From 738c51e8fa33ff29bbc931fbd074251d127ea0b3 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 4 Jan 2026 11:09:17 +0000
Subject: [PATCH] fix: data-service/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-QS-14724253
---
 data-service/package.json | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/data-service/package.json b/data-service/package.json
index 688073ee..bbd4f019 100644
--- a/data-service/package.json
+++ b/data-service/package.json
@@ -15,7 +15,7 @@
     "axios": "^0.14.0",
     "axios-retry": "^3.1.0",
     "bluebird": "^3.5.4",
-    "body-parser": "^1.12.0",
+    "body-parser": "^1.20.4",
     "busboy": "^0.2.12",
     "busboy-body-parser": "0.0.10",
     "connect-redis": "^3.4.1",
@@ -27,20 +27,20 @@
     "csv2json": "^1.4.2",
     "deep-equal": "^1.0.1",
     "ejs": "^2.4.1",
-    "express": "^4.13.4",
+    "express": "^4.22.0",
     "express-mung": "^0.5.0",
     "express-session": "^1.16.1",
     "express-winston": "^2.5.0",
     "fb": "^1.1.1",
     "form-data": "^2.1.2",
     "github": "^0.2.4",
-    "googleapis": "^16.1.0",
+    "googleapis": "^25.0.0",
     "gridfs-stream": "^1.1.1",
     "icg-json-to-xlsx": "^0.2.5",
     "ioredis": "^2.0.0",
-    "jimp": "^0.2.28",
+    "jimp": "^0.3.1",
     "jquery": "^3.4.0",
-    "jsdom": "^8.5.0",
+    "jsdom": "^16.6.0",
     "json2csv": "^3.7.3",
     "json2xlsx": "^0.1.6",
     "localStorage": "^1.0.3",
@@ -48,7 +48,7 @@
     "mandrill-api": "^1.0.45",
     "mongo-adapter": "^1.0.8",
     "mongodb": "^3.2.3",
-    "node-gcm": "^1.0.0",
+    "node-gcm": "^1.1.0",
     "node-linkedin": "^0.5.6",
     "node-twitter-api": "^1.8.0",
     "node-uuid": "^1.4.7",