From f4b46299f81b3617cbe1882f5de1b91e4d571cb4 Mon Sep 17 00:00:00 2001
From: Michael Szotkowski <mikiszotkowski@protonmail.com>
Date: Mon, 13 Oct 2025 17:26:11 +0200
Subject: [PATCH 1/2] Dev (#278)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

# Pull Request

## Description

Please describe what this PR does and why.

## Related Issues

Closes #<issue-number>

## Checklist

- [ ] Tests added
- [ ] Docs updated
- [ ] Follows contribution guidelines

Thank you for contributing to **Selecro**! 🧶

---------

Signed-off-by: Michael Szotkowski <mikiszotkowski@protonmail.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 package-lock.json | 68 +++++++++++++++++++++++------------------------
 package.json      |  4 +--
 2 files changed, 36 insertions(+), 36 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index da21256..df3795a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -28,7 +28,7 @@
         "dotenv": "^17.2.3",
         "express-ipfilter": "^1.3.2",
         "express-rate-limit": "^8.1.0",
-        "firebase": "^12.3.0",
+        "firebase": "^12.4.0",
         "firebase-admin": "^13.5.0",
         "geoip-lite": "^1.4.10",
         "helmet": "^8.1.0",
@@ -64,7 +64,7 @@
         "@types/geoip-lite": "^1.4.4",
         "@types/jsonwebtoken": "^9.0.10",
         "@types/multer": "^2.0.0",
-        "@types/node": "^24.6.2",
+        "@types/node": "^24.7.2",
         "@types/nodemailer": "^7.0.2",
         "@types/pdfkit": "^0.17.3",
         "eslint": "^8.57.1",
@@ -1250,9 +1250,9 @@
       }
     },
     "node_modules/@firebase/ai": {
-      "version": "2.3.0",
-      "resolved": "https://registry.npmjs.org/@firebase/ai/-/ai-2.3.0.tgz",
-      "integrity": "sha512-rVZgf4FszXPSFVIeWLE8ruLU2JDmPXw4XgghcC0x/lK9veGJIyu+DvyumjreVhW/RwD3E5cNPWxQunzylhf/6w==",
+      "version": "2.4.0",
+      "resolved": "https://registry.npmjs.org/@firebase/ai/-/ai-2.4.0.tgz",
+      "integrity": "sha512-YilG6AJ/nYpCKtxZyvEzBRAQv5bU+2tBOKX4Ps0rNNSdxN39aT37kGhjATbk1kq1z5Lq7mkWglw/ajAF3lOWUg==",
       "license": "Apache-2.0",
       "dependencies": {
         "@firebase/app-check-interop-types": "0.3.3",
@@ -1270,9 +1270,9 @@
       }
     },
     "node_modules/@firebase/analytics": {
-      "version": "0.10.18",
-      "resolved": "https://registry.npmjs.org/@firebase/analytics/-/analytics-0.10.18.tgz",
-      "integrity": "sha512-iN7IgLvM06iFk8BeFoWqvVpRFW3Z70f+Qe2PfCJ7vPIgLPjHXDE774DhCT5Y2/ZU/ZbXPDPD60x/XPWEoZLNdg==",
+      "version": "0.10.19",
+      "resolved": "https://registry.npmjs.org/@firebase/analytics/-/analytics-0.10.19.tgz",
+      "integrity": "sha512-3wU676fh60gaiVYQEEXsbGS4HbF2XsiBphyvvqDbtC1U4/dO4coshbYktcCHq+HFaGIK07iHOh4pME0hEq1fcg==",
       "license": "Apache-2.0",
       "dependencies": {
         "@firebase/component": "0.7.0",
@@ -1286,12 +1286,12 @@
       }
     },
     "node_modules/@firebase/analytics-compat": {
-      "version": "0.2.24",
-      "resolved": "https://registry.npmjs.org/@firebase/analytics-compat/-/analytics-compat-0.2.24.tgz",
-      "integrity": "sha512-jE+kJnPG86XSqGQGhXXYt1tpTbCTED8OQJ/PQ90SEw14CuxRxx/H+lFbWA1rlFtFSsTCptAJtgyRBwr/f00vsw==",
+      "version": "0.2.25",
+      "resolved": "https://registry.npmjs.org/@firebase/analytics-compat/-/analytics-compat-0.2.25.tgz",
+      "integrity": "sha512-fdzoaG0BEKbqksRDhmf4JoyZf16Wosrl0Y7tbZtJyVDOOwziE0vrFjmZuTdviL0yhak+Nco6rMsUUbkbD+qb6Q==",
       "license": "Apache-2.0",
       "dependencies": {
-        "@firebase/analytics": "0.10.18",
+        "@firebase/analytics": "0.10.19",
         "@firebase/analytics-types": "0.8.3",
         "@firebase/component": "0.7.0",
         "@firebase/util": "1.13.0",
@@ -1308,9 +1308,9 @@
       "license": "Apache-2.0"
     },
     "node_modules/@firebase/app": {
-      "version": "0.14.3",
-      "resolved": "https://registry.npmjs.org/@firebase/app/-/app-0.14.3.tgz",
-      "integrity": "sha512-by1leTfZkwGycPKRWpc+p5/IhpnOj8zaScVi4RRm9fMoFYS3IE87Wzx1Yf/ruVYowXOEuLqYY3VmJw5tU3+0Bg==",
+      "version": "0.14.4",
+      "resolved": "https://registry.npmjs.org/@firebase/app/-/app-0.14.4.tgz",
+      "integrity": "sha512-pUxEGmR+uu21OG/icAovjlu1fcYJzyVhhT0rsCrn+zi+nHtrS43Bp9KPn9KGa4NMspCUE++nkyiqziuIvJdwzw==",
       "license": "Apache-2.0",
       "dependencies": {
         "@firebase/component": "0.7.0",
@@ -1374,12 +1374,12 @@
       "license": "Apache-2.0"
     },
     "node_modules/@firebase/app-compat": {
-      "version": "0.5.3",
-      "resolved": "https://registry.npmjs.org/@firebase/app-compat/-/app-compat-0.5.3.tgz",
-      "integrity": "sha512-rRK9YOvgsAU/+edjgubL1q1FyCMjBZZs+fAWtD36tklawkh6WZV07sNLVSceuni+a21oby6xoad+3R8dfztOrA==",
+      "version": "0.5.4",
+      "resolved": "https://registry.npmjs.org/@firebase/app-compat/-/app-compat-0.5.4.tgz",
+      "integrity": "sha512-T7ifGmb+awJEcp542Ek4HtNfBxcBrnuk1ggUdqyFEdsXHdq7+wVlhvE6YukTL7NS8hIkEfL7TMAPx/uCNqt30g==",
       "license": "Apache-2.0",
       "dependencies": {
-        "@firebase/app": "0.14.3",
+        "@firebase/app": "0.14.4",
         "@firebase/component": "0.7.0",
         "@firebase/logger": "0.5.0",
         "@firebase/util": "1.13.0",
@@ -4484,18 +4484,18 @@
       }
     },
     "node_modules/@types/node": {
-      "version": "24.6.2",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.6.2.tgz",
-      "integrity": "sha512-d2L25Y4j+W3ZlNAeMKcy7yDsK425ibcAOO2t7aPTz6gNMH0z2GThtwENCDc0d/Pw9wgyRqE5Px1wkV7naz8ang==",
+      "version": "24.7.2",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.7.2.tgz",
+      "integrity": "sha512-/NbVmcGTP+lj5oa4yiYxxeBjRivKQ5Ns1eSZeB99ExsEQ6rX5XYU1Zy/gGxY/ilqtD4Etx9mKyrPxZRetiahhA==",
       "license": "MIT",
       "dependencies": {
-        "undici-types": "~7.13.0"
+        "undici-types": "~7.14.0"
       }
     },
     "node_modules/@types/node/node_modules/undici-types": {
-      "version": "7.13.0",
-      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.13.0.tgz",
-      "integrity": "sha512-Ov2Rr9Sx+fRgagJ5AX0qvItZG/JKKoBRAVITs1zk7IqZGTJUwgUr7qoYBpWwakpWilTZFM98rG/AFRocu10iIQ==",
+      "version": "7.14.0",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.14.0.tgz",
+      "integrity": "sha512-QQiYxHuyZ9gQUIrmPo3IA+hUl4KYk8uSA7cHrcKd/l3p1OTpZcM0Tbp9x7FAtXdAYhlasd60ncPpgu6ihG6TOA==",
       "license": "MIT"
     },
     "node_modules/@types/nodemailer": {
@@ -7668,18 +7668,18 @@
       }
     },
     "node_modules/firebase": {
-      "version": "12.3.0",
-      "resolved": "https://registry.npmjs.org/firebase/-/firebase-12.3.0.tgz",
-      "integrity": "sha512-/JVja0IDO8zPETGv4TvvBwo7RwcQFz+RQ3JBETNtUSeqsDdI9G7fhRTkCy1sPKnLzW0xpm/kL8GOj6ncndTT3g==",
+      "version": "12.4.0",
+      "resolved": "https://registry.npmjs.org/firebase/-/firebase-12.4.0.tgz",
+      "integrity": "sha512-/chNgDQ6ppPPGOQO4jctxOa/5JeQxuhaxA7Y90K0I+n/wPfoO8mRveedhVUdo7ExLcWUivnnow/ouSLYSI5Icw==",
       "license": "Apache-2.0",
       "dependencies": {
-        "@firebase/ai": "2.3.0",
-        "@firebase/analytics": "0.10.18",
-        "@firebase/analytics-compat": "0.2.24",
-        "@firebase/app": "0.14.3",
+        "@firebase/ai": "2.4.0",
+        "@firebase/analytics": "0.10.19",
+        "@firebase/analytics-compat": "0.2.25",
+        "@firebase/app": "0.14.4",
         "@firebase/app-check": "0.11.0",
         "@firebase/app-check-compat": "0.4.0",
-        "@firebase/app-compat": "0.5.3",
+        "@firebase/app-compat": "0.5.4",
         "@firebase/app-types": "0.9.3",
         "@firebase/auth": "1.11.0",
         "@firebase/auth-compat": "0.6.0",
diff --git a/package.json b/package.json
index 83c3351..f2ae111 100644
--- a/package.json
+++ b/package.json
@@ -69,7 +69,7 @@
     "dotenv": "^17.2.3",
     "express-ipfilter": "^1.3.2",
     "express-rate-limit": "^8.1.0",
-    "firebase": "^12.3.0",
+    "firebase": "^12.4.0",
     "firebase-admin": "^13.5.0",
     "geoip-lite": "^1.4.10",
     "helmet": "^8.1.0",
@@ -105,7 +105,7 @@
     "@types/geoip-lite": "^1.4.4",
     "@types/jsonwebtoken": "^9.0.10",
     "@types/multer": "^2.0.0",
-    "@types/node": "^24.6.2",
+    "@types/node": "^24.7.2",
     "@types/nodemailer": "^7.0.2",
     "@types/pdfkit": "^0.17.3",
     "eslint": "^8.57.1",

From 17f18397cb1c6d7f1bdec399cab5692c9e97e4b0 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 15 Oct 2025 11:26:44 +0000
Subject: [PATCH 2/2] fix: Dockerfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE322-OPENSSL-13174131
- https://snyk.io/vuln/SNYK-ALPINE322-OPENSSL-13174131
- https://snyk.io/vuln/SNYK-ALPINE322-OPENSSL-13174132
- https://snyk.io/vuln/SNYK-ALPINE322-OPENSSL-13174132
- https://snyk.io/vuln/SNYK-ALPINE322-OPENSSL-13174133
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 2b580dc..1a9771a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@
 
 # UPDATED BASE IMAGE: Using 'node:22-bookworm-slim' which is built on Debian Bookworm (slim)
 # and contains more recent security fixes to address reported vulnerabilities.
-FROM node:22.17.1-alpine
+FROM node:22.20.0-alpine
 
 # Update system packages to address known vulnerabilities (run as root)
 RUN apt-get update && \