[Snyk] Fix for 1 vulnerabilities

[UlisesGascon]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-QS-3153490	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: body-parser

The new version differs by 101 commits.

• 424dadd 1.19.2
• 11248a2 deps: [email protected]
• 7a088eb build: [email protected]
• ecedf31 build: [email protected]
• b6bfabd build: [email protected]
• badd6b2 build: fix code coverage aggregate upload
• 96b448a build: [email protected]
• 70560b1 build: [email protected]
• 548a06f build: [email protected]
• 3b00678 deps: [email protected]
• d5acb61 build: [email protected]
• 82c8a7c tests: add limit + inflate tests
• b356758 deps: [email protected]
• c631b58 build: [email protected]
• c81a8e2 build: [email protected]
• 3c4dcb8 build: [email protected]
• d0a214b 1.19.1
• fb172d4 build: [email protected]
• c5e63cb build: [email protected]
• c6d43bd build: [email protected]
• 313ed6d build: [email protected]
• 8389b51 deps: [email protected]
• aae94b2 deps: [email protected]
• 7f84d4f deps: [email protected]

See the full diff

Package name: express

The new version differs by 117 commits.

• 3d7fce5 4.17.3
• f906371 build: update example dependencies
• 6381bc6 deps: [email protected]
• a007863 deps: [email protected]
• e98f584 Revert "build: use [email protected] for Node.js < 4"
• a659137 tests: use strict mode
• a39e409 tests: prevent leaking changes to NODE_ENV
• 82de4de examples: fix path traversal in downloads example
• 12310c5 build: use nyc for test coverage
• 884657d examples: remove bitwise syntax for includes check
• 7511d08 build: use [email protected] for Node.js < 4
• 2585f20 tests: fix test missing assertion
• 9d09762 build: [email protected]
• 43cc56e build: clean up gitignore
• 1c7bbcc build: [email protected]
• 9cbbc8a deps: [email protected]
• 6fbc269 pref: remove unnecessary regexp for trust proxy
• 2bc734a deps: accepts@~1.3.8
• 89bb531 docs: fix typo in res.download jsdoc
• 744564f tests: add test for multiple ips in "trust proxy"
• da6cb0e tests: add range tests to res.download
• 00ad5be tests: add more tests for app.request & app.response
• 141914e tests: fix tests that did not bubble errors
• bd4fdfe tests: remove global dependency on should

See the full diff

Package name: qs

The new version differs by 84 commits.

• 4cd0032 v6.9.7
• e799ba5 [Fix] `parse`: ignore `__proto__` keys (#428)
• 02ca358 [Robustness] `stringify`: avoid relying on a global `undefined` (#427)
• 4a17709 [Fix] `stringify`: avoid encoding arrayformat comma when `encodeValuesOnly = true` (#424)
• c0e13e9 [readme] remove travis badge; add github actions/codecov badges; update URLs
• 4113a5f [Tests] clean up stringify tests slightly
• 749a584 [Docs] add note and links for coercing primitive values (#408)
• cce2082 [meta] fix README.md (#399)
• c44f0c5 Revert "[meta] ignore eclint transitive audit warning"
• e6cfd8b [actions] backport actions from main
• f399189 [Dev Deps] backport updates from main
• b522d2e v6.9.6
• 47d0b83 [Fix] restore `dist` dir; mistakenly removed in d4f6c32
• 179fafc v6.9.5
• d4f6c32 [meta] do not publish github action workflow files
• 66202e7 [Tests] `stringify`: add tests for #378
• da6d249 [Dev Deps] update `eslint`, `@ ljharb/eslint-config`, `aud`, `browserify`, `object-inspect`, `tape`
• 4e7a5a3 [Fix] `stringify`: do not encode parens for RFC1738
• 9c60d53 [Refactor] `format`: remove `util.assign` call
• 01aaffd [Tests] migrate tests to Github Actions
• fcb1ef1 [Tests] run `nyc` on all tests; use `tape` runner
• 049c9bb [meta] add "Allow Edits" workflow; update rebase workflow
• fddf182 [actions] switch Automatic Rebase workflow to `pull_request_target` event
• deada94 [Fix] `stringify`: fix arrayFormat comma with empty array/objects

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution