[Snyk] Fix for 2 vulnerabilities

[EchoSkorJjj]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

✨ Snyk has automatically assigned this pull request, set who gets assigned.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • authentication/package.json
  • authentication/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-AXIOS-6144788	No	No Known Exploit
	631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: axios

The new version differs by 6 commits.

• 8790b8e chore(release): v1.6.4 (#6173)
• 0ad520d chore(ci): fix notify action; (#6172)
• 3c0c11c fix(security): fixed formToJSON prototype pollution vulnerability; (#6167)
• 75af1cd fix(security): fixed security vulnerability in follow-redirects (#6163)
• 90864b3 docs: update logos
• 1542719 docs: updated headline sponsors

See the full diff

Package name: typeorm

The new version differs by 94 commits.

• b6ef306 updated glob version
• b5d2599 build(deps-dev): bump the npm_and_yarn group group with 1 update (#10591)
• 080528b fix: resolve circular dependency when using Vite (#10273)
• 338df16 feat: add support for table comment in MySQL (#10017)
• 15bc887 build: update CircleCI config & repair failing tests (#10590)
• b5ec088 docs: update Chinese faq.md (#10593)
• a00b1df feat: implement OR operator (#10086)
• dd59524 fix: prevent using absolute table path in migrations unless required (#10123)
• 4329996 docs: update Soft-Delete, Restore-Soft-Delete examples (#10585)
• 7ecc8f3 docs: updated id to _id (#10584)
• 8b4df5b fix: added fail callback while opening the database in Cordova (#10566)
• 173910e fix: should automatically cache if alwaysEnable (#10137)
• 73ee70b fix: correctly keep query.data from ormOption for commit / rollback subscribers (#10151)
• e67d704 feat: nullable embedded entities (#10289)
• 5c28154 feat: BeforeQuery and AfterQuery events (#10234)
• 0f11739 docs: fix typos (#10243)
• b188c1e chore: initial setup of ESLint (#10203)
• 25e6ecd fix: nested transactions issues (#10210)
• 3cda7ec feat: add isolated where statements (#10213)
• 149226d fix: backport postgres connection error handling to crdb (#10177)
• 122b683 fix: mssql datasource testonborrow not affecting anything (#10589)
• dc1bfed fix: resolve issues on upsert (#10588)
• a939654 fix: remove dynamic require calls (#10196)
• f6b87e3 perf: improve SapQueryRunner performance (#10198)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

👩‍💻 Set who automatically gets assigned

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution