From fa5a7035a846a8fad6b10ac54677d8ab0b856e68 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 17 Jul 2023 16:54:38 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MONGOOSE-5777721 --- package-lock.json | 9 ++++----- package.json | 2 +- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index b68d538..c28c8bd 100644 --- a/package-lock.json +++ b/package-lock.json @@ -18,7 +18,7 @@ "helmet": "^5.0.2", "hpp": "^0.2.3", "jsonwebtoken": "^8.5.1", - "mongoose": "^6.2.1", + "mongoose": "^6.11.3", "nodemon": "^2.0.15", "xss-clean": "^0.1.1" } @@ -2145,10 +2145,9 @@ } }, "node_modules/mongoose": { - "version": "6.11.1", - "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-6.11.1.tgz", - "integrity": "sha512-AvQ8C5ZGF6GcsQhoRg/i7pbNZpb96qLGU5ICBllckp7qMOxcfUF1nA6JstZw841BqRcE6myZ/mx9CluEESaw5Q==", - "license": "MIT", + "version": "6.11.3", + "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-6.11.3.tgz", + "integrity": "sha512-M1Y5PjttgV51YDa30u7GVMVypQSlNZF/jUhlzTBAmaz5C9FvOr8eih/VLhhO7xtTSlcVTFQS1dqlQNMbtfUowQ==", "dependencies": { "bson": "^4.7.2", "kareem": "2.5.1", diff --git a/package.json b/package.json index 267031e..79b9e6b 100644 --- a/package.json +++ b/package.json @@ -20,7 +20,7 @@ "helmet": "^5.0.2", "hpp": "^0.2.3", "jsonwebtoken": "^8.5.1", - "mongoose": "^6.2.1", + "mongoose": "^6.11.3", "nodemon": "^2.0.15", "xss-clean": "^0.1.1" }