[Snyk] Fix for 2 vulnerabilities

[DaveLuhman]

Snyk has created this PR to fix 2 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json
• package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8623536	721
	Improper Input Validation SNYK-JS-NANOID-8492085	529

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Improper Neutralization of Special Elements in Data Query Logic
🦉 Improper Input Validation

Summary by Sourcery

Upgrade Mongoose from 8.8.2 to 8.9.5 and PostCSS from 8.4.41 to 8.5.0 to address two vulnerabilities: Improper Neutralization of Special Elements in Data Query Logic (SNYK-JS-MONGOOSE-8623536) and Improper Input Validation (SNYK-JS-NANOID-8492085).

Bug Fixes:

• Fix Improper Neutralization of Special Elements in Data Query Logic (SNYK-JS-MONGOOSE-8623536).
• Fix Improper Input Validation (SNYK-JS-NANOID-8492085).

---

This change is 

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request upgrades two npm dependencies, mongoose and postcss, to address identified vulnerabilities. The changes include modifications to both package.json and package-lock.json to reflect the updated versions.

Flow diagram of security vulnerability fixes

flowchart TD
    A[Initial State] --> B{Vulnerabilities}
    B -->|High Severity| C[Mongoose: Query Logic Vulnerability]
    B -->|Medium Severity| D[Nanoid: Input Validation]
    C --> E[Upgrade mongoose to v8.9.5]
    D --> F[Upgrade postcss to v8.5.0]
    E & F --> G[Vulnerabilities Fixed]
    style C fill:#ff6b6b
    style D fill:#ffd93d
    style G fill:#90EE90

Loading

File-Level Changes

Change	Details	Files
Upgraded mongoose dependency to address a high severity vulnerability.	Updated mongoose from version 8.8.2 to 8.9.5 in package.json. Updated mongoose version in package-lock.json.	package.json package-lock.json
Upgraded postcss dependency to address a medium severity vulnerability.	Updated postcss from version 8.4.41 to 8.5.0 in package.json. Updated postcss version in package-lock.json.	package.json package-lock.json

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time. You can also use
  this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

We have skipped reviewing this pull request. It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!