From 9416e11bbcef723c81680f33bff7d69bb7ae3d22 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 18 Jul 2023 02:34:59 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MONGOOSE-5777721 --- package-lock.json | 84 ++++++++++++++++++++--------------------------- package.json | 2 +- 2 files changed, 37 insertions(+), 49 deletions(-) diff --git a/package-lock.json b/package-lock.json index c73bab2..12e7dc3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -33,7 +33,7 @@ "express": "^4.17.3", "html5-qrcode": "^2.2.1", "mongodb": "^4.5.0", - "mongoose": "^6.4.0", + "mongoose": "^6.11.3", "net": "^1.0.2", "react": "^17.0.2", "react-announcement-bar": "^0.0.1", @@ -15890,9 +15890,9 @@ } }, "node_modules/bson": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/bson/-/bson-4.7.0.tgz", - "integrity": "sha512-VrlEE4vuiO1WTpfof4VmaVolCVYkYTgB9iWgYNOrVlnifpME/06fhFRmONgBhClD5pFC1t9ZWqFUQEQAzY43bA==", + "version": "4.7.2", + "resolved": "https://registry.npmjs.org/bson/-/bson-4.7.2.tgz", + "integrity": "sha512-Ry9wCtIZ5kGqkJoi6aD8KjxFZEx78guTQDnpXWiNthsxzrxAK/i8E6pCHAIZTbaEFWcOCvbecMukfK7XUvyLpQ==", "dependencies": { "buffer": "^5.6.0" }, @@ -18079,14 +18079,6 @@ "optional": true, "peer": true }, - "node_modules/denque": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/denque/-/denque-2.1.0.tgz", - "integrity": "sha512-HVQE3AAb/pxF8fQAoiqpvg9i3evqug3hoiwakOyZAwJm+6vZehbkYXZ0l4JxS+I3QxM97v5aaRNhj8v5oBhekw==", - "engines": { - "node": ">=0.10" - } - }, "node_modules/depd": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", @@ -27733,9 +27725,12 @@ "integrity": "sha512-UfpWE/VZn0iP50d8cz9NrZLM9lSWhcJ+0Gt/nm4by88UL+J1SiKN8/5dkjMmbEzwL2CAe+67GsegCbIKtbp75A==" }, "node_modules/kareem": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.4.1.tgz", - "integrity": "sha512-aJ9opVoXroQUPfovYP5kaj2lM7Jn02Gw13bL0lg9v0V7SaUc0qavPs0Eue7d2DcC3NjqI6QAUElXNsuZSeM+EA==" + "version": "2.5.1", + "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.5.1.tgz", + "integrity": "sha512-7jFxRVm+jD+rkq3kY0iZDJfsO2/t4BBPeEb2qKn2lR/9KhuksYk5hxzfRYWMPV8P/x2d0kHD306YyWLzjjH+uA==", + "engines": { + "node": ">=12.0.0" + } }, "node_modules/keccak": { "version": "3.0.2", @@ -29163,12 +29158,11 @@ } }, "node_modules/mongodb": { - "version": "4.11.0", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-4.11.0.tgz", - "integrity": "sha512-9l9n4Nk2BYZzljW3vHah3Z0rfS5npKw6ktnkmFgTcnzaXH1DRm3pDl6VMHu84EVb1lzmSaJC4OzWZqTkB5i2wg==", + "version": "4.16.0", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-4.16.0.tgz", + "integrity": "sha512-0EB113Fsucaq1wsY0dOhi1fmZOwFtLOtteQkiqOXGklvWMnSH3g2QS53f0KTP+/6qOkuoXE2JksubSZNmxeI+g==", "dependencies": { - "bson": "^4.7.0", - "denque": "^2.1.0", + "bson": "^4.7.2", "mongodb-connection-string-url": "^2.5.4", "socks": "^2.7.1" }, @@ -29221,13 +29215,13 @@ } }, "node_modules/mongoose": { - "version": "6.7.4", - "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-6.7.4.tgz", - "integrity": "sha512-0LWMrOa5U43cR3I/iRPnmyedoa6T8+QPxmFYdPgx4WAS0CdbSbOzAFSKeU6bndUY6cs4VkxKZGcuDM0twystCg==", + "version": "6.11.3", + "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-6.11.3.tgz", + "integrity": "sha512-M1Y5PjttgV51YDa30u7GVMVypQSlNZF/jUhlzTBAmaz5C9FvOr8eih/VLhhO7xtTSlcVTFQS1dqlQNMbtfUowQ==", "dependencies": { - "bson": "^4.7.0", - "kareem": "2.4.1", - "mongodb": "4.11.0", + "bson": "^4.7.2", + "kareem": "2.5.1", + "mongodb": "4.16.0", "mpath": "0.9.0", "mquery": "4.0.3", "ms": "2.1.3", @@ -52248,9 +52242,9 @@ } }, "bson": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/bson/-/bson-4.7.0.tgz", - "integrity": "sha512-VrlEE4vuiO1WTpfof4VmaVolCVYkYTgB9iWgYNOrVlnifpME/06fhFRmONgBhClD5pFC1t9ZWqFUQEQAzY43bA==", + "version": "4.7.2", + "resolved": "https://registry.npmjs.org/bson/-/bson-4.7.2.tgz", + "integrity": "sha512-Ry9wCtIZ5kGqkJoi6aD8KjxFZEx78guTQDnpXWiNthsxzrxAK/i8E6pCHAIZTbaEFWcOCvbecMukfK7XUvyLpQ==", "requires": { "buffer": "^5.6.0" }, @@ -53869,11 +53863,6 @@ "optional": true, "peer": true }, - "denque": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/denque/-/denque-2.1.0.tgz", - "integrity": "sha512-HVQE3AAb/pxF8fQAoiqpvg9i3evqug3hoiwakOyZAwJm+6vZehbkYXZ0l4JxS+I3QxM97v5aaRNhj8v5oBhekw==" - }, "depd": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", @@ -61201,9 +61190,9 @@ "integrity": "sha512-UfpWE/VZn0iP50d8cz9NrZLM9lSWhcJ+0Gt/nm4by88UL+J1SiKN8/5dkjMmbEzwL2CAe+67GsegCbIKtbp75A==" }, "kareem": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.4.1.tgz", - "integrity": "sha512-aJ9opVoXroQUPfovYP5kaj2lM7Jn02Gw13bL0lg9v0V7SaUc0qavPs0Eue7d2DcC3NjqI6QAUElXNsuZSeM+EA==" + "version": "2.5.1", + "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.5.1.tgz", + "integrity": "sha512-7jFxRVm+jD+rkq3kY0iZDJfsO2/t4BBPeEb2qKn2lR/9KhuksYk5hxzfRYWMPV8P/x2d0kHD306YyWLzjjH+uA==" }, "keccak": { "version": "3.0.2", @@ -62359,13 +62348,12 @@ "integrity": "sha512-0yuvsqSCv8LbaOKhnsQ/T5JhyFlCYLPXK3U2sgV10zoKQwzs/MyfuQUOZQ1V/6OCOJsK/TRgNVrPuPDqtdMFtA==" }, "mongodb": { - "version": "4.11.0", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-4.11.0.tgz", - "integrity": "sha512-9l9n4Nk2BYZzljW3vHah3Z0rfS5npKw6ktnkmFgTcnzaXH1DRm3pDl6VMHu84EVb1lzmSaJC4OzWZqTkB5i2wg==", + "version": "4.16.0", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-4.16.0.tgz", + "integrity": "sha512-0EB113Fsucaq1wsY0dOhi1fmZOwFtLOtteQkiqOXGklvWMnSH3g2QS53f0KTP+/6qOkuoXE2JksubSZNmxeI+g==", "requires": { "@aws-sdk/credential-providers": "^3.186.0", - "bson": "^4.7.0", - "denque": "^2.1.0", + "bson": "^4.7.2", "mongodb-connection-string-url": "^2.5.4", "saslprep": "^1.0.3", "socks": "^2.7.1" @@ -62405,13 +62393,13 @@ } }, "mongoose": { - "version": "6.7.4", - "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-6.7.4.tgz", - "integrity": "sha512-0LWMrOa5U43cR3I/iRPnmyedoa6T8+QPxmFYdPgx4WAS0CdbSbOzAFSKeU6bndUY6cs4VkxKZGcuDM0twystCg==", + "version": "6.11.3", + "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-6.11.3.tgz", + "integrity": "sha512-M1Y5PjttgV51YDa30u7GVMVypQSlNZF/jUhlzTBAmaz5C9FvOr8eih/VLhhO7xtTSlcVTFQS1dqlQNMbtfUowQ==", "requires": { - "bson": "^4.7.0", - "kareem": "2.4.1", - "mongodb": "4.11.0", + "bson": "^4.7.2", + "kareem": "2.5.1", + "mongodb": "4.16.0", "mpath": "0.9.0", "mquery": "4.0.3", "ms": "2.1.3", diff --git a/package.json b/package.json index 0c53d00..4b324d9 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "express": "^4.17.3", "html5-qrcode": "^2.2.1", "mongodb": "^4.5.0", - "mongoose": "^6.4.0", + "mongoose": "^6.11.3", "net": "^1.0.2", "react": "^17.0.2", "react-announcement-bar": "^0.0.1",