From eb9d60d5abd4be6f4e9f777c2d1b11b8cdb915b3 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 21 Jul 2025 07:16:52 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 --- package-lock.json | 23 ++++++++++++++--------- package.json | 4 ++-- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/package-lock.json b/package-lock.json index 4ac0236092be..e9428a01d023 100644 --- a/package-lock.json +++ b/package-lock.json @@ -27,7 +27,7 @@ "cheerio-to-text": "0.2.4", "classnames": "^2.5.1", "connect-datadog": "0.0.9", - "connect-timeout": "1.9.0", + "connect-timeout": "^1.9.1", "cookie-parser": "^1.4.6", "dayjs": "^1.11.3", "dotenv": "^16.4.5", @@ -64,7 +64,7 @@ "mdast-util-to-hast": "^13.1.0", "mdast-util-to-markdown": "2.1.0", "mdast-util-to-string": "^4.0.0", - "morgan": "^1.10.0", + "morgan": "^1.10.1", "next": "14.2.3", "ora": "^8.0.1", "parse5": "7.1.2", @@ -4987,14 +4987,15 @@ } }, "node_modules/connect-timeout": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/connect-timeout/-/connect-timeout-1.9.0.tgz", - "integrity": "sha512-q4bsBIPd+eSGtnh/u6EBOKfuG+4YvwsN0idlOsg6KAw71Qpi0DCf2eCc/Va63QU9qdOeYC8katxoC+rHMNygZg==", + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/connect-timeout/-/connect-timeout-1.9.1.tgz", + "integrity": "sha512-kDcadOXwOu+EEVs31iOu0TOg1yyRTqSNfyJaHYm5Z4K/hEIi9HJXSOWP9d+WQr/wff7wQJRh/HX63vK1+wBErw==", + "license": "MIT", "dependencies": { "http-errors": "~1.6.1", "ms": "2.0.0", "on-finished": "~2.3.0", - "on-headers": "~1.0.1" + "on-headers": "~1.1.0" }, "engines": { "node": ">= 0.8" @@ -10706,14 +10707,16 @@ "license": "MIT" }, "node_modules/morgan": { - "version": "1.10.0", + "version": "1.10.1", + "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.1.tgz", + "integrity": "sha512-223dMRJtI/l25dJKWpgij2cMtywuG/WiUKXdvwfbhGKBhy1puASqXwFzmWZ7+K73vUPoR7SS2Qz2cI/g9MKw0A==", "license": "MIT", "dependencies": { "basic-auth": "~2.0.1", "debug": "2.6.9", "depd": "~2.0.0", "on-finished": "~2.3.0", - "on-headers": "~1.0.2" + "on-headers": "~1.1.0" }, "engines": { "node": ">= 0.8.0" @@ -11114,7 +11117,9 @@ } }, "node_modules/on-headers": { - "version": "1.0.2", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.1.0.tgz", + "integrity": "sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A==", "license": "MIT", "engines": { "node": ">= 0.8" diff --git a/package.json b/package.json index 09026f80792c..e55a126e957f 100644 --- a/package.json +++ b/package.json @@ -214,7 +214,7 @@ "cheerio-to-text": "0.2.4", "classnames": "^2.5.1", "connect-datadog": "0.0.9", - "connect-timeout": "1.9.0", + "connect-timeout": "1.9.1", "cookie-parser": "^1.4.6", "dayjs": "^1.11.3", "dotenv": "^16.4.5", @@ -251,7 +251,7 @@ "mdast-util-to-hast": "^13.1.0", "mdast-util-to-markdown": "2.1.0", "mdast-util-to-string": "^4.0.0", - "morgan": "^1.10.0", + "morgan": "^1.10.1", "next": "14.2.3", "ora": "^8.0.1", "parse5": "7.1.2",