From b566a676b3b3d267dd7d5dd560ba10fe2b398927 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 21 Aug 2024 11:07:30 +0000 Subject: [PATCH] fix: template/package.json & template/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BSONOBJECTID-570765 --- template/package.json | 2 +- template/yarn.lock | 22 ++++++++++------------ 2 files changed, 11 insertions(+), 13 deletions(-) diff --git a/template/package.json b/template/package.json index 4d8b6e9..bd184fb 100644 --- a/template/package.json +++ b/template/package.json @@ -38,7 +38,7 @@ "@ladjs/mongoose": "^2.1.1", "@ladjs/mongoose-error-messages": "^1.0.0", "@ladjs/passport": "^2.1.0", - "@ladjs/pick-original": "1.0.0", + "@ladjs/pick-original": "2.0.0", "@ladjs/policies": "^5.0.0", "@ladjs/proxy": "^2.0.3", "@ladjs/redis": "^1.0.7", diff --git a/template/yarn.lock b/template/yarn.lock index 8a20432..32a178e 100644 --- a/template/yarn.lock +++ b/template/yarn.lock @@ -1391,12 +1391,10 @@ delay "^4.3.0" lodash "^4.17.15" -"@ladjs/node-dotify@^2.0.0": - version "2.0.0" - resolved "https://registry.yarnpkg.com/@ladjs/node-dotify/-/node-dotify-2.0.0.tgz#ac106a4969eb4ed673c77b9dff5f23d93f168c59" - integrity sha512-zIHZZWtX4d7dRWKzQHwxGHBzjKu8i7WWeJv9nDXqg04BINZa7ApaWeHYBkeeQyzRNTHDO1iysJWaD0GKyabZfw== - dependencies: - bson-objectid "^1.3.1" +"@ladjs/node-dotify@^3.0.0": + version "3.0.0" + resolved "https://registry.yarnpkg.com/@ladjs/node-dotify/-/node-dotify-3.0.0.tgz#409b884c2911fc55ef7e278f3ab8c015fe468f75" + integrity sha512-kfmkxxAURZCaKPRGEx23oBHW8yGEpcBBDWf/rk5iRuLi8+nqjxvzVQ3cQOeBzIal9dY2NOQWqGX8pLx6Gn4Vqg== "@ladjs/passport-otp-strategy@^1.1.0": version "1.1.0" @@ -1420,13 +1418,13 @@ passport-google-oauth "^2.0.0" validator "^12.1.0" -"@ladjs/pick-original@1.0.0": - version "1.0.0" - resolved "https://registry.yarnpkg.com/@ladjs/pick-original/-/pick-original-1.0.0.tgz#424a87ecce2ab9fc1664e28626fbace28639ce94" - integrity sha512-cwogfBne2dRspUAwMms8wLsA2CFxp7VdkLKwCqJ5LjvEqr4fHwmMTNoHW5WFj/lCx8ik2eZRLNnWke4nHsHshA== +"@ladjs/pick-original@2.0.0": + version "2.0.0" + resolved "https://registry.yarnpkg.com/@ladjs/pick-original/-/pick-original-2.0.0.tgz#d724d430704ee4e9aa413f68905fe727c64b00ab" + integrity sha512-m08EtLC0EqW/fb13t+lRGDKyZXTlqC4IZYtPdLXyWzDveJGZrnyZXWqNpnmCxt8ZKiHKEqy66kbqxHEEcXJkDg== dependencies: - "@ladjs/node-dotify" "^2.0.0" - lodash "^4.17.20" + "@ladjs/node-dotify" "^3.0.0" + lodash "^4.17.21" "@ladjs/policies@^5.0.0": version "5.0.0"