[Security] Upgrade node-forge to 0.10.0 (#292)

shahar-h · web-flow · commit 277aab5c4c1c · 2020-09-16T14:37:42.000-06:00
node-forge < `0.10.0` has a prototype pollution vulnerability. this issue is resolved in 0.10.0. Note that Node.js 4 no longer supported with this version. See: https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677 https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md#0100---2020-09-01
diff --git a/package.json b/package.json
@@ -40,7 +40,7 @@
     "es6-promise": "^4.2.8",
     "lodash": "^4.17.15",
     "long": "^4.0.0",
-    "node-forge": "^0.8.5",
+    "node-forge": "^0.10.0",
     "pako": "^1.0.11",
     "process": "^0.11.10",
     "uuid": "^3.3.3"
