From ce403c8e747e964b315c8e7fc9bf24c9521c6bfe Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 27 Jan 2026 13:31:56 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15038581
- https://snyk.io/vuln/SNYK-JS-TAR-15032660
- https://snyk.io/vuln/SNYK-JS-LODASH-15053838
- https://snyk.io/vuln/SNYK-JS-ESLINT-15102420
---
 package.json | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/package.json b/package.json
index 9a7beb6..be25a2b 100644
--- a/package.json
+++ b/package.json
@@ -26,10 +26,10 @@
   "devDependencies": {
     "@babel/core": "^7.1.0",
     "@extensionengine/eslint-config": "^1.0.1",
-    "babel-eslint": "^10.0.3",
+    "babel-eslint": "^10.1.0",
     "del-cli": "^1.1.0",
     "emoji-strip": "^1.0.1",
-    "eslint": "^6.5.1",
+    "eslint": "^9.26.0",
     "eslint-config-semistandard": "^15.0.0",
     "eslint-config-standard": "^14.1.0",
     "eslint-plugin-import": "^2.18.2",
@@ -37,12 +37,12 @@
     "eslint-plugin-promise": "^4.2.1",
     "eslint-plugin-standard": "^4.0.1",
     "eslint-plugin-vue": "^5.2.3",
-    "nodemon": "^1.18.6",
+    "nodemon": "^2.0.0",
     "sequelize-cli": "^5.5.0",
     "split2": "^3.0.0"
   },
   "dependencies": {
-    "bcrypt": "^3.0.1",
+    "bcrypt": "^5.0.1",
     "bluebird": "^3.5.2",
     "body-parser": "^1.18.3",
     "bunyan": "^1.8.13",
@@ -59,14 +59,14 @@
     "joi": "^13.7.0",
     "jsend": "^1.0.2",
     "jsonwebtoken": "^8.3.0",
-    "lodash": "^4.17.19",
+    "lodash": "^4.17.23",
     "morgan": "^1.9.1",
     "nocache": "^2.0.0",
     "passport": "^0.4.0",
     "passport-jwt": "^4.0.0",
     "pg": "^7.12.1",
     "safe-require": "^1.0.3",
-    "sequelize": "^5.16.0",
+    "sequelize": "^6.1.0",
     "umzug": "^2.1.0",
     "url-join": "^4.0.0"
   },