From dbed23d2c14311606677841fdc868188440377d3 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 5 Sep 2024 22:30:09 +0000
Subject: [PATCH] fix: components/server/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2407770
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2401205
- https://snyk.io/vuln/SNYK-JS-QS-3153490
- https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6444610
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
- https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137
- https://snyk.io/vuln/SNYK-JS-OCTOKITWEBHOOKS-6129527
- https://snyk.io/vuln/SNYK-JS-EVENTSOURCE-2823375
- https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180026
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2412697
- https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180022
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2407759
- https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180024
- https://snyk.io/vuln/SNYK-JS-GRPCGRPCJS-7242922
- https://snyk.io/vuln/SNYK-JS-UGLIFYJS-1727251
---
 components/server/package.json | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/components/server/package.json b/components/server/package.json
index c781ee9f336e6d..2e0c881aa44737 100644
--- a/components/server/package.json
+++ b/components/server/package.json
@@ -35,7 +35,7 @@
     "/src"
   ],
   "dependencies": {
-    "@authzed/authzed-node": "^0.10.0",
+    "@authzed/authzed-node": "^0.16.0",
     "@bufbuild/connect": "^0.8.1",
     "@bufbuild/connect-express": "^0.8.1",
     "@gitbeaker/node": "^35.7.0",
@@ -50,11 +50,11 @@
     "@gitpod/usage-api": "0.1.5",
     "@gitpod/ws-manager": "0.1.5",
     "@improbable-eng/grpc-web-node-http-transport": "^0.14.0",
-    "@jmondi/oauth2-server": "^2.6.1",
+    "@jmondi/oauth2-server": "^3.1.0",
     "@octokit/rest": "18.6.1",
     "@probot/get-private-key": "^1.1.1",
     "@types/jaeger-client": "^3.18.3",
-    "amqplib": "^0.8.0",
+    "amqplib": "^0.9.0",
     "base-64": "^1.0.0",
     "bitbucket": "^2.7.0",
     "body-parser": "^1.19.2",
@@ -71,10 +71,10 @@
     "google-protobuf": "^3.19.1",
     "inversify": "^6.0.1",
     "ioredis": "^5.3.2",
-    "ioredis-mock": "^8.7.0",
+    "ioredis-mock": "^8.8.0",
     "js-yaml": "^3.10.0",
     "json-stream": "^1.0.0",
-    "jsonwebtoken": "^9.0.0",
+    "jsonwebtoken": "^9.0.2",
     "lodash.debounce": "^4.0.8",
     "longjohn": "^0.2.12",
     "nice-grpc-client-middleware-retry": "^2.0.1",
@@ -85,13 +85,13 @@
     "passport-dummy": "^0.0.1",
     "passport-gitlab2": "5.0.0",
     "passport-http": "^0.3.0",
-    "probot": "12.1.1",
+    "probot": "13.0.0",
     "prom-client": "^13.2.0",
     "rate-limiter-flexible": "^2.3.6",
     "redlock": "^5.0.0-beta.2",
     "reflect-metadata": "^0.1.10",
     "stripe": "^9.0.0",
-    "twilio": "^3.78.0",
+    "twilio": "^5.0.4",
     "uuid": "^8.3.2",
     "vscode-ws-jsonrpc": "^0.2.0",
     "ws": "^7.4.6"