From 3d2144bb40b415f066c4019f93834628dded8c48 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 27 Nov 2023 14:03:08 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASHSET-1320032
---
 package-lock.json | 27 +++++++++++----------------
 package.json      |  2 +-
 2 files changed, 12 insertions(+), 17 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index bbe24d0..b2862aa 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -494,20 +494,20 @@
       }
     },
     "express-jwt": {
-      "version": "5.3.1",
-      "resolved": "https://registry.npmjs.org/express-jwt/-/express-jwt-5.3.1.tgz",
-      "integrity": "sha512-1C9RNq0wMp/JvsH/qZMlg3SIPvKu14YkZ4YYv7gJQ1Vq+Dv8LH9tLKenS5vMNth45gTlEUGx+ycp9IHIlaHP/g==",
+      "version": "6.1.1",
+      "resolved": "https://registry.npmjs.org/express-jwt/-/express-jwt-6.1.1.tgz",
+      "integrity": "sha512-m8gkY04v5jtiFZn6bYQINYX/DVXq1DVb5nIW7H8l87qJ4BBvtQKFRpxyRE31odct7OPfHdT+B8678zJHhlMrpw==",
       "requires": {
         "async": "^1.5.0",
-        "express-unless": "^0.3.0",
+        "express-unless": "^1.0.0",
         "jsonwebtoken": "^8.1.0",
-        "lodash.set": "^4.0.0"
+        "lodash": "^4.17.21"
       }
     },
     "express-unless": {
-      "version": "0.3.1",
-      "resolved": "https://registry.npmjs.org/express-unless/-/express-unless-0.3.1.tgz",
-      "integrity": "sha1-JVfBRudb65A+LSR/m1ugFFJpbiA="
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/express-unless/-/express-unless-1.0.0.tgz",
+      "integrity": "sha512-zXSSClWBPfcSYjg0hcQNompkFN/MxQQ53eyrzm9BYgik2ut2I7PxAf2foVqBRMYCwWaZx/aWodi+uk76npdSAw=="
     },
     "eyes": {
       "version": "0.1.8",
@@ -680,9 +680,9 @@
       "integrity": "sha512-l3hLhffs9zqoDe8zjmb/mAN4B8VT3L56EUvKNqLFVs9YlFA+zx7ke1DO8STAdDyYNkeSo1nKmjuvQeI12So8Xw=="
     },
     "lodash": {
-      "version": "4.17.10",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.10.tgz",
-      "integrity": "sha512-UejweD1pDoXu+AD825lWwp4ZGtSwgnpZxb3JDViD7StjQz+Nb/6l093lx4OQ0foGWNRoc19mWy7BzL+UAK2iVg=="
+      "version": "4.17.21",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
     },
     "lodash.assign": {
       "version": "4.2.0",
@@ -730,11 +730,6 @@
       "integrity": "sha1-feoh2MGNdwOifHBMFdO4SmfjOv8=",
       "dev": true
     },
-    "lodash.set": {
-      "version": "4.3.2",
-      "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz",
-      "integrity": "sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM="
-    },
     "loose-envify": {
       "version": "1.3.1",
       "resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.3.1.tgz",
diff --git a/package.json b/package.json
index 0f7dbd9..3b7087e 100644
--- a/package.json
+++ b/package.json
@@ -24,7 +24,7 @@
   "dependencies": {
     "body-parser": "^1.18.3",
     "express": "^4.16.3",
-    "express-jwt": "^5.3.1",
+    "express-jwt": "^6.1.1",
     "jsonwebtoken": "^8.0.0",
     "md5": "^2.2.1",
     "mongodb": "^2.2.30",