From dca00116277a82b307d71d94ed021dc61c741751 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 27 Nov 2025 11:33:54 +0000
Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940
---
 package.json | 2 +-
 yarn.lock    | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/package.json b/package.json
index 7dae0ffc..993fb2cf 100644
--- a/package.json
+++ b/package.json
@@ -108,7 +108,7 @@
     "mongoose-times": "^0.1.0",
     "morgan": "^1.9.0",
     "node-dir": "^0.1.17",
-    "node-forge": "^0.7.1",
+    "node-forge": "^1.3.2",
     "node-gyp": "^3.6.2",
     "node-sass": "^4.6.0",
     "node-upload-progress": "0.0.1",
diff --git a/yarn.lock b/yarn.lock
index 284200ba..8b541797 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -5500,9 +5500,10 @@ node-dir@^0.1.17:
   dependencies:
     minimatch "^3.0.2"
 
-node-forge@^0.7.1:
-  version "0.7.1"
-  resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.7.1.tgz#9da611ea08982f4b94206b3beb4cc9665f20c300"
+node-forge@^1.3.2:
+  version "1.3.2"
+  resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-1.3.2.tgz#d0d2659a26eef778bf84d73e7f55c08144ee7750"
+  integrity sha512-6xKiQ+cph9KImrRh0VsjH2d8/GXA4FIMlgU4B757iI1ApvcyA9VlouP0yZJha01V+huImO+kKMU7ih+2+E14fw==
 
 node-gyp@^3.3.1, node-gyp@^3.6.2:
   version "3.6.2"