From 2486ba27b1e29272eb723c7ea0cae76c0c889cd8 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 9 Oct 2025 08:49:41 +0000
Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NODEMAILER-13378253
---
 package.json | 2 +-
 yarn.lock    | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/package.json b/package.json
index 7dae0ffc..bebd0dea 100644
--- a/package.json
+++ b/package.json
@@ -113,7 +113,7 @@
     "node-sass": "^4.6.0",
     "node-upload-progress": "0.0.1",
     "node-uuid": "^1.4.8",
-    "nodemailer": "^4.3.1",
+    "nodemailer": "^7.0.7",
     "oauth2orize": "^1.11.0",
     "ogr2ogr": "^1.2.1",
     "pdfkit": "^0.8.3",
diff --git a/yarn.lock b/yarn.lock
index 284200ba..752810f5 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -5593,9 +5593,10 @@ node-version@^1.0.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/node-version/-/node-version-1.1.0.tgz#f437d7ba407e65e2c4eaef8887b1718ba523d4f0"
 
-nodemailer@^4.3.1:
-  version "4.3.1"
-  resolved "https://registry.yarnpkg.com/nodemailer/-/nodemailer-4.3.1.tgz#40e162f54193ba2fecca200d544e8f6c1106d694"
+nodemailer@^7.0.7:
+  version "7.0.9"
+  resolved "https://registry.yarnpkg.com/nodemailer/-/nodemailer-7.0.9.tgz#fe5abd4173e08e01aa243c7cddd612ad8c6ccc18"
+  integrity sha512-9/Qm0qXIByEP8lEV2qOqcAW7bRpL8CR9jcTwk3NBnHJNmP9fIJ86g2fgmIXqHY+nj55ZEMwWqYAT2QTDpRUYiQ==
 
 nomnom@~1.8.1:
   version "1.8.1"