From 52e584a1fe9c75700fe3633f74ee709e53c4069e Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 14 Jul 2025 05:31:03 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-COOKIEJAR-3149984
---
 package-lock.json | 33 +++++++++------------------------
 package.json      |  2 +-
 2 files changed, 10 insertions(+), 25 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 2bd360f..236254a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1058,6 +1058,11 @@
         }
       }
     },
+    "@rgrove/parse-xml": {
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/@rgrove/parse-xml/-/parse-xml-4.2.0.tgz",
+      "integrity": "sha512-UuBOt7BOsKVOkFXRe4Ypd/lADuNIfqJXv8GvHqtXaTYXPPKkj2nS2zPllVsrtRjcomDhIJVBnZwfmlI222WH8g=="
+    },
     "@sinonjs/commons": {
       "version": "1.8.3",
       "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.3.tgz",
@@ -3654,12 +3659,11 @@
       }
     },
     "flickr-sdk": {
-      "version": "3.10.0",
-      "resolved": "https://registry.npmjs.org/flickr-sdk/-/flickr-sdk-3.10.0.tgz",
-      "integrity": "sha512-JBGWFYTE5xvm6oG34IEQL0TX7FFLuWWFcWjlv2wVeB6Gj7VybVeoOXSvIX35hG1FVUbJTrVYBJRgpbjGf3cl3A==",
+      "version": "7.1.0",
+      "resolved": "https://registry.npmjs.org/flickr-sdk/-/flickr-sdk-7.1.0.tgz",
+      "integrity": "sha512-a348WbBNOangaFZHHmr4papWpScVoDEyKz8lhWUUcg7jGlpz7lvQmHx3qhM5ROLt4N+B10Vd+RivlxZQUmKOgA==",
       "requires": {
-        "superagent": "^3.8.0",
-        "xml2js": "^0.4.17"
+        "@rgrove/parse-xml": "^4.1.0"
       }
     },
     "flush-write-stream": {
@@ -8662,11 +8666,6 @@
         "walker": "~1.0.5"
       }
     },
-    "sax": {
-      "version": "1.2.4",
-      "resolved": "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz",
-      "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw=="
-    },
     "saxes": {
       "version": "5.0.1",
       "resolved": "https://registry.npmjs.org/saxes/-/saxes-5.0.1.tgz",
@@ -10105,20 +10104,6 @@
       "integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==",
       "dev": true
     },
-    "xml2js": {
-      "version": "0.4.23",
-      "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.4.23.tgz",
-      "integrity": "sha512-ySPiMjM0+pLDftHgXY4By0uswI3SPKLDw/i3UXbnO8M/p28zqexCUoPmQFrYD+/1BzhGJSs2i1ERWKJAtiLrug==",
-      "requires": {
-        "sax": ">=0.6.0",
-        "xmlbuilder": "~11.0.0"
-      }
-    },
-    "xmlbuilder": {
-      "version": "11.0.1",
-      "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz",
-      "integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA=="
-    },
     "xmlchars": {
       "version": "2.2.0",
       "resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz",
diff --git a/package.json b/package.json
index 338e713..10e59b1 100644
--- a/package.json
+++ b/package.json
@@ -57,7 +57,7 @@
     "detect-port": "^1.2.2",
     "dotenv": "^6.1.0",
     "express": "^4.21.2",
-    "flickr-sdk": "^3.7.0",
+    "flickr-sdk": "^7.1.0",
     "googleapis": "^72.0.0",
     "hbs": "^4.1.2",
     "helmet": "^3.21.1",