From feb91f2ebf40972e7c18fd07c8ae13f063dc88c9 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 30 Aug 2023 15:35:51 +0100
Subject: [PATCH 1/2] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MONGODB-5871303
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 7b5730d..9ba2808 100644
--- a/package.json
+++ b/package.json
@@ -23,7 +23,7 @@
   "dependencies": {
     "dotenv": "^16.0.3",
     "express": "^4.18.2",
-    "mongodb": "^5.2.0",
+    "mongodb": "^5.8.0",
     "stream-json": "^1.8.0",
     "winston": "^3.9.0"
   },

From c58bdfbc98c6066cc4ead579c0ccd94876d18bda Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 30 Aug 2023 15:35:53 +0100
Subject: [PATCH 2/2] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MONGODB-5871303
---
 package-lock.json | 60 +++++++++++++++++++++++++++++++++++++----------
 1 file changed, 47 insertions(+), 13 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index a61c65c..3513ec2 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -11,7 +11,7 @@
       "dependencies": {
         "dotenv": "^16.0.3",
         "express": "^4.18.2",
-        "mongodb": "^5.2.0",
+        "mongodb": "^5.8.0",
         "stream-json": "^1.8.0",
         "winston": "^3.9.0"
       },
@@ -2140,6 +2140,15 @@
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/@mongodb-js/saslprep": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/@mongodb-js/saslprep/-/saslprep-1.1.0.tgz",
+      "integrity": "sha512-Xfijy7HvfzzqiOAhAepF4SGN5e9leLkMvg/OPOF97XemjfVCYN/oWa75wnkc6mltMSTwY+XlbhWgUOJmkFspSw==",
+      "optional": true,
+      "dependencies": {
+        "sparse-bitfield": "^3.0.3"
+      }
+    },
     "node_modules/@nodelib/fs.scandir": {
       "version": "2.1.5",
       "dev": true,
@@ -3227,8 +3236,9 @@
       }
     },
     "node_modules/bson": {
-      "version": "5.2.0",
-      "license": "Apache-2.0",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/bson/-/bson-5.4.0.tgz",
+      "integrity": "sha512-WRZ5SQI5GfUuKnPTNmAYPiKIof3ORXAF4IRU5UcgmivNIon01rWQlw5RUH954dpu8yGL8T59YShVddIPaU/gFA==",
       "engines": {
         "node": ">=14.20.1"
       }
@@ -5725,10 +5735,11 @@
       }
     },
     "node_modules/mongodb": {
-      "version": "5.2.0",
-      "license": "Apache-2.0",
+      "version": "5.8.0",
+      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-5.8.0.tgz",
+      "integrity": "sha512-xx4CXmxcj3bNe7iGBlhntVrUqrNARYhUZteXaz4epEESv4oXD/FONAovcyoCaEffdYlw25Yz284OxMfpnPLlgQ==",
       "dependencies": {
-        "bson": "^5.2.0",
+        "bson": "^5.4.0",
         "mongodb-connection-string-url": "^2.6.0",
         "socks": "^2.7.1"
       },
@@ -5736,17 +5747,25 @@
         "node": ">=14.20.1"
       },
       "optionalDependencies": {
-        "saslprep": "^1.0.3"
+        "@mongodb-js/saslprep": "^1.1.0"
       },
       "peerDependencies": {
-        "@aws-sdk/credential-providers": "^3.201.0",
-        "mongodb-client-encryption": "^2.3.0",
+        "@aws-sdk/credential-providers": "^3.188.0",
+        "@mongodb-js/zstd": "^1.0.0",
+        "kerberos": "^1.0.0 || ^2.0.0",
+        "mongodb-client-encryption": ">=2.3.0 <3",
         "snappy": "^7.2.2"
       },
       "peerDependenciesMeta": {
         "@aws-sdk/credential-providers": {
           "optional": true
         },
+        "@mongodb-js/zstd": {
+          "optional": true
+        },
+        "kerberos": {
+          "optional": true
+        },
         "mongodb-client-encryption": {
           "optional": true
         },
@@ -6591,6 +6610,7 @@
     },
     "node_modules/saslprep": {
       "version": "1.0.3",
+      "dev": true,
       "license": "MIT",
       "optional": true,
       "dependencies": {
@@ -9070,6 +9090,15 @@
         }
       }
     },
+    "@mongodb-js/saslprep": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/@mongodb-js/saslprep/-/saslprep-1.1.0.tgz",
+      "integrity": "sha512-Xfijy7HvfzzqiOAhAepF4SGN5e9leLkMvg/OPOF97XemjfVCYN/oWa75wnkc6mltMSTwY+XlbhWgUOJmkFspSw==",
+      "optional": true,
+      "requires": {
+        "sparse-bitfield": "^3.0.3"
+      }
+    },
     "@nodelib/fs.scandir": {
       "version": "2.1.5",
       "dev": true,
@@ -9790,7 +9819,9 @@
       }
     },
     "bson": {
-      "version": "5.2.0"
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/bson/-/bson-5.4.0.tgz",
+      "integrity": "sha512-WRZ5SQI5GfUuKnPTNmAYPiKIof3ORXAF4IRU5UcgmivNIon01rWQlw5RUH954dpu8yGL8T59YShVddIPaU/gFA=="
     },
     "buffer": {
       "version": "5.7.1",
@@ -11373,11 +11404,13 @@
       }
     },
     "mongodb": {
-      "version": "5.2.0",
+      "version": "5.8.0",
+      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-5.8.0.tgz",
+      "integrity": "sha512-xx4CXmxcj3bNe7iGBlhntVrUqrNARYhUZteXaz4epEESv4oXD/FONAovcyoCaEffdYlw25Yz284OxMfpnPLlgQ==",
       "requires": {
-        "bson": "^5.2.0",
+        "@mongodb-js/saslprep": "^1.1.0",
+        "bson": "^5.4.0",
         "mongodb-connection-string-url": "^2.6.0",
-        "saslprep": "^1.0.3",
         "socks": "^2.7.1"
       }
     },
@@ -11865,6 +11898,7 @@
     },
     "saslprep": {
       "version": "1.0.3",
+      "dev": true,
       "optional": true,
       "requires": {
         "sparse-bitfield": "^3.0.3"