From 6bd4ca350868bc1a0a8cbfb9a9995e454b3bab84 Mon Sep 17 00:00:00 2001 From: Julian Krauser Date: Sat, 19 Jul 2025 11:05:58 +0200 Subject: [PATCH] package update and CVE close --- package-lock.json | 90 +++++++++++++++++++++++++++-------------------- package.json | 10 +++--- 2 files changed, 56 insertions(+), 44 deletions(-) diff --git a/package-lock.json b/package-lock.json index e07b212..47022fb 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,7 +13,7 @@ "crypto": "^1.0.1", "dotenv": "^17.2.0", "express": "^5.1.0", - "express-rate-limit": "^7.5.1", + "express-rate-limit": "^8.0.1", "express-validator": "^7.2.1", "handlebars": "^4.7.8", "helmet": "^8.1.0", @@ -23,14 +23,14 @@ "lodash.clonedeep": "^4.5.0", "lodash.uniqby": "^4.7.0", "moment": "^2.30.1", - "morgan": "^1.10.0", + "morgan": "^1.10.1", "ms": "^2.1.3", - "multer": "^2.0.1", + "multer": "^2.0.2", "node-schedule": "^2.1.1", "nodemailer": "^7.0.5", "pdf-lib": "^1.17.1", "pg": "^8.16.3", - "puppeteer": "^24.12.1", + "puppeteer": "^24.14.0", "qrcode": "^1.5.4", "reflect-metadata": "^0.2.2", "rss-parser": "^3.13.0", @@ -52,7 +52,7 @@ "@types/morgan": "^1.9.10", "@types/ms": "^2.1.0", "@types/multer": "^2.0.0", - "@types/node": "^24.0.13", + "@types/node": "^24.0.15", "@types/node-schedule": "^2.1.8", "@types/nodemailer": "^6.4.17", "@types/pg": "~8.15.4", @@ -744,9 +744,9 @@ } }, "node_modules/@puppeteer/browsers": { - "version": "2.10.5", - "resolved": "https://registry.npmjs.org/@puppeteer/browsers/-/browsers-2.10.5.tgz", - "integrity": "sha512-eifa0o+i8dERnngJwKrfp3dEq7ia5XFyoqB17S4gK8GhsQE4/P8nxOfQSE0zQHxzzLo/cmF+7+ywEQ7wK7Fb+w==", + "version": "2.10.6", + "resolved": "https://registry.npmjs.org/@puppeteer/browsers/-/browsers-2.10.6.tgz", + "integrity": "sha512-pHUn6ZRt39bP3698HFQlu2ZHCkS/lPcpv7fVQcGBSzNNygw171UXAKrCUhy+TEMw4lEttOKDgNpb04hwUAJeiQ==", "license": "Apache-2.0", "dependencies": { "debug": "^4.4.1", @@ -754,7 +754,7 @@ "progress": "^2.0.3", "proxy-agent": "^6.5.0", "semver": "^7.7.2", - "tar-fs": "^3.0.8", + "tar-fs": "^3.1.0", "yargs": "^17.7.2" }, "bin": { @@ -966,9 +966,9 @@ } }, "node_modules/@types/node": { - "version": "24.0.13", - "resolved": "https://registry.npmjs.org/@types/node/-/node-24.0.13.tgz", - "integrity": "sha512-Qm9OYVOFHFYg3wJoTSrz80hoec5Lia/dPp84do3X7dZvLikQvM1YpmvTBEdIr/e+U8HTkFjLHLnl78K/qjf+jQ==", + "version": "24.0.15", + "resolved": "https://registry.npmjs.org/@types/node/-/node-24.0.15.tgz", + "integrity": "sha512-oaeTSbCef7U/z7rDeJA138xpG3NuKc64/rZ2qmUFkFJmnMsAPaluIifqyWd8hSSMxyP9oie3dLAqYPblag9KgA==", "license": "MIT", "dependencies": { "undici-types": "~7.8.0" @@ -1686,9 +1686,9 @@ } }, "node_modules/chromium-bidi": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/chromium-bidi/-/chromium-bidi-5.1.0.tgz", - "integrity": "sha512-9MSRhWRVoRPDG0TgzkHrshFSJJNZzfY5UFqUMuksg7zL1yoZIZ3jLB0YAgHclbiAxPI86pBnwDX1tbzoiV8aFw==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/chromium-bidi/-/chromium-bidi-7.1.1.tgz", + "integrity": "sha512-L2BKQ0rSLADgbPMIdDh3wnYHs3EiUiMay2Sq0CTolheaADmWIf6Pe+T9LJRcnh5rcMz0U7MVk0cQVvKsGRMa1g==", "license": "Apache-2.0", "dependencies": { "mitt": "^3.0.1", @@ -2483,10 +2483,13 @@ } }, "node_modules/express-rate-limit": { - "version": "7.5.1", - "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.5.1.tgz", - "integrity": "sha512-7iN8iPMDzOMHPUYllBEsQdWVB6fPDMPqwjBaFrgr4Jgr/+okjvzAy+UHlYYL/Vs0OsOrMkwS6PJDkFlJwoxUnw==", + "version": "8.0.1", + "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-8.0.1.tgz", + "integrity": "sha512-aZVCnybn7TVmxO4BtlmnvX+nuz8qHW124KKJ8dumsBsmv5ZLxE0pYu7S2nwyRBGHHCAzdmnGyrc5U/rksSPO7Q==", "license": "MIT", + "dependencies": { + "ip-address": "10.0.1" + }, "engines": { "node": ">= 16" }, @@ -2497,6 +2500,15 @@ "express": ">= 4.11" } }, + "node_modules/express-rate-limit/node_modules/ip-address": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.0.1.tgz", + "integrity": "sha512-NWv9YLW4PoW2B7xtzaS3NCot75m6nK7Icdv0o3lfMceJVRfSoQwqD4wEH5rLwoKJwUiZ/rfpiVBhnaF0FK4HoA==", + "license": "MIT", + "engines": { + "node": ">= 12" + } + }, "node_modules/express-validator": { "version": "7.2.1", "resolved": "https://registry.npmjs.org/express-validator/-/express-validator-7.2.1.tgz", @@ -3673,16 +3685,16 @@ } }, "node_modules/morgan": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.0.tgz", - "integrity": "sha512-AbegBVI4sh6El+1gNwvD5YIck7nSA36weD7xvIxG4in80j/UoK8AEGaWnnz8v1GxonMCltmlNs5ZKbGvl9b1XQ==", + "version": "1.10.1", + "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.1.tgz", + "integrity": "sha512-223dMRJtI/l25dJKWpgij2cMtywuG/WiUKXdvwfbhGKBhy1puASqXwFzmWZ7+K73vUPoR7SS2Qz2cI/g9MKw0A==", "license": "MIT", "dependencies": { "basic-auth": "~2.0.1", "debug": "2.6.9", "depd": "~2.0.0", "on-finished": "~2.3.0", - "on-headers": "~1.0.2" + "on-headers": "~1.1.0" }, "engines": { "node": ">= 0.8.0" @@ -3722,9 +3734,9 @@ "license": "MIT" }, "node_modules/multer": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/multer/-/multer-2.0.1.tgz", - "integrity": "sha512-Ug8bXeTIUlxurg8xLTEskKShvcKDZALo1THEX5E41pYCD2sCVub5/kIRIGqWNoqV6szyLyQKV6mD4QUrWE5GCQ==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/multer/-/multer-2.0.2.tgz", + "integrity": "sha512-u7f2xaZ/UG8oLXHvtF/oWTRvT44p9ecwBBqTwgJVq0+4BW1g8OW01TyMEGWBHbyMOYVHXslaut7qEQ1meATXgw==", "license": "MIT", "dependencies": { "append-field": "^1.0.0", @@ -3972,9 +3984,9 @@ } }, "node_modules/on-headers": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz", - "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.1.0.tgz", + "integrity": "sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A==", "license": "MIT", "engines": { "node": ">= 0.8" @@ -4510,17 +4522,17 @@ } }, "node_modules/puppeteer": { - "version": "24.12.1", - "resolved": "https://registry.npmjs.org/puppeteer/-/puppeteer-24.12.1.tgz", - "integrity": "sha512-+vvwl+Xo4z5uXLLHG+XW8uXnUXQ62oY6KU6bEFZJvHWLutbmv5dw9A/jcMQ0fqpQdLydHmK0Uy7/9Ilj8ufwSQ==", + "version": "24.14.0", + "resolved": "https://registry.npmjs.org/puppeteer/-/puppeteer-24.14.0.tgz", + "integrity": "sha512-GB7suRDkp9pUnxpNGAORICQCtw11KFbg6U2iJXVTflzJLK5D1qzq8xOOmLgN/QnDBpDMdpn96ri52XkuN83Giw==", "hasInstallScript": true, "license": "Apache-2.0", "dependencies": { - "@puppeteer/browsers": "2.10.5", - "chromium-bidi": "5.1.0", + "@puppeteer/browsers": "2.10.6", + "chromium-bidi": "7.1.1", "cosmiconfig": "^9.0.0", "devtools-protocol": "0.0.1464554", - "puppeteer-core": "24.12.1", + "puppeteer-core": "24.14.0", "typed-query-selector": "^2.12.0" }, "bin": { @@ -4531,13 +4543,13 @@ } }, "node_modules/puppeteer-core": { - "version": "24.12.1", - "resolved": "https://registry.npmjs.org/puppeteer-core/-/puppeteer-core-24.12.1.tgz", - "integrity": "sha512-8odp6d3ERKBa3BAVaYWXn95UxQv3sxvP1reD+xZamaX6ed8nCykhwlOiHSaHR9t/MtmIB+rJmNencI6Zy4Gxvg==", + "version": "24.14.0", + "resolved": "https://registry.npmjs.org/puppeteer-core/-/puppeteer-core-24.14.0.tgz", + "integrity": "sha512-NO9XpCl+i8oB0zJp81iPhzMo2QK8/JTj4ramSvTpGCo9CPCNo4AZ8qVOGpSgXzlcOfOT3VHOkzTfPo08GOE5jA==", "license": "Apache-2.0", "dependencies": { - "@puppeteer/browsers": "2.10.5", - "chromium-bidi": "5.1.0", + "@puppeteer/browsers": "2.10.6", + "chromium-bidi": "7.1.1", "debug": "^4.4.1", "devtools-protocol": "0.0.1464554", "typed-query-selector": "^2.12.0", diff --git a/package.json b/package.json index 0500825..32150b3 100644 --- a/package.json +++ b/package.json @@ -29,7 +29,7 @@ "crypto": "^1.0.1", "dotenv": "^17.2.0", "express": "^5.1.0", - "express-rate-limit": "^7.5.1", + "express-rate-limit": "^8.0.1", "express-validator": "^7.2.1", "handlebars": "^4.7.8", "helmet": "^8.1.0", @@ -39,14 +39,14 @@ "lodash.clonedeep": "^4.5.0", "lodash.uniqby": "^4.7.0", "moment": "^2.30.1", - "morgan": "^1.10.0", + "morgan": "^1.10.1", "ms": "^2.1.3", - "multer": "^2.0.1", + "multer": "^2.0.2", "node-schedule": "^2.1.1", "nodemailer": "^7.0.5", "pdf-lib": "^1.17.1", "pg": "^8.16.3", - "puppeteer": "^24.12.1", + "puppeteer": "^24.14.0", "qrcode": "^1.5.4", "reflect-metadata": "^0.2.2", "rss-parser": "^3.13.0", @@ -68,7 +68,7 @@ "@types/morgan": "^1.9.10", "@types/ms": "^2.1.0", "@types/multer": "^2.0.0", - "@types/node": "^24.0.13", + "@types/node": "^24.0.15", "@types/node-schedule": "^2.1.8", "@types/nodemailer": "^6.4.17", "@types/pg": "~8.15.4",