From 6b66bcec90966c9b3e1e78331d2626d4bc3e00ef Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 18 Mar 2026 13:06:01 +0000 Subject: [PATCH 1/2] fix: client/package.json & client/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-15252993 - https://snyk.io/vuln/SNYK-JS-REACTROUTER-14908286 --- client/package-lock.json | 34 +++++++++++++++++----------------- client/package.json | 4 ++-- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/client/package-lock.json b/client/package-lock.json index 69194a6..5d80429 100644 --- a/client/package-lock.json +++ b/client/package-lock.json @@ -16,10 +16,10 @@ "@testing-library/jest-dom": "^6.6.3", "@testing-library/react": "^16.3.0", "@testing-library/user-event": "^13.5.0", - "axios": "^1.12.0", + "axios": "^1.13.5", "react": "^19.1.0", "react-dom": "^19.1.0", - "react-router-dom": "^7.9.0", + "react-router-dom": "^7.9.6", "react-scripts": "5.0.1", "web-vitals": "^2.1.4" } @@ -5344,13 +5344,13 @@ } }, "node_modules/axios": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.12.0.tgz", - "integrity": "sha512-oXTDccv8PcfjZmPGlWsPSwtOJCZ/b6W5jAMCNcfwJbCzDckwG0jrYJFaWH1yvivfCXjVzV/SPDEhMB3Q+DSurg==", + "version": "1.13.5", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.5.tgz", + "integrity": "sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==", "license": "MIT", "dependencies": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.4", + "follow-redirects": "^1.15.11", + "form-data": "^4.0.5", "proxy-from-env": "^1.1.0" } }, @@ -8700,9 +8700,9 @@ "license": "ISC" }, "node_modules/follow-redirects": { - "version": "1.15.9", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.9.tgz", - "integrity": "sha512-gew4GsXizNgdoRyqmyfMHyAmXsZDk6mHkSxZFCzW9gwlbtOW44CDtYavM+y+72qD/Vq2l550kMF52DT8fOLJqQ==", + "version": "1.15.11", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.11.tgz", + "integrity": "sha512-deG2P0JfjrTxl50XGCDyfI97ZGVCxIpfKYmfyrQ54n5FO/0gfIES8C/Psl6kWVDolizcaaxZJnTS0QSMxvnsBQ==", "funding": [ { "type": "individual", @@ -14461,9 +14461,9 @@ } }, "node_modules/react-router": { - "version": "7.9.0", - "resolved": "https://registry.npmjs.org/react-router/-/react-router-7.9.0.tgz", - "integrity": "sha512-gmmc2UNj8oS8Z2JGpfAmhLv+j5O9Xciv2HAGZN0rV//ycoe1E40xN3ovqLZD7PsMDkoJvsbASE8TjAY+Xm7DKQ==", + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/react-router/-/react-router-7.9.6.tgz", + "integrity": "sha512-Y1tUp8clYRXpfPITyuifmSoE2vncSME18uVLgaqyxh9H35JWpIfzHo+9y3Fzh5odk/jxPW29IgLgzcdwxGqyNA==", "license": "MIT", "dependencies": { "cookie": "^1.0.1", @@ -14483,12 +14483,12 @@ } }, "node_modules/react-router-dom": { - "version": "7.9.0", - "resolved": "https://registry.npmjs.org/react-router-dom/-/react-router-dom-7.9.0.tgz", - "integrity": "sha512-IEGU2Dzwmh9KVtjiwi0g/JjaStaOjrslI9aU7BhKhEpKYHnfpS7euvNi+b4uWXQaj45/dh0zsqjCmq0x6GYmRA==", + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/react-router-dom/-/react-router-dom-7.9.6.tgz", + "integrity": "sha512-2MkC2XSXq6HjGcihnx1s0DBWQETI4mlis4Ux7YTLvP67xnGxCvq+BcCQSO81qQHVUTM1V53tl4iVVaY5sReCOA==", "license": "MIT", "dependencies": { - "react-router": "7.9.0" + "react-router": "7.9.6" }, "engines": { "node": ">=20.0.0" diff --git a/client/package.json b/client/package.json index dc0ba27..878c79a 100644 --- a/client/package.json +++ b/client/package.json @@ -11,10 +11,10 @@ "@testing-library/jest-dom": "^6.6.3", "@testing-library/react": "^16.3.0", "@testing-library/user-event": "^13.5.0", - "axios": "^1.12.0", + "axios": "^1.13.5", "react": "^19.1.0", "react-dom": "^19.1.0", - "react-router-dom": "^7.9.0", + "react-router-dom": "^7.9.6", "react-scripts": "5.0.1", "web-vitals": "^2.1.4" }, From 17bdc2c82327286919c8be3e5a4092df660033c6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 18 Mar 2026 13:19:18 +0000 Subject: [PATCH 2/2] fix: client/package.json & client/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-15252993 - https://snyk.io/vuln/SNYK-JS-REACTROUTER-14908286