steve
5d66d1f575
express 4 pins qs to ~6.14.0, which falls in the vulnerable range of GHSA-q8mj-m7cp-5q26 (remotely triggerable TypeError in qs.stringify). Add an npm override so the transitive dependency resolves to the patched 6.15.2.
31 lines
672 B
JSON
31 lines
672 B
JSON
{
|
|
"name": "ezcheck",
|
|
"version": "0.4.6",
|
|
"description": "Self-hosted check printing web app",
|
|
"main": "src/app.js",
|
|
"scripts": {
|
|
"start": "node src/app.js",
|
|
"dev": "nodemon --exec \"node --env-file=.env\" src/app.js",
|
|
"migrate": "node migrations/import-mdb.js"
|
|
},
|
|
"dependencies": {
|
|
"bcryptjs": "^3.0.3",
|
|
"better-sqlite3": "^9.4.3",
|
|
"express": "^4.18.3",
|
|
"express-session": "^1.19.0",
|
|
"multer": "^2.1.1",
|
|
"nodemailer": "^8.0.5",
|
|
"openid-client": "^5.7.1",
|
|
"pdfkit": "^0.15.0"
|
|
},
|
|
"devDependencies": {
|
|
"nodemon": "^3.1.0"
|
|
},
|
|
"overrides": {
|
|
"qs": "^6.15.2"
|
|
},
|
|
"engines": {
|
|
"node": ">=20"
|
|
}
|
|
}
|