From 9c6b9b43342f557e75f30599b01301e5ff6379df Mon Sep 17 00:00:00 2001 From: Marc Date: Mon, 21 Oct 2024 12:49:23 +0200 Subject: [PATCH] Updating router package to have the new version of path-to-regexp where the vulnerability is fixed --- package-lock.json | 53 +++++++++++++++++++++++------------------------ package.json | 4 ++-- 2 files changed, 28 insertions(+), 29 deletions(-) diff --git a/package-lock.json b/package-lock.json index 145c6e9..b06354a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -24,8 +24,8 @@ "morgan": "^1.8.2", "on-finished": "^2.2.0", "on-headers": "^1.0.0", - "path-to-regexp": "^1.8.0", - "router": "^1.3.1", + "path-to-regexp": "^1.9.0", + "router": "^2.0.0", "update-notifier-cjs": "^5.1.6" }, "bin": { @@ -3766,6 +3766,12 @@ "node": ">=8" } }, + "node_modules/is-promise": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/is-promise/-/is-promise-4.0.0.tgz", + "integrity": "sha512-hvpoI6korhJMnej285dSg6nu1+e6uxs7zG3BYAm5byqDsgJNWwxzM6z6iZiAgQR4TJ30JmBTOwqZUw3WlyH3AQ==", + "license": "MIT" + }, "node_modules/is-stream": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", @@ -5250,9 +5256,10 @@ } }, "node_modules/path-to-regexp": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-1.8.0.tgz", - "integrity": "sha512-n43JRhlUKUAlibEJhPeir1ncUID16QnEjNpwzNdO3Lm4ywrBpBZ5oLD0I6br9evr1Y9JTqwRtAh7JLoOzAQdVA==", + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-1.9.0.tgz", + "integrity": "sha512-xIp7/apCFJuUHdDLWe8O1HIkb0kQrOMb/0u6FXQjemHn/ii5LrIzU6bdECnsiTF/GjZkMEKg1xdiZwNqDYlZ6g==", + "license": "MIT", "dependencies": { "isarray": "0.0.1" } @@ -5718,39 +5725,31 @@ } }, "node_modules/router": { - "version": "1.3.8", - "resolved": "https://registry.npmjs.org/router/-/router-1.3.8.tgz", - "integrity": "sha512-461UFH44NtSfIlS83PUg2N7OZo86BC/kB3dY77gJdsODsBhhw7+2uE0tzTINxrY9CahCUVk1VhpWCA5i1yoIEg==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/router/-/router-2.0.0.tgz", + "integrity": "sha512-dIM5zVoG8xhC6rnSN8uoAgFARwTE7BQs8YwHEvK0VCmfxQXMaOuA1uiR1IPwsW7JyK5iTt7Od/TC9StasS2NPQ==", + "license": "MIT", "dependencies": { "array-flatten": "3.0.0", - "debug": "2.6.9", + "is-promise": "4.0.0", "methods": "~1.1.2", "parseurl": "~1.3.3", - "path-to-regexp": "0.1.7", + "path-to-regexp": "^8.0.0", "setprototypeof": "1.2.0", "utils-merge": "1.0.1" }, "engines": { - "node": ">= 0.8" - } - }, - "node_modules/router/node_modules/debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", - "dependencies": { - "ms": "2.0.0" + "node": ">= 0.10" } }, - "node_modules/router/node_modules/ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==" - }, "node_modules/router/node_modules/path-to-regexp": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", - "integrity": "sha512-5DFkuoqlv1uYQKxy8omFBeJPQcdoE07Kv2sferDCrAq1ohOU+MSDswDIbnx3YAM60qIOnYa53wBhXW0EbMonrQ==" + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-8.2.0.tgz", + "integrity": "sha512-TdrF7fW9Rphjq4RjrW0Kp2AW0Ahwu9sRGTkS6bvDi0SCwZlEZYmcfDbEsTz8RVk0EHIS/Vd1bv3JhG+1xZuAyQ==", + "license": "MIT", + "engines": { + "node": ">=16" + } }, "node_modules/run-parallel": { "version": "1.2.0", diff --git a/package.json b/package.json index a3c6abe..c5de796 100644 --- a/package.json +++ b/package.json @@ -66,8 +66,8 @@ "morgan": "^1.8.2", "on-finished": "^2.2.0", "on-headers": "^1.0.0", - "path-to-regexp": "^1.8.0", - "router": "^1.3.1", + "path-to-regexp": "^1.9.0", + "router": "^2.0.0", "update-notifier-cjs": "^5.1.6" }, "optionalDependencies": {