From bd476af12b3229fd602864af695d4b9f9c52b5cf Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 30 Jul 2020 18:31:18 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-EXPRESSFILEUPLOAD-595969
---
 package-lock.json | 59 +++++++++++------------------------------------
 package.json      |  2 +-
 2 files changed, 14 insertions(+), 47 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 3acd1672de..f69c69ed89 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1117,14 +1117,6 @@
         "xdg-basedir": "^3.0.0"
       }
     },
-    "connect-busboy": {
-      "version": "0.0.2",
-      "resolved": "https://registry.npmjs.org/connect-busboy/-/connect-busboy-0.0.2.tgz",
-      "integrity": "sha1-rFyclmchcYheV2xmsr/ZXTuxEJc=",
-      "requires": {
-        "busboy": "*"
-      }
-    },
     "console-browserify": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/console-browserify/-/console-browserify-1.1.0.tgz",
@@ -1894,13 +1886,11 @@
       }
     },
     "express-fileupload": {
-      "version": "0.0.5",
-      "resolved": "https://registry.npmjs.org/express-fileupload/-/express-fileupload-0.0.5.tgz",
-      "integrity": "sha1-QzpxJSWvqYtMkxYlIui/ecaNguc=",
+      "version": "1.1.8",
+      "resolved": "https://registry.npmjs.org/express-fileupload/-/express-fileupload-1.1.8.tgz",
+      "integrity": "sha512-5FY1of8hxuI6HfmceDKc2Y6vg3EuXAlLz0Jw/BUglzrm7nKRuvjN6Y8ZgBfRp+1t5YkGAX7TEb5a5AmG5RqDcA==",
       "requires": {
-        "connect-busboy": "0.0.2",
-        "fs-extra": "^0.22.1",
-        "streamifier": "^0.1.1"
+        "busboy": "^0.3.1"
       }
     },
     "extend": {
@@ -2078,16 +2068,6 @@
       "resolved": "https://registry.npmjs.org/fs-exists-cached/-/fs-exists-cached-1.0.0.tgz",
       "integrity": "sha1-zyVVTKBQ3EmuZla0HeQiWJidy84="
     },
-    "fs-extra": {
-      "version": "0.22.1",
-      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-0.22.1.tgz",
-      "integrity": "sha1-X9b4BJ3JdsoZ6yNV1lgXPKvM4FY=",
-      "requires": {
-        "graceful-fs": "^4.1.2",
-        "jsonfile": "^2.1.0",
-        "rimraf": "^2.2.8"
-      }
-    },
     "fs.realpath": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz",
@@ -2863,14 +2843,6 @@
       "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz",
       "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus="
     },
-    "jsonfile": {
-      "version": "2.4.0",
-      "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-2.4.0.tgz",
-      "integrity": "sha1-NzaitCi4e72gzIO1P6PWM6NcKug=",
-      "requires": {
-        "graceful-fs": "^4.1.6"
-      }
-    },
     "jsonify": {
       "version": "0.0.0",
       "resolved": "https://registry.npmjs.org/jsonify/-/jsonify-0.0.0.tgz",
@@ -3390,15 +3362,15 @@
       }
     },
     "morgan": {
-      "version": "1.9.1",
-      "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.9.1.tgz",
-      "integrity": "sha512-HQStPIV4y3afTiCYVxirakhlCfGkI161c76kKFca7Fk1JusM//Qeo1ej2XaMniiNeaZklMVrh3vTtIzpzwbpmA==",
+      "version": "1.10.0",
+      "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.0.tgz",
+      "integrity": "sha512-AbegBVI4sh6El+1gNwvD5YIck7nSA36weD7xvIxG4in80j/UoK8AEGaWnnz8v1GxonMCltmlNs5ZKbGvl9b1XQ==",
       "requires": {
-        "basic-auth": "~2.0.0",
+        "basic-auth": "~2.0.1",
         "debug": "2.6.9",
-        "depd": "~1.1.2",
+        "depd": "~2.0.0",
         "on-finished": "~2.3.0",
-        "on-headers": "~1.0.1"
+        "on-headers": "~1.0.2"
       },
       "dependencies": {
         "debug": {
@@ -3410,9 +3382,9 @@
           }
         },
         "depd": {
-          "version": "1.1.2",
-          "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz",
-          "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak="
+          "version": "2.0.0",
+          "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
+          "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
         },
         "ee-first": {
           "version": "1.1.1",
@@ -7736,11 +7708,6 @@
         }
       }
     },
-    "streamifier": {
-      "version": "0.1.1",
-      "resolved": "https://registry.npmjs.org/streamifier/-/streamifier-0.1.1.tgz",
-      "integrity": "sha1-l+mNj6TRBdYqJpHR3AfoINuN/E8="
-    },
     "streamsearch": {
       "version": "0.1.2",
       "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-0.1.2.tgz",
diff --git a/package.json b/package.json
index d205a22346..f19b1f9426 100644
--- a/package.json
+++ b/package.json
@@ -28,7 +28,7 @@
     "ejs-locals": "1.0.2",
     "errorhandler": "1.2.0",
     "express": "4.12.4",
-    "express-fileupload": "0.0.5",
+    "express-fileupload": "1.1.8",
     "file-type": "^8.1.0",
     "humanize-ms": "1.0.1",
     "jquery": "^2.2.4",