From b7197389d2b97ce25b79dbb5bbf3df61dc1c7263 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 18 Jul 2025 22:02:38 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 --- package-lock.json | 12 ++++++++---- package.json | 2 +- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index feeae5a125d7..a49cf2f1d67f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -60,7 +60,7 @@ "mdast-util-to-hast": "^12.3.0", "mdast-util-to-markdown": "2.0.0", "mdast-util-to-string": "^4.0.0", - "morgan": "^1.10.0", + "morgan": "^1.10.1", "msgpack5rpc": "^1.1.0", "next": "12.2.4", "ora": "^6.3.1", @@ -15490,14 +15490,16 @@ "license": "MIT" }, "node_modules/morgan": { - "version": "1.10.0", + "version": "1.10.1", + "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.1.tgz", + "integrity": "sha512-223dMRJtI/l25dJKWpgij2cMtywuG/WiUKXdvwfbhGKBhy1puASqXwFzmWZ7+K73vUPoR7SS2Qz2cI/g9MKw0A==", "license": "MIT", "dependencies": { "basic-auth": "~2.0.1", "debug": "2.6.9", "depd": "~2.0.0", "on-finished": "~2.3.0", - "on-headers": "~1.0.2" + "on-headers": "~1.1.0" }, "engines": { "node": ">= 0.8.0" @@ -16001,7 +16003,9 @@ } }, "node_modules/on-headers": { - "version": "1.0.2", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.1.0.tgz", + "integrity": "sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A==", "license": "MIT", "engines": { "node": ">= 0.8" diff --git a/package.json b/package.json index 6f70d9901a66..05c1d8125cbb 100644 --- a/package.json +++ b/package.json @@ -108,7 +108,7 @@ "mdast-util-to-hast": "^12.3.0", "mdast-util-to-markdown": "2.0.0", "mdast-util-to-string": "^4.0.0", - "morgan": "^1.10.0", + "morgan": "^1.10.1", "msgpack5rpc": "^1.1.0", "next": "12.2.4", "ora": "^6.3.1",