From 65728ca6bdaf1c0c79c61eb235d7ff15f1fe11a6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 3 Nov 2025 07:09:40 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXTAUTH-13744118 --- package-lock.json | 12 ++++++------ package.json | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/package-lock.json b/package-lock.json index 12b277c4..4b8475b2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -68,7 +68,7 @@ "lucide-react": "^0.451.0", "nanoid": "^5.0.9", "next": "^14.2.21", - "next-auth": "^4.24.11", + "next-auth": "^4.24.12", "next-safe-action": "^7.9.4", "next-themes": "^0.3.0", "nodemailer": "^6.9.14", @@ -15855,9 +15855,9 @@ } }, "node_modules/next-auth": { - "version": "4.24.11", - "resolved": "https://registry.npmjs.org/next-auth/-/next-auth-4.24.11.tgz", - "integrity": "sha512-pCFXzIDQX7xmHFs4KVH4luCjaCbuPRtZ9oBUjUhOk84mZ9WVPf94n87TxYI4rSRf9HmfHEF8Yep3JrYDVOo3Cw==", + "version": "4.24.12", + "resolved": "https://registry.npmjs.org/next-auth/-/next-auth-4.24.12.tgz", + "integrity": "sha512-wooJAL5Md9Fn2UwUI2qN9TY/+k8HJGRyi3TdSt/xHfDTtdpPxDqmo4v8hUrKGb+d66FB/rYy9RutA/9EeJrK0Q==", "license": "ISC", "dependencies": { "@babel/runtime": "^7.20.13", @@ -15872,8 +15872,8 @@ }, "peerDependencies": { "@auth/core": "0.34.2", - "next": "^12.2.5 || ^13 || ^14 || ^15", - "nodemailer": "^6.6.5", + "next": "^12.2.5 || ^13 || ^14 || ^15 || ^16", + "nodemailer": "^7.0.7", "react": "^17.0.2 || ^18 || ^19", "react-dom": "^17.0.2 || ^18 || ^19" }, diff --git a/package.json b/package.json index c162b219..d7e40c35 100644 --- a/package.json +++ b/package.json @@ -86,7 +86,7 @@ "lucide-react": "^0.451.0", "nanoid": "^5.0.9", "next": "^14.2.21", - "next-auth": "^4.24.11", + "next-auth": "^4.24.12", "next-safe-action": "^7.9.4", "next-themes": "^0.3.0", "nodemailer": "^6.9.14",