From 72e28f11f46d34ca24e3ee1f87f02e6a08552a83 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 2 Jul 2024 08:40:53 +0000 Subject: [PATCH] fix: Server/package.json & Server/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ASYNC-7414156 --- Server/package-lock.json | 80 +++++++++------------------------------- Server/package.json | 2 +- 2 files changed, 18 insertions(+), 64 deletions(-) diff --git a/Server/package-lock.json b/Server/package-lock.json index 6b7f4c58..886da7a7 100644 --- a/Server/package-lock.json +++ b/Server/package-lock.json @@ -1232,22 +1232,22 @@ "bundled": true, "optional": true }, - "string-width": { - "version": "1.0.2", + "string_decoder": { + "version": "1.1.1", "bundled": true, "optional": true, "requires": { - "code-point-at": "^1.0.0", - "is-fullwidth-code-point": "^1.0.0", - "strip-ansi": "^3.0.0" + "safe-buffer": "~5.1.0" } }, - "string_decoder": { - "version": "1.1.1", + "string-width": { + "version": "1.0.2", "bundled": true, "optional": true, "requires": { - "safe-buffer": "~5.1.0" + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" } }, "strip-ansi": { @@ -1739,12 +1739,6 @@ "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", "integrity": "sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=" }, - "memory-pager": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/memory-pager/-/memory-pager-1.5.0.tgz", - "integrity": "sha512-ZS4Bp4r/Zoeq6+NLJpP+0Zzm0pR8whtGPf1XExKLJBAczGMnSi3It14OiNCStjQjM6NU1okjQGSxgEZN8eBYKg==", - "optional": true - }, "merge-descriptors": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz", @@ -1814,30 +1808,17 @@ "safe-buffer": "^5.1.2" } }, - "mongodb-core": { - "version": "3.2.7", - "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-3.2.7.tgz", - "integrity": "sha512-WypKdLxFNPOH/Jy6i9z47IjG2wIldA54iDZBmHMINcgKOUcWJh8og+Wix76oGd7EyYkHJKssQ2FAOw5Su/n4XQ==", - "requires": { - "bson": "^1.1.1", - "require_optional": "^1.0.1", - "safe-buffer": "^5.1.2", - "saslprep": "^1.0.0" - } - }, "mongoose": { - "version": "5.6.13", - "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.6.13.tgz", - "integrity": "sha512-MGV2qSED8JFFwRXtR8ETxLRSaF15u5rAJQ0ejmp7/Z0gy6wFit32pKBQKvuEuYRoNYQmSsctUDngFnOByNPH4g==", + "version": "5.7.3", + "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.7.3.tgz", + "integrity": "sha512-CKCCCAhFnJRtmdmver8Ud9/NZ9m7D2H/xLgmrcL6cb9D4nril/idL8lsWWpBsJI81AOCVsktiZJ4X4vfo2S0fw==", "requires": { - "async": "2.6.2", "bson": "~1.1.1", "kareem": "2.3.1", - "mongodb": "3.2.7", - "mongodb-core": "3.2.7", + "mongodb": "3.3.2", "mongoose-legacy-pluralize": "1.0.2", "mpath": "0.6.0", - "mquery": "3.2.1", + "mquery": "3.2.2", "ms": "2.1.2", "regexp-clone": "1.0.0", "safe-buffer": "5.1.2", @@ -1845,15 +1826,6 @@ "sliced": "1.0.1" }, "dependencies": { - "mongodb": { - "version": "3.2.7", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.2.7.tgz", - "integrity": "sha512-2YdWrdf1PJgxcCrT1tWoL6nHuk6hCxhddAAaEh8QJL231ci4+P9FLyqopbTm2Z2sAU6mhCri+wd9r1hOcHdoMw==", - "requires": { - "mongodb-core": "3.2.7", - "safe-buffer": "^5.1.2" - } - }, "ms": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", @@ -1904,9 +1876,9 @@ "integrity": "sha512-i75qh79MJ5Xo/sbhxrDrPSEG0H/mr1kcZXJ8dH6URU5jD/knFxCVqVC/gVSW7GIXL/9hHWlT9haLbCXWOll3qw==" }, "mquery": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/mquery/-/mquery-3.2.1.tgz", - "integrity": "sha512-kY/K8QToZWTTocm0U+r8rqcJCp5PRl6e8tPmoDs5OeSO3DInZE2rAL6AYH+V406JTo8305LdASOQcxRDqHojyw==", + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/mquery/-/mquery-3.2.2.tgz", + "integrity": "sha512-XB52992COp0KP230I3qloVUbkLUxJIu328HBP2t2EsxSFtf4W1HPSOBWOXf1bqxK4Xbb66lfMJ+Bpfd9/yZE1Q==", "requires": { "bluebird": "3.5.1", "debug": "3.1.0", @@ -2269,15 +2241,6 @@ "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" }, - "saslprep": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/saslprep/-/saslprep-1.0.3.tgz", - "integrity": "sha512-/MY/PEMbk2SuY5sScONwhUDsV2p77Znkb/q3nSVstq/yQzYJOH/Azh29p9oJLsl3LnQwSvZDKagDGBsBwSooag==", - "optional": true, - "requires": { - "sparse-bitfield": "^3.0.3" - } - }, "sematext-agent-express": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/sematext-agent-express/-/sematext-agent-express-2.0.1.tgz", @@ -2364,7 +2327,7 @@ "sliced": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/sliced/-/sliced-1.0.1.tgz", - "integrity": "sha1-CzpmK10Ewxd7GSa+qCsD+Dei70E=" + "integrity": "sha512-VZBmZP8WU3sMOZm1bdgTadsQbcscK0UM8oKxKVBs4XAhUo2Xxzm/OFMGBkPusxw9xL3Uy8LrzEqGqJhclsr0yA==" }, "socket.io": { "version": "2.3.0", @@ -2485,15 +2448,6 @@ } } }, - "sparse-bitfield": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/sparse-bitfield/-/sparse-bitfield-3.0.3.tgz", - "integrity": "sha1-/0rm5oZWBWuks+eSqzM004JzyhE=", - "optional": true, - "requires": { - "memory-pager": "^1.0.2" - } - }, "spm-agent": { "version": "2.0.9", "resolved": "https://registry.npmjs.org/spm-agent/-/spm-agent-2.0.9.tgz", diff --git a/Server/package.json b/Server/package.json index 9c806fa1..81732a17 100644 --- a/Server/package.json +++ b/Server/package.json @@ -26,7 +26,7 @@ "helmet": "^3.22.0", "jsonwebtoken": "^8.5.1", "mongodb": "^3.3.2", - "mongoose": "^5.6.13", + "mongoose": "^5.7.3", "morgan": "^1.10.0", "morgan-json": "^1.1.0", "rate-limiter-flexible": "^2.1.7",