[Snyk] Fix for 2 vulnerabilities

[origranot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	601/1000 Why? Recently disclosed, Has a fix available, CVSS 6.3	Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	No	No Known Exploit
	828/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.7	Denial of Service (DoS) SNYK-JS-HTTPPROXYMIDDLEWARE-8229906	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @docusaurus/preset-classic

The new version differs by 250 commits.

• cb5829f v3.5.0
• a19d54f Merge remote-tracking branch 'origin/slorber/docusaurus-v3.5' into slorber/docusaurus-v3.5
• ea49177 3.5 docs
• 55a58ee changelog
• 8f8f7f2 Merge branch 'main' into slorber/docusaurus-v3.5
• a096bbc feat(blog): add `onUntruncatedBlogPosts` blog options (#10375)
• 2611aa1 refactor: apply lint autofix
• f9e5adb v3.5 blog post
• c3af215 v3.5 blog post
• af24976 v3.5 blog post
• 2028ca4 v3.5 blog post
• f43be85 fix(translations): fix wrong Estonian (et) translations and typos (#10344)
• a2e30be fix(search): fix algolia search ignore ctrl + F in search input (#10342)
• 44ddada fix(docs): the _category_.json description attribute should display on generated index pages (#10324)
• 95ab9f8 feat(theme): show unlisted/draft banners in dev mode (#10376)
• c58fcbd feat(ci): continuous releases for main and PRs with pkg.pr.new (#10369)
• 087a329 fix(cli): Fix bad docusaurus CLI behavior on for --version, -V, --help, -h (#10368)
• 7be1fea feat(blog): add feed xlst options to render beautiful RSS and Atom feeds (#9252)
• 08a893a chore: add prettier-xml plugin (#10364)
• f356e29 feat(blog): authors page (#10216)
• 50f9fce docs: rename @ getcanary/docusaurus-pagefind in docs (#10361)
• 347070b fix(translations): Fix and Improve Spanish translations (#10360)
• 95990c6 docs: Add @ getcanary/docusaurus-pagefind in docs (#10345)
• 40676cd chore(deps): update infima npm dependency to version 0.2.0-alpha.44 (#10343)

See the full diff

Package name: @nestjs/platform-express

The new version differs by 105 commits.

• ed644e9 chore(@ nestjs) publish v10.4.5 release
• 0ea48d2 Merge pull request #13879 from frndvrgs/feat-opts-listen-method
• 508d2f3 Merge pull request #14060 from ezintz/fix-express-vulnerabilities
• 7cf4708 Merge pull request #13903 from nestjs/dependabot/npm_and_yarn/sample/31-graphql-federation-code-first/posts-application/multi-dabac980bd
• 8c2e03d Merge pull request #13917 from nestjs/dependabot/npm_and_yarn/sample/32-graphql-federation-schema-first/posts-application/micromatch-4.0.8
• 6ada824 Merge pull request #14064 from PattyTrish/cookie-vulnerability-update
• d2ca9ec Merge pull request #14066 from micalevisk/test/cover-validation-pipe-options
• 78b3f0c test(common): add tests for validation pipe on 'custom' types
• 980eb5b build(fastify): upgrade light-my-request to 6.1.0
• 160c3b3 build(express): upgrade to express 4.2.1
• d0f401a Merge pull request #14015 from nestjs/dependabot/npm_and_yarn/sample/10-fastify/find-my-way-8.2.2
• 89840ce Merge pull request #14039 from nestjs/dependabot/npm_and_yarn/sample/23-graphql-code-first/multi-1f9ae28231
• 9423743 Merge pull request #14040 from nestjs/dependabot/npm_and_yarn/sample/24-serve-static/multi-0b8bbc7c9e
• 9ee0224 Update Readme.md
• 93514fd chore(deps): bump send, @ nestjs/platform-express and express
• a46a7db chore(deps): bump serve-static, express and @ nestjs/platform-express
• 9825529 Merge pull request #14034 from nestjs/dependabot/npm_and_yarn/sample/28-sse/multi-5eb378ec3a
• 826ff4b Merge pull request #14035 from nestjs/dependabot/npm_and_yarn/sample/28-sse/multi-6ddc2c7951
• fd740b6 chore(deps): bump send and @ nestjs/platform-express in /sample/28-sse
• c936dec chore(deps): bump serve-static and @ nestjs/platform-express
• 47cda92 Merge pull request #14030 from nestjs/dependabot/npm_and_yarn/sample/25-dynamic-modules/multi-6ddc2c7951
• d70d0ba Merge pull request #14031 from nestjs/dependabot/npm_and_yarn/sample/25-dynamic-modules/multi-5eb378ec3a
• 0fbc2a6 chore(deps): bump serve-static and @ nestjs/platform-express
• fa56e58 chore(deps): bump send and @ nestjs/platform-express

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)
🦉 Denial of Service (DoS)

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
reduced-to	❌ Failed (Inspect)			Oct 18, 2024 2:12pm