From 92b2a8907d9ab3e8fca4272be2396a9bd0f90270 Mon Sep 17 00:00:00 2001
From: Nick Pakhodnia <nick.pohodnya@gmail.com>
Date: Mon, 15 Dec 2025 11:11:17 -0500
Subject: [PATCH 1/2] current audit.log with known vulnerabilities

---
 audit.log | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 audit.log

diff --git a/audit.log b/audit.log
new file mode 100644
index 000000000..a7cdd7ae5
--- /dev/null
+++ b/audit.log
@@ -0,0 +1,16 @@
+┌─────────────────────┬────────────────────────────────────────────────────────┐
+│ moderate            │ body-parser is vulnerable to denial of service when    │
+│                     │ url encoding is used                                   │
+├─────────────────────┼────────────────────────────────────────────────────────┤
+│ Package             │ body-parser                                            │
+├─────────────────────┼────────────────────────────────────────────────────────┤
+│ Vulnerable versions │ >=2.2.0 <2.2.1                                         │
+├─────────────────────┼────────────────────────────────────────────────────────┤
+│ Patched versions    │ >=2.2.1                                                │
+├─────────────────────┼────────────────────────────────────────────────────────┤
+│ Paths               │ .>mock-http-server>body-parser                         │
+├─────────────────────┼────────────────────────────────────────────────────────┤
+│ More info           │ https://github.com/advisories/GHSA-wqch-xfxh-vrr4      │
+└─────────────────────┴────────────────────────────────────────────────────────┘
+1 vulnerabilities found
+Severity: 1 moderate

From 712f9f22e5586c488c4ce56e13e856c41066800d Mon Sep 17 00:00:00 2001
From: Nick Pakhodnia <nick.pohodnya@gmail.com>
Date: Mon, 15 Dec 2025 11:15:52 -0500
Subject: [PATCH 2/2] pnpm.lock update after audit --fix

---
 audit.log      | 17 +----------------
 pnpm-lock.yaml | 27 ++++++++++++++++++++-------
 2 files changed, 21 insertions(+), 23 deletions(-)

diff --git a/audit.log b/audit.log
index a7cdd7ae5..5c418afc9 100644
--- a/audit.log
+++ b/audit.log
@@ -1,16 +1 @@
-┌─────────────────────┬────────────────────────────────────────────────────────┐
-│ moderate            │ body-parser is vulnerable to denial of service when    │
-│                     │ url encoding is used                                   │
-├─────────────────────┼────────────────────────────────────────────────────────┤
-│ Package             │ body-parser                                            │
-├─────────────────────┼────────────────────────────────────────────────────────┤
-│ Vulnerable versions │ >=2.2.0 <2.2.1                                         │
-├─────────────────────┼────────────────────────────────────────────────────────┤
-│ Patched versions    │ >=2.2.1                                                │
-├─────────────────────┼────────────────────────────────────────────────────────┤
-│ Paths               │ .>mock-http-server>body-parser                         │
-├─────────────────────┼────────────────────────────────────────────────────────┤
-│ More info           │ https://github.com/advisories/GHSA-wqch-xfxh-vrr4      │
-└─────────────────────┴────────────────────────────────────────────────────────┘
-1 vulnerabilities found
-Severity: 1 moderate
+No known vulnerabilities found
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 211b0697b..0fd656b9f 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -230,8 +230,8 @@ packages:
     resolution: {integrity: sha512-vjtV3hiLqYDNRoiAv0zC4QaGAMPomEoq83PRmYIofPswwZurCeWR5LByXm7SyoL0Zh5+2z0+HC7jG8gSZJUh0w==}
     engines: {node: '>= 16'}
 
-  body-parser@2.2.0:
-    resolution: {integrity: sha512-02qvAaxv8tp7fBa/mw1ga98OGm+eCbqzJOKoRt70sLmfEEi+jyBYVTDGfCL/k06/4EMk/z01gCe7HoCH/f2LTg==}
+  body-parser@2.2.1:
+    resolution: {integrity: sha512-nfDwkulwiZYQIGwxdy0RUmowMhKcFVcYXUU7m4QlKYim1rUtg83xm2yjZ40QjDuc291AJjjeSc9b++AWHSgSHw==}
     engines: {node: '>=18'}
 
   boolbase@1.0.0:
@@ -381,6 +381,15 @@ packages:
       supports-color:
         optional: true
 
+  debug@4.4.3:
+    resolution: {integrity: sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==}
+    engines: {node: '>=6.0'}
+    peerDependencies:
+      supports-color: '*'
+    peerDependenciesMeta:
+      supports-color:
+        optional: true
+
   decamelize@4.0.0:
     resolution: {integrity: sha512-9iE1PgSik9HeIIw2JO94IidnE3eBoQrFJ3w7sFuzSX4DpmZ3v5sZpUiV5Swcf6mQEF+Y0ru8Neo+p+nyh2J+hQ==}
     engines: {node: '>=10'}
@@ -1414,13 +1423,13 @@ snapshots:
 
   balanced-match@3.0.1: {}
 
-  body-parser@2.2.0:
+  body-parser@2.2.1:
     dependencies:
       bytes: 3.1.2
       content-type: 1.0.5
-      debug: 4.4.0(supports-color@8.1.1)
+      debug: 4.4.3
       http-errors: 2.0.0
-      iconv-lite: 0.6.3
+      iconv-lite: 0.7.0
       on-finished: 2.4.1
       qs: 6.14.0
       raw-body: 3.0.1
@@ -1571,6 +1580,10 @@ snapshots:
     optionalDependencies:
       supports-color: 8.1.1
 
+  debug@4.4.3:
+    dependencies:
+      ms: 2.1.3
+
   decamelize@4.0.0: {}
 
   decompress-response@6.0.0:
@@ -1707,7 +1720,7 @@ snapshots:
   express@5.1.0:
     dependencies:
       accepts: 2.0.0
-      body-parser: 2.2.0
+      body-parser: 2.2.1
       content-disposition: 1.0.0
       content-type: 1.0.5
       cookie: 0.7.2
@@ -2114,7 +2127,7 @@ snapshots:
 
   mock-http-server@1.4.5:
     dependencies:
-      body-parser: 2.2.0
+      body-parser: 2.2.1
       connect: 3.7.0
       multiparty: 4.2.3
       underscore: 1.13.6