From b7883b3c33235a817fc537ef21744a748747d392 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 2 Mar 2024 04:40:58 +0000 Subject: [PATCH 1/6] fix: upgrade @snyk/protect from 1.1272.0 to 1.1278.0 Snyk has created this PR to upgrade @snyk/protect from 1.1272.0 to 1.1278.0. See this package in npm: https://www.npmjs.com/package/@snyk/protect See this project in Snyk: https://app.snyk.io/org/buckinghamaj/project/89c51236-80de-4eed-9524-563dc02e4c88?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 14 +++++++------- package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2761085..b131ba4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10,7 +10,7 @@ "license": "ISC", "dependencies": { "@albertcrowley/winston-pg-native": "github:albertcrowley/winston-pg-native", - "@snyk/protect": "^1.1206.0", + "@snyk/protect": "^1.1278.0", "body-parser": "^1.20.2", "cas-authentication": "0.0.8", "clone-deep": "^4.0.1", @@ -2055,9 +2055,9 @@ "dev": true }, "node_modules/@snyk/protect": { - "version": "1.1272.0", - "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.1272.0.tgz", - "integrity": "sha512-lsCPHJ2ZdI8m/FRI2y38EH4oqmR2gHEI0lD/CxDwSiSeUHtYYHt6taDDD2wdfYManfpCU15RReFw2iRzd6pOsQ==", + "version": "1.1278.0", + "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.1278.0.tgz", + "integrity": "sha512-HIbY+ZclFyqGWznsG5zy0DkyIVFtKNVdAbS989snkzcmYi3FDioU6VYC+DN/BnGlspuE9WkYqtLUkO5gO4VmhA==", "bin": { "snyk-protect": "bin/snyk-protect" }, @@ -16942,9 +16942,9 @@ "dev": true }, "@snyk/protect": { - "version": "1.1272.0", - "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.1272.0.tgz", - "integrity": "sha512-lsCPHJ2ZdI8m/FRI2y38EH4oqmR2gHEI0lD/CxDwSiSeUHtYYHt6taDDD2wdfYManfpCU15RReFw2iRzd6pOsQ==" + "version": "1.1278.0", + "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.1278.0.tgz", + "integrity": "sha512-HIbY+ZclFyqGWznsG5zy0DkyIVFtKNVdAbS989snkzcmYi3FDioU6VYC+DN/BnGlspuE9WkYqtLUkO5gO4VmhA==" }, "@tootallnate/once": { "version": "1.1.2", diff --git a/package.json b/package.json index ffd43d2..b5ede33 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "ISC", "dependencies": { "@albertcrowley/winston-pg-native": "github:albertcrowley/winston-pg-native", - "@snyk/protect": "^1.1206.0", + "@snyk/protect": "^1.1278.0", "body-parser": "^1.20.2", "cas-authentication": "0.0.8", "clone-deep": "^4.0.1", From 660c0e40832a1c9ae0e341643bfa873a4c3b2352 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 2 Mar 2024 04:41:02 +0000 Subject: [PATCH 2/6] fix: upgrade openid-client from 5.6.1 to 5.6.4 Snyk has created this PR to upgrade openid-client from 5.6.1 to 5.6.4. See this package in npm: https://www.npmjs.com/package/openid-client See this project in Snyk: https://app.snyk.io/org/buckinghamaj/project/89c51236-80de-4eed-9524-563dc02e4c88?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 18 +++++++++--------- package.json | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2761085..f729513 100644 --- a/package-lock.json +++ b/package-lock.json @@ -28,7 +28,7 @@ "ms": "^2.1.3", "node-fetch": "^2.7.0", "nodemailer": "^6.9.5", - "openid-client": "^5.6.1", + "openid-client": "^5.6.4", "pg": "^8.11.3", "pg-hstore": "^2.3.4", "sequelize": "^6.33.0", @@ -11748,11 +11748,11 @@ } }, "node_modules/openid-client": { - "version": "5.6.1", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.6.1.tgz", - "integrity": "sha512-PtrWsY+dXg6y8mtMPyL/namZSYVz8pjXz3yJiBNZsEdCnu9miHLB4ELVC85WvneMKo2Rg62Ay7NkuCpM0bgiLQ==", + "version": "5.6.4", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.6.4.tgz", + "integrity": "sha512-T1h3B10BRPKfcObdBklX639tVz+xh34O7GjofqrqiAQdm7eHsQ00ih18x6wuJ/E6FxdtS2u3FmUGPDeEcMwzNA==", "dependencies": { - "jose": "^4.15.1", + "jose": "^4.15.4", "lru-cache": "^6.0.0", "object-hash": "^2.2.0", "oidc-token-hash": "^5.0.3" @@ -24573,11 +24573,11 @@ } }, "openid-client": { - "version": "5.6.1", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.6.1.tgz", - "integrity": "sha512-PtrWsY+dXg6y8mtMPyL/namZSYVz8pjXz3yJiBNZsEdCnu9miHLB4ELVC85WvneMKo2Rg62Ay7NkuCpM0bgiLQ==", + "version": "5.6.4", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.6.4.tgz", + "integrity": "sha512-T1h3B10BRPKfcObdBklX639tVz+xh34O7GjofqrqiAQdm7eHsQ00ih18x6wuJ/E6FxdtS2u3FmUGPDeEcMwzNA==", "requires": { - "jose": "^4.15.1", + "jose": "^4.15.4", "lru-cache": "^6.0.0", "object-hash": "^2.2.0", "oidc-token-hash": "^5.0.3" diff --git a/package.json b/package.json index ffd43d2..4b07eb6 100644 --- a/package.json +++ b/package.json @@ -46,7 +46,7 @@ "ms": "^2.1.3", "node-fetch": "^2.7.0", "nodemailer": "^6.9.5", - "openid-client": "^5.6.1", + "openid-client": "^5.6.4", "pg": "^8.11.3", "pg-hstore": "^2.3.4", "sequelize": "^6.33.0", From 5d0d660036893b048037fdb8cbda15044bd00e61 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 2 Mar 2024 04:41:05 +0000 Subject: [PATCH 3/6] fix: upgrade express-session from 1.17.3 to 1.18.0 Snyk has created this PR to upgrade express-session from 1.17.3 to 1.18.0. See this package in npm: https://www.npmjs.com/package/express-session See this project in Snyk: https://app.snyk.io/org/buckinghamaj/project/89c51236-80de-4eed-9524-563dc02e4c88?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 44 +++++++++++++++++++++++++++----------------- package.json | 2 +- 2 files changed, 28 insertions(+), 18 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2761085..874c11b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -17,7 +17,7 @@ "cors": "^2.8.5", "cron": "^1.8.2", "express": "^4.17.1", - "express-session": "^1.17.3", + "express-session": "^1.18.0", "express-winston": "^3.4.0", "flatted": "^3.2.9", "json2csv": "^5.0.7", @@ -4972,12 +4972,12 @@ } }, "node_modules/express-session": { - "version": "1.17.3", - "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.3.tgz", - "integrity": "sha512-4+otWXlShYlG1Ma+2Jnn+xgKUZTMJ5QD3YvfilX3AcocOAbIkVylSWEklzALe/+Pu4qV6TYBj5GwOBFfdKqLBw==", + "version": "1.18.0", + "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.18.0.tgz", + "integrity": "sha512-m93QLWr0ju+rOwApSsyso838LQwgfs44QtOP/WBiwtAgPIo/SAh1a5c6nn2BR6mFNZehTpqKDESzP+fRHVbxwQ==", "dependencies": { - "cookie": "0.4.2", - "cookie-signature": "1.0.6", + "cookie": "0.6.0", + "cookie-signature": "1.0.7", "debug": "2.6.9", "depd": "~2.0.0", "on-headers": "~1.0.2", @@ -4990,13 +4990,18 @@ } }, "node_modules/express-session/node_modules/cookie": { - "version": "0.4.2", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", - "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==", + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", + "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==", "engines": { "node": ">= 0.6" } }, + "node_modules/express-session/node_modules/cookie-signature": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.7.tgz", + "integrity": "sha512-NXdYc3dLr47pBkpUCHtKSwIOQXLVn8dZEuywboCOJY/osA0wFSLlSawr3KN8qXJEyX66FcONTH8EIlVuK0yyFA==" + }, "node_modules/express-session/node_modules/depd": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", @@ -19386,12 +19391,12 @@ } }, "express-session": { - "version": "1.17.3", - "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.3.tgz", - "integrity": "sha512-4+otWXlShYlG1Ma+2Jnn+xgKUZTMJ5QD3YvfilX3AcocOAbIkVylSWEklzALe/+Pu4qV6TYBj5GwOBFfdKqLBw==", + "version": "1.18.0", + "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.18.0.tgz", + "integrity": "sha512-m93QLWr0ju+rOwApSsyso838LQwgfs44QtOP/WBiwtAgPIo/SAh1a5c6nn2BR6mFNZehTpqKDESzP+fRHVbxwQ==", "requires": { - "cookie": "0.4.2", - "cookie-signature": "1.0.6", + "cookie": "0.6.0", + "cookie-signature": "1.0.7", "debug": "2.6.9", "depd": "~2.0.0", "on-headers": "~1.0.2", @@ -19401,9 +19406,14 @@ }, "dependencies": { "cookie": { - "version": "0.4.2", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", - "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==" + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", + "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==" + }, + "cookie-signature": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.7.tgz", + "integrity": "sha512-NXdYc3dLr47pBkpUCHtKSwIOQXLVn8dZEuywboCOJY/osA0wFSLlSawr3KN8qXJEyX66FcONTH8EIlVuK0yyFA==" }, "depd": { "version": "2.0.0", diff --git a/package.json b/package.json index ffd43d2..e268aa6 100644 --- a/package.json +++ b/package.json @@ -35,7 +35,7 @@ "cors": "^2.8.5", "cron": "^1.8.2", "express": "^4.17.1", - "express-session": "^1.17.3", + "express-session": "^1.18.0", "express-winston": "^3.4.0", "flatted": "^3.2.9", "json2csv": "^5.0.7", From 7792b0478c8d97dfe05d2c6487d7e4b80595d23a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 2 Mar 2024 04:41:09 +0000 Subject: [PATCH 4/6] fix: upgrade sequelize from 6.35.2 to 6.36.0 Snyk has created this PR to upgrade sequelize from 6.35.2 to 6.36.0. See this package in npm: https://www.npmjs.com/package/sequelize See this project in Snyk: https://app.snyk.io/org/buckinghamaj/project/89c51236-80de-4eed-9524-563dc02e4c88?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 14 +++++++------- package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2761085..60e9c33 100644 --- a/package-lock.json +++ b/package-lock.json @@ -31,7 +31,7 @@ "openid-client": "^5.6.1", "pg": "^8.11.3", "pg-hstore": "^2.3.4", - "sequelize": "^6.33.0", + "sequelize": "^6.36.0", "sequelize-cli": "^6.6.1", "umzug": "^2.3.0", "winston": "^3.11.0" @@ -12933,9 +12933,9 @@ } }, "node_modules/sequelize": { - "version": "6.35.2", - "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-6.35.2.tgz", - "integrity": "sha512-EdzLaw2kK4/aOnWQ7ed/qh3B6/g+1DvmeXr66RwbcqSm/+QRS9X0LDI5INBibsy4eNJHWIRPo3+QK0zL+IPBHg==", + "version": "6.36.0", + "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-6.36.0.tgz", + "integrity": "sha512-PqOa11EHwA/zLmGDU4aynbsavbHJUlgRvFuC/2cA4LhOuV6NHKcQ0IXB+hNdFrGT3rULmvc4kdIwnfCNsrECMQ==", "funding": [ { "type": "opencollective", @@ -25515,9 +25515,9 @@ } }, "sequelize": { - "version": "6.35.2", - "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-6.35.2.tgz", - "integrity": "sha512-EdzLaw2kK4/aOnWQ7ed/qh3B6/g+1DvmeXr66RwbcqSm/+QRS9X0LDI5INBibsy4eNJHWIRPo3+QK0zL+IPBHg==", + "version": "6.36.0", + "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-6.36.0.tgz", + "integrity": "sha512-PqOa11EHwA/zLmGDU4aynbsavbHJUlgRvFuC/2cA4LhOuV6NHKcQ0IXB+hNdFrGT3rULmvc4kdIwnfCNsrECMQ==", "requires": { "@types/debug": "^4.1.8", "@types/validator": "^13.7.17", diff --git a/package.json b/package.json index ffd43d2..693a4ce 100644 --- a/package.json +++ b/package.json @@ -49,7 +49,7 @@ "openid-client": "^5.6.1", "pg": "^8.11.3", "pg-hstore": "^2.3.4", - "sequelize": "^6.33.0", + "sequelize": "^6.36.0", "sequelize-cli": "^6.6.1", "umzug": "^2.3.0", "winston": "^3.11.0" From 8b1170246b19f1a4461e1ceb1e7a7c6c3ad02bb6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 13 Mar 2024 00:39:18 +0000 Subject: [PATCH 5/6] fix: upgrade flatted from 3.2.9 to 3.3.0 Snyk has created this PR to upgrade flatted from 3.2.9 to 3.3.0. See this package in npm: https://www.npmjs.com/package/flatted See this project in Snyk: https://app.snyk.io/org/buckinghamaj/project/89c51236-80de-4eed-9524-563dc02e4c88?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 14 +++++++------- package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2761085..0af7cbb 100644 --- a/package-lock.json +++ b/package-lock.json @@ -19,7 +19,7 @@ "express": "^4.17.1", "express-session": "^1.17.3", "express-winston": "^3.4.0", - "flatted": "^3.2.9", + "flatted": "^3.3.0", "json2csv": "^5.0.7", "jsonwebtoken": "^8.5.1", "lodash": "^4.17.21", @@ -5528,9 +5528,9 @@ } }, "node_modules/flatted": { - "version": "3.2.9", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.9.tgz", - "integrity": "sha512-36yxDn5H7OFZQla0/jFJmbIKTdZAQHngCedGxiMmpNfEZM0sdEeT+WczLQrjK6D7o2aiyLYDnkw0R3JK0Qv1RQ==" + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.0.tgz", + "integrity": "sha512-noqGuLw158+DuD9UPRKHpJ2hGxpFyDlYYrfM0mWt4XhT4n0lwzTLh70Tkdyy4kyTmyTT9Bv7bWAJqw7cgkEXDg==" }, "node_modules/fn.name": { "version": "1.1.0", @@ -19685,9 +19685,9 @@ } }, "flatted": { - "version": "3.2.9", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.9.tgz", - "integrity": "sha512-36yxDn5H7OFZQla0/jFJmbIKTdZAQHngCedGxiMmpNfEZM0sdEeT+WczLQrjK6D7o2aiyLYDnkw0R3JK0Qv1RQ==" + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.0.tgz", + "integrity": "sha512-noqGuLw158+DuD9UPRKHpJ2hGxpFyDlYYrfM0mWt4XhT4n0lwzTLh70Tkdyy4kyTmyTT9Bv7bWAJqw7cgkEXDg==" }, "fn.name": { "version": "1.1.0", diff --git a/package.json b/package.json index ffd43d2..455048a 100644 --- a/package.json +++ b/package.json @@ -37,7 +37,7 @@ "express": "^4.17.1", "express-session": "^1.17.3", "express-winston": "^3.4.0", - "flatted": "^3.2.9", + "flatted": "^3.3.0", "json2csv": "^5.0.7", "jsonwebtoken": "^8.5.1", "lodash": "^4.17.21", From da4191033496eaed16f463c835bf25ffd874e1ce Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 27 Mar 2024 04:23:02 +0000 Subject: [PATCH 6/6] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-EXPRESS-6474509 --- package-lock.json | 161 +++++++--------------------------------------- package.json | 2 +- 2 files changed, 26 insertions(+), 137 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2761085..3ef2ab0 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,7 +16,7 @@ "clone-deep": "^4.0.1", "cors": "^2.8.5", "cron": "^1.8.2", - "express": "^4.17.1", + "express": "^4.19.2", "express-session": "^1.17.3", "express-winston": "^3.4.0", "flatted": "^3.2.9", @@ -3260,18 +3260,6 @@ "node": ">= 0.8" } }, - "node_modules/body-parser/node_modules/type-is": { - "version": "1.6.18", - "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", - "integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==", - "dependencies": { - "media-typer": "0.3.0", - "mime-types": "~2.1.24" - }, - "engines": { - "node": ">= 0.6" - } - }, "node_modules/boolean": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/boolean/-/boolean-3.2.0.tgz", @@ -4931,16 +4919,16 @@ } }, "node_modules/express": { - "version": "4.18.2", - "resolved": "https://registry.npmjs.org/express/-/express-4.18.2.tgz", - "integrity": "sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==", + "version": "4.19.2", + "resolved": "https://registry.npmjs.org/express/-/express-4.19.2.tgz", + "integrity": "sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==", "dependencies": { "accepts": "~1.3.8", "array-flatten": "1.1.1", - "body-parser": "1.20.1", + "body-parser": "1.20.2", "content-disposition": "0.5.4", "content-type": "~1.0.4", - "cookie": "0.5.0", + "cookie": "0.6.0", "cookie-signature": "1.0.6", "debug": "2.6.9", "depd": "2.0.0", @@ -5039,33 +5027,10 @@ "winston": ">=3.x <4" } }, - "node_modules/express/node_modules/body-parser": { - "version": "1.20.1", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz", - "integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==", - "dependencies": { - "bytes": "3.1.2", - "content-type": "~1.0.4", - "debug": "2.6.9", - "depd": "2.0.0", - "destroy": "1.2.0", - "http-errors": "2.0.0", - "iconv-lite": "0.4.24", - "on-finished": "2.4.1", - "qs": "6.11.0", - "raw-body": "2.5.1", - "type-is": "~1.6.18", - "unpipe": "1.0.0" - }, - "engines": { - "node": ">= 0.8", - "npm": "1.2.8000 || >= 1.4.16" - } - }, "node_modules/express/node_modules/cookie": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.5.0.tgz", - "integrity": "sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==", + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", + "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==", "engines": { "node": ">= 0.6" } @@ -5143,20 +5108,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/express/node_modules/raw-body": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.1.tgz", - "integrity": "sha512-qqJBtEyVgS0ZmPGdCFPWJ3FreoqvG4MVQln/kCgF7Olq95IbOp0/BWyMwbdtn4VTvkM8Y7khCQ2Xgk/tcrCXig==", - "dependencies": { - "bytes": "3.1.2", - "http-errors": "2.0.0", - "iconv-lite": "0.4.24", - "unpipe": "1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, "node_modules/express/node_modules/safe-buffer": { "version": "5.2.1", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", @@ -5212,18 +5163,6 @@ "node": ">= 0.8" } }, - "node_modules/express/node_modules/type-is": { - "version": "1.6.18", - "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", - "integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==", - "dependencies": { - "media-typer": "0.3.0", - "mime-types": "~2.1.24" - }, - "engines": { - "node": ">= 0.6" - } - }, "node_modules/ext": { "version": "1.7.0", "resolved": "https://registry.npmjs.org/ext/-/ext-1.7.0.tgz", @@ -14425,13 +14364,12 @@ } }, "node_modules/type-is": { - "version": "1.6.16", - "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.16.tgz", - "integrity": "sha1-+JzjQVQcZysl7nrjxz3uOyvlAZQ=", - "dev": true, + "version": "1.6.18", + "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", + "integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==", "dependencies": { "media-typer": "0.3.0", - "mime-types": "~2.1.18" + "mime-types": "~2.1.24" }, "engines": { "node": ">= 0.6" @@ -17873,15 +17811,6 @@ "version": "2.0.1", "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==" - }, - "type-is": { - "version": "1.6.18", - "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", - "integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==", - "requires": { - "media-typer": "0.3.0", - "mime-types": "~2.1.24" - } } } }, @@ -19219,16 +19148,16 @@ } }, "express": { - "version": "4.18.2", - "resolved": "https://registry.npmjs.org/express/-/express-4.18.2.tgz", - "integrity": "sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==", + "version": "4.19.2", + "resolved": "https://registry.npmjs.org/express/-/express-4.19.2.tgz", + "integrity": "sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==", "requires": { "accepts": "~1.3.8", "array-flatten": "1.1.1", - "body-parser": "1.20.1", + "body-parser": "1.20.2", "content-disposition": "0.5.4", "content-type": "~1.0.4", - "cookie": "0.5.0", + "cookie": "0.6.0", "cookie-signature": "1.0.6", "debug": "2.6.9", "depd": "2.0.0", @@ -19256,29 +19185,10 @@ "vary": "~1.1.2" }, "dependencies": { - "body-parser": { - "version": "1.20.1", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz", - "integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==", - "requires": { - "bytes": "3.1.2", - "content-type": "~1.0.4", - "debug": "2.6.9", - "depd": "2.0.0", - "destroy": "1.2.0", - "http-errors": "2.0.0", - "iconv-lite": "0.4.24", - "on-finished": "2.4.1", - "qs": "6.11.0", - "raw-body": "2.5.1", - "type-is": "~1.6.18", - "unpipe": "1.0.0" - } - }, "cookie": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.5.0.tgz", - "integrity": "sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==" + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", + "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==" }, "depd": { "version": "2.0.0", @@ -19328,17 +19238,6 @@ "side-channel": "^1.0.4" } }, - "raw-body": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.1.tgz", - "integrity": "sha512-qqJBtEyVgS0ZmPGdCFPWJ3FreoqvG4MVQln/kCgF7Olq95IbOp0/BWyMwbdtn4VTvkM8Y7khCQ2Xgk/tcrCXig==", - "requires": { - "bytes": "3.1.2", - "http-errors": "2.0.0", - "iconv-lite": "0.4.24", - "unpipe": "1.0.0" - } - }, "safe-buffer": { "version": "5.2.1", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", @@ -19373,15 +19272,6 @@ "version": "2.0.1", "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==" - }, - "type-is": { - "version": "1.6.18", - "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", - "integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==", - "requires": { - "media-typer": "0.3.0", - "mime-types": "~2.1.24" - } } } }, @@ -26683,13 +26573,12 @@ "dev": true }, "type-is": { - "version": "1.6.16", - "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.16.tgz", - "integrity": "sha1-+JzjQVQcZysl7nrjxz3uOyvlAZQ=", - "dev": true, + "version": "1.6.18", + "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", + "integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==", "requires": { "media-typer": "0.3.0", - "mime-types": "~2.1.18" + "mime-types": "~2.1.24" } }, "typedarray-to-buffer": { diff --git a/package.json b/package.json index ffd43d2..33cdfd0 100644 --- a/package.json +++ b/package.json @@ -34,7 +34,7 @@ "clone-deep": "^4.0.1", "cors": "^2.8.5", "cron": "^1.8.2", - "express": "^4.17.1", + "express": "^4.19.2", "express-session": "^1.17.3", "express-winston": "^3.4.0", "flatted": "^3.2.9",