From 4b4b5caf674bfc5136a22dd20f68aae7e6d492dd Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 4 Nov 2025 10:19:03 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXTAUTH-13744118 --- package-lock.json | 12 ++++++------ package.json | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/package-lock.json b/package-lock.json index c4991801f..e02e43f6f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -32,7 +32,7 @@ "micromatch": "^4.0.8", "moderndash": "^4.0.0", "next": "^14.2.32", - "next-auth": "^4.24.9", + "next-auth": "^4.24.12", "next-i18next": "^13.3.0", "pino": "^10.1.0", "pino-pretty": "^10.3.1", @@ -11787,9 +11787,9 @@ } }, "node_modules/next-auth": { - "version": "4.24.11", - "resolved": "https://registry.npmjs.org/next-auth/-/next-auth-4.24.11.tgz", - "integrity": "sha512-pCFXzIDQX7xmHFs4KVH4luCjaCbuPRtZ9oBUjUhOk84mZ9WVPf94n87TxYI4rSRf9HmfHEF8Yep3JrYDVOo3Cw==", + "version": "4.24.12", + "resolved": "https://registry.npmjs.org/next-auth/-/next-auth-4.24.12.tgz", + "integrity": "sha512-wooJAL5Md9Fn2UwUI2qN9TY/+k8HJGRyi3TdSt/xHfDTtdpPxDqmo4v8hUrKGb+d66FB/rYy9RutA/9EeJrK0Q==", "license": "ISC", "dependencies": { "@babel/runtime": "^7.20.13", @@ -11804,8 +11804,8 @@ }, "peerDependencies": { "@auth/core": "0.34.2", - "next": "^12.2.5 || ^13 || ^14 || ^15", - "nodemailer": "^6.6.5", + "next": "^12.2.5 || ^13 || ^14 || ^15 || ^16", + "nodemailer": "^7.0.7", "react": "^17.0.2 || ^18 || ^19", "react-dom": "^17.0.2 || ^18 || ^19" }, diff --git a/package.json b/package.json index 063155d72..9a1c69347 100644 --- a/package.json +++ b/package.json @@ -47,7 +47,7 @@ "micromatch": "^4.0.8", "moderndash": "^4.0.0", "next": "^14.2.32", - "next-auth": "^4.24.9", + "next-auth": "^4.24.12", "next-i18next": "^13.3.0", "pino": "^10.1.0", "pino-pretty": "^10.3.1",