From 0ebd1b5822b2475fecc2e072f039b8210ec00eca Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 27 Mar 2024 19:43:25 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-PGPROMISE-6501690
---
 package-lock.json | 78 +++++++++++++++++++++++++++--------------------
 package.json      |  2 +-
 2 files changed, 46 insertions(+), 34 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index f3fc392..33937e4 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -18,7 +18,7 @@
         "lodash": "4.17.21",
         "morgan": "1.10.0",
         "pg-connection-string": "2.6.0",
-        "pg-promise": "11.5.0",
+        "pg-promise": "^11.5.5",
         "pug": "3.0.2",
         "stoppable": "1.1.0",
         "winston": "3.9.0"
@@ -4665,14 +4665,14 @@
       }
     },
     "node_modules/pg": {
-      "version": "8.11.0",
-      "resolved": "https://registry.npmjs.org/pg/-/pg-8.11.0.tgz",
-      "integrity": "sha512-meLUVPn2TWgJyLmy7el3fQQVwft4gU5NGyvV0XbD41iU9Jbg8lCH4zexhIkihDzVHJStlt6r088G6/fWeNjhXA==",
+      "version": "8.11.3",
+      "resolved": "https://registry.npmjs.org/pg/-/pg-8.11.3.tgz",
+      "integrity": "sha512-+9iuvG8QfaaUrrph+kpF24cXkH1YOOUeArRNYIxq1viYHZagBxrTno7cecY1Fa44tJeZvaoG+Djpkc3JwehN5g==",
       "dependencies": {
         "buffer-writer": "2.0.0",
         "packet-reader": "1.0.0",
-        "pg-connection-string": "^2.6.0",
-        "pg-pool": "^3.6.0",
+        "pg-connection-string": "^2.6.2",
+        "pg-pool": "^3.6.1",
         "pg-protocol": "^1.6.0",
         "pg-types": "^2.1.0",
         "pgpass": "1.x"
@@ -4681,7 +4681,7 @@
         "node": ">= 8.0.0"
       },
       "optionalDependencies": {
-        "pg-cloudflare": "^1.1.0"
+        "pg-cloudflare": "^1.1.1"
       },
       "peerDependencies": {
         "pg-native": ">=3.0.1"
@@ -4693,9 +4693,9 @@
       }
     },
     "node_modules/pg-cloudflare": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/pg-cloudflare/-/pg-cloudflare-1.1.0.tgz",
-      "integrity": "sha512-tGM8/s6frwuAIyRcJ6nWcIvd3+3NmUKIs6OjviIm1HPPFEt5MzQDOTBQyhPWg/m0kCl95M6gA1JaIXtS8KovOA==",
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/pg-cloudflare/-/pg-cloudflare-1.1.1.tgz",
+      "integrity": "sha512-xWPagP/4B6BgFO+EKz3JONXv3YDgvkbVrGw2mTo3D6tVDQRh1e7cqVGvyR3BE+eQgAvx1XhW/iEASj4/jCWl3Q==",
       "optional": true
     },
     "node_modules/pg-connection-string": {
@@ -4720,20 +4720,20 @@
       }
     },
     "node_modules/pg-pool": {
-      "version": "3.6.0",
-      "resolved": "https://registry.npmjs.org/pg-pool/-/pg-pool-3.6.0.tgz",
-      "integrity": "sha512-clFRf2ksqd+F497kWFyM21tMjeikn60oGDmqMT8UBrynEwVEX/5R5xd2sdvdo1cZCFlguORNpVuqxIj+aK4cfQ==",
+      "version": "3.6.1",
+      "resolved": "https://registry.npmjs.org/pg-pool/-/pg-pool-3.6.1.tgz",
+      "integrity": "sha512-jizsIzhkIitxCGfPRzJn1ZdcosIt3pz9Sh3V01fm1vZnbnCMgmGl5wvGGdNN2EL9Rmb0EcFoCkixH4Pu+sP9Og==",
       "peerDependencies": {
         "pg": ">=8.0"
       }
     },
     "node_modules/pg-promise": {
-      "version": "11.5.0",
-      "resolved": "https://registry.npmjs.org/pg-promise/-/pg-promise-11.5.0.tgz",
-      "integrity": "sha512-ZfhntV6Yoc3S0hQWOlEodk5fEmF9ADxKl0vNvBnZgzvLt73uY29wVaNBz2AZK2J0gVmm/zhO51RXPtI4MgKkSQ==",
+      "version": "11.5.5",
+      "resolved": "https://registry.npmjs.org/pg-promise/-/pg-promise-11.5.5.tgz",
+      "integrity": "sha512-DpJkDDH7rG0wUwFRRHimdV6DtG/UTK2SBEKC7KGFR6a5Zuqf9eGThR7dqIaHXnEBDZuWxUfWC5zMRqyk4EP7Lw==",
       "dependencies": {
         "assert-options": "0.8.1",
-        "pg": "8.11.0",
+        "pg": "8.11.3",
         "pg-minify": "1.6.3",
         "spex": "3.3.0"
       },
@@ -4761,6 +4761,11 @@
         "node": ">=4"
       }
     },
+    "node_modules/pg/node_modules/pg-connection-string": {
+      "version": "2.6.2",
+      "resolved": "https://registry.npmjs.org/pg-connection-string/-/pg-connection-string-2.6.2.tgz",
+      "integrity": "sha512-ch6OwaeaPYcova4kKZ15sbJ2hKb/VP48ZD2gE7i1J+L4MspCtBMAx8nMgz7bksc7IojCIIWuEhHibSMFH8m8oA=="
+    },
     "node_modules/pgpass": {
       "version": "1.0.5",
       "resolved": "https://registry.npmjs.org/pgpass/-/pgpass-1.0.5.tgz",
@@ -9889,24 +9894,31 @@
       "dev": true
     },
     "pg": {
-      "version": "8.11.0",
-      "resolved": "https://registry.npmjs.org/pg/-/pg-8.11.0.tgz",
-      "integrity": "sha512-meLUVPn2TWgJyLmy7el3fQQVwft4gU5NGyvV0XbD41iU9Jbg8lCH4zexhIkihDzVHJStlt6r088G6/fWeNjhXA==",
+      "version": "8.11.3",
+      "resolved": "https://registry.npmjs.org/pg/-/pg-8.11.3.tgz",
+      "integrity": "sha512-+9iuvG8QfaaUrrph+kpF24cXkH1YOOUeArRNYIxq1viYHZagBxrTno7cecY1Fa44tJeZvaoG+Djpkc3JwehN5g==",
       "requires": {
         "buffer-writer": "2.0.0",
         "packet-reader": "1.0.0",
-        "pg-cloudflare": "^1.1.0",
-        "pg-connection-string": "^2.6.0",
-        "pg-pool": "^3.6.0",
+        "pg-cloudflare": "^1.1.1",
+        "pg-connection-string": "^2.6.2",
+        "pg-pool": "^3.6.1",
         "pg-protocol": "^1.6.0",
         "pg-types": "^2.1.0",
         "pgpass": "1.x"
+      },
+      "dependencies": {
+        "pg-connection-string": {
+          "version": "2.6.2",
+          "resolved": "https://registry.npmjs.org/pg-connection-string/-/pg-connection-string-2.6.2.tgz",
+          "integrity": "sha512-ch6OwaeaPYcova4kKZ15sbJ2hKb/VP48ZD2gE7i1J+L4MspCtBMAx8nMgz7bksc7IojCIIWuEhHibSMFH8m8oA=="
+        }
       }
     },
     "pg-cloudflare": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/pg-cloudflare/-/pg-cloudflare-1.1.0.tgz",
-      "integrity": "sha512-tGM8/s6frwuAIyRcJ6nWcIvd3+3NmUKIs6OjviIm1HPPFEt5MzQDOTBQyhPWg/m0kCl95M6gA1JaIXtS8KovOA==",
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/pg-cloudflare/-/pg-cloudflare-1.1.1.tgz",
+      "integrity": "sha512-xWPagP/4B6BgFO+EKz3JONXv3YDgvkbVrGw2mTo3D6tVDQRh1e7cqVGvyR3BE+eQgAvx1XhW/iEASj4/jCWl3Q==",
       "optional": true
     },
     "pg-connection-string": {
@@ -9925,18 +9937,18 @@
       "integrity": "sha512-NoSsPqXxbkD8RIe+peQCqiea4QzXgosdTKY8p7PsbbGsh2F8TifDj/vJxfuR8qJwNYrijdSs7uf0tAe6WOyCsQ=="
     },
     "pg-pool": {
-      "version": "3.6.0",
-      "resolved": "https://registry.npmjs.org/pg-pool/-/pg-pool-3.6.0.tgz",
-      "integrity": "sha512-clFRf2ksqd+F497kWFyM21tMjeikn60oGDmqMT8UBrynEwVEX/5R5xd2sdvdo1cZCFlguORNpVuqxIj+aK4cfQ==",
+      "version": "3.6.1",
+      "resolved": "https://registry.npmjs.org/pg-pool/-/pg-pool-3.6.1.tgz",
+      "integrity": "sha512-jizsIzhkIitxCGfPRzJn1ZdcosIt3pz9Sh3V01fm1vZnbnCMgmGl5wvGGdNN2EL9Rmb0EcFoCkixH4Pu+sP9Og==",
       "requires": {}
     },
     "pg-promise": {
-      "version": "11.5.0",
-      "resolved": "https://registry.npmjs.org/pg-promise/-/pg-promise-11.5.0.tgz",
-      "integrity": "sha512-ZfhntV6Yoc3S0hQWOlEodk5fEmF9ADxKl0vNvBnZgzvLt73uY29wVaNBz2AZK2J0gVmm/zhO51RXPtI4MgKkSQ==",
+      "version": "11.5.5",
+      "resolved": "https://registry.npmjs.org/pg-promise/-/pg-promise-11.5.5.tgz",
+      "integrity": "sha512-DpJkDDH7rG0wUwFRRHimdV6DtG/UTK2SBEKC7KGFR6a5Zuqf9eGThR7dqIaHXnEBDZuWxUfWC5zMRqyk4EP7Lw==",
       "requires": {
         "assert-options": "0.8.1",
-        "pg": "8.11.0",
+        "pg": "8.11.3",
         "pg-minify": "1.6.3",
         "spex": "3.3.0"
       }
diff --git a/package.json b/package.json
index be6af8e..917be6e 100644
--- a/package.json
+++ b/package.json
@@ -31,7 +31,7 @@
     "lodash": "4.17.21",
     "morgan": "1.10.0",
     "pg-connection-string": "2.6.0",
-    "pg-promise": "11.5.0",
+    "pg-promise": "11.5.5",
     "pug": "3.0.2",
     "stoppable": "1.1.0",
     "winston": "3.9.0"