graphdb-workbench
Version:
The web application for GraphDB APIs
36 lines (35 loc) • 12.4 kB
JSON
{
"@types/jsrsasign@10.5.15": {
"licenses": "MIT",
"repository": "https://github.com/DefinitelyTyped/DefinitelyTyped",
"name": "@types/jsrsasign",
"version": "10.5.15",
"description": "TypeScript definitions for jsrsasign",
"path": "/home/ubuntu/workspace/PRO/GraphDB UI Jobs/workbench/graphdb-workbench-release/packages/api/node_modules/@types/jsrsasign",
"licenseFile": "/home/ubuntu/workspace/PRO/GraphDB UI Jobs/workbench/graphdb-workbench-release/packages/api/node_modules/@types/jsrsasign/LICENSE",
"licenseText": "MIT License\n\n Copyright (c) Microsoft Corporation.\n\n Permission is hereby granted, free of charge, to any person obtaining a copy\n of this software and associated documentation files (the \"Software\"), to deal\n in the Software without restriction, including without limitation the rights\n to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n copies of the Software, and to permit persons to whom the Software is\n furnished to do so, subject to the following conditions:\n\n The above copyright notice and this permission notice shall be included in all\n copies or substantial portions of the Software.\n\n THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n SOFTWARE"
},
"jsrsasign@11.1.0": {
"licenses": "MIT",
"repository": "https://github.com/kjur/jsrsasign",
"publisher": "Kenji Urushima",
"name": "jsrsasign",
"version": "11.1.0",
"description": "opensource free pure JavaScript cryptographic library supports RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp and CAdES and JSON Web Signature(JWS)/Token(JWT)/Key(JWK).",
"path": "/home/ubuntu/workspace/PRO/GraphDB UI Jobs/workbench/graphdb-workbench-release/packages/api/node_modules/jsrsasign",
"licenseFile": "/home/ubuntu/workspace/PRO/GraphDB UI Jobs/workbench/graphdb-workbench-release/packages/api/node_modules/jsrsasign/README.md",
"licenseText": "jsrsasign\r\n=========\r\n\r\n[](https://github.com/kjur/jsrsasign/blob/master/LICENSE.txt)\r\n[](https://libraries.io/bower/jsrsasign)\r\n[](https://badge.fury.io/js/jsrsasign)\r\n[](https://www.npmjs.com/package/jsrsasign)\r\n[](https://www.jsdelivr.com/package/npm/jsrsasign)\r\n[](https://cdnjs.com/libraries/jsrsasign)\r\n[](https://github.com/sponsors/kjur)\r\n[](https://github.com/kjur/jsrsasign#cryptocurrency)\r\n\r\njsrsasign [TOP](https://kjur.github.io/jsrsasign/) | [github](https://github.com/kjur/jsrsasign) | [Wiki](https://github.com/kjur/jsrsasign/wiki) | [DOWNLOADS](https://github.com/kjur/jsrsasign/releases) | [TUTORIALS](https://github.com/kjur/jsrsasign/wiki#programming-tutorial) | [API REFERENCE](https://kjur.github.io/jsrsasign/api/) | [Online Tool](https://github.com/kjur/jsrsasign/wiki/jsrsasign-Online-Tools) | [DEMO](https://github.com/kjur/jsrsasign/wiki/jsrsasign-Demo) | [NODE TOOL](https://github.com/kjur/jsrsasign/wiki/Sample-Node-Tool-List) | [AddOn](https://github.com/kjur/jsrsasign/wiki/jsrsasign-Add-On) | [DONATE](https://github.com/kjur/jsrsasign#donations)\r\n\r\nThe 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES JSON Web Signature/Token/Key in pure JavaScript.\r\n\r\nPublic page is https://kjur.github.io/jsrsasign .\r\n\r\nYour bugfix and pull request contribution are always welcomed :)\r\n\r\nNOTICE FOR COMMING 11.0.0 RELEASE\r\n---------------------------------\r\nThe \"jsrsasign\" library is a long lived JavaScript library from 2010 developed with old JavaScript style and backword compatibility. From coming release 11.0.0, following are planed and suport them gradually:\r\n- Stop to support Internet Explorer.\r\n- Stop to support bower.\r\n- Modern ECMA functions will be introduced such as Promise, let, Array methods or class.\r\n- API document generator will be changed from Jsdoc Toolkit to JSDoc3.\r\n- Module bandler will be used such as browserify or webpack.\r\n- Not to use YUI compressor.\r\n- Unit test framework will be changed from QUnit and mocha to jest.\r\n- W3C Web Crypto API support.\r\n- split into some modules besides jsrsasign have been all in package before 11.0.0.\r\n\r\nNEWS\r\n----\r\n- 2023-Mar-12: [10.7.0 Release](https://github.com/kjur/jsrsasign/releases/tag/10.7.0). Now supports custom X.509 extension and custom OIDs by new \"Add-on\" architecture. ([See here in detail](https://github.com/kjur/jsrsasign/wiki/jsrsasign-Add-On2))\r\n- 2021-Nov-21: [10.5.0 Release](https://github.com/kjur/jsrsasign/releases/tag/10.5.0). Now supports secp521r1(P-521) ECDSA.\r\n- 2021-Apr-14: [Security advisory](https://github.com/kjur/jsrsasign/security/advisories/GHSA-27fj-mc8w-j9wg) and [update](https://github.com/kjur/jsrsasign/releases/tag/10.2.0) for CVE-2021-30246 RSA signature validation vulnerability published\r\n- 2020-Oct-05: jsrsasign won [Google Open Source Peer Bonus Award](https://opensource.googleblog.com/2020/10/announcing-latest-google-open-source.html). Thank you Google.\r\n- 2020-Sep-23: 10.0.0 released for CMS SignedData related class including timestamp and CAdES architecture update\r\n- 2020-Aug-24: 9.1.0 released to new CRL APIs align with certificate\r\n- 2020-Aug-19: 9.0.0 released for major update of certificate and CSR generation and parsing without backward compatibility. Please see [migration guide](https://github.com/kjur/jsrsasign/wiki/NOTE-jsrsasign-8.0.x-to-9.0.0-Certificate-and-CSR-API-migration-guide) in detail.\r\n- 2020-Aug-02: twitter account [@jsrsasign](https://twitter.com/jsrsasign) started for announcement. please follow.\r\n\r\nHIGHLIGHTS\r\n----------\r\n- Swiss Army Knife style all in one package crypto and PKI library\r\n- available on [Node.js](https://www.npmjs.com/package/jsrsasign) and browsers\r\n- Long live open source software from 2010\r\n- very easy API to use\r\n- powerful various format key loader and ASN.1 API\r\n- rich document and samples\r\n- no dependency to other library\r\n- no dependency to [W3C Web Cryptography API](https://www.w3.org/TR/WebCryptoAPI/) nor [OpenSSL](https://www.openssl.org/)\r\n- no dependency on newer ECMAScirpt function. So old browsers also supported. \r\n- very popular crypto library with [1M+ npm downloads/month](https://npm-stat.com/charts.html?package=jsrsasign&from=2016-05-01&to=2023-04-20)\r\n- supports \"Add-on\" architecture\r\n\r\nINSTALL\r\n-------\r\n### Node NPM\r\n > npm install jsrsasign jsrsasign-util\r\n### Bower\r\n > bower install jsrsasign\r\n### Or include in HTML from many CDN sites\r\n > <script src=\"https://cdnjs.cloudflare.com/ajax/libs/jsrsasign/8.0.20/jsrsasign-all-min.js\"></script>\r\n\r\nUSAGE\r\n-----\r\n\r\nLoading encrypted PKCS#5 private key:\r\n\r\n > var rs = require('jsrsasign');\r\n > var rsu = require('jsrsasign-util');\r\n > var pem = rsu.readFile('z1.prv.p5e.pem');\r\n > var prvKey = rs.KEYUTIL.getKey(pem, 'passwd');\r\n\r\nSign string 'aaa' with the loaded private key:\r\n\r\n > var sig = new a.Signature({alg: 'SHA1withRSA'});\r\n > sig.init(prvKey);\r\n > sig.updateString('aaa');\r\n > var sigVal = sig.sign();\r\n > sigVal\r\n 'd764dcacb...'\r\n\r\nMORE TUTORIALS AND SAMPLES\r\n--------------------------\r\n- [Tutorials in GitHub Wiki](https://github.com/kjur/jsrsasign/wiki)\r\n- [Sample Node Scripts](https://github.com/kjur/jsrsasign/tree/master/sample_node)\r\n\r\n## RECENT SECURITY ADVISORY\r\n\r\n|published|fixed version|title/advisory|CVE|CVSS|\r\n|:---|:---|:---|:---|:---|\r\n|2022Jun24|10.5.25|[JWS and JWT signature validation vulnerability with special characters](https://github.com/kjur/jsrsasign/security/advisories/GHSA-3fvg-4v2m-98jf)|CVE-2022-25898|?|\r\n|2021Apr14|10.2.0|[RSA signature validation vulnerability on maleable encoded message](https://github.com/kjur/jsrsasign/security/advisories/GHSA-27fj-mc8w-j9wg)|CVE-2021-30246|9.1|\r\n|2020Jun22|8.0.19|[ECDSA signature validation vulnerability by accepting wrong ASN.1 encoding](https://github.com/kjur/jsrsasign/security/advisories/GHSA-p8c3-7rj8-q963)|CVE-2020-14966|5.5|\r\n|2020Jun22|8.0.18|[RSA RSAES-PKCS1-v1_5 and RSA-OAEP decryption vulnerability with prepending zeros](https://github.com/kjur/jsrsasign/security/advisories/GHSA-xxxq-chmp-67g4)|CVE-2020-14967|4.8|\r\n|2020Jun22|8.0.17|[RSA-PSS signature validation vulnerability by prepending zeros](https://github.com/kjur/jsrsasign/security/advisories/GHSA-q3gh-5r98-j4h3)|CVE-2020-14968|4.2|\r\n\r\nHere is [full published security advisory list](https://github.com/kjur/jsrsasign/security/advisories?state=published).\r\n\r\n## DONATIONS\r\n\r\nIf you like jsrsasign and my other project, you can support their development by donation through any of the platform/services below. Thank you as always.\r\n\r\n### Github Sponsors\r\nYou can sponsor jsrsasign with the [GitHub Sponsors](https://github.com/sponsors/kjur) program.\r\n\r\n### Cryptocurrency\r\nYou can donate cryptocurrency to jsrsasign using the following addresses:\r\n- Bitcoin(BTC): [34vSRe7XHoMy78HKgps9YJ5BrBLYJLeM22](https://en.cryptobadges.io/donate/34vSRe7XHoMy78HKgps9YJ5BrBLYJLeM22)\r\n- Ethereum(ETH): [0x9c4cdbb531e5b84796ff5f91a9f652704761e64e](https://en.cryptobadges.io/donate/0x9c4cdbb531e5b84796ff5f91a9f652704761e64e)\r\n- Litecoin(LTC): [LPf3VDJVamwPcNJNjjVtrUQuJQ17ZyWzeU](https://en.cryptobadges.io/donate/LPf3VDJVamwPcNJNjjVtrUQuJQ17ZyWzeU)\r\n- Bitcoin Cash(BCH): bitcoincash:pq3hy08pc9vm57q6ddgsc06cqdffmfzwwqxd9yejyf"
},
"single-spa@6.0.3": {
"licenses": "MIT",
"repository": "https://github.com/single-spa/single-spa",
"publisher": "Joel Denning",
"name": "single-spa",
"version": "6.0.3",
"description": "The router for easy microfrontends",
"path": "/home/ubuntu/workspace/PRO/GraphDB UI Jobs/workbench/graphdb-workbench-release/packages/api/node_modules/single-spa",
"licenseFile": "/home/ubuntu/workspace/PRO/GraphDB UI Jobs/workbench/graphdb-workbench-release/packages/api/node_modules/single-spa/LICENSE",
"licenseText": "License (MIT)\n\nCopyright (c) 2020 single-spa\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in\nall copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN\nTHE SOFTWARE.",
"copyright": "Copyright (c) 2020 single-spa"
}
}