From afa8ed2599ca5ac680202ca6eec6cfd97a8e1afe Mon Sep 17 00:00:00 2001
From: aldousalvarez <aldousss.alvarez@gmail.com>
Date: Thu, 28 Jul 2022 16:51:00 +0800
Subject: [PATCH] fix(security): address CVE-2022-29244, CVE-2021-39135 Fixes
 #2136

Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
---
 examples/carbon-accounting/Dockerfile     | 2 +-
 examples/supply-chain-app/Dockerfile      | 2 +-
 packages/cactus-cmd-api-server/Dockerfile | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/examples/carbon-accounting/Dockerfile b/examples/carbon-accounting/Dockerfile
index e0ada229d0..cf74f0ead3 100644
--- a/examples/carbon-accounting/Dockerfile
+++ b/examples/carbon-accounting/Dockerfile
@@ -35,7 +35,7 @@ SHELL ["/bin/bash", "--login", "-i", "-c"]
 # Installing Node Version Manager (nvm)
 RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | bash
 RUN source ~/.bashrc && \
-    nvm install 16.8.0 && \
+    nvm install 16.15.1 && \
     npm install -g yarn && \
     yarn add @hyperledger/cactus-example-carbon-accounting-backend@0.9.1-ci-942.cbb849c6.35 --ignore-engines --production
 
diff --git a/examples/supply-chain-app/Dockerfile b/examples/supply-chain-app/Dockerfile
index 9b7cba8ac7..89016aeaa4 100644
--- a/examples/supply-chain-app/Dockerfile
+++ b/examples/supply-chain-app/Dockerfile
@@ -36,7 +36,7 @@ SHELL ["/bin/bash", "--login", "-i", "-c"]
 RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | bash
 ARG NPM_PKG_VERSION=latest
 RUN source ~/.bashrc && \
-    nvm install 16.8.0 && \
+    nvm install 16.15.1 && \
     npm install -g yarn && \
     yarn add @hyperledger/cactus-example-supply-chain-backend@${NPM_PKG_VERSION} --ignore-engines --production
 
diff --git a/packages/cactus-cmd-api-server/Dockerfile b/packages/cactus-cmd-api-server/Dockerfile
index bcf3ece5ea..91c690f3c2 100644
--- a/packages/cactus-cmd-api-server/Dockerfile
+++ b/packages/cactus-cmd-api-server/Dockerfile
@@ -50,7 +50,7 @@ ENV API_PORT=4000
 ENV LOG_LEVEL=INFO
 
 ENV NVM_DIR /home/${APP_USER}/.nvm
-ENV NODE_VERSION 16.3.0
+ENV NODE_VERSION 16.15.1
 ENV NODE_PATH $NVM_DIR/v$NODE_VERSION/lib/node_modules
 ENV PATH      $NVM_DIR/versions/node/v$NODE_VERSION/bin:$PATH
 
@@ -61,7 +61,7 @@ RUN curl https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | bash
   && nvm install $NODE_VERSION \
   && nvm alias default $NODE_VERSION \
   && nvm use default \
-  && npm install -g npm@7.19.1
+  && npm install -g npm@8.11.0
 
 RUN npm install -g yarn@1.22.17
 RUN yarn add @hyperledger/cactus-cmd-api-server@${NPM_PKG_VERSION} --production