From 2527ff665ddc21ceb20e9ded65a52395a1e250b6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 15 Nov 2023 14:32:50 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BSON-6056525 --- package-lock.json | 69 +++++++++++++++++++++-------------------------- package.json | 2 +- 2 files changed, 32 insertions(+), 39 deletions(-) diff --git a/package-lock.json b/package-lock.json index f8b870f..747d832 100644 --- a/package-lock.json +++ b/package-lock.json @@ -198,9 +198,9 @@ } }, "bson": { - "version": "1.0.9", - "resolved": "https://registry.npmjs.org/bson/-/bson-1.0.9.tgz", - "integrity": "sha512-IQX9/h7WdMBIW/q/++tGd+emQr0XMdeZ6icnT/74Xk9fnabWn+gZgpE+9V+gujL3hhJOoNrnDVY7tWdzc7NUTg==" + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/bson/-/bson-1.1.6.tgz", + "integrity": "sha512-EvVNVeGo4tHxwi8L6bPj3y3itEvStdwvvlojVxxbyYfoaxJ6keLgrTuKdyfEAszFK+H3olzBuafE0yoh0D1gdg==" }, "bytes": { "version": "3.0.0", @@ -1041,9 +1041,9 @@ "dev": true }, "kareem": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.2.1.tgz", - "integrity": "sha512-xpDFy8OxkFM+vK6pXy6JmH92ibeEFUuDWzas5M9L7MzVmHW3jzwAHxodCPV/BYkf4A31bVDLyonrMfp9RXb/oA==" + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.3.0.tgz", + "integrity": "sha512-6hHxsp9e6zQU8nXsP+02HGWXwTkOEw6IROhF2ZA28cYbUk4eJ6QbtZvdqZOdD9YPKghG3apk5eOCvs+tLl3lRg==" }, "levn": { "version": "0.3.0", @@ -1063,7 +1063,7 @@ "lodash.get": { "version": "4.4.2", "resolved": "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz", - "integrity": "sha1-LRd/ZS+jHpObRDjVNBSZ36OCXpk=" + "integrity": "sha512-z+Uw/vLuy6gQe8cfaFWD7p0wVv8fJl3mbzXh33RS+0oW2wvUqiRXiQ69gLWSLpgB5/6sU+r6BlQR0MBILadqTQ==" }, "media-typer": { "version": "0.3.0", @@ -1071,9 +1071,9 @@ "integrity": "sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=" }, "memory-pager": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/memory-pager/-/memory-pager-1.4.0.tgz", - "integrity": "sha512-ycuyV5gKpZln7HB/A11wCpAxEY9VQ2EhYU1F56pUAxvmj6OyOHtB9tkLLjAyFsPdghSP2S3Ujk3aYJCusgiMZg==", + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/memory-pager/-/memory-pager-1.5.0.tgz", + "integrity": "sha512-ZS4Bp4r/Zoeq6+NLJpP+0Zzm0pR8whtGPf1XExKLJBAczGMnSi3It14OiNCStjQjM6NU1okjQGSxgEZN8eBYKg==", "optional": true }, "merge-descriptors": { @@ -1135,43 +1135,36 @@ } }, "mongodb": { - "version": "3.1.4", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.1.4.tgz", - "integrity": "sha512-BGUxo4a/p5KtZpOn6+z6iZXTHfDxKDvibHQap9uMJqQouwoszvTIO/QbVZkaSX3Spny0jtTEeHc0FwfpGbtEzA==", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.1.8.tgz", + "integrity": "sha512-yNKwYxQ6m00NV6+pMoWoheFTHSQVv1KkSrfOhRDYMILGWDYtUtQRqHrFqU75rmPIY8hMozVft8zdC4KYMWaM3Q==", "requires": { - "mongodb-core": "3.1.3", + "mongodb-core": "3.1.7", "safe-buffer": "^5.1.2" } }, "mongodb-core": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-3.1.3.tgz", - "integrity": "sha512-dISiV3zHGJTwZpg0xDhi9zCqFGMhA5kDPByHlcaEp09NSKfzHJ7XQbqVrL7qhki1U9PZHsmRfbFzco+6b1h2wA==", + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-3.1.7.tgz", + "integrity": "sha512-YffpSrLmgFNmrvkGx+yX00KyBNk64C0BalfEn6vHHkXtcMUGXw8nxrMmhq5eXPLLlYeBpD/CsgNxE2Chf0o4zQ==", "requires": { "bson": "^1.1.0", "require_optional": "^1.0.1", "safe-buffer": "^5.1.2", "saslprep": "^1.0.0" - }, - "dependencies": { - "bson": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/bson/-/bson-1.1.0.tgz", - "integrity": "sha512-9Aeai9TacfNtWXOYarkFJRW2CWo+dRon+fuLZYJmvLV3+MiUp0bEI6IAZfXEIg7/Pl/7IWlLaDnhzTsD81etQA==" - } } }, "mongoose": { - "version": "5.2.12", - "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.2.12.tgz", - "integrity": "sha512-yfQw4lbci12DvQrnc25DmP/g74vjhus5SaCliP5sbbzIIJPpeU1F3xscb4uPX26ygjPkl/NzppS65rILNv20Bg==", + "version": "5.3.9", + "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.3.9.tgz", + "integrity": "sha512-FbCW2qCptfPW/ltRwgqKpPCK113WTIhZDnn+0L0hO2XoX9Yp4LuIP0Nab7eBK+TsiIXWZAvzKhnnUKElTbl5ow==", "requires": { "async": "2.6.1", - "bson": "~1.0.5", - "kareem": "2.2.1", + "bson": "~1.1.0", + "kareem": "2.3.0", "lodash.get": "4.4.2", - "mongodb": "3.1.4", - "mongodb-core": "3.1.3", + "mongodb": "3.1.8", + "mongodb-core": "3.1.7", "mongoose-legacy-pluralize": "1.0.2", "mpath": "0.5.1", "mquery": "3.2.0", @@ -1478,7 +1471,7 @@ "regexp-clone": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/regexp-clone/-/regexp-clone-0.0.1.tgz", - "integrity": "sha1-p8LgmJH9vzj7sQ03b7cwA+aKxYk=" + "integrity": "sha512-tfYXF0HXEYh3AtgdjqNLQ8+tmZSAKIS7KtOjmB1laJgfbsi+Lf2RVNwLZVOE3U27yBXikzQuIXglLlakvb8Thw==" }, "regexpp": { "version": "2.0.1", @@ -1516,7 +1509,7 @@ "resolve-from": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-2.0.0.tgz", - "integrity": "sha1-lICrIOlP+h2egKgEx+oUdhGWa1c=" + "integrity": "sha512-qpFcKaXsq8+oRoLilkwyc7zHGF5i9Q2/25NIgLQQ/+VVv9rU4qvr6nXVAw1DsnXJyQkZsR4Ytfbtg5ehfcUssQ==" }, "restore-cursor": { "version": "2.0.0", @@ -1566,9 +1559,9 @@ "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" }, "saslprep": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/saslprep/-/saslprep-1.0.2.tgz", - "integrity": "sha512-4cDsYuAjXssUSjxHKRe4DTZC0agDwsCqcMqtJAQPzC74nJ7LfAJflAtC1Zed5hMzEQKj82d3tuzqdGNRsLJ4Gw==", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/saslprep/-/saslprep-1.0.3.tgz", + "integrity": "sha512-/MY/PEMbk2SuY5sScONwhUDsV2p77Znkb/q3nSVstq/yQzYJOH/Azh29p9oJLsl3LnQwSvZDKagDGBsBwSooag==", "optional": true, "requires": { "sparse-bitfield": "^3.0.3" @@ -1665,12 +1658,12 @@ "sliced": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/sliced/-/sliced-1.0.1.tgz", - "integrity": "sha1-CzpmK10Ewxd7GSa+qCsD+Dei70E=" + "integrity": "sha512-VZBmZP8WU3sMOZm1bdgTadsQbcscK0UM8oKxKVBs4XAhUo2Xxzm/OFMGBkPusxw9xL3Uy8LrzEqGqJhclsr0yA==" }, "sparse-bitfield": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/sparse-bitfield/-/sparse-bitfield-3.0.3.tgz", - "integrity": "sha1-/0rm5oZWBWuks+eSqzM004JzyhE=", + "integrity": "sha512-kvzhi7vqKTfkh0PZU+2D2PIllw2ymqJKujUcyPMd9Y75Nv4nPbGJZXNhxsgdQab2BmlDct1YnfQCguEvHr7VsQ==", "optional": true, "requires": { "memory-pager": "^1.0.2" diff --git a/package.json b/package.json index 0816eba..c650d9a 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "ejs": "^2.5.7", "express": "^4.16.0", "express-session": "^1.15.6", - "mongoose": "^5.2.12", + "mongoose": "^5.3.9", "nodemailer": "^4.1.1", "passport": "^0.4.0", "passport-local": "^1.0.0",