From 7f857f8ffaa1c8b814a0469afcb866be1bdc6b6a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 2 Sep 2023 00:25:25 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MONGODB-5871303 --- package-lock.json | 37 +++++++++++++++++-------------------- package.json | 2 +- 2 files changed, 18 insertions(+), 21 deletions(-) diff --git a/package-lock.json b/package-lock.json index 4dd815a..cad28e3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -21,7 +21,7 @@ "fs": "^0.0.2", "mathjs": "^11.8.2", "moment-timezone": "^0.5.43", - "mongodb": "^5.6.0", + "mongodb": "^5.8.0", "ms": "^2.1.3", "node-fetch": "^3.3.2", "pretty-ms": "^8.0.0", @@ -211,6 +211,15 @@ "webidl-conversions": "^3.0.0" } }, + "node_modules/@mongodb-js/saslprep": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@mongodb-js/saslprep/-/saslprep-1.1.0.tgz", + "integrity": "sha512-Xfijy7HvfzzqiOAhAepF4SGN5e9leLkMvg/OPOF97XemjfVCYN/oWa75wnkc6mltMSTwY+XlbhWgUOJmkFspSw==", + "optional": true, + "dependencies": { + "sparse-bitfield": "^3.0.3" + } + }, "node_modules/@sapphire/async-queue": { "version": "1.5.0", "resolved": "https://registry.npmjs.org/@sapphire/async-queue/-/async-queue-1.5.0.tgz", @@ -1432,9 +1441,9 @@ } }, "node_modules/mongodb": { - "version": "5.7.0", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-5.7.0.tgz", - "integrity": "sha512-zm82Bq33QbqtxDf58fLWBwTjARK3NSvKYjyz997KSy6hpat0prjeX/kxjbPVyZY60XYPDNETaHkHJI2UCzSLuw==", + "version": "5.8.0", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-5.8.0.tgz", + "integrity": "sha512-xx4CXmxcj3bNe7iGBlhntVrUqrNARYhUZteXaz4epEESv4oXD/FONAovcyoCaEffdYlw25Yz284OxMfpnPLlgQ==", "dependencies": { "bson": "^5.4.0", "mongodb-connection-string-url": "^2.6.0", @@ -1444,12 +1453,12 @@ "node": ">=14.20.1" }, "optionalDependencies": { - "saslprep": "^1.0.3" + "@mongodb-js/saslprep": "^1.1.0" }, "peerDependencies": { - "@aws-sdk/credential-providers": "^3.201.0", - "@mongodb-js/zstd": "^1.1.0", - "kerberos": "^2.0.1", + "@aws-sdk/credential-providers": "^3.188.0", + "@mongodb-js/zstd": "^1.0.0", + "kerberos": "^1.0.0 || ^2.0.0", "mongodb-client-encryption": ">=2.3.0 <3", "snappy": "^7.2.2" }, @@ -1756,18 +1765,6 @@ "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" }, - "node_modules/saslprep": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/saslprep/-/saslprep-1.0.3.tgz", - "integrity": "sha512-/MY/PEMbk2SuY5sScONwhUDsV2p77Znkb/q3nSVstq/yQzYJOH/Azh29p9oJLsl3LnQwSvZDKagDGBsBwSooag==", - "optional": true, - "dependencies": { - "sparse-bitfield": "^3.0.3" - }, - "engines": { - "node": ">=6" - } - }, "node_modules/seedrandom": { "version": "3.0.5", "resolved": "https://registry.npmjs.org/seedrandom/-/seedrandom-3.0.5.tgz", diff --git a/package.json b/package.json index 311b29d..3806746 100644 --- a/package.json +++ b/package.json @@ -29,7 +29,7 @@ "fs": "^0.0.2", "mathjs": "^11.8.2", "moment-timezone": "^0.5.43", - "mongodb": "^5.6.0", + "mongodb": "^5.8.0", "ms": "^2.1.3", "node-fetch": "^3.3.2", "pretty-ms": "^8.0.0",