From a1d41c84803937f5c061e2a03817733637a3572c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 29 Jun 2022 18:28:25 +0000 Subject: [PATCH] fix: server/package.json & server/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631 --- server/package-lock.json | 11 ++++++----- server/package.json | 2 +- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/server/package-lock.json b/server/package-lock.json index abfe596..de7d043 100644 --- a/server/package-lock.json +++ b/server/package-lock.json @@ -5348,12 +5348,13 @@ "dev": true }, "passport": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/passport/-/passport-0.4.1.tgz", - "integrity": "sha512-IxXgZZs8d7uFSt3eqNjM9NQ3g3uQCW5avD8mRNoXV99Yig50vjuaez6dQK2qC0kVWPRTujxY0dWgGfT09adjYg==", + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/passport/-/passport-0.6.0.tgz", + "integrity": "sha512-0fe+p3ZnrWRW74fe8+SvCyf4a3Pb2/h7gFkQ8yTJpAO50gDzlfjZUZTO1k5Eg9kUct22OxHLqDZoKUWRHOh9ug==", "requires": { "passport-strategy": "1.x.x", - "pause": "0.0.1" + "pause": "0.0.1", + "utils-merge": "^1.0.1" } }, "passport-jwt": { @@ -5422,7 +5423,7 @@ "pause": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz", - "integrity": "sha1-HUCLP9t2kjuVQ9lvtMnf1TXZy10=" + "integrity": "sha512-KG8UEiEVkR3wGEb4m5yZkVCzigAD+cVEJck2CzYZO37ZGJfctvVptVO192MwrtPhzONn6go8ylnOdMhKqi4nfg==" }, "performance-now": { "version": "2.1.0", diff --git a/server/package.json b/server/package.json index 1f0f81e..311a653 100644 --- a/server/package.json +++ b/server/package.json @@ -23,7 +23,7 @@ "mongoose": "^5.12.3", "morgan": "^1.10.0", "nodemailer": "^6.5.0", - "passport": "^0.4.1", + "passport": "^0.6.0", "passport-jwt": "^4.0.0", "passport-lichess": "^1.1.0", "redis": "^3.0.2",