From 1e0c548b954c8d8d4c8b8cb13d5d19aded4f5bfa Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 12 Feb 2026 13:16:33 +0000 Subject: [PATCH] fix: openai-gpt-4.1/package.json & openai-gpt-4.1/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-QS-15268416 --- openai-gpt-4.1/package-lock.json | 49 +++++++++++++++++++++----------- openai-gpt-4.1/package.json | 2 +- 2 files changed, 33 insertions(+), 18 deletions(-) diff --git a/openai-gpt-4.1/package-lock.json b/openai-gpt-4.1/package-lock.json index e7480c1..d6b0882 100644 --- a/openai-gpt-4.1/package-lock.json +++ b/openai-gpt-4.1/package-lock.json @@ -13,7 +13,7 @@ "csurf": "^1.11.0", "dotenv": "^16.4.5", "ejs": "^3.1.9", - "express": "^4.19.2", + "express": "^4.22.0", "express-rate-limit": "^7.0.0", "express-session": "^1.17.3", "helmet": "^7.0.0", @@ -887,39 +887,39 @@ } }, "node_modules/express": { - "version": "4.21.2", - "resolved": "https://registry.npmjs.org/express/-/express-4.21.2.tgz", - "integrity": "sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==", + "version": "4.22.0", + "resolved": "https://registry.npmjs.org/express/-/express-4.22.0.tgz", + "integrity": "sha512-c2iPh3xp5vvCLgaHK03+mWLFPhox7j1LwyxcZwFVApEv5i0X+IjPpbT50SJJwwLpdBVfp45AkK/v+AFgv/XlfQ==", "license": "MIT", "dependencies": { "accepts": "~1.3.8", "array-flatten": "1.1.1", - "body-parser": "1.20.3", - "content-disposition": "0.5.4", + "body-parser": "~1.20.3", + "content-disposition": "~0.5.4", "content-type": "~1.0.4", - "cookie": "0.7.1", - "cookie-signature": "1.0.6", + "cookie": "~0.7.1", + "cookie-signature": "~1.0.6", "debug": "2.6.9", "depd": "2.0.0", "encodeurl": "~2.0.0", "escape-html": "~1.0.3", "etag": "~1.8.1", - "finalhandler": "1.3.1", - "fresh": "0.5.2", - "http-errors": "2.0.0", + "finalhandler": "~1.3.1", + "fresh": "~0.5.2", + "http-errors": "~2.0.0", "merge-descriptors": "1.0.3", "methods": "~1.1.2", - "on-finished": "2.4.1", + "on-finished": "~2.4.1", "parseurl": "~1.3.3", - "path-to-regexp": "0.1.12", + "path-to-regexp": "~0.1.12", "proxy-addr": "~2.0.7", - "qs": "6.13.0", + "qs": "~6.14.0", "range-parser": "~1.2.1", "safe-buffer": "5.2.1", - "send": "0.19.0", - "serve-static": "1.16.2", + "send": "~0.19.0", + "serve-static": "~1.16.2", "setprototypeof": "1.2.0", - "statuses": "2.0.1", + "statuses": "~2.0.1", "type-is": "~1.6.18", "utils-merge": "1.0.1", "vary": "~1.1.2" @@ -1006,6 +1006,21 @@ "node": ">= 0.8" } }, + "node_modules/express/node_modules/qs": { + "version": "6.14.2", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.2.tgz", + "integrity": "sha512-V/yCWTTF7VJ9hIh18Ugr2zhJMP01MY7c5kh4J870L7imm6/DIzBsNLTXzMwUA3yZ5b/KBqLx8Kp3uRvd7xSe3Q==", + "license": "BSD-3-Clause", + "dependencies": { + "side-channel": "^1.1.0" + }, + "engines": { + "node": ">=0.6" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/express/node_modules/toidentifier": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz", diff --git a/openai-gpt-4.1/package.json b/openai-gpt-4.1/package.json index 2045360..f5187c4 100644 --- a/openai-gpt-4.1/package.json +++ b/openai-gpt-4.1/package.json @@ -13,7 +13,7 @@ "csurf": "^1.11.0", "dotenv": "^16.4.5", "ejs": "^3.1.9", - "express": "^4.19.2", + "express": "^4.22.0", "express-rate-limit": "^7.0.0", "express-session": "^1.17.3", "helmet": "^7.0.0",