From 5295c8c90b71b9617be81ca7833f5a9aaeb97af0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 23 Feb 2024 11:01:53 +0000 Subject: [PATCH] fix: upgrade express-session from 1.17.3 to 1.18.0 Snyk has created this PR to upgrade express-session from 1.17.3 to 1.18.0. See this package in npm: https://www.npmjs.com/package/express-session See this project in Snyk: https://app.snyk.io/org/snyk-apprisk-essentials-closed-beta-demo-group/project/4d7720bb-ed26-4679-9c15-8495f982dcd2?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 23 ++++++++++++++--------- package.json | 2 +- 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/package-lock.json b/package-lock.json index 27dd47c..519d05b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,7 +16,7 @@ "envar-check": "0.0.3", "express": "^4.18.2", "express-rate-limit": "^5.5.1", - "express-session": "^1.17.3", + "express-session": "^1.18.0", "form-data": "^4.0.0", "helmet": "^4.6.0", "jwt-decode": "^3.1.2", @@ -5124,12 +5124,12 @@ "integrity": "sha512-MTjE2eIbHv5DyfuFz4zLYWxpqVhEhkTiwFGuB74Q9CSou2WHO52nlE5y3Zlg6SIsiYUIPj6ifFxnkPz6O3sIUg==" }, "node_modules/express-session": { - "version": "1.17.3", - "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.3.tgz", - "integrity": "sha512-4+otWXlShYlG1Ma+2Jnn+xgKUZTMJ5QD3YvfilX3AcocOAbIkVylSWEklzALe/+Pu4qV6TYBj5GwOBFfdKqLBw==", + "version": "1.18.0", + "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.18.0.tgz", + "integrity": "sha512-m93QLWr0ju+rOwApSsyso838LQwgfs44QtOP/WBiwtAgPIo/SAh1a5c6nn2BR6mFNZehTpqKDESzP+fRHVbxwQ==", "dependencies": { - "cookie": "0.4.2", - "cookie-signature": "1.0.6", + "cookie": "0.6.0", + "cookie-signature": "1.0.7", "debug": "2.6.9", "depd": "~2.0.0", "on-headers": "~1.0.2", @@ -5142,13 +5142,18 @@ } }, "node_modules/express-session/node_modules/cookie": { - "version": "0.4.2", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", - "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==", + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", + "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==", "engines": { "node": ">= 0.6" } }, + "node_modules/express-session/node_modules/cookie-signature": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.7.tgz", + "integrity": "sha512-NXdYc3dLr47pBkpUCHtKSwIOQXLVn8dZEuywboCOJY/osA0wFSLlSawr3KN8qXJEyX66FcONTH8EIlVuK0yyFA==" + }, "node_modules/express-session/node_modules/debug": { "version": "2.6.9", "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", diff --git a/package.json b/package.json index 0b6ceb5..06743eb 100644 --- a/package.json +++ b/package.json @@ -76,7 +76,7 @@ "envar-check": "0.0.3", "express": "^4.18.2", "express-rate-limit": "^5.5.1", - "express-session": "^1.17.3", + "express-session": "^1.18.0", "form-data": "^4.0.0", "helmet": "^4.6.0", "jwt-decode": "^3.1.2",