From 4cc77ab44157764e003e0db242962384945dc2ad Mon Sep 17 00:00:00 2001
From: Pawel Zelawski <pawel.zelawski@outlook.com>
Date: Fri, 23 Jan 2026 11:08:47 +0100
Subject: Update digiid-ts to v2.0.0 - Fix ECDSA cryptanalysis vulnerability

- Upgraded digiid-ts from v1.1.1 to v2.0.0
- Resolved critical vulnerability in elliptic package (CVE for ECDSA signature cryptanalysis)
- Library now uses @noble/curves instead of bitcoinjs-message (removed elliptic dependency)
- Fixed additional low severity vulnerability in diff package
- All npm audit vulnerabilities now resolved (0 vulnerabilities)
- API unchanged, all existing code continues to work
---
 package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'package.json')

diff --git a/package.json b/package.json
index f63792f..8ac21d5 100644
--- a/package.json
+++ b/package.json
@@ -48,11 +48,11 @@
     "vite": "^6.2.6"
   },
   "dependencies": {
-    "digiid-ts": "^1.1.1",
+    "digiid-ts": "^2.0.0",
     "dotenv": "^16.4.5",
     "express": "^4.19.2",
     "qrcode": "^1.5.3",
     "react": "^18.3.1",
     "react-dom": "^18.3.1"
   }
-}
+}
\ No newline at end of file
-- 
cgit v1.2.3