From 4255cb3c2bfc7bf0fa49748fb0c857662a1d17c1 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 17 Apr 2025 15:23:30 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631
---
 package-lock.json | 12 +++++++-----
 package.json      |  2 +-
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 295d3b313..f472ee847 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -29,7 +29,7 @@
         "otpauth": "8.0.3",
         "package-json": "7.0.0",
         "parse": "3.5.1",
-        "passport": "0.5.3",
+        "passport": "^0.6.0",
         "passport-local": "1.0.0",
         "prismjs": "1.30.0",
         "prop-types": "15.8.1",
@@ -19127,12 +19127,14 @@
       }
     },
     "node_modules/passport": {
-      "version": "0.5.3",
-      "resolved": "https://registry.npmjs.org/passport/-/passport-0.5.3.tgz",
-      "integrity": "sha512-gGc+70h4gGdBWNsR3FuV3byLDY6KBTJAIExGFXTpQaYfbbcHCBlRRKx7RBQSpqEqc5Hh2qVzRs7ssvSfOpkUEA==",
+      "version": "0.6.0",
+      "resolved": "https://registry.npmjs.org/passport/-/passport-0.6.0.tgz",
+      "integrity": "sha512-0fe+p3ZnrWRW74fe8+SvCyf4a3Pb2/h7gFkQ8yTJpAO50gDzlfjZUZTO1k5Eg9kUct22OxHLqDZoKUWRHOh9ug==",
+      "license": "MIT",
       "dependencies": {
         "passport-strategy": "1.x.x",
-        "pause": "0.0.1"
+        "pause": "0.0.1",
+        "utils-merge": "^1.0.1"
       },
       "engines": {
         "node": ">= 0.4.0"
diff --git a/package.json b/package.json
index 5ee86e43c..29e4ba0f4 100644
--- a/package.json
+++ b/package.json
@@ -55,7 +55,7 @@
     "otpauth": "8.0.3",
     "package-json": "7.0.0",
     "parse": "3.5.1",
-    "passport": "0.5.3",
+    "passport": "0.6.0",
     "passport-local": "1.0.0",
     "prismjs": "1.30.0",
     "prop-types": "15.8.1",