From d1a775f869c47e2de94520a1bb45d8abbb1bec64 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 21 Nov 2023 16:55:24 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXTAUTH-6069933 --- package-lock.json | 11 +++++------ package.json | 2 +- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/package-lock.json b/package-lock.json index e79b969..e286737 100644 --- a/package-lock.json +++ b/package-lock.json @@ -50,7 +50,7 @@ "lucide-react": "^0.221.0", "nanoid": "^4.0.2", "next": "13.4.4", - "next-auth": "^4.22.1", + "next-auth": "^4.24.5", "postcss": "8.4.23", "prettier": "^3.0.0", "prisma": "^4.14.1", @@ -5058,10 +5058,9 @@ } }, "node_modules/next-auth": { - "version": "4.22.1", - "resolved": "https://registry.npmjs.org/next-auth/-/next-auth-4.22.1.tgz", - "integrity": "sha512-NTR3f6W7/AWXKw8GSsgSyQcDW6jkslZLH8AiZa5PQ09w1kR8uHtR9rez/E9gAq/o17+p0JYHE8QjF3RoniiObA==", - "license": "ISC", + "version": "4.24.5", + "resolved": "https://registry.npmjs.org/next-auth/-/next-auth-4.24.5.tgz", + "integrity": "sha512-3RafV3XbfIKk6rF6GlLE4/KxjTcuMCifqrmD+98ejFq73SRoj2rmzoca8u764977lH/Q7jo6Xu6yM+Re1Mz/Og==", "dependencies": { "@babel/runtime": "^7.20.13", "@panva/hkdf": "^1.0.2", @@ -5074,7 +5073,7 @@ "uuid": "^8.3.2" }, "peerDependencies": { - "next": "^12.2.5 || ^13", + "next": "^12.2.5 || ^13 || ^14", "nodemailer": "^6.6.5", "react": "^17.0.2 || ^18", "react-dom": "^17.0.2 || ^18" diff --git a/package.json b/package.json index 43ce148..ee35cd5 100644 --- a/package.json +++ b/package.json @@ -51,7 +51,7 @@ "lucide-react": "^0.221.0", "nanoid": "^4.0.2", "next": "13.4.4", - "next-auth": "^4.22.1", + "next-auth": "^4.24.5", "postcss": "8.4.23", "prettier": "^3.0.0", "prisma": "^4.14.1",