[Snyk] Fix for 1 vulnerabilities

[johanbook]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • services/api/package.json
  • services/api/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	601/1000 Why? Recently disclosed, Has a fix available, CVSS 6.3	Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @nestjs/platform-express

The new version differs by 250 commits.

• ed644e9 chore(@ nestjs) publish v10.4.5 release
• 0ea48d2 Merge pull request #13879 from frndvrgs/feat-opts-listen-method
• 508d2f3 Merge pull request #14060 from ezintz/fix-express-vulnerabilities
• 7cf4708 Merge pull request #13903 from nestjs/dependabot/npm_and_yarn/sample/31-graphql-federation-code-first/posts-application/multi-dabac980bd
• 8c2e03d Merge pull request #13917 from nestjs/dependabot/npm_and_yarn/sample/32-graphql-federation-schema-first/posts-application/micromatch-4.0.8
• 6ada824 Merge pull request #14064 from PattyTrish/cookie-vulnerability-update
• d2ca9ec Merge pull request #14066 from micalevisk/test/cover-validation-pipe-options
• 78b3f0c test(common): add tests for validation pipe on 'custom' types
• 980eb5b build(fastify): upgrade light-my-request to 6.1.0
• 160c3b3 build(express): upgrade to express 4.2.1
• d0f401a Merge pull request #14015 from nestjs/dependabot/npm_and_yarn/sample/10-fastify/find-my-way-8.2.2
• 89840ce Merge pull request #14039 from nestjs/dependabot/npm_and_yarn/sample/23-graphql-code-first/multi-1f9ae28231
• 9423743 Merge pull request #14040 from nestjs/dependabot/npm_and_yarn/sample/24-serve-static/multi-0b8bbc7c9e
• 9ee0224 Update Readme.md
• 93514fd chore(deps): bump send, @ nestjs/platform-express and express
• a46a7db chore(deps): bump serve-static, express and @ nestjs/platform-express
• 9825529 Merge pull request #14034 from nestjs/dependabot/npm_and_yarn/sample/28-sse/multi-5eb378ec3a
• 826ff4b Merge pull request #14035 from nestjs/dependabot/npm_and_yarn/sample/28-sse/multi-6ddc2c7951
• fd740b6 chore(deps): bump send and @ nestjs/platform-express in /sample/28-sse
• c936dec chore(deps): bump serve-static and @ nestjs/platform-express
• 47cda92 Merge pull request #14030 from nestjs/dependabot/npm_and_yarn/sample/25-dynamic-modules/multi-6ddc2c7951
• d70d0ba Merge pull request #14031 from nestjs/dependabot/npm_and_yarn/sample/25-dynamic-modules/multi-5eb378ec3a
• 0fbc2a6 chore(deps): bump serve-static and @ nestjs/platform-express
• fa56e58 chore(deps): bump send and @ nestjs/platform-express

See the full diff

Package name: @nestjs/platform-fastify

The new version differs by 250 commits.

• ed644e9 chore(@ nestjs) publish v10.4.5 release
• 0ea48d2 Merge pull request #13879 from frndvrgs/feat-opts-listen-method
• 508d2f3 Merge pull request #14060 from ezintz/fix-express-vulnerabilities
• 7cf4708 Merge pull request #13903 from nestjs/dependabot/npm_and_yarn/sample/31-graphql-federation-code-first/posts-application/multi-dabac980bd
• 8c2e03d Merge pull request #13917 from nestjs/dependabot/npm_and_yarn/sample/32-graphql-federation-schema-first/posts-application/micromatch-4.0.8
• 6ada824 Merge pull request #14064 from PattyTrish/cookie-vulnerability-update
• d2ca9ec Merge pull request #14066 from micalevisk/test/cover-validation-pipe-options
• 78b3f0c test(common): add tests for validation pipe on 'custom' types
• 980eb5b build(fastify): upgrade light-my-request to 6.1.0
• 160c3b3 build(express): upgrade to express 4.2.1
• d0f401a Merge pull request #14015 from nestjs/dependabot/npm_and_yarn/sample/10-fastify/find-my-way-8.2.2
• 89840ce Merge pull request #14039 from nestjs/dependabot/npm_and_yarn/sample/23-graphql-code-first/multi-1f9ae28231
• 9423743 Merge pull request #14040 from nestjs/dependabot/npm_and_yarn/sample/24-serve-static/multi-0b8bbc7c9e
• 9ee0224 Update Readme.md
• 93514fd chore(deps): bump send, @ nestjs/platform-express and express
• a46a7db chore(deps): bump serve-static, express and @ nestjs/platform-express
• 9825529 Merge pull request #14034 from nestjs/dependabot/npm_and_yarn/sample/28-sse/multi-5eb378ec3a
• 826ff4b Merge pull request #14035 from nestjs/dependabot/npm_and_yarn/sample/28-sse/multi-6ddc2c7951
• fd740b6 chore(deps): bump send and @ nestjs/platform-express in /sample/28-sse
• c936dec chore(deps): bump serve-static and @ nestjs/platform-express
• 47cda92 Merge pull request #14030 from nestjs/dependabot/npm_and_yarn/sample/25-dynamic-modules/multi-6ddc2c7951
• d70d0ba Merge pull request #14031 from nestjs/dependabot/npm_and_yarn/sample/25-dynamic-modules/multi-5eb378ec3a
• 0fbc2a6 chore(deps): bump serve-static and @ nestjs/platform-express
• fa56e58 chore(deps): bump send and @ nestjs/platform-express

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)