From e003ae6fc86e360022b7c59d9c67a12e2a29bc31 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 7 May 2025 08:43:17 +0000
Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106
---
 package.json | 2 +-
 yarn.lock    | 9 ++++-----
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/package.json b/package.json
index 05c3436..ff09ac7 100644
--- a/package.json
+++ b/package.json
@@ -42,7 +42,7 @@
     "sequelize": "^3.30.4",
     "source-map-support": "^0.4.14",
     "sqlite3": "^3.1.8",
-    "universal-router": "^3.0.0",
+    "universal-router": "^10.0.0",
     "whatwg-fetch": "^2.0.3"
   },
   "devDependencies": {
diff --git a/yarn.lock b/yarn.lock
index 4e1fc7c..b577e34 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -6995,11 +6995,10 @@ uniqs@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/uniqs/-/uniqs-2.0.0.tgz#ffede4b36b25290696e6e165d4a59edb998e6b02"
 
-universal-router@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/universal-router/-/universal-router-3.0.0.tgz#f65f22ec284e4e44fb33f6c6070c8ca5fc7f46a3"
-  dependencies:
-    path-to-regexp "^1.7.0"
+universal-router@^10.0.0:
+  version "10.0.0"
+  resolved "https://registry.yarnpkg.com/universal-router/-/universal-router-10.0.0.tgz#3570274b392ca6890a2af4a4693824aff70a371d"
+  integrity sha512-0PQtaTEr39V3zBVRdqrdGzZrV3cC0HWSa1t9BpQlh2ZKRQVJb6IablVWpIthvpyGDJNWfKhaX2bRPUhnrU/uVQ==
 
 unpipe@1.0.0, unpipe@~1.0.0:
   version "1.0.0"