From 5f884d5f939dc8451687cde38d0fdb8f3a39f43e Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 13 May 2024 20:09:39 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-BRACES-6838727
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
---
 package-lock.json | 77 +++++++++++++++++------------------------------
 package.json      |  2 +-
 2 files changed, 28 insertions(+), 51 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 6f01a184..1f5aafa8 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -14,7 +14,7 @@
         "@types/bluebird": "^3.5.36",
         "ansi-regex": "^6.0.1",
         "browserslist": "^4.20.3",
-        "casbin": "4.7.2",
+        "casbin": "^5.6.2",
         "casbin-sequelize-adapter": "2.3.2",
         "chai": "^4.3.6",
         "complexity": "0.0.6",
@@ -3556,15 +3556,14 @@
       ]
     },
     "node_modules/casbin": {
-      "version": "4.7.2",
-      "resolved": "https://registry.npmjs.org/casbin/-/casbin-4.7.2.tgz",
-      "integrity": "sha512-VMihlMqjXPlsL/K/LYc61TG5ee5+ik6WQ9HxgqurzroNPpwHfT5fBPGQIvI349WUWsdZ7Rj1UxyI6nn2FHxyNw==",
+      "version": "5.6.2",
+      "resolved": "https://registry.npmjs.org/casbin/-/casbin-5.6.2.tgz",
+      "integrity": "sha512-xqkEaBYFmyCuKF44+Kh/IHdgz334ed8dKF3ekwFaUgnmrCweTiPfh//VsCQIuwgFSRT+qp4qVceOJbdsG6jD+Q==",
       "dependencies": {
         "await-lock": "^2.0.1",
+        "csv-parse": "^4.15.3",
         "expression-eval": "^2.0.0",
-        "ip": "^1.1.5",
-        "lodash": "^4.17.15",
-        "micromatch": "^4.0.2"
+        "picomatch": "^2.2.3"
       }
     },
     "node_modules/casbin-sequelize-adapter": {
@@ -4193,6 +4192,11 @@
         "node": ">=8"
       }
     },
+    "node_modules/csv-parse": {
+      "version": "4.16.3",
+      "resolved": "https://registry.npmjs.org/csv-parse/-/csv-parse-4.16.3.tgz",
+      "integrity": "sha512-cO1I/zmz4w2dcKHVvpCr7JVRu8/FymG5OEpmvsZYlccYolPBLoVGKUHgNoc4ZGkFeFlWGEDmMyBM+TTqRdW/wg=="
+    },
     "node_modules/d": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/d/-/d-1.0.1.tgz",
@@ -6269,11 +6273,6 @@
         "loose-envify": "^1.0.0"
       }
     },
-    "node_modules/ip": {
-      "version": "1.1.5",
-      "resolved": "https://registry.npmjs.org/ip/-/ip-1.1.5.tgz",
-      "integrity": "sha1-vd7XARQpCCjAoDnnLvJfWq7ENUo="
-    },
     "node_modules/ipaddr.js": {
       "version": "1.9.1",
       "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
@@ -7466,18 +7465,6 @@
         "node": ">= 0.6"
       }
     },
-    "node_modules/micromatch": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.2.tgz",
-      "integrity": "sha512-y7FpHSbMUMoyPbYUSzO6PaZ6FyRnQOpHuKwbo1G+Knck95XVU4QAiKdGEnj5wwoS7PlOgthX/09u5iFJ+aYf5Q==",
-      "dependencies": {
-        "braces": "^3.0.1",
-        "picomatch": "^2.0.5"
-      },
-      "engines": {
-        "node": ">=8"
-      }
-    },
     "node_modules/mime": {
       "version": "1.6.0",
       "resolved": "https://registry.npmjs.org/mime/-/mime-1.6.0.tgz",
@@ -8628,9 +8615,9 @@
       "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ=="
     },
     "node_modules/picomatch": {
-      "version": "2.2.2",
-      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.2.2.tgz",
-      "integrity": "sha512-q0M/9eZHzmr0AulXyPwNfZjtwZ/RBZlbN3K3CErVrk50T2ASYI7Bye0EvekFY3IP1Nt2DHu0re+V2ZHIpMkuWg==",
+      "version": "2.3.1",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
+      "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
       "engines": {
         "node": ">=8.6"
       },
@@ -13648,15 +13635,14 @@
       "integrity": "sha512-10T30NYOEQtN6C11YGg411yebhvpnC6Z102+B95eAsN0oB6KUs01ivE8u+G6FMIRtIrVlYXhL+LUwQ3/hXwDWw=="
     },
     "casbin": {
-      "version": "4.7.2",
-      "resolved": "https://registry.npmjs.org/casbin/-/casbin-4.7.2.tgz",
-      "integrity": "sha512-VMihlMqjXPlsL/K/LYc61TG5ee5+ik6WQ9HxgqurzroNPpwHfT5fBPGQIvI349WUWsdZ7Rj1UxyI6nn2FHxyNw==",
+      "version": "5.6.2",
+      "resolved": "https://registry.npmjs.org/casbin/-/casbin-5.6.2.tgz",
+      "integrity": "sha512-xqkEaBYFmyCuKF44+Kh/IHdgz334ed8dKF3ekwFaUgnmrCweTiPfh//VsCQIuwgFSRT+qp4qVceOJbdsG6jD+Q==",
       "requires": {
         "await-lock": "^2.0.1",
+        "csv-parse": "^4.15.3",
         "expression-eval": "^2.0.0",
-        "ip": "^1.1.5",
-        "lodash": "^4.17.15",
-        "micromatch": "^4.0.2"
+        "picomatch": "^2.2.3"
       }
     },
     "casbin-sequelize-adapter": {
@@ -14117,6 +14103,11 @@
       "resolved": "https://registry.npmjs.org/crypto-random-string/-/crypto-random-string-2.0.0.tgz",
       "integrity": "sha512-v1plID3y9r/lPhviJ1wrXpLeyUIGAZ2SHNYTEapm7/8A9nLPoyvVp3RK/EPFqn5kEznyWgYZNsRtYYIWbuG8KA=="
     },
+    "csv-parse": {
+      "version": "4.16.3",
+      "resolved": "https://registry.npmjs.org/csv-parse/-/csv-parse-4.16.3.tgz",
+      "integrity": "sha512-cO1I/zmz4w2dcKHVvpCr7JVRu8/FymG5OEpmvsZYlccYolPBLoVGKUHgNoc4ZGkFeFlWGEDmMyBM+TTqRdW/wg=="
+    },
     "d": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/d/-/d-1.0.1.tgz",
@@ -15689,11 +15680,6 @@
         "loose-envify": "^1.0.0"
       }
     },
-    "ip": {
-      "version": "1.1.5",
-      "resolved": "https://registry.npmjs.org/ip/-/ip-1.1.5.tgz",
-      "integrity": "sha1-vd7XARQpCCjAoDnnLvJfWq7ENUo="
-    },
     "ipaddr.js": {
       "version": "1.9.1",
       "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
@@ -16587,15 +16573,6 @@
       "resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz",
       "integrity": "sha1-VSmk1nZUE07cxSZmVoNbD4Ua/O4="
     },
-    "micromatch": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.2.tgz",
-      "integrity": "sha512-y7FpHSbMUMoyPbYUSzO6PaZ6FyRnQOpHuKwbo1G+Knck95XVU4QAiKdGEnj5wwoS7PlOgthX/09u5iFJ+aYf5Q==",
-      "requires": {
-        "braces": "^3.0.1",
-        "picomatch": "^2.0.5"
-      }
-    },
     "mime": {
       "version": "1.6.0",
       "resolved": "https://registry.npmjs.org/mime/-/mime-1.6.0.tgz",
@@ -17422,9 +17399,9 @@
       "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ=="
     },
     "picomatch": {
-      "version": "2.2.2",
-      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.2.2.tgz",
-      "integrity": "sha512-q0M/9eZHzmr0AulXyPwNfZjtwZ/RBZlbN3K3CErVrk50T2ASYI7Bye0EvekFY3IP1Nt2DHu0re+V2ZHIpMkuWg=="
+      "version": "2.3.1",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
+      "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA=="
     },
     "pify": {
       "version": "4.0.1",
diff --git a/package.json b/package.json
index b06191e7..7748ba8b 100644
--- a/package.json
+++ b/package.json
@@ -37,7 +37,7 @@
     "@types/bluebird": "^3.5.36",
     "ansi-regex": "^6.0.1",
     "browserslist": "^4.20.3",
-    "casbin": "4.7.2",
+    "casbin": "5.6.2",
     "casbin-sequelize-adapter": "2.3.2",
     "chai": "^4.3.6",
     "complexity": "0.0.6",