From e6c569ec35e707b8e2003d2583820ac2a0feee23 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 26 May 2025 00:05:29 +0000 Subject: [PATCH 1/9] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/npm:marked:20180225 --- package-lock.json | 18 +++++++++++------- package.json | 2 +- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3a26af223..5c36ad751 100644 --- a/package-lock.json +++ b/package-lock.json @@ -18,7 +18,7 @@ "express-session": "^1.13.0", "forever": "^2.0.0", "helmet": "^2.0.0", - "marked": "0.3.5", + "marked": "^0.3.18", "mongodb": "^2.1.18", "needle": "2.2.4", "node-esapi": "0.0.1", @@ -6740,11 +6740,15 @@ } }, "node_modules/marked": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/marked/-/marked-0.3.5.tgz", - "integrity": "sha512-C2ZEiUZxg7zxh9t8C3q6yW4WucWN+OYkiAV/M5GxvfwYrKxlDcuZ74dHmoRoI+R80Oa/FtHl1w8GT13epnbi+Q==", + "version": "0.3.18", + "resolved": "https://registry.npmjs.org/marked/-/marked-0.3.18.tgz", + "integrity": "sha512-49i2QYhfULqaXzNZpxC808PisuCTGT2fgG0zrzdCI9N3rIfAWfW0nggvbXr6zvpynZdOG5+9xNxdzP0kwZnERw==", + "license": "MIT", "bin": { "marked": "bin/marked" + }, + "engines": { + "node": ">=0.10.0" } }, "node_modules/media-typer": { @@ -20711,9 +20715,9 @@ } }, "marked": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/marked/-/marked-0.3.5.tgz", - "integrity": "sha512-C2ZEiUZxg7zxh9t8C3q6yW4WucWN+OYkiAV/M5GxvfwYrKxlDcuZ74dHmoRoI+R80Oa/FtHl1w8GT13epnbi+Q==" + "version": "0.3.18", + "resolved": "https://registry.npmjs.org/marked/-/marked-0.3.18.tgz", + "integrity": "sha512-49i2QYhfULqaXzNZpxC808PisuCTGT2fgG0zrzdCI9N3rIfAWfW0nggvbXr6zvpynZdOG5+9xNxdzP0kwZnERw==" }, "media-typer": { "version": "0.3.0", diff --git a/package.json b/package.json index b2eb65a04..8c1fac38f 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ "express-session": "^1.13.0", "forever": "^2.0.0", "helmet": "^2.0.0", - "marked": "0.3.5", + "marked": "0.3.18", "mongodb": "^2.1.18", "needle": "2.2.4", "node-esapi": "0.0.1", From e5da6673cc46e9016d993ffd2cebafa4bcda21aa Mon Sep 17 00:00:00 2001 From: Frank Viciana Date: Mon, 26 May 2025 17:13:52 -0400 Subject: [PATCH 2/9] committing from staged --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index b2eb65a04..64f729398 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,7 @@ "main": "server.js", "dependencies": { "bcrypt-nodejs": "0.0.3", - "body-parser": "^1.15.1", + "body-parser": "^1.19.2", "consolidate": "^0.14.1", "csurf": "^1.8.3", "dont-sniff-mimetype": "^1.0.0", From cf051f52ff62e188becf54e7bf854c5f8147b706 Mon Sep 17 00:00:00 2001 From: Frank Viciana Date: Mon, 26 May 2025 17:16:32 -0400 Subject: [PATCH 3/9] committing from staged --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 64f729398..862a1b1b3 100644 --- a/package.json +++ b/package.json @@ -12,7 +12,7 @@ "dont-sniff-mimetype": "^1.0.0", "express": "^4.13.4", "express-session": "^1.13.0", - "forever": "^2.0.0", + "forever": "^4.0.0", "helmet": "^2.0.0", "marked": "0.3.5", "mongodb": "^2.1.18", From e30283102c1ac2fc51c56993c15f177f27e0a5dd Mon Sep 17 00:00:00 2001 From: Frank Viciana Date: Mon, 26 May 2025 17:22:54 -0400 Subject: [PATCH 4/9] commit from staged --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 862a1b1b3..1a87fea7e 100644 --- a/package.json +++ b/package.json @@ -12,7 +12,7 @@ "dont-sniff-mimetype": "^1.0.0", "express": "^4.13.4", "express-session": "^1.13.0", - "forever": "^4.0.0", + "forever": "^6.0.1", "helmet": "^2.0.0", "marked": "0.3.5", "mongodb": "^2.1.18", From da381063224cb5e2726b4f49b55fe8be2c282fed Mon Sep 17 00:00:00 2001 From: Frank Viciana Date: Mon, 26 May 2025 17:33:10 -0400 Subject: [PATCH 5/9] commit from staged --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 1a87fea7e..a70f0ee9b 100644 --- a/package.json +++ b/package.json @@ -12,14 +12,14 @@ "dont-sniff-mimetype": "^1.0.0", "express": "^4.13.4", "express-session": "^1.13.0", - "forever": "^6.0.1", + "forever": "^2.0.0", "helmet": "^2.0.0", "marked": "0.3.5", "mongodb": "^2.1.18", "needle": "2.2.4", "node-esapi": "0.0.1", "serve-favicon": "^2.3.0", - "swig": "^1.4.2", + "swig": "^1.12.1", "underscore": "^1.8.3" }, "comments": { From 12a1574449c4a0cbd30dbf598d358d6186e5d6a0 Mon Sep 17 00:00:00 2001 From: Frank Viciana Date: Mon, 26 May 2025 20:24:06 -0400 Subject: [PATCH 6/9] commit from stage --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index a70f0ee9b..8af8491a6 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ "express-session": "^1.13.0", "forever": "^2.0.0", "helmet": "^2.0.0", - "marked": "0.3.5", + "marked": "0.6.2", "mongodb": "^2.1.18", "needle": "2.2.4", "node-esapi": "0.0.1", From ca0c180431299d1fb22dc8680c171bc8ce8ab76c Mon Sep 17 00:00:00 2001 From: Frank Viciana Date: Mon, 26 May 2025 20:43:04 -0400 Subject: [PATCH 7/9] to commit --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 8af8491a6..ba87aac40 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ "express-session": "^1.13.0", "forever": "^2.0.0", "helmet": "^2.0.0", - "marked": "0.6.2", + "marked": "0.3.6", "mongodb": "^2.1.18", "needle": "2.2.4", "node-esapi": "0.0.1", From e01f704527190b5ce08edf4d8757341b114e3cc8 Mon Sep 17 00:00:00 2001 From: Frank Viciana Date: Tue, 27 May 2025 00:10:37 -0400 Subject: [PATCH 8/9] comm msg --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index ba87aac40..ea833ade4 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,7 @@ "main": "server.js", "dependencies": { "bcrypt-nodejs": "0.0.3", - "body-parser": "^1.19.2", + "body-parser": "^1.18.3", "consolidate": "^0.14.1", "csurf": "^1.8.3", "dont-sniff-mimetype": "^1.0.0", From bede29ffcda8b95d0a36c547b496e2882afac461 Mon Sep 17 00:00:00 2001 From: Frank Viciana Date: Tue, 27 May 2025 14:29:38 -0400 Subject: [PATCH 9/9] new commit --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 298cf696f..caf2167b0 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,7 @@ "main": "server.js", "dependencies": { "bcrypt-nodejs": "0.0.3", - "body-parser": "^1.18.3", + "body-parser": "^1.20.3", "consolidate": "^0.14.1", "csurf": "^1.8.3", "dont-sniff-mimetype": "^1.0.0",