf-fontkit": "1.8.9",
-        "pdf-lib": "1.17.1"
+        "follow-redirects": "^1.16.0",
+        "node-forge": "^1.4.0",
+        "pdf-fontkit": "^1.8.9",
+        "pdf-lib": "^1.17.1"
      },
      "devDependencies": {
        "google-closure-compiler": "^20231112.0.0"
@ -125,9 +125,9 @@
      "dev": true
    },
    "node_modules/follow-redirects": {
-      "version": "1.15.6",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz",
-      "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==",
+      "version": "1.16.0",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.16.0.tgz",
+      "integrity": "sha512-y5rN/uOsadFT/JfYwhxRS5R7Qce+g3zG97+JrtFZlC9klX/W5hD7iiLzScI4nZqUS7DNUdhPgw4xI8W2LuXlUw==",
      "funding": [
        {
          "type": "individual",
@ -218,9 +218,9 @@
      }
    },
    "node_modules/node-forge": {
-      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.3.1.tgz",
-      "integrity": "sha512-dPEtOeMvF9VMcYV/1Wb8CPoVAXtp6MKMlcbAt4ddqmGqUJ6fQZFXkNZNkNlfevtNkGtaSoXf/vNNNSvgrdXwtA==",
+      "version": "1.4.0",
+      "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.4.0.tgz",
+      "integrity": "sha512-LarFH0+6VfriEhqMMcLX2F7SwSXeWwnEAJEsYm5QKWchiVYVvJyV9v7UDvUv+w5HO23ZpQTXDv/GxdDdMyOuoQ==",
      "engines": {
        "node": ">= 6.13.0"
      }
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "zgapdfsigner",
-  "version": "2.7.5",
+  "version": "2.7.6",
  "author": "zboris12",
  "description": "A javascript tool to sign a pdf or set protection to a pdf in web browser, Google Apps Script and nodejs.",
  "homepage": "https://github.com/zboris12/zgapdfsigner",
@ -37,10 +37,10 @@
    "test2": "node test4node.js fetch"
  },
  "dependencies": {
-    "follow-redirects": "1.15.6",
-    "node-forge": "1.3.1",
-    "pdf-fontkit": "1.8.9",
-    "pdf-lib": "1.17.1"
+    "follow-redirects": "^1.16.0",
+    "node-forge": "^1.4.0",
+    "pdf-fontkit": "^1.8.9",
+    "pdf-lib": "^1.17.1"
  },
  "devDependencies": {
    "google-closure-compiler": "^20231112.0.0"
--- a/test4node.js
+++ b/test4node.js
@ -171,7 +171,7 @@ async function main1(angle){
 	}

 	if(pfxPath){
-		await sign_protect(pdfPath, pfxPath, ps, 1, imgPath, "あいうえおあいうえおか\r\n\nThis is a test of text!\n");
+		await sign_protect(pdfPath, pfxPath, ps, 1, imgPath, "あいうえおあいうえおか\r\n\nThis is a test of text!\n", fontPath);
 		if(Zga.PDFLib.isStandardFont(fontPath)){
 			pdfPath = await sign_protect(pdfPath, pfxPath, ps, 2, imgPath, "This is an another test of text!\n", fontPath);
 			pdfPath = await sign_protect(pdfPath, pfxPath, ps, 0, undefined, "This is a test for same font!\n", fontPath);