From 0d1e2cf886490aa1acb4d41f4acb063e77679857 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 30 Sep 2024 09:42:21 +0000 Subject: [PATCH] fix: upgrade express-jwt from 0.1.3 to 0.6.2 Snyk has created this PR to upgrade express-jwt from 0.1.3 to 0.6.2. See this package in npm: express-jwt See this project in Snyk: https://app.snyk.io/org/tahmid198/project/d9ed7e2e-9695-4bcf-8374-96563933fd42?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 102 +++++++++++++++++++++++----------------------- package.json | 2 +- 2 files changed, 52 insertions(+), 52 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0fd78c597b4..0a5c5b65c1c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5,6 +5,7 @@ "requires": true, "packages": { "": { + "name": "juice-shop", "version": "12.3.0", "cpu": [ "x64", @@ -35,7 +36,7 @@ "download": "^8.0.0", "errorhandler": "^1.5.1", "express": "^4.17.1", - "express-jwt": "0.1.3", + "express-jwt": "^0.6.2", "express-rate-limit": "^5.1.3", "express-robots-txt": "^0.4.1", "express-security.txt": "^2.0.0", @@ -6880,32 +6881,25 @@ } }, "node_modules/express-jwt": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/express-jwt/-/express-jwt-0.1.3.tgz", - "integrity": "sha1-fHgiH4udchBq/1VqiluOhS1BsS8=", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/express-jwt/-/express-jwt-0.6.2.tgz", + "integrity": "sha512-2HIC3/ABU1l4B8Oj5Td4sxVuioWG9sOpQKH+4JkShyfNb0zYzfYeeq4ZlsYCfNwWwCzZSTwX6/tkAHLedZTmww==", "dependencies": { - "jsonwebtoken": "~0.1.0" + "express-unless": "0.0.0", + "jsonwebtoken": "~1.2.0" }, "engines": { "node": ">= 0.4.0" } }, "node_modules/express-jwt/node_modules/jsonwebtoken": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-0.1.0.tgz", - "integrity": "sha1-UFYoSSCS/jXQi2APpnaM0GcRqqI=", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-1.2.0.tgz", + "integrity": "sha512-1yaHA62SA/nh4JIZnIwVZfrY3HkBhKv/gxiHAypnB3SI5LvEkTozG0uUSb2u4qdbij7bM2h57mGUGqscXDSf3A==", "deprecated": "Critical vulnerability fix in v5.0.0. See https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", + "license": "MIT", "dependencies": { - "jws": "~0.2.2", - "moment": "~2.0.0" - } - }, - "node_modules/express-jwt/node_modules/moment": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.0.0.tgz", - "integrity": "sha1-K7xbRMMhg3aTq278rb1G7ZRiEf4=", - "engines": { - "node": "*" + "jws": "~0.2.6" } }, "node_modules/express-rate-limit": { @@ -6926,6 +6920,11 @@ "resolved": "https://registry.npmjs.org/express-security.txt/-/express-security.txt-2.0.0.tgz", "integrity": "sha512-DwjS7MssPbqTFddZfTqNqyfsq6AUP1A/BytamSeoL0Ai7/alHYsAgxE4zhvoPt6MjoroXkSqq1gStQqxsiaF7A==" }, + "node_modules/express-unless": { + "version": "0.0.0", + "resolved": "https://registry.npmjs.org/express-unless/-/express-unless-0.0.0.tgz", + "integrity": "sha512-JDbC+epHXULwJ1GgCqL3qo/L5ElbhHGWBgEtbbJbF9ZqZLhXqDh70aPj8jmC+MT1ilhhM43AN3BCJKERlKTyTg==" + }, "node_modules/express/node_modules/safe-buffer": { "version": "5.2.1", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", @@ -18514,11 +18513,6 @@ "resolved": "https://registry.npmjs.org/tiny-inflate/-/tiny-inflate-1.0.3.tgz", "integrity": "sha512-pkY1fj1cKHb2seWDy0B16HeWyczlJA9/WW3u3c4z/NiWDsO3DOU5D7nhTLE9CF0yXv/QZFY7sEJmj24dK+Rrqw==" }, - "node_modules/tinymce": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/tinymce/-/tinymce-4.1.2.tgz", - "integrity": "sha1-OxjkIaFgTkCgHUcizRvEBR4pWCo=" - }, "node_modules/tmp": { "version": "0.0.30", "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.0.30.tgz", @@ -21871,7 +21865,8 @@ "version": "5.3.2", "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", "integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==", - "dev": true + "dev": true, + "requires": {} }, "acorn-node": { "version": "1.8.2", @@ -24333,7 +24328,8 @@ "ws": { "version": "7.4.6", "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz", - "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A==" + "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A==", + "requires": {} } } }, @@ -24366,7 +24362,8 @@ "ws": { "version": "7.4.6", "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz", - "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A==" + "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A==", + "requires": {} } } }, @@ -24723,13 +24720,15 @@ "version": "14.1.1", "resolved": "https://registry.npmjs.org/eslint-config-standard/-/eslint-config-standard-14.1.1.tgz", "integrity": "sha512-Z9B+VR+JIXRxz21udPTL9HpFMyoMUEeX1G251EQ6e05WD9aPVtVBn09XUmZ259wCMlCDmYDSZG62Hhm+ZTJcUg==", - "dev": true + "dev": true, + "requires": {} }, "eslint-config-standard-jsx": { "version": "8.1.0", "resolved": "https://registry.npmjs.org/eslint-config-standard-jsx/-/eslint-config-standard-jsx-8.1.0.tgz", "integrity": "sha512-ULVC8qH8qCqbU792ZOO6DaiaZyHNS/5CZt3hKqHkEhVlhPEPN3nfBqqxJCyp59XrjIBZPu1chMYe9T2DXZ7TMw==", - "dev": true + "dev": true, + "requires": {} }, "eslint-import-resolver-node": { "version": "0.3.6", @@ -25052,7 +25051,8 @@ "version": "4.0.2", "resolved": "https://registry.npmjs.org/eslint-plugin-standard/-/eslint-plugin-standard-4.0.2.tgz", "integrity": "sha512-nKptN8l7jksXkwFk++PhJB3cCDTcXOEyhISIN86Ue2feJ1LFyY3PrY3/xT2keXlJSY5bpmbiTG0f885/YKAvTA==", - "dev": true + "dev": true, + "requires": {} }, "eslint-scope": { "version": "5.1.1", @@ -25401,26 +25401,21 @@ } }, "express-jwt": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/express-jwt/-/express-jwt-0.1.3.tgz", - "integrity": "sha1-fHgiH4udchBq/1VqiluOhS1BsS8=", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/express-jwt/-/express-jwt-0.6.2.tgz", + "integrity": "sha512-2HIC3/ABU1l4B8Oj5Td4sxVuioWG9sOpQKH+4JkShyfNb0zYzfYeeq4ZlsYCfNwWwCzZSTwX6/tkAHLedZTmww==", "requires": { - "jsonwebtoken": "~0.1.0" + "express-unless": "0.0.0", + "jsonwebtoken": "~1.2.0" }, "dependencies": { "jsonwebtoken": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-0.1.0.tgz", - "integrity": "sha1-UFYoSSCS/jXQi2APpnaM0GcRqqI=", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-1.2.0.tgz", + "integrity": "sha512-1yaHA62SA/nh4JIZnIwVZfrY3HkBhKv/gxiHAypnB3SI5LvEkTozG0uUSb2u4qdbij7bM2h57mGUGqscXDSf3A==", "requires": { - "jws": "~0.2.2", - "moment": "~2.0.0" + "jws": "~0.2.6" } - }, - "moment": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.0.0.tgz", - "integrity": "sha1-K7xbRMMhg3aTq278rb1G7ZRiEf4=" } } }, @@ -25432,13 +25427,19 @@ "express-robots-txt": { "version": "0.4.1", "resolved": "https://registry.npmjs.org/express-robots-txt/-/express-robots-txt-0.4.1.tgz", - "integrity": "sha512-qVffRP/YmwZEISWB/gAGfJ+Y85sUKcjGXtryCOZFRyKOvF2b/JaG2xpPKVT9NeNOMZYvNq000qHp/oBtLYgTnQ==" + "integrity": "sha512-qVffRP/YmwZEISWB/gAGfJ+Y85sUKcjGXtryCOZFRyKOvF2b/JaG2xpPKVT9NeNOMZYvNq000qHp/oBtLYgTnQ==", + "requires": {} }, "express-security.txt": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/express-security.txt/-/express-security.txt-2.0.0.tgz", "integrity": "sha512-DwjS7MssPbqTFddZfTqNqyfsq6AUP1A/BytamSeoL0Ai7/alHYsAgxE4zhvoPt6MjoroXkSqq1gStQqxsiaF7A==" }, + "express-unless": { + "version": "0.0.0", + "resolved": "https://registry.npmjs.org/express-unless/-/express-unless-0.0.0.tgz", + "integrity": "sha512-JDbC+epHXULwJ1GgCqL3qo/L5ElbhHGWBgEtbbJbF9ZqZLhXqDh70aPj8jmC+MT1ilhhM43AN3BCJKERlKTyTg==" + }, "ext": { "version": "1.6.0", "resolved": "https://registry.npmjs.org/ext/-/ext-1.6.0.tgz", @@ -28521,7 +28522,8 @@ "version": "1.2.2", "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.2.tgz", "integrity": "sha512-olV41bKSMm8BdnuMsewT4jqlZ8+3TCARAXjZGT9jcoSnrfUnRCqnMoF9XEeoWjbzObpqF9dRhHQj0Xb9QdF6/w==", - "dev": true + "dev": true, + "requires": {} }, "jest-regex-util": { "version": "26.0.0", @@ -33294,7 +33296,8 @@ "version": "3.7.0", "resolved": "https://registry.npmjs.org/sinon-chai/-/sinon-chai-3.7.0.tgz", "integrity": "sha512-mf5NURdUaSdnatJx3uhoBOrY9dtL19fiOtAdT1Azxg3+lNJFiuN0uzaU3xX1LeAfL17kHQhTAJgpsfhbMJMY2g==", - "dev": true + "dev": true, + "requires": {} }, "sisteransi": { "version": "1.0.5", @@ -34445,10 +34448,6 @@ "resolved": "https://registry.npmjs.org/tiny-inflate/-/tiny-inflate-1.0.3.tgz", "integrity": "sha512-pkY1fj1cKHb2seWDy0B16HeWyczlJA9/WW3u3c4z/NiWDsO3DOU5D7nhTLE9CF0yXv/QZFY7sEJmj24dK+Rrqw==" }, - "tinymce": { - "version": "https://registry.npmjs.org/tinymce/-/tinymce-4.1.2.tgz", - "integrity": "sha1-OxjkIaFgTkCgHUcizRvEBR4pWCo=" - }, "tmp": { "version": "0.0.30", "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.0.30.tgz", @@ -35382,7 +35381,8 @@ "version": "7.5.6", "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.6.tgz", "integrity": "sha512-6GLgCqo2cy2A2rjCNFlxQS6ZljG/coZfZXclldI8FB/1G3CCI36Zd8xy2HrFVACi8tfk5XrgLQEk+P0Tnz9UcA==", - "dev": true + "dev": true, + "requires": {} }, "xml-name-validator": { "version": "3.0.0", diff --git a/package.json b/package.json index 029ec852fe4..2b9299b7e07 100644 --- a/package.json +++ b/package.json @@ -110,7 +110,7 @@ "download": "^8.0.0", "errorhandler": "^1.5.1", "express": "^4.17.1", - "express-jwt": "0.1.3", + "express-jwt": "0.6.2", "express-rate-limit": "^5.1.3", "express-robots-txt": "^0.4.1", "express-security.txt": "^2.0.0",