From 7e0fca5a378419673790d456eb88404576411d05 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 30 Jun 2022 08:41:10 +0000 Subject: [PATCH] fix: server/package.json & server/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631 --- server/package-lock.json | 11 ++++++----- server/package.json | 2 +- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/server/package-lock.json b/server/package-lock.json index c41c33c..cfbc177 100644 --- a/server/package-lock.json +++ b/server/package-lock.json @@ -2422,12 +2422,13 @@ "dev": true }, "passport": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/passport/-/passport-0.4.0.tgz", - "integrity": "sha1-xQlWkTR71a07XhgCOMORTRbwWBE=", + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/passport/-/passport-0.6.0.tgz", + "integrity": "sha512-0fe+p3ZnrWRW74fe8+SvCyf4a3Pb2/h7gFkQ8yTJpAO50gDzlfjZUZTO1k5Eg9kUct22OxHLqDZoKUWRHOh9ug==", "requires": { "passport-strategy": "1.x.x", - "pause": "0.0.1" + "pause": "0.0.1", + "utils-merge": "^1.0.1" } }, "passport-local": { @@ -2475,7 +2476,7 @@ "pause": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz", - "integrity": "sha1-HUCLP9t2kjuVQ9lvtMnf1TXZy10=" + "integrity": "sha512-KG8UEiEVkR3wGEb4m5yZkVCzigAD+cVEJck2CzYZO37ZGJfctvVptVO192MwrtPhzONn6go8ylnOdMhKqi4nfg==" }, "pify": { "version": "3.0.0", diff --git a/server/package.json b/server/package.json index c1d6c14..0f5e4ff 100644 --- a/server/package.json +++ b/server/package.json @@ -19,7 +19,7 @@ "express": "^4.16.4", "jsonwebtoken": "^8.4.0", "mongoose": "^5.4.6", - "passport": "^0.4.0", + "passport": "^0.6.0", "passport-local": "^1.0.0", "sanitize-html": "^1.20.0", "secure-password": "^3.1.0"