ghost 4.22.0 → 4.22.4

package/core/server/web/api/v3/admin/middleware.js

@@ -59,8 +59,8 @@ module.exports.authAdminApi = [
     auth.authorize.authorizeAdminApi,
     apiMw.updateUserLastSeen,
     apiMw.cors,
-    shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
-    shared.middlewares.prettyUrls,
+    shared.middleware.urlRedirects.adminSSLAndHostRedirect,
+    shared.middleware.prettyUrls,
     notImplemented
 ];
 
@@ -73,8 +73,8 @@ module.exports.authAdminApiWithUrl = [
     auth.authorize.authorizeAdminApi,
     apiMw.updateUserLastSeen,
     apiMw.cors,
-    shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
-    shared.middlewares.prettyUrls,
+    shared.middleware.urlRedirects.adminSSLAndHostRedirect,
+    shared.middleware.prettyUrls,
     notImplemented
 ];
 
@@ -83,7 +83,7 @@ module.exports.authAdminApiWithUrl = [
  */
 module.exports.publicAdminApi = [
     apiMw.cors,
-    shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
-    shared.middlewares.prettyUrls,
+    shared.middleware.urlRedirects.adminSSLAndHostRedirect,
+    shared.middleware.prettyUrls,
     notImplemented
 ];

package/core/server/web/api/v3/admin/routes.js

@@ -182,8 +182,8 @@ module.exports = function apiRoutes() {
     router.get('/session', mw.authAdminApi, http(api.session.read));
     // We don't need auth when creating a new session (logging in)
     router.post('/session',
-        shared.middlewares.brute.globalBlock,
-        shared.middlewares.brute.userLogin,
+        shared.middleware.brute.globalBlock,
+        shared.middleware.brute.userLogin,
         http(api.session.add)
     );
     router.del('/session', mw.authAdminApi, http(api.session.delete));
@@ -193,11 +193,11 @@ module.exports = function apiRoutes() {
 
     // ## Authentication
     router.post('/authentication/passwordreset',
-        shared.middlewares.brute.globalReset,
-        shared.middlewares.brute.userReset,
+        shared.middleware.brute.globalReset,
+        shared.middleware.brute.userReset,
         http(api.authentication.generateResetToken)
     );
-    router.put('/authentication/passwordreset', shared.middlewares.brute.globalBlock, http(api.authentication.resetPassword));
+    router.put('/authentication/passwordreset', shared.middleware.brute.globalBlock, http(api.authentication.resetPassword));
     router.post('/authentication/invitation', http(api.authentication.acceptInvitation));
     router.get('/authentication/invitation', http(api.authentication.isInvitation));
     router.post('/authentication/setup', http(api.authentication.setup));

package/core/server/web/api/v3/content/app.js

@@ -18,17 +18,17 @@ module.exports = function setupApiApp() {
     apiApp.use(boolParser());
 
     // send 503 json response in case of maintenance
-    apiApp.use(shared.middlewares.maintenance);
+    apiApp.use(shared.middleware.maintenance);
 
     // API shouldn't be cached
-    apiApp.use(shared.middlewares.cacheControl('private'));
+    apiApp.use(shared.middleware.cacheControl('private'));
 
     // Routing
     apiApp.use(routes());
 
     // API error handling
-    apiApp.use(shared.middlewares.errorHandler.resourceNotFound);
-    apiApp.use(shared.middlewares.errorHandler.handleJSONResponse);
+    apiApp.use(shared.middleware.errorHandler.resourceNotFound);
+    apiApp.use(shared.middleware.errorHandler.handleJSONResponse);
 
     debug('Content API v3 setup end');
 

package/core/server/web/api/v3/content/middleware.js

@@ -14,10 +14,10 @@ const shared = require('../../../shared');
  * Authentication for public endpoints
  */
 module.exports.authenticatePublic = [
-    shared.middlewares.brute.contentApiKey,
+    shared.middleware.brute.contentApiKey,
     auth.authenticate.authenticateContentApi,
     auth.authorize.authorizeContentApi,
     cors(),
-    shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
-    shared.middlewares.prettyUrls
+    shared.middleware.urlRedirects.adminSSLAndHostRedirect,
+    shared.middleware.prettyUrls
 ];

package/core/server/web/members/app.js

@@ -14,10 +14,10 @@ module.exports = function setupMembersApp() {
     const membersApp = express('members');
 
     // send 503 json response in case of maintenance
-    membersApp.use(shared.middlewares.maintenance);
+    membersApp.use(shared.middleware.maintenance);
 
     // Members API shouldn't be cached
-    membersApp.use(shared.middlewares.cacheControl('private'));
+    membersApp.use(shared.middleware.cacheControl('private'));
 
     // Support CORS for requests from the frontend
     const siteUrl = new URL(urlUtils.getSiteUrl());
@@ -42,19 +42,19 @@ module.exports = function setupMembersApp() {
     membersApp.get('/api/site', middleware.getMemberSiteData);
 
     // NOTE: this is wrapped in a function to ensure we always go via the getter
-    membersApp.post('/api/send-magic-link', bodyParser.json(), shared.middlewares.brute.membersAuth, (req, res, next) => membersService.api.middleware.sendMagicLink(req, res, next));
+    membersApp.post('/api/send-magic-link', bodyParser.json(), shared.middleware.brute.membersAuth, (req, res, next) => membersService.api.middleware.sendMagicLink(req, res, next));
     membersApp.post('/api/create-stripe-checkout-session', (req, res, next) => membersService.api.middleware.createCheckoutSession(req, res, next));
     membersApp.post('/api/create-stripe-update-session', (req, res, next) => membersService.api.middleware.createCheckoutSetupSession(req, res, next));
     membersApp.put('/api/subscriptions/:id', (req, res, next) => membersService.api.middleware.updateSubscription(req, res, next));
     membersApp.post('/api/events', labs.enabledMiddleware('membersActivity'), middleware.loadMemberSession, (req, res, next) => membersService.api.middleware.createEvents(req, res, next));
 
     // API error handling
-    membersApp.use('/api', shared.middlewares.errorHandler.resourceNotFound);
-    membersApp.use('/api', shared.middlewares.errorHandler.handleJSONResponseV2);
+    membersApp.use('/api', shared.middleware.errorHandler.resourceNotFound);
+    membersApp.use('/api', shared.middleware.errorHandler.handleJSONResponseV2);
 
     // Webhook error handling
-    membersApp.use('/webhooks', shared.middlewares.errorHandler.resourceNotFound);
-    membersApp.use('/webhooks', shared.middlewares.errorHandler.handleJSONResponseV2);
+    membersApp.use('/webhooks', shared.middleware.errorHandler.resourceNotFound);
+    membersApp.use('/webhooks', shared.middleware.errorHandler.handleJSONResponseV2);
 
     debug('Members App setup end');
 

package/core/server/web/oauth/app.js

@@ -25,7 +25,7 @@ module.exports = function setupOAuthApp() {
     oauthApp.use(labsMiddleware);
 
     // send 503 json response in case of maintenance
-    oauthApp.use(shared.middlewares.maintenance);
+    oauthApp.use(shared.middleware.maintenance);
 
     /**
      * Configure the passport.authenticate middleware

package/core/server/web/parent/app.js

@@ -4,7 +4,6 @@ const express = require('../../../shared/express');
 const compress = require('compression');
 const mw = require('./middleware');
 const vhost = require('@tryghost/vhost-middleware');
-const vhostUtils = require('./vhost-utils');
 
 module.exports = function setupParentApp(options = {}) {
     debug('ParentApp setup start');
@@ -29,11 +28,11 @@ module.exports = function setupParentApp(options = {}) {
 
     // ADMIN + API
     const backendApp = require('./backend')();
-    parentApp.use(vhost(vhostUtils.getBackendHostArg(), backendApp));
+    parentApp.use(vhost(config.getBackendMountPath(), backendApp));
 
     // SITE + MEMBERS
     const frontendApp = require('./frontend')(options);
-    parentApp.use(vhost(vhostUtils.getFrontendHostArg(), frontendApp));
+    parentApp.use(vhost(config.getFrontendMountPath(), frontendApp));
 
     debug('ParentApp setup end');
 

package/core/server/web/parent/frontend.js

@@ -16,7 +16,7 @@ module.exports = (options) => {
 
     // Force SSL if blog url is set to https. The redirects handling must happen before asset and page routing,
     // otherwise we serve assets/pages with http. This can cause mixed content warnings in the admin client.
-    frontendApp.use(shared.middlewares.urlRedirects.frontendSSLRedirect);
+    frontendApp.use(shared.middleware.urlRedirects.frontendSSLRedirect);
 
     frontendApp.lazyUse('/members', require('../members'));
     frontendApp.use('/', require('../../../frontend/web')(options));

package/core/server/web/shared/index.js

@@ -1,5 +1,5 @@
 module.exports = {
-    get middlewares() {
-        return require('./middlewares');
+    get middleware() {
+        return require('./middleware');
     }
 };

package/core/shared/config/defaults.json

@@ -15,7 +15,9 @@
     "privacy": false,
     "useMinFiles": true,
     "paths": {
-        "contentPath": "content/"
+        "contentPath": "content/",
+        "fixtures": "core/server/data/schema/fixtures/fixtures",
+        "assetSrc": "core/frontend/src"
     },
     "adapters": {
         "sso": {
@@ -25,7 +27,9 @@
     "storage": {
         "active": "LocalImagesStorage",
         "media": "LocalMediaStorage",
-        "LocalMediaStorage": {}
+        "files": "LocalFilesStorage",
+        "LocalMediaStorage": {},
+        "LocalFilesStorage": {}
     },
     "scheduling": {
         "active": "SchedulingDefault"
@@ -125,5 +129,9 @@
     "portal": {
         "url": "https://unpkg.com/@tryghost/portal@~1.12.0/umd/portal.min.js",
         "version": "1.12"
+    },
+    "tenor": {
+        "apiKey": null,
+        "contentFilter": "off"
     }
 }

package/core/shared/config/helpers.js

@@ -1,4 +1,42 @@
 const path = require('path');
+const escapeRegExp = require('lodash/escapeRegExp');
+const {URL} = require('url');
+
+const DEFAULT_HOST_ARG = /.*/;
+
+const getHostInfo = (config) => {
+    const frontendHost = new URL(config.getSiteUrl()).hostname;
+
+    const backendHost = config.getAdminUrl() ? (new URL(config.getAdminUrl()).hostname) : '';
+    const hasSeparateBackendHost = backendHost && backendHost !== frontendHost;
+
+    return {
+        backendHost,
+        hasSeparateBackendHost
+    };
+};
+
+/**
+ *
+ * @returns {string|RegExp}
+ */
+const getBackendMountPath = function getFrontendMountPath() {
+    const {backendHost, hasSeparateBackendHost} = getHostInfo(this);
+
+    // with a separate admin url only serve on that host, otherwise serve on all hosts
+    return (hasSeparateBackendHost) && backendHost ? backendHost : DEFAULT_HOST_ARG;
+};
+
+/**
+ *
+ * @returns {string|RegExp}
+ */
+const getFrontendMountPath = function getFrontendMountPath() {
+    const {backendHost, hasSeparateBackendHost} = getHostInfo(this);
+
+    // with a separate admin url we adjust the frontend vhost to exclude requests to that host, otherwise serve on all hosts
+    return (hasSeparateBackendHost && backendHost) ? new RegExp(`^(?!${escapeRegExp(backendHost)}).*`) : DEFAULT_HOST_ARG;
+};
 
 /**
  * @callback isPrivacyDisabledFn
@@ -34,6 +72,8 @@ const getContentPath = function getContentPath(type) {
         return path.join(this.get('paths:contentPath'), 'images/');
     case 'media':
         return path.join(this.get('paths:contentPath'), 'media/');
+    case 'files':
+        return path.join(this.get('paths:contentPath'), 'files/');
     case 'themes':
         return path.join(this.get('paths:contentPath'), 'themes/');
     case 'adapters':
@@ -44,6 +84,8 @@ const getContentPath = function getContentPath(type) {
         return path.join(this.get('paths:contentPath'), 'data/');
     case 'settings':
         return path.join(this.get('paths:contentPath'), 'settings/');
+    case 'public':
+        return path.join(this.get('paths:contentPath'), 'public/');
     default:
         // new Error is allowed here, as we do not want config to depend on @tryghost/error
         // @TODO: revisit this decision when @tryghost/error is no longer dependent on all of ghost-ignition
@@ -60,4 +102,6 @@ const getContentPath = function getContentPath(type) {
 module.exports.bindAll = (nconf) => {
     nconf.isPrivacyDisabled = isPrivacyDisabled.bind(nconf);
     nconf.getContentPath = getContentPath.bind(nconf);
+    nconf.getBackendMountPath = getBackendMountPath.bind(nconf);
+    nconf.getFrontendMountPath = getFrontendMountPath.bind(nconf);
 };

package/core/shared/config/loader.js

@@ -41,8 +41,8 @@ function loadNconf(options) {
     // ## Config Methods
 
     // Expose dynamic utility methods
-    helpers.bindAll(nconf);
     urlHelpers.bindAll(nconf);
+    helpers.bindAll(nconf);
 
     // ## Sanitization
 

package/core/shared/config/overrides.json

@@ -31,8 +31,8 @@
             "contentTypes": ["image/jpeg", "image/png", "image/gif", "image/svg+xml", "image/x-icon", "image/vnd.microsoft.icon", "image/webp"]
         },
         "media": {
-            "extensions": [".mp4",".webm", ".ogv"],
-            "contentTypes": ["video/mp4", "video/webm", "video/ogg"]
+            "extensions": [".mp4",".webm", ".ogv", ".mp3", ".wav", ".ogg"],
+            "contentTypes": ["video/mp4", "video/webm", "video/ogg", "audio/mpeg", "audio/vnd.wav", "audio/ogg"]
         },
         "thumbnails": {
             "extensions": [".jpg", ".jpeg", ".gif", ".png", ".svg", ".svgz", ".ico", ".webp"],

package/core/shared/labs.js

@@ -29,8 +29,15 @@ const ALPHA_FEATURES = [
     'oauthLogin',
     'membersActivity',
     'cardSettingsPanel',
+    'urlCache',
     'mediaAPI',
-    'membersAutoLogin'
+    'filesAPI',
+    'membersAutoLogin',
+    'buttonCard',
+    'calloutCard',
+    'nftCard',
+    'accordionCard',
+    'gifsCard'
 ];
 
 module.exports.GA_KEYS = [...GA_FEATURES];

package/loggingrc.js

@@ -1,25 +1,24 @@
 const config = require('./core/shared/config');
 const ghostVersion = require('@tryghost/version');
 
-module.exports = {
-    name: config.get('logging:name'),
-    env: config.get('env'),
-    path: config.get('logging:path') || config.getContentPath('logs'),
+// Config for logging
+const loggingConfig = config.get('logging') || {};
+
+if (!loggingConfig.path) {
+    loggingConfig.path = config.getContentPath('logs');
+}
+
+// Additional values used by logging
+loggingConfig.env = config.get('env');
+loggingConfig.domain = config.get('url');
+
+// Config for metrics
+loggingConfig.metrics = config.get('logging:metrics') || {};
+loggingConfig.metrics.metadata = {
+    // Undefined if unavailable
+    siteId: config.get('hostSettings:siteId'),
     domain: config.get('url'),
-    mode: config.get('logging:mode'),
-    level: config.get('logging:level'),
-    transports: config.get('logging:transports'),
-    metrics: {
-        transports: config.get('logging:metrics:transports'),
-        metadata: {
-            // Undefined if unavailable
-            siteId: config.get('hostSettings:siteId'),
-            domain: config.get('url'),
-            version: ghostVersion.safe
-        }
-    },
-    gelf: config.get('logging:gelf'),
-    loggly: config.get('logging:loggly'),
-    elasticsearch: config.get('logging:elasticsearch'),
-    rotation: config.get('logging:rotation')
+    version: ghostVersion.safe
 };
+
+module.exports = loggingConfig;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ghost",
-  "version": "4.22.0",
+  "version": "4.22.4",
   "description": "The professional publishing platform",
   "author": "Ghost Foundation",
   "homepage": "https://ghost.org",
@@ -29,7 +29,7 @@
     "test": "mocha --require=./test/utils/overrides.js --exit --trace-warnings --recursive --extension=test.js --timeout=60000",
     "test:all": "yarn test:unit && yarn test:integration && yarn test:e2e && yarn lint",
     "test:debug": "DEBUG=ghost:test* yarn test",
-    "test:unit": "c8 --all -n 'core/{*.js,frontend,server,shared}' --reporter text-summary --reporter cobertura mocha --require=./test/utils/overrides.js --exit --trace-warnings --recursive --extension=test.js './test/unit' --timeout=2000",
+    "test:unit": "c8 --reporter text-summary --reporter cobertura mocha --require=./test/utils/overrides.js --exit --trace-warnings --recursive --extension=test.js './test/unit' --timeout=2000",
     "test:integration": "mocha --require=./test/utils/overrides.js --exit --trace-warnings --recursive --extension=test.js  './test/integration' --timeout=5000",
     "test:e2e": "mocha --require=./test/utils/overrides.js --exit --trace-warnings --recursive --extension=test.js './test/e2e-api' './test/e2e-frontend' './test/e2e-server' --timeout=10000",
     "test:regression": "mocha --require=./test/utils/overrides.js --exit --trace-warnings --recursive --extension=test.js  './test/regression' --timeout=60000",
@@ -37,7 +37,7 @@
     "test:int:slow": "yarn test:integration --reporter=mocha-slow-test-reporter",
     "test:e2e:slow": "yarn test:e2e --reporter=mocha-slow-test-reporter",
     "test:reg:slow": "mocha --require=./test/utils/overrides.js --exit --trace-warnings --recursive --extension=test.js  './test/regression' --timeout=60000 --reporter=mocha-slow-test-reporter",
-    "cov:unit": "c8 report --all -n 'core/{*.js,frontend,server,shared}' -x 'core/frontend/public' --reporter text --reporter html",
+    "cov:unit": "c8 report --reporter text --reporter html",
     "lint:server": "eslint --ignore-path .eslintignore 'core/server/**/*.js' 'core/*.js' '*.js'",
     "lint:shared": "eslint --ignore-path .eslintignore 'core/shared/**/*.js'",
     "lint:frontend": "eslint --ignore-path .eslintignore 'core/frontend/**/*.js'",
@@ -54,51 +54,51 @@
   },
   "dependencies": {
     "@nexes/nql": "0.6.0",
-    "@sentry/node": "6.14.0",
+    "@sentry/node": "6.15.0",
     "@tryghost/adapter-manager": "0.2.18",
-    "@tryghost/admin-api-schema": "2.6.0",
+    "@tryghost/admin-api-schema": "2.6.1",
     "@tryghost/bookshelf-plugins": "0.3.4",
     "@tryghost/bootstrap-socket": "0.2.13",
-    "@tryghost/color-utils": "0.1.2",
+    "@tryghost/color-utils": "0.1.5",
     "@tryghost/config-url-helpers": "0.1.3",
-    "@tryghost/constants": "0.1.12",
+    "@tryghost/constants": "1.0.0",
     "@tryghost/custom-theme-settings-service": "0.3.1",
     "@tryghost/debug": "0.1.9",
     "@tryghost/email-analytics-provider-mailgun": "1.0.5",
     "@tryghost/email-analytics-service": "1.0.4",
     "@tryghost/errors": "0.2.17",
     "@tryghost/express-dynamic-redirects": "0.2.1",
-    "@tryghost/helpers": "1.1.52",
+    "@tryghost/helpers": "1.1.54",
     "@tryghost/image-transform": "1.0.18",
     "@tryghost/job-manager": "0.8.12",
     "@tryghost/kg-card-factory": "3.1.0",
     "@tryghost/kg-default-atoms": "3.1.0",
-    "@tryghost/kg-default-cards": "5.1.0",
+    "@tryghost/kg-default-cards": "5.8.3",
     "@tryghost/kg-markdown-html-renderer": "5.1.0",
     "@tryghost/kg-mobiledoc-html-renderer": "5.2.0",
     "@tryghost/limit-service": "1.0.0",
-    "@tryghost/logging": "1.0.0",
+    "@tryghost/logging": "1.0.1",
     "@tryghost/magic-link": "1.0.14",
-    "@tryghost/members-api": "2.7.2",
+    "@tryghost/members-api": "2.7.4",
     "@tryghost/members-csv": "1.1.8",
     "@tryghost/members-importer": "0.3.4",
-    "@tryghost/members-offers": "0.10.1",
+    "@tryghost/members-offers": "0.10.2",
     "@tryghost/members-ssr": "1.0.15",
-    "@tryghost/metrics": "1.0.0",
-    "@tryghost/minifier": "0.1.0",
+    "@tryghost/metrics": "1.0.1",
+    "@tryghost/minifier": "0.1.1",
     "@tryghost/mw-session-from-token": "0.1.26",
-    "@tryghost/nodemailer": "0.3.6",
+    "@tryghost/nodemailer": "0.3.7",
     "@tryghost/package-json": "1.0.6",
     "@tryghost/promise": "0.1.13",
-    "@tryghost/request": "0.1.8",
+    "@tryghost/request": "0.1.9",
     "@tryghost/root-utils": "0.3.7",
     "@tryghost/security": "0.2.13",
     "@tryghost/session-service": "0.1.28",
-    "@tryghost/social-urls": "0.1.26",
-    "@tryghost/string": "0.1.20",
+    "@tryghost/social-urls": "0.1.27",
+    "@tryghost/string": "0.1.21",
     "@tryghost/tpl": "0.1.8",
     "@tryghost/update-check-service": "0.2.5",
-    "@tryghost/url-utils": "2.0.2",
+    "@tryghost/url-utils": "2.0.4",
     "@tryghost/validator": "0.1.8",
     "@tryghost/version": "0.1.7",
     "@tryghost/vhost-middleware": "1.0.19",
@@ -126,10 +126,10 @@
     "express-query-boolean": "2.0.0",
     "express-session": "1.17.2",
     "fs-extra": "10.0.0",
-    "ghost-storage-base": "0.0.6",
+    "ghost-storage-base": "1.0.0",
     "glob": "7.2.0",
     "got": "9.6.0",
-    "gscan": "4.10.1",
+    "gscan": "4.11.0",
     "html-to-text": "5.1.1",
     "image-size": "1.0.0",
     "intl": "1.2.5",
@@ -140,26 +140,26 @@
     "juice": "8.0.0",
     "keypair": "1.0.4",
     "knex": "0.21.21",
-    "knex-migrator": "4.1.1",
+    "knex-migrator": "4.1.3",
     "lodash": "4.17.21",
-    "luxon": "2.0.2",
+    "luxon": "2.1.1",
     "mailgun-js": "0.22.0",
-    "metascraper": "5.25.0",
-    "metascraper-author": "5.25.0",
-    "metascraper-description": "5.25.0",
-    "metascraper-image": "5.25.0",
-    "metascraper-logo": "5.25.0",
-    "metascraper-logo-favicon": "5.25.0",
-    "metascraper-publisher": "5.25.0",
-    "metascraper-title": "5.25.0",
-    "metascraper-url": "5.25.0",
+    "metascraper": "5.25.1",
+    "metascraper-author": "5.25.1",
+    "metascraper-description": "5.25.1",
+    "metascraper-image": "5.25.1",
+    "metascraper-logo": "5.25.1",
+    "metascraper-logo-favicon": "5.25.1",
+    "metascraper-publisher": "5.25.1",
+    "metascraper-title": "5.25.1",
+    "metascraper-url": "5.25.1",
     "moment": "2.24.0",
     "moment-timezone": "0.5.23",
     "multer": "1.4.3",
     "mysql": "2.18.1",
     "nconf": "0.11.3",
     "node-jose": "2.0.0",
-    "oembed-parser": "1.4.9",
+    "oembed-parser": "1.5.2",
     "passport": "0.5.0",
     "passport-google-oauth": "2.0.0",
     "path-match": "1.2.4",
@@ -173,14 +173,14 @@
     "xml": "1.0.1"
   },
   "optionalDependencies": {
-    "@tryghost/html-to-mobiledoc": "0.7.17",
+    "@tryghost/html-to-mobiledoc": "1.3.2",
     "sqlite3": "5.0.2"
   },
   "devDependencies": {
     "@lodder/grunt-postcss": "3.1.1",
     "c8": "7.10.0",
     "coffeescript": "2.6.1",
-    "cssnano": "5.0.9",
+    "cssnano": "5.0.11",
     "eslint": "7.32.0",
     "eslint-plugin-ghost": "2.7.0",
     "grunt": "1.4.1",
@@ -198,7 +198,7 @@
     "mocha": "9.1.3",
     "mocha-slow-test-reporter": "0.1.2",
     "mock-knex": "0.4.10",
-    "nock": "13.1.4",
+    "nock": "13.2.1",
     "papaparse": "5.3.1",
     "postcss": "8.3.11",
     "rewire": "5.0.0",