fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-COOKIE-8163060
2025-10-29 16:30:13 +00:00 · 2024-10-08 02:50:51 +00:00
parent cf79aa8923
commit ec5bfcc4b8
2 changed files with 7 additions and 2 deletions
--- a/package.json
+++ b/package.json
@@ -11,7 +11,7 @@
  },
  "dependencies": {
    "@elastic/ecs-winston-format": "^1.3.1",
-    "cookie": "^0.5.0",
+    "cookie": "^0.7.0",
    "express": "^4.18.2",
    "express-http-context": "^1.2.4",
    "pg": "^8.8.0",
--- a/yarn.lock
+++ b/yarn.lock
@@ -1485,11 +1485,16 @@ cookie-signature@1.0.6:
  resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c"
  integrity sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==
-cookie@0.5.0, cookie@^0.5.0:
+cookie@0.5.0:
  version "0.5.0"
  resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.5.0.tgz#d1f5d71adec6558c58f389987c366aa47e994f8b"
  integrity sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==
 cookie@^0.7.0:
  version "0.7.2"
  resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.7.2.tgz#556369c472a2ba910f2979891b526b3436237ed7"
  integrity sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==
 core-js-compat@^3.25.1:
  version "3.26.1"
  resolved "https://registry.yarnpkg.com/core-js-compat/-/core-js-compat-3.26.1.tgz#0e710b09ebf689d719545ac36e49041850f943df"