fix: Resolve all npm audit vulnerabilities (0 remaining)
- Upgrade bcrypt 5.x → 6.0.0 (resolves tar path traversal vulns) - Remove deprecated csurf package (already disabled, resolves cookie vuln) - Resolved validator, qs, jws, nodemailer, and other issues via npm audit fix Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
TheFlow
parent
e0a7bec99e
commit
218d29e51b
2 changed files with 170 additions and 592 deletions
759
package-lock.json
generated
759
package-lock.json
generated
File diff suppressed because it is too large
Load diff
|
|
@ -43,10 +43,9 @@
|
|||
"license": "Apache-2.0",
|
||||
"dependencies": {
|
||||
"axios": "^1.12.2",
|
||||
"bcrypt": "^5.1.1",
|
||||
"bcrypt": "^6.0.0",
|
||||
"cookie-parser": "^1.4.7",
|
||||
"cors": "^2.8.5",
|
||||
"csurf": "^1.11.0",
|
||||
"dotenv": "^16.3.1",
|
||||
"express": "^4.18.2",
|
||||
"express-rate-limit": "^7.5.1",
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue