@lenne.tech/nest-server 11.24.1 → 11.24.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/rules/package-management.md +61 -2
- package/CLAUDE.md +77 -0
- package/FRAMEWORK-API.md +1 -1
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +30 -12
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@lenne.tech/nest-server",
|
|
3
|
-
"version": "11.24.
|
|
3
|
+
"version": "11.24.2",
|
|
4
4
|
"description": "Modern, fast, powerful Node.js web framework in TypeScript based on Nest with a GraphQL API and a connection to MongoDB (or other databases).",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"node",
|
|
@@ -78,16 +78,16 @@
|
|
|
78
78
|
"@as-integrations/express5": "1.1.2",
|
|
79
79
|
"@better-auth/passkey": "1.5.5",
|
|
80
80
|
"@getbrevo/brevo": "3.0.1",
|
|
81
|
-
"@nestjs/apollo": "13.2.
|
|
81
|
+
"@nestjs/apollo": "13.2.5",
|
|
82
82
|
"@nestjs/common": "11.1.18",
|
|
83
83
|
"@nestjs/core": "11.1.18",
|
|
84
|
-
"@nestjs/graphql": "13.2.
|
|
84
|
+
"@nestjs/graphql": "13.2.5",
|
|
85
85
|
"@nestjs/jwt": "11.0.2",
|
|
86
86
|
"@nestjs/mongoose": "11.0.4",
|
|
87
87
|
"@nestjs/passport": "11.0.5",
|
|
88
88
|
"@nestjs/platform-express": "11.1.18",
|
|
89
89
|
"@nestjs/schedule": "6.1.1",
|
|
90
|
-
"@nestjs/swagger": "11.2.
|
|
90
|
+
"@nestjs/swagger": "11.2.7",
|
|
91
91
|
"@nestjs/terminus": "11.1.1",
|
|
92
92
|
"@nestjs/websockets": "11.1.18",
|
|
93
93
|
"@tus/file-store": "2.0.0",
|
|
@@ -125,7 +125,7 @@
|
|
|
125
125
|
},
|
|
126
126
|
"devDependencies": {
|
|
127
127
|
"@compodoc/compodoc": "1.2.1",
|
|
128
|
-
"@nestjs/cli": "11.0.
|
|
128
|
+
"@nestjs/cli": "11.0.19",
|
|
129
129
|
"@nestjs/schematics": "11.0.10",
|
|
130
130
|
"@nestjs/testing": "11.1.18",
|
|
131
131
|
"@swc/cli": "0.8.1",
|
|
@@ -136,11 +136,11 @@
|
|
|
136
136
|
"@types/express": "5.0.6",
|
|
137
137
|
"@types/lodash": "4.17.24",
|
|
138
138
|
"@types/multer": "2.1.0",
|
|
139
|
-
"@types/node": "25.
|
|
139
|
+
"@types/node": "25.6.0",
|
|
140
140
|
"@types/nodemailer": "8.0.0",
|
|
141
141
|
"@types/passport": "1.0.17",
|
|
142
|
-
"@vitest/coverage-v8": "4.1.
|
|
143
|
-
"@vitest/ui": "4.1.
|
|
142
|
+
"@vitest/coverage-v8": "4.1.4",
|
|
143
|
+
"@vitest/ui": "4.1.4",
|
|
144
144
|
"ansi-colors": "4.1.3",
|
|
145
145
|
"find-file-up": "2.0.1",
|
|
146
146
|
"husky": "9.1.7",
|
|
@@ -157,8 +157,7 @@
|
|
|
157
157
|
"unplugin-swc": "1.5.9",
|
|
158
158
|
"vite": "7.3.2",
|
|
159
159
|
"vite-plugin-node": "7.0.0",
|
|
160
|
-
"
|
|
161
|
-
"vitest": "4.1.3"
|
|
160
|
+
"vitest": "4.1.4"
|
|
162
161
|
},
|
|
163
162
|
"main": "dist/index.js",
|
|
164
163
|
"types": "dist/index.d.ts",
|
|
@@ -181,7 +180,27 @@
|
|
|
181
180
|
},
|
|
182
181
|
"packageManager": "pnpm@10.33.0",
|
|
183
182
|
"pnpm": {
|
|
183
|
+
"//overrides": {
|
|
184
|
+
"axios@<1.15.0": "Security: SSRF via NO_PROXY bypass (GHSA-3p68-rc4w-qgx5) and unrestricted cloud metadata exfiltration (GHSA-fvcv-3m26-pcqx) - transitive via @getbrevo/brevo and node-mailjet. Remove when @getbrevo/brevo ships axios>=1.15.0",
|
|
185
|
+
"minimatch@<3.1.5": "Security: RegExp DoS (GHSA-p8p7-x288-28g6) - transitive via @getbrevo/brevo>rewire>eslint",
|
|
186
|
+
"minimatch@>=9.0.0 <9.0.9": "Security: RegExp DoS - transitive via @nestjs/cli>@swc/cli",
|
|
187
|
+
"minimatch@>=10.0.0 <10.2.5": "Security: RegExp DoS - transitive via @nestjs/apollo>ts-morph>@ts-morph/common and nodemon",
|
|
188
|
+
"ajv@<6.14.0": "Security: prototype pollution - transitive via @getbrevo/brevo>rewire>eslint",
|
|
189
|
+
"ajv@>=7.0.0-alpha.0 <8.18.0": "Security: prototype pollution - transitive via @nestjs/cli>@angular-devkit",
|
|
190
|
+
"undici@>=7.0.0 <7.24.7": "Security: various CVEs - transitive via @compodoc/compodoc>cheerio",
|
|
191
|
+
"srvx@<0.11.15": "Compatibility: @tus/server@2.3.0 requires ~0.8.2 but 0.11.15 needed for security - remove when @tus/server ships with >=0.11.15",
|
|
192
|
+
"handlebars@>=4.0.0 <4.7.9": "Security: prototype pollution (GHSA-q42p-pg8m-cqh6) - transitive via @compodoc/compodoc",
|
|
193
|
+
"brace-expansion@<1.1.13": "Security: RegExp DoS - transitive via eslint>minimatch",
|
|
194
|
+
"brace-expansion@>=4.0.0 <5.0.5": "Security: RegExp DoS - transitive via nodemon>minimatch and @ts-morph/common>minimatch",
|
|
195
|
+
"picomatch@<2.3.2": "Security: ReDoS - transitive via @nestjs/graphql>fast-glob>micromatch and @compodoc/compodoc>chokidar",
|
|
196
|
+
"picomatch@>=4.0.0 <4.0.4": "Security: ReDoS - transitive via vitest and vite",
|
|
197
|
+
"path-to-regexp@>=8.0.0 <8.4.2": "Security: ReDoS (GHSA-rhx6-c78j-4q9w) - transitive via express>router",
|
|
198
|
+
"kysely@>=0.26.0 <0.28.15": "Security: SQL injection - transitive via better-auth",
|
|
199
|
+
"lodash@>=4.0.0 <4.18.0": "Security: CVE in lodash@4.17.x - transitive via @nestjs/graphql. 4.18.1 is the latest patched version",
|
|
200
|
+
"defu@<=6.1.6": "Security: prototype pollution via __proto__ key - transitive via better-auth"
|
|
201
|
+
},
|
|
184
202
|
"overrides": {
|
|
203
|
+
"axios@<1.15.0": "1.15.0",
|
|
185
204
|
"minimatch@<3.1.5": "3.1.5",
|
|
186
205
|
"minimatch@>=9.0.0 <9.0.9": "9.0.9",
|
|
187
206
|
"minimatch@>=10.0.0 <10.2.5": "10.2.5",
|
|
@@ -197,8 +216,7 @@
|
|
|
197
216
|
"path-to-regexp@>=8.0.0 <8.4.2": "8.4.2",
|
|
198
217
|
"kysely@>=0.26.0 <0.28.15": "0.28.15",
|
|
199
218
|
"lodash@>=4.0.0 <4.18.0": "4.18.1",
|
|
200
|
-
"defu@<=6.1.6": "6.1.7"
|
|
201
|
-
"vite@>=7.0.0 <7.3.2": "7.3.2"
|
|
219
|
+
"defu@<=6.1.6": "6.1.7"
|
|
202
220
|
},
|
|
203
221
|
"onlyBuiltDependencies": [
|
|
204
222
|
"bcrypt",
|