From fe000d5cad3e8880aa3a89c2e7880bf8732da0a7 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 24 Jul 2025 10:25:27 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729
---
 package-lock.json | 22 +++++++++++++++-------
 package.json      |  2 +-
 2 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index dcf70ceb614c..0163b51e58f2 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -51,7 +51,7 @@
         "lunr-languages": "^1.9.0",
         "mdast-util-from-markdown": "^1.2.0",
         "mdast-util-to-string": "^3.1.0",
-        "morgan": "^1.10.0",
+        "morgan": "^1.10.1",
         "msgpack5rpc": "^1.1.0",
         "next": "12.2.4",
         "parse5": "7.0.0",
@@ -15271,14 +15271,16 @@
       "license": "MIT"
     },
     "node_modules/morgan": {
-      "version": "1.10.0",
+      "version": "1.10.1",
+      "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.1.tgz",
+      "integrity": "sha512-223dMRJtI/l25dJKWpgij2cMtywuG/WiUKXdvwfbhGKBhy1puASqXwFzmWZ7+K73vUPoR7SS2Qz2cI/g9MKw0A==",
       "license": "MIT",
       "dependencies": {
         "basic-auth": "~2.0.1",
         "debug": "2.6.9",
         "depd": "~2.0.0",
         "on-finished": "~2.3.0",
-        "on-headers": "~1.0.2"
+        "on-headers": "~1.1.0"
       },
       "engines": {
         "node": ">= 0.8.0"
@@ -15774,7 +15776,9 @@
       }
     },
     "node_modules/on-headers": {
-      "version": "1.0.2",
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.1.0.tgz",
+      "integrity": "sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A==",
       "license": "MIT",
       "engines": {
         "node": ">= 0.8"
@@ -31390,13 +31394,15 @@
       "dev": true
     },
     "morgan": {
-      "version": "1.10.0",
+      "version": "1.10.1",
+      "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.1.tgz",
+      "integrity": "sha512-223dMRJtI/l25dJKWpgij2cMtywuG/WiUKXdvwfbhGKBhy1puASqXwFzmWZ7+K73vUPoR7SS2Qz2cI/g9MKw0A==",
       "requires": {
         "basic-auth": "~2.0.1",
         "debug": "2.6.9",
         "depd": "~2.0.0",
         "on-finished": "~2.3.0",
-        "on-headers": "~1.0.2"
+        "on-headers": "~1.1.0"
       },
       "dependencies": {
         "debug": {
@@ -31725,7 +31731,9 @@
       }
     },
     "on-headers": {
-      "version": "1.0.2"
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.1.0.tgz",
+      "integrity": "sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A=="
     },
     "once": {
       "version": "1.4.0",
diff --git a/package.json b/package.json
index 5eb76756a9af..fb5d29731f5d 100644
--- a/package.json
+++ b/package.json
@@ -53,7 +53,7 @@
     "lunr-languages": "^1.9.0",
     "mdast-util-from-markdown": "^1.2.0",
     "mdast-util-to-string": "^3.1.0",
-    "morgan": "^1.10.0",
+    "morgan": "^1.10.1",
     "msgpack5rpc": "^1.1.0",
     "next": "12.2.4",
     "parse5": "7.0.0",