From b2f6b2da760df65e2c046f82aa297043373c855d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 30 Jun 2022 05:38:40 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631 --- package-lock.json | 15 ++++++++------- package.json | 2 +- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index ad2ff51..27c78c1 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,5 +1,5 @@ { - "name": "ui", + "name": "application-server", "version": "1.0.0", "lockfileVersion": 1, "requires": true, @@ -809,12 +809,13 @@ "integrity": "sha1-/CidTtiZMRlGDBViUyYs3I3mW/M=" }, "passport": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/passport/-/passport-0.4.0.tgz", - "integrity": "sha1-xQlWkTR71a07XhgCOMORTRbwWBE=", + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/passport/-/passport-0.6.0.tgz", + "integrity": "sha512-0fe+p3ZnrWRW74fe8+SvCyf4a3Pb2/h7gFkQ8yTJpAO50gDzlfjZUZTO1k5Eg9kUct22OxHLqDZoKUWRHOh9ug==", "requires": { - "passport-strategy": "1.0.0", - "pause": "0.0.1" + "passport-strategy": "1.x.x", + "pause": "0.0.1", + "utils-merge": "^1.0.1" } }, "passport-oauth1": { @@ -849,7 +850,7 @@ "pause": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz", - "integrity": "sha1-HUCLP9t2kjuVQ9lvtMnf1TXZy10=" + "integrity": "sha512-KG8UEiEVkR3wGEb4m5yZkVCzigAD+cVEJck2CzYZO37ZGJfctvVptVO192MwrtPhzONn6go8ylnOdMhKqi4nfg==" }, "performance-now": { "version": "2.1.0", diff --git a/package.json b/package.json index a26655b..025f450 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "helmet": "^3.12.0", "jquery": "^3.3.1", "mongoose": "^5.0.10", - "passport": "^0.4.0", + "passport": "^0.6.0", "passport-twitter": "^1.0.4", "redis": "^2.8.0", "twit": "^2.2.9"