From cd05803a62df7d11632f7f86c4f88a9d4392dd65 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 30 Dec 2025 16:22:23 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-QS-14724253
---
 package.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package.json b/package.json
index eeccd98fb98..f218805f999 100644
--- a/package.json
+++ b/package.json
@@ -18,7 +18,7 @@
   "dependencies": {
     "@snyk/nodejs-runtime-agent": "^1.31.0",
     "adm-zip": "0.4.7",
-    "body-parser": "1.9.0",
+    "body-parser": "1.20.4",
     "cfenv": "^1.0.4",
     "consolidate": "0.14.5",
     "cookie-parser": "1.3.3",
@@ -27,7 +27,7 @@
     "ejs": "1.0.0",
     "ejs-locals": "1.0.2",
     "errorhandler": "1.2.0",
-    "express": "4.12.4",
+    "express": "4.22.0",
     "express-fileupload": "0.0.5",
     "file-type": "^8.1.0",
     "humanize-ms": "1.0.1",
@@ -42,7 +42,7 @@
     "optional": "^0.1.3",
     "st": "0.2.4",
     "stream-buffers": "^3.0.1",
-    "tap": "^5.7.0"
+    "tap": "^18.0.0"
   },
   "devDependencies": {
     "browserify": "^13.1.1"