From 5aa2eff152ff7253e0cb6a91f6991eb4559f257b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 20 Sep 2023 19:36:43 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-GRAPHQL-5905181 --- package-lock.json | 12 ++++++------ package.json | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/package-lock.json b/package-lock.json index c7d2f30..c883f1a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "clean-node-api", - "version": "3.2.0", + "version": "3.2.5", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "clean-node-api", - "version": "3.2.0", + "version": "3.2.5", "license": "GPL-3.0-or-later", "dependencies": { "@graphql-tools/schema": "^9.0.14", @@ -14,7 +14,7 @@ "apollo-server-express": "^3.11.1", "bcrypt": "^5.1.0", "express": "^4.18.2", - "graphql": "^16.6.0", + "graphql": "^16.8.1", "graphql-depth-limit": "^1.1.0", "graphql-scalars": "^1.20.1", "jsonwebtoken": "^9.0.0", @@ -7823,9 +7823,9 @@ "dev": true }, "node_modules/graphql": { - "version": "16.6.0", - "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.6.0.tgz", - "integrity": "sha512-KPIBPDlW7NxrbT/eh4qPXz5FiFdL5UbaA0XUNz2Rp3Z3hqBSkbj0GVjwFDztsWVauZUWsbKHgMg++sk8UX0bkw==", + "version": "16.8.1", + "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.8.1.tgz", + "integrity": "sha512-59LZHPdGZVh695Ud9lRzPBVTtlX9ZCV150Er2W43ro37wVof0ctenSaskPPjN7lVTIN8mSZt8PHUNKZuNQUuxw==", "engines": { "node": "^12.22.0 || ^14.16.0 || ^16.0.0 || >=17.0.0" } diff --git a/package.json b/package.json index c0eae6a..31f3391 100644 --- a/package.json +++ b/package.json @@ -75,7 +75,7 @@ "apollo-server-express": "^3.11.1", "bcrypt": "^5.1.0", "express": "^4.18.2", - "graphql": "^16.6.0", + "graphql": "^16.8.1", "graphql-depth-limit": "^1.1.0", "graphql-scalars": "^1.20.1", "jsonwebtoken": "^9.0.0",