From 07953dc82da7887fab65b8415ae9d059edd98051 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 19 Jul 2025 09:30:14 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 --- package-lock.json | 30 +++++++++++++++--------------- package.json | 4 ++-- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/package-lock.json b/package-lock.json index 64dfcb9..3292cf9 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "toolkeeper", - "version": "1.3.0", + "version": "2.0.1", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "toolkeeper", - "version": "1.3.0", + "version": "2.0.1", "dependencies": { "@lemonsqueezy/lemonsqueezy.js": "^4.0.0", "@tailwindcss/typography": "^0.5.16", @@ -26,7 +26,7 @@ "express-flash": "^0.0.2", "express-handlebars": "^8.0.1", "express-rate-limit": "^7.5.0", - "express-session": "^1.18.1", + "express-session": "^1.18.2", "fs": "0.0.1-security", "handlebars-helpers": "^0.10.0", "handlebars-paginate": "^0.1.0", @@ -35,7 +35,7 @@ "mongodb-memory-server": "^10.1.3", "mongoose": "^8.9.5", "mongoose-autopopulate": "^1.1.0", - "morgan": "^1.10.0", + "morgan": "^1.10.1", "nodemailer": "^6.9.16", "passport": "^0.7.0", "passport-local": "^1.0.0", @@ -2315,16 +2315,16 @@ } }, "node_modules/express-session": { - "version": "1.18.1", - "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.18.1.tgz", - "integrity": "sha512-a5mtTqEaZvBCL9A9aqkrtfz+3SMDhOVUnjafjo+s7A9Txkq+SVX2DLvSp1Zrv4uCXa3lMSK3viWnh9Gg07PBUA==", + "version": "1.18.2", + "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.18.2.tgz", + "integrity": "sha512-SZjssGQC7TzTs9rpPDuUrR23GNZ9+2+IkA/+IJWmvQilTr5OSliEHGF+D9scbIpdC6yGtTI0/VhaHoVes2AN/A==", "license": "MIT", "dependencies": { "cookie": "0.7.2", "cookie-signature": "1.0.7", "debug": "2.6.9", "depd": "~2.0.0", - "on-headers": "~1.0.2", + "on-headers": "~1.1.0", "parseurl": "~1.3.3", "safe-buffer": "5.2.1", "uid-safe": "~2.1.5" @@ -4485,16 +4485,16 @@ "license": "MIT" }, "node_modules/morgan": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.0.tgz", - "integrity": "sha512-AbegBVI4sh6El+1gNwvD5YIck7nSA36weD7xvIxG4in80j/UoK8AEGaWnnz8v1GxonMCltmlNs5ZKbGvl9b1XQ==", + "version": "1.10.1", + "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.1.tgz", + "integrity": "sha512-223dMRJtI/l25dJKWpgij2cMtywuG/WiUKXdvwfbhGKBhy1puASqXwFzmWZ7+K73vUPoR7SS2Qz2cI/g9MKw0A==", "license": "MIT", "dependencies": { "basic-auth": "~2.0.1", "debug": "2.6.9", "depd": "~2.0.0", "on-finished": "~2.3.0", - "on-headers": "~1.0.2" + "on-headers": "~1.1.0" }, "engines": { "node": ">= 0.8.0" @@ -5006,9 +5006,9 @@ } }, "node_modules/on-headers": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz", - "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.1.0.tgz", + "integrity": "sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A==", "license": "MIT", "engines": { "node": ">= 0.8" diff --git a/package.json b/package.json index bb80ec6..7a6b927 100644 --- a/package.json +++ b/package.json @@ -41,7 +41,7 @@ "express-flash": "^0.0.2", "express-handlebars": "^8.0.1", "express-rate-limit": "^7.5.0", - "express-session": "^1.18.1", + "express-session": "^1.18.2", "fs": "0.0.1-security", "handlebars-helpers": "^0.10.0", "handlebars-paginate": "^0.1.0", @@ -50,7 +50,7 @@ "mongodb-memory-server": "^10.1.3", "mongoose": "^8.9.5", "mongoose-autopopulate": "^1.1.0", - "morgan": "^1.10.0", + "morgan": "^1.10.1", "nodemailer": "^6.9.16", "passport": "^0.7.0", "passport-local": "^1.0.0",