From 08673b86708b10f96f4663ee58fb8027ec6bd056 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 2 Jul 2020 00:09:18 +0000 Subject: [PATCH] fix: 02-Calling-an-API/package.json & 02-Calling-an-API/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-EXPRESSJWT-575022 --- 02-Calling-an-API/package-lock.json | 34 ++++++++++++++--------------- 02-Calling-an-API/package.json | 2 +- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/02-Calling-an-API/package-lock.json b/02-Calling-an-API/package-lock.json index d8f9355..831ce99 100644 --- a/02-Calling-an-API/package-lock.json +++ b/02-Calling-an-API/package-lock.json @@ -1164,9 +1164,9 @@ } }, "express-jwt": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/express-jwt/-/express-jwt-5.3.1.tgz", - "integrity": "sha512-1C9RNq0wMp/JvsH/qZMlg3SIPvKu14YkZ4YYv7gJQ1Vq+Dv8LH9tLKenS5vMNth45gTlEUGx+ycp9IHIlaHP/g==", + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/express-jwt/-/express-jwt-6.0.0.tgz", + "integrity": "sha512-C26y9myRjx7CyhZ+BAT3p+gQyRCoDZ7qo8plCvLDaRT6je6ALIAQknT6XLVQGFKwIy/Ux7lvM2MNap5dt0T7gA==", "requires": { "async": "^1.5.0", "express-unless": "^0.3.0", @@ -2577,11 +2577,11 @@ "dev": true }, "jsonwebtoken": { - "version": "8.5.0", - "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.0.tgz", - "integrity": "sha512-IqEycp0znWHNA11TpYi77bVgyBO/pGESDh7Ajhas+u0ttkGkKYIIAjniL4Bw5+oVejVF+SYkaI7XKfwCCyeTuA==", + "version": "8.5.1", + "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz", + "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==", "requires": { - "jws": "^3.2.1", + "jws": "^3.2.2", "lodash.includes": "^4.3.0", "lodash.isboolean": "^3.0.3", "lodash.isinteger": "^4.0.4", @@ -2594,9 +2594,9 @@ }, "dependencies": { "ms": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz", - "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg==" + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" } } }, @@ -2612,9 +2612,9 @@ } }, "jwa": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.0.tgz", - "integrity": "sha512-mt6IHaq0ZZWDBspg0Pheu3r9sVNMEZn+GJe1zcdYyhFcDSclp3J8xEdO4PjZolZ2i8xlaVU1LetHM0nJejYsEw==", + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", + "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==", "requires": { "buffer-equal-constant-time": "1.0.1", "ecdsa-sig-formatter": "1.0.11", @@ -2679,11 +2679,11 @@ } }, "jws": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.1.tgz", - "integrity": "sha512-bGA2omSrFUkd72dhh05bIAN832znP4wOU3lfuXtRBuGTbsmNmDXMQg28f0Vsxaxgk4myF5YkKQpz6qeRpMgX9g==", + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz", + "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==", "requires": { - "jwa": "^1.2.0", + "jwa": "^1.4.1", "safe-buffer": "^5.0.1" } }, diff --git a/02-Calling-an-API/package.json b/02-Calling-an-API/package.json index 8c7d9bb..7d0d03c 100644 --- a/02-Calling-an-API/package.json +++ b/02-Calling-an-API/package.json @@ -5,7 +5,7 @@ "main": "server.js", "dependencies": { "express": "^4.17.1", - "express-jwt": "^5.3.1", + "express-jwt": "^6.0.0", "helmet": "^3.21.0", "jwks-rsa": "^1.6.0", "morgan": "^1.9.1",