From a609ff2dfa74251e448825b8bb4a234b9b285677 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 12 Sep 2024 09:35:24 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106
- https://snyk.io/vuln/SNYK-JS-BODYPARSER-7926860
- https://snyk.io/vuln/SNYK-JS-EXPRESS-7926867
- https://snyk.io/vuln/SNYK-JS-SEND-7926862
- https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865
---
 package.json | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/package.json b/package.json
index d9ac19a..4b82bc4 100644
--- a/package.json
+++ b/package.json
@@ -6,7 +6,7 @@
   "dependencies": {
     "accepts": "^1.1.4",
     "after": "^0.8.1",
-    "body-parser": "^1.8.4",
+    "body-parser": "^1.20.3",
     "connect-redis": "^2.1.0",
     "cookie": "^0.1.2",
     "cookie-parser": "^1.3.4",
@@ -16,7 +16,7 @@
     "ejs": "^1.0.0",
     "escape-html": "^1.0.1",
     "etag": "^1.4.0",
-    "express": "^4.12.3",
+    "express": "^4.21.0",
     "express-session": "^1.8.2",
     "finalhandler": "^0.2.0",
     "fresh": "^0.2.4",
@@ -32,11 +32,11 @@
     "multiparty": "^3.3.2",
     "on-finished": "^2.1.1",
     "parseurl": "^1.3.0",
-    "path-to-regexp": "^0.1.3",
+    "path-to-regexp": "^8.0.0",
     "proxy-addr": "^1.0.7",
     "qs": "^2.2.4",
     "range-parser": "^1.0.2",
-    "send": "^0.9.3",
+    "send": "^0.19.0",
     "serve-static": "^1.6.5",
     "should": "^4.0.4",
     "supertest": "^0.14.0",