From 4fa7f20fda44b0f62fc585699a33246289fc228e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 15 Nov 2025 07:45:35 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-CLOUDINARY-10495740 --- package-lock.json | 36 ++++++++++++------------------------ package.json | 2 +- 2 files changed, 13 insertions(+), 25 deletions(-) diff --git a/package-lock.json b/package-lock.json index 851987e..32b56ac 100644 --- a/package-lock.json +++ b/package-lock.json @@ -340,21 +340,14 @@ } }, "cloudinary": { - "version": "1.23.0", - "resolved": "https://registry.npmjs.org/cloudinary/-/cloudinary-1.23.0.tgz", - "integrity": "sha512-akOxzroonvwWkuSVq7BI50nYpZPRXc5DbQIYETCVeKX9ZoToH2Gvc3MdUH63UtKiszuGYE51q2B+jQsJkBp2AQ==", + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/cloudinary/-/cloudinary-2.7.0.tgz", + "integrity": "sha512-qrqDn31+qkMCzKu1GfRpzPNAO86jchcNwEHCUiqvPHNSFqu7FTNF9FuAkBUyvM1CFFgFPu64NT0DyeREwLwK0w==", "requires": { - "cloudinary-core": "^2.10.2", - "core-js": "3.6.5", - "lodash": "^4.17.11", + "lodash": "^4.17.21", "q": "^1.5.1" } }, - "cloudinary-core": { - "version": "2.11.2", - "resolved": "https://registry.npmjs.org/cloudinary-core/-/cloudinary-core-2.11.2.tgz", - "integrity": "sha512-Dl545+AzPRGjx58cXB9gznXtA1dol0pmDqTxHos1hRcdbUcpUcuVzPkBnJjNO3F4K6BfZ5kSda9kzD+Qu7Yhgg==" - }, "color-convert": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", @@ -420,11 +413,6 @@ "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz", "integrity": "sha1-4wOogrNCzD7oylE6eZmXNNqzriw=" }, - "core-js": { - "version": "3.6.5", - "resolved": "https://registry.npmjs.org/core-js/-/core-js-3.6.5.tgz", - "integrity": "sha512-vZVEEwZoIsI+vPEuoF9Iqf5H7/M3eeQqWlQnYa8FSKKePuYTf5MWnxb5SDAzCa60b3JBRS5g9b+Dq7b1y/RCrA==" - }, "core-util-is": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", @@ -1514,6 +1502,14 @@ "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-0.1.2.tgz", "integrity": "sha1-gIudDlb8Jz2Am6VzOOkpkZoanxo=" }, + "string_decoder": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", + "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", + "requires": { + "safe-buffer": "~5.1.0" + } + }, "string-width": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.0.tgz", @@ -1549,14 +1545,6 @@ } } }, - "string_decoder": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", - "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", - "requires": { - "safe-buffer": "~5.1.0" - } - }, "strip-ansi": { "version": "5.2.0", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", diff --git a/package.json b/package.json index 3878d91..8afdc74 100644 --- a/package.json +++ b/package.json @@ -10,7 +10,7 @@ "author": "Piyush Anand", "license": "ISC", "dependencies": { - "cloudinary": "^1.23.0", + "cloudinary": "^2.7.0", "express": "^4.17.1", "express-session": "^1.17.1", "hbs": "^4.1.2",