From 3568ea650f6ec1f93a3112e824748a8d0b29f5fc Mon Sep 17 00:00:00 2001
From: Elian Doran <contact@eliandoran.me>
Date: Thu, 9 Jan 2025 22:50:54 +0200
Subject: [PATCH] fix(deps): npm audit

---
 package-lock.json | 115 ++++++++++++++++++++++++++++++----------------
 package.json      |   2 +-
 2 files changed, 77 insertions(+), 40 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 2024a1ffb..8e9165fe9 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -29,7 +29,7 @@
         "codemirror": "5.65.18",
         "compression": "1.7.5",
         "cookie-parser": "1.4.7",
-        "csurf": "1.2.2",
+        "csurf": "1.11.0",
         "dayjs": "1.11.13",
         "dayjs-plugin-utc": "0.1.2",
         "debounce": "2.2.0",
@@ -6984,29 +6984,14 @@
         "node": ">=12.10"
       }
     },
-    "node_modules/csrf-tokens": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/csrf-tokens/-/csrf-tokens-2.0.0.tgz",
-      "integrity": "sha512-IzcrVVxQJvHoeNSSA9zc9LqIBUPM3OdRUzJ/4ooSbROhvJOSAi6qve2J6XEhmltcECmf/UiR/pgzkHXY5x1mGA==",
+    "node_modules/csrf": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/csrf/-/csrf-3.1.0.tgz",
+      "integrity": "sha512-uTqEnCvWRk042asU6JtapDTcJeeailFy4ydOQS28bj1hcLnYRiqi8SsD2jS412AY1I/4qdOwWZun774iqywf9w==",
       "dependencies": {
-        "base64-url": "1",
-        "rndm": "1",
-        "scmp": "~0.0.3",
-        "uid-safe": "1"
-      }
-    },
-    "node_modules/csrf-tokens/node_modules/base64-url": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/base64-url/-/base64-url-1.2.1.tgz",
-      "integrity": "sha512-V8E0l1jyyeSSS9R+J9oljx5eq2rqzClInuwaPcyuv0Mm3ViI/3/rcc4rCEO8i4eQ4I0O0FAGYDA2i5xWHHPhzg=="
-    },
-    "node_modules/csrf-tokens/node_modules/uid-safe": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-1.1.0.tgz",
-      "integrity": "sha512-7+QtWs9zioL/iQX61G+4h3EPyr3H+tINIp0IAV4EL32vdf7qmFyuW0BgRqWl7p5oZOsEQrlL0bY7m5D8tp7b1w==",
-      "dependencies": {
-        "base64-url": "1.2.1",
-        "native-or-bluebird": "~1.1.2"
+        "rndm": "1.2.0",
+        "tsscmp": "1.0.6",
+        "uid-safe": "2.1.5"
       },
       "engines": {
         "node": ">= 0.8"
@@ -7053,16 +7038,28 @@
       }
     },
     "node_modules/csurf": {
-      "version": "1.2.2",
-      "resolved": "https://registry.npmjs.org/csurf/-/csurf-1.2.2.tgz",
-      "integrity": "sha512-wCwNMBSAzrj4918iemazALbLZBYQRVN4BpnSpVBcE5Cx5cx/5HPkkpidpL0k+Tbk3Dlg0pDSY3mUvh7Gqc5H7w==",
+      "version": "1.11.0",
+      "resolved": "https://registry.npmjs.org/csurf/-/csurf-1.11.0.tgz",
+      "integrity": "sha512-UCtehyEExKTxgiu8UHdGvHj4tnpE/Qctue03Giq5gPgMQ9cg/ciod5blZQ5a4uCEenNQjxyGuzygLdKUmee/bQ==",
+      "deprecated": "Please use another csrf package",
       "dependencies": {
-        "csrf-tokens": "~2.0.0"
+        "cookie": "0.4.0",
+        "cookie-signature": "1.0.6",
+        "csrf": "3.1.0",
+        "http-errors": "~1.7.3"
       },
       "engines": {
         "node": ">= 0.8.0"
       }
     },
+    "node_modules/csurf/node_modules/cookie": {
+      "version": "0.4.0",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.0.tgz",
+      "integrity": "sha512-+Hp8fLp57wnUSt0tY0tHEXh4voZRDnoIrZPqlo3DPiI4y9lwg/jqx+1Om94/W6ZaPDOUbnjOt/99w66zk+l1Xg==",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
     "node_modules/cytoscape": {
       "version": "3.30.4",
       "resolved": "https://registry.npmjs.org/cytoscape/-/cytoscape-3.30.4.tgz",
@@ -11094,6 +11091,42 @@
       "dev": true,
       "license": "BSD-2-Clause"
     },
+    "node_modules/http-errors": {
+      "version": "1.7.3",
+      "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.3.tgz",
+      "integrity": "sha512-ZTTX0MWrsQ2ZAhA1cejAwDLycFsd7I7nVtnkT3Ol0aqodaKW+0CTZDQ1uBv5whptCnc8e8HeRRJxRs0kmm/Qfw==",
+      "dependencies": {
+        "depd": "~1.1.2",
+        "inherits": "2.0.4",
+        "setprototypeof": "1.1.1",
+        "statuses": ">= 1.5.0 < 2",
+        "toidentifier": "1.0.0"
+      },
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/http-errors/node_modules/depd": {
+      "version": "1.1.2",
+      "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz",
+      "integrity": "sha512-7emPTl6Dpo6JRXOXjLRxck+FlLRX5847cLKEn00PLAgc3g2hTZZgr+e4c2v6QpSmLeFP3n5yUo7ft6avBK/5jQ==",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/http-errors/node_modules/setprototypeof": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.1.1.tgz",
+      "integrity": "sha512-JvdAWfbXeIGaZ9cILp38HntZSFSo3mWg6xGcJJsd+d4aRMOqauag1C63dJfDw7OaMYwEbHMOxEZ1lqVRYP2OAw=="
+    },
+    "node_modules/http-errors/node_modules/statuses": {
+      "version": "1.5.0",
+      "resolved": "https://registry.npmjs.org/statuses/-/statuses-1.5.0.tgz",
+      "integrity": "sha512-OpZ3zP+jT1PI7I8nemJX4AKmAX070ZkYPVWV/AaKTJl+tXCTGyVdC1a4SL8RUQYEwk/f34ZX8UTykN68FwrqAA==",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
     "node_modules/http-proxy-agent": {
       "version": "7.0.2",
       "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-7.0.2.tgz",
@@ -13365,12 +13398,6 @@
       "integrity": "sha512-ONmRUqK7zj7DWX0D9ADe03wbwOBZxNAfF20PlGfCWQcD3+/MakShIHrMqx9YwPTfxDdF1zLeL+RGZiR9kGMLdg==",
       "license": "MIT"
     },
-    "node_modules/native-or-bluebird": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/native-or-bluebird/-/native-or-bluebird-1.1.2.tgz",
-      "integrity": "sha512-Bgn5FHNkd+lPTjIzq1NVU/VZTvPKFvhdIDEyYjxrKNrScSXbVvNVzOKwoleysun0/HoN7R+TXmK9mCtEs84osA==",
-      "deprecated": "'native-or-bluebird' is deprecated. Please use 'any-promise' instead."
-    },
     "node_modules/natural-compare": {
       "version": "1.4.0",
       "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz",
@@ -15913,12 +15940,6 @@
         "url": "https://opencollective.com/webpack"
       }
     },
-    "node_modules/scmp": {
-      "version": "0.0.3",
-      "resolved": "https://registry.npmjs.org/scmp/-/scmp-0.0.3.tgz",
-      "integrity": "sha512-ya4sPuUOfcrJnfC+OUqTFgFVBEMOXMS1Xopn0wwIhxKwD4eveTwJoIUN9u1QHJ47nL29/m545dV8KqI92MlHPw==",
-      "deprecated": "scmp v2 uses improved core crypto comparison since Node v6.6.0"
-    },
     "node_modules/semver": {
       "version": "7.6.3",
       "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz",
@@ -17271,6 +17292,14 @@
         "node": ">=8.0"
       }
     },
+    "node_modules/toidentifier": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.0.tgz",
+      "integrity": "sha512-yaOH/Pk/VEhBWWTlhI+qXxDFXlejDGcQipMlyxda9nthulaxLZUNcUqFxokp0vcYnvteJln5FNQDRrxj3YcbVw==",
+      "engines": {
+        "node": ">=0.6"
+      }
+    },
     "node_modules/token-types": {
       "version": "5.0.1",
       "resolved": "https://registry.npmjs.org/token-types/-/token-types-5.0.1.tgz",
@@ -17459,6 +17488,14 @@
       "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==",
       "license": "0BSD"
     },
+    "node_modules/tsscmp": {
+      "version": "1.0.6",
+      "resolved": "https://registry.npmjs.org/tsscmp/-/tsscmp-1.0.6.tgz",
+      "integrity": "sha512-LxhtAkPDTkVCMQjt2h6eBVY28KCjikZqZfMcC15YBeNjkgUpdCfBu5HoiOTDu86v6smE8yOjyEktJ8hlbANHQA==",
+      "engines": {
+        "node": ">=0.6.x"
+      }
+    },
     "node_modules/tsx": {
       "version": "4.19.2",
       "resolved": "https://registry.npmjs.org/tsx/-/tsx-4.19.2.tgz",
diff --git a/package.json b/package.json
index 5eb0712a5..54a99d5cb 100644
--- a/package.json
+++ b/package.json
@@ -74,7 +74,7 @@
     "codemirror": "5.65.18",
     "compression": "1.7.5",
     "cookie-parser": "1.4.7",
-    "csurf": "1.2.2",
+    "csurf": "1.11.0",
     "dayjs": "1.11.13",
     "dayjs-plugin-utc": "0.1.2",
     "debounce": "2.2.0",