From 65963d2405126ab70bf3298b3bbf8f4455461905 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 8 Jan 2023 01:25:57 +0000 Subject: [PATCH] fix: upgrade cookie-parser from 1.4.3 to 1.4.6 Snyk has created this PR to upgrade cookie-parser from 1.4.3 to 1.4.6. See this package in npm: https://www.npmjs.com/package/cookie-parser See this project in Snyk: https://app.snyk.io/org/jamesdbloom-h62/project/5073bb55-4c5c-4c02-ab93-3a8c29838b1b?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 15 +++++++++++---- package.json | 2 +- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index ac808645..c5d4786c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -239,12 +239,19 @@ "integrity": "sha1-5+Ch+e9DtMi6klxcWpboBtFoc7s=" }, "cookie-parser": { - "version": "1.4.3", - "resolved": "https://registry.npmjs.org/cookie-parser/-/cookie-parser-1.4.3.tgz", - "integrity": "sha1-D+MfoZ0AC5X0qt8fU/3CuKIDuqU=", + "version": "1.4.6", + "resolved": "https://registry.npmjs.org/cookie-parser/-/cookie-parser-1.4.6.tgz", + "integrity": "sha512-z3IzaNjdwUC2olLIB5/ITd0/setiaFMLYiZJle7xg5Fe9KWAceil7xszYfHHBtDFYLSgJduS2Ty0P1uJdPDJeA==", "requires": { - "cookie": "0.3.1", + "cookie": "0.4.1", "cookie-signature": "1.0.6" + }, + "dependencies": { + "cookie": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.1.tgz", + "integrity": "sha512-ZwrFkGJxUR3EIoXtO+yVE69Eb7KlixbaeAWfBQB9vVsNn/o+Yw69gBWSSDK825hQNdN+wF8zELf3dFNl/kxkUA==" + } } }, "cookie-signature": { diff --git a/package.json b/package.json index f9dcefab..a7232e71 100644 --- a/package.json +++ b/package.json @@ -7,7 +7,7 @@ }, "dependencies": { "body-parser": "^1.18.0", - "cookie-parser": "^1.4.0", + "cookie-parser": "^1.4.6", "debug": "^3.1.0", "dotenv": "^5.0.1", "express": "^4.13.0",