From cc3cbfec2a4b52cd4608af3ee8f1f726cd8d7006 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 13 Jul 2025 07:11:10 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MULTER-10299078 --- package-lock.json | 47 ++++++++++++++++++++++++++++++++++++++--------- package.json | 2 +- 2 files changed, 39 insertions(+), 10 deletions(-) diff --git a/package-lock.json b/package-lock.json index 49a7aed..33af345 100644 --- a/package-lock.json +++ b/package-lock.json @@ -22,7 +22,7 @@ "method-override": "^3.0.0", "mongodb": "^6.16.0", "mongoose": "^8.2.0", - "multer": "^2.0.0", + "multer": "^2.0.1", "newrelic": "^12.20.0", "nodemailer": "^6.9.12", "passport": "^0.7.0", @@ -10150,23 +10150,52 @@ "license": "MIT" }, "node_modules/multer": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/multer/-/multer-2.0.0.tgz", - "integrity": "sha512-bS8rPZurbAuHGAnApbM9d4h1wSoYqrOqkE+6a64KLMK9yWU7gJXBDDVklKQ3TPi9DRb85cRs6yXaC0+cjxRtRg==", + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/multer/-/multer-2.0.1.tgz", + "integrity": "sha512-Ug8bXeTIUlxurg8xLTEskKShvcKDZALo1THEX5E41pYCD2sCVub5/kIRIGqWNoqV6szyLyQKV6mD4QUrWE5GCQ==", "license": "MIT", "dependencies": { "append-field": "^1.0.0", - "busboy": "^1.0.0", - "concat-stream": "^1.5.2", - "mkdirp": "^0.5.4", + "busboy": "^1.6.0", + "concat-stream": "^2.0.0", + "mkdirp": "^0.5.6", "object-assign": "^4.1.1", - "type-is": "^1.6.4", - "xtend": "^4.0.0" + "type-is": "^1.6.18", + "xtend": "^4.0.2" }, "engines": { "node": ">= 10.16.0" } }, + "node_modules/multer/node_modules/concat-stream": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/concat-stream/-/concat-stream-2.0.0.tgz", + "integrity": "sha512-MWufYdFw53ccGjCA+Ol7XJYpAlW6/prSMzuPOTRnJGcGzuhLn4Scrz7qf6o8bROZ514ltazcIFJZevcfbo0x7A==", + "engines": [ + "node >= 6.0" + ], + "license": "MIT", + "dependencies": { + "buffer-from": "^1.0.0", + "inherits": "^2.0.3", + "readable-stream": "^3.0.2", + "typedarray": "^0.0.6" + } + }, + "node_modules/multer/node_modules/readable-stream": { + "version": "3.6.2", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", + "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==", + "license": "MIT", + "dependencies": { + "inherits": "^2.0.3", + "string_decoder": "^1.1.1", + "util-deprecate": "^1.0.1" + }, + "engines": { + "node": ">= 6" + } + }, "node_modules/nan": { "version": "2.22.2", "resolved": "https://registry.npmjs.org/nan/-/nan-2.22.2.tgz", diff --git a/package.json b/package.json index 7034009..3625b7e 100644 --- a/package.json +++ b/package.json @@ -30,7 +30,7 @@ "method-override": "^3.0.0", "mongodb": "^6.16.0", "mongoose": "^8.2.0", - "multer": "^2.0.0", + "multer": "^2.0.1", "newrelic": "^12.20.0", "nodemailer": "^6.9.12", "passport": "^0.7.0",