refactor: Fix for 2 vulnerabilities

[parseplatformorg]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	591/1000 Why? Recently disclosed, Has a fix available, CVSS 6.1	Open Redirect SNYK-JS-EXPRESS-6474509	No	No Known Exploit
	718/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.5	SQL Injection SNYK-JS-PGPROMISE-6501690	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: express

The new version differs by 13 commits.

• b28db2c 4.19.2
• 0b74695 Improved fix for open redirect allow list bypass
• 4f0f6cc 4.19.1
• a003cfa Allow passing non-strings to res.location with new encoding handling checks fixes (chore): Fix codecov #5554 Update nyc to the latest version 🚀 #5555
• a1fa90f fixed un-edited version in history.md for 4.19.0
• 11f2b1d build: fix build due to inconsistent supertest behavior in older versions
• 084e365 4.19.0
• 0867302 Prevent open redirect allow list bypass due to encodeurl
• 567c9c6 Add note on how to update docs for new release (Update winston-daily-rotate-file to the latest version 🚀 #5541)
• 69a4cf2 deps: cookie@0.6.0
• 4ee853e docs: loosen TC activity rules
• 414854b docs: nominating @ wesleytodd to be project captian
• 06c6b88 docs: update release date

See the full diff

Package name: pg-promise

The new version differs by 3 commits.

• 1a4dfe6 Fixing issue https://github.com/Vulnerability: SQL Injection via Line Comment Creation vitaly-t/pg-promise#911#discussion-6223443
• 79199d4 update the package
• 8f30428 Fix node-postgres.com/apis/... links (#911 support params option in Parse.Cloud.httpRequest #912)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Open Redirect
🦉 SQL Injection

[parse-github-assistant]

I will reformat the title to use the proper commit message syntax.

[parse-github-assistant]

Thanks for opening this pull request!

• ❌ Please link an issue that describes the reason for this pull request, otherwise your pull request will be closed. Make sure to write it as Closes: #123 in the PR description, so I can recognize it.