From 1b71748167e33583647c1bda15bfec328630bf97 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 9 Dec 2024 05:25:21 +0000
Subject: [PATCH] fix: server/package.json & server/package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MONGOOSE-8446504
---
 server/package-lock.json | 21 +++++++++++----------
 server/package.json      |  2 +-
 2 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/server/package-lock.json b/server/package-lock.json
index cbdfd43..f7b5341 100644
--- a/server/package-lock.json
+++ b/server/package-lock.json
@@ -20,7 +20,7 @@
         "class-validator": "^0.14.1",
         "cors": "^2.8.5",
         "mongodb": "^6.5.0",
-        "mongoose": "^8.3.4",
+        "mongoose": "^8.8.3",
         "passport": "^0.7.0",
         "passport-jwt": "^4.0.1",
         "reflect-metadata": "^0.2.1",
@@ -6630,12 +6630,13 @@
       }
     },
     "node_modules/mongodb": {
-      "version": "6.5.0",
-      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-6.5.0.tgz",
-      "integrity": "sha512-Fozq68InT+JKABGLqctgtb8P56pRrJFkbhW0ux+x1mdHeyinor8oNzJqwLjV/t5X5nJGfTlluxfyMnOXNggIUA==",
+      "version": "6.10.0",
+      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-6.10.0.tgz",
+      "integrity": "sha512-gP9vduuYWb9ZkDM546M+MP2qKVk5ZG2wPF63OvSRuUbqCR+11ZCAE1mOfllhlAG0wcoJY5yDL/rV3OmYEwXIzg==",
+      "license": "Apache-2.0",
       "dependencies": {
         "@mongodb-js/saslprep": "^1.1.5",
-        "bson": "^6.4.0",
+        "bson": "^6.7.0",
         "mongodb-connection-string-url": "^3.0.0"
       },
       "engines": {
@@ -6715,14 +6716,14 @@
       }
     },
     "node_modules/mongoose": {
-      "version": "8.3.4",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-8.3.4.tgz",
-      "integrity": "sha512-ckBaBzKgtWgCalW/LPkcBsR3wKCOYEJ9jLFPmYCYV7TLStpETY757ELx8/1stL11+6HxLLVffawBffXzd0Y7YA==",
+      "version": "8.8.3",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-8.8.3.tgz",
+      "integrity": "sha512-/I4n/DcXqXyIiLRfAmUIiTjj3vXfeISke8dt4U4Y8Wfm074Wa6sXnQrXN49NFOFf2mM1kUdOXryoBvkuCnr+Qw==",
       "license": "MIT",
       "dependencies": {
-        "bson": "^6.5.0",
+        "bson": "^6.7.0",
         "kareem": "2.6.3",
-        "mongodb": "6.5.0",
+        "mongodb": "~6.10.0",
         "mpath": "0.9.0",
         "mquery": "5.0.0",
         "ms": "2.1.3",
diff --git a/server/package.json b/server/package.json
index f431a74..a599b44 100644
--- a/server/package.json
+++ b/server/package.json
@@ -31,7 +31,7 @@
     "class-validator": "^0.14.1",
     "cors": "^2.8.5",
     "mongodb": "^6.5.0",
-    "mongoose": "^8.3.4",
+    "mongoose": "^8.8.3",
     "passport": "^0.7.0",
     "passport-jwt": "^4.0.1",
     "reflect-metadata": "^0.2.1",