From 63c8ee9280caa8613474b645c05542087c89720f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 31 Oct 2024 05:49:45 +0000 Subject: [PATCH] fix: upgrade express-session from 1.17.3 to 1.18.1 Snyk has created this PR to upgrade express-session from 1.17.3 to 1.18.1. See this package in npm: express-session See this project in Snyk: https://app.snyk.io/org/faroukamr/project/dc39063e-0f74-4a21-860b-c5ff7f29e1ed?utm_source=github&utm_medium=referral&page=upgrade-pr --- Server/package-lock.json | 47 +++++++++++++++++++++++++--------------- Server/package.json | 2 +- 2 files changed, 31 insertions(+), 18 deletions(-) diff --git a/Server/package-lock.json b/Server/package-lock.json index 66e7cdd7..f00140b0 100644 --- a/Server/package-lock.json +++ b/Server/package-lock.json @@ -18,7 +18,7 @@ "dotenv": "^16.0.1", "express": "^4.18.1", "express-rate-limit": "^6.5.1", - "express-session": "^1.17.3", + "express-session": "^1.18.1", "helmet": "^6.0.0", "helmet-csp": "^3.4.0", "heroku-ssl-redirect": "^0.1.1", @@ -1943,12 +1943,13 @@ } }, "node_modules/express-session": { - "version": "1.17.3", - "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.3.tgz", - "integrity": "sha512-4+otWXlShYlG1Ma+2Jnn+xgKUZTMJ5QD3YvfilX3AcocOAbIkVylSWEklzALe/+Pu4qV6TYBj5GwOBFfdKqLBw==", + "version": "1.18.1", + "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.18.1.tgz", + "integrity": "sha512-a5mtTqEaZvBCL9A9aqkrtfz+3SMDhOVUnjafjo+s7A9Txkq+SVX2DLvSp1Zrv4uCXa3lMSK3viWnh9Gg07PBUA==", + "license": "MIT", "dependencies": { - "cookie": "0.4.2", - "cookie-signature": "1.0.6", + "cookie": "0.7.2", + "cookie-signature": "1.0.7", "debug": "2.6.9", "depd": "~2.0.0", "on-headers": "~1.0.2", @@ -1961,13 +1962,20 @@ } }, "node_modules/express-session/node_modules/cookie": { - "version": "0.4.2", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", - "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==", + "version": "0.7.2", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz", + "integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==", + "license": "MIT", "engines": { "node": ">= 0.6" } }, + "node_modules/express-session/node_modules/cookie-signature": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.7.tgz", + "integrity": "sha512-NXdYc3dLr47pBkpUCHtKSwIOQXLVn8dZEuywboCOJY/osA0wFSLlSawr3KN8qXJEyX66FcONTH8EIlVuK0yyFA==", + "license": "MIT" + }, "node_modules/express-session/node_modules/debug": { "version": "2.6.9", "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", @@ -5344,12 +5352,12 @@ "requires": {} }, "express-session": { - "version": "1.17.3", - "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.3.tgz", - "integrity": "sha512-4+otWXlShYlG1Ma+2Jnn+xgKUZTMJ5QD3YvfilX3AcocOAbIkVylSWEklzALe/+Pu4qV6TYBj5GwOBFfdKqLBw==", + "version": "1.18.1", + "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.18.1.tgz", + "integrity": "sha512-a5mtTqEaZvBCL9A9aqkrtfz+3SMDhOVUnjafjo+s7A9Txkq+SVX2DLvSp1Zrv4uCXa3lMSK3viWnh9Gg07PBUA==", "requires": { - "cookie": "0.4.2", - "cookie-signature": "1.0.6", + "cookie": "0.7.2", + "cookie-signature": "1.0.7", "debug": "2.6.9", "depd": "~2.0.0", "on-headers": "~1.0.2", @@ -5359,9 +5367,14 @@ }, "dependencies": { "cookie": { - "version": "0.4.2", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", - "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==" + "version": "0.7.2", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz", + "integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==" + }, + "cookie-signature": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.7.tgz", + "integrity": "sha512-NXdYc3dLr47pBkpUCHtKSwIOQXLVn8dZEuywboCOJY/osA0wFSLlSawr3KN8qXJEyX66FcONTH8EIlVuK0yyFA==" }, "debug": { "version": "2.6.9", diff --git a/Server/package.json b/Server/package.json index 22f7c333..44d0a11a 100644 --- a/Server/package.json +++ b/Server/package.json @@ -22,7 +22,7 @@ "dotenv": "^16.0.1", "express": "^4.18.1", "express-rate-limit": "^6.5.1", - "express-session": "^1.17.3", + "express-session": "^1.18.1", "helmet": "^6.0.0", "helmet-csp": "^3.4.0", "heroku-ssl-redirect": "^0.1.1",