[Snyk] Security upgrade openpgp from 4.10.10 to 5.0.0

[CoNETProject]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-NODEFETCH-2964180	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: openpgp

The new version differs by 197 commits.

• acafb28 5.0.0
• 4f1c474 5.0.0-6
• a599638 Docs: clarify content of returned `signatures` value in `openpgp.verify` and `decrypt`
• 3fa778a Add `config.rejectCurves` and prevent generating keys using blacklisted algorithms (#1395)
• f57d352 Set default `config.minRSABits` to 2047 (#1392)
• f59b0de 5.0.0-5
• da60fa0 Add security policy (#1388)
• d9829fc Throw on unrecognised configuration in top-level functions (#1387)
• 4b6189b Rename `config.tolerant` to `config.ignoreUnsupportedPackets`, add `config.ignoreMalformedPackets` (#1386)
• 3cd61ff TypeScript: add missing `config` options to the type definitions (#1385)
• 7ebdd6a Update dependencies (#1383)
• 1837077 5.0.0-4
• 5e99760 Update web-stream-tools
• 85d129a Export Subkey class (#1381)
• 1ac71a9 Github: add ISSUE_TEMPLATES (#1369)
• b604458 Rename `format: 'armor'` option to `format: 'armored'` in top-level functions (#1377)
• ce70484 Replace `armor` option with `format` in `openpgp.encrypt`, `sign` and `encryptSessionKey` (#1354)
• 53f54e1 Extend BaseStream<> from AsyncIterable<> (#1373)
• e450582 Update README to use `openpgp.readPrivateKey()` where applicable (#1362)
• 3886358 Remove `valid` and `error` from the verification result of `openpgp.verify` and `decrypt` (#1348)
• ed8db3d CI: Ignore unhandled rejections in tests in Safari 14.1 (#1371)
• ab22fe8 Lint: enforce single quotes and do not error on class methods without `this` (#1341)
• d238a02 Support using `Key.isPrivate()` for type inference, remove `Key.isPublic()` (#1347)
• f50abd8 Support passing a non-array value to `encryption/signingKeyIDs` in top-level functions (#1342)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.