[Snyk] Fix for 1 vulnerabilities

[zuohuadong]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @nestjs/graphql

The new version differs by 250 commits.

• 6c43003 chore(): release v7.0.13
• dae9379 Merge branch 'master' of https://github.com/nestjs/graphql
• 6ed51b1 fix(): fix directives on field resolers
• 1dd6289 chore(deps): update nest monorepo to v7.0.5
• bead9dd Merge branch 'master' of https://github.com/nestjs/graphql
• 6d0a9ba fix(): remove optional deps
• a2d06a5 fix(): remove optional deps
• 1cfad42 Merge pull request #686 from nestjs/renovate/eslint-config-prettier-6.x
• b148043 chore(deps): update dependency eslint-config-prettier to v6.10.1
• 5d5eecc chore(deps): update dependency ts-node to v8.8.1
• 0e7a38f chore(deps): update dependency ts-node to v8.8.0
• 0a6c238 chore(deps): update dependency prettier to v2
• 49e0034 chore(deps): update nest monorepo to v7.0.4
• ec33cd2 chore(): release v7.0.12
• f80f287 fix(): override get type method in gql execution context
• 0b78db7 chore(): release v7.0.11
• e72921a fix(): add missing model prefix to plugin
• 21651fb chore(): release v7.0.10
• c6a8b93 Merge branch 'master' of https://github.com/nestjs/graphql
• 7647e2b fix(plugin): apply plugin metadata on prototypes
• fb151d3 chore(deps): update dependency ts-node to v8.7.0
• 7947814 chore(): release v7.0.9
• 1759e73 Merge branch 'tngmichael-plugin-fix-proposal'
• c682dc7 refactor(): move to a separate method

See the full diff

Package name: pg

The new version differs by 250 commits.

• 7ffe68e Publish
• 125a268 Update changelog
• da2bb85 Bump node-fetch from 2.6.0 to 2.6.1
• 7649890 Update SPONSORS.md
• c5445f0 Fix metadata for pg-connection-string
• a02dfac Replace semver with optional peer dependencies
• 5825843 Public export of DatabaseError
• e421167 Add ssl=true into the test
• 9cbea21 Solve issues caused by config.ssl = true
• 6be3b90 Add support for ?sslmode connection string param
• f0fc470 Update README.md (#2330)
• 95b5daa Publish
• 1f0d3d5 Add test for pgpass check function scope
• 0758b76 Fix context (this) in _checkPgPass.
• acfbafa Publish
• 07ee1ba Bump version
• 65156e7 Small readme updates & auto-formatting
• 61e4b7f Merge pull request #2309 from chris--young/ssl-err
• f4d123b Prevents bad ssl credentials from causing a crash
• 316bec3 Merge pull request #2294 from charmander/test-fixes
• 3edcbb7 Fix most SSL negotiation packet tests being ignored
• 1b022f8 Remove accidentally duplicated methods
• b8773ce Merge pull request #2289 from brianc/dependabot/npm_and_yarn/lodash-4.17.19
• 692e418 Fix documenation typo in README (#2291)

See the full diff

Package name: sharp

The new version differs by 250 commits.

• 1ff84b2 Release v0.29.3
• 97655d2 Bump deps
• d10d7b0 Docs: remove duplicate entry for mbklein (#2971)
• 2ffdae2 Docs: changelog and credit for #2952
• 342de36 Impute TIFF xres/yres from withMetadata({density})
• b33231d Ensure correct dimensions when contain 1px image #2951
• 319db21 Release v0.29.2
• d359331 Remove animation props from single page images #2890
• 7ae1513 Bump devDeps
• 648a1e0 Throw error rather than exit for invalid binaries #2931
• b9f211f Docs: changelog for #2918
• e475d9e Improve error message on Windows for version conflict (#2918)
• f37ca82 Bump deps
• 1dd4be6 Add timeout function to limit processing time
• 197d4cf Docs: changelog and credit for #2893
• 83eed86 Docs: clarify prebuilt libc support on ARMv6/v7
• bbf612c Replace use of deprecated util.inherits
• 2679bb5 Allow use of 'tif' to select TIFF output (#2893)
• 481e350 Ensure 'versions' is populated from vendored libvips
• 50c7a08 Release v0.29.1
• 9a0bb60 Bump deps
• deb5d81 Docs: changelog entries for #2878 #2879
• 916b04d Allow using speed 9 for AVIF/HEIC encoding (#2879)
• 52307fa Resolve paths before comparing input/output destination (#2878)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)