From ba651c543cf714e7acf999a71e8733b9a182373c Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 19 Jan 2022 11:43:06 +0000
Subject: [PATCH] fix: server/package.json & server/package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118
---
 server/package-lock.json | 28 +++-------------------------
 server/package.json      |  2 +-
 2 files changed, 4 insertions(+), 26 deletions(-)

diff --git a/server/package-lock.json b/server/package-lock.json
index 69b839c..69d6a24 100644
--- a/server/package-lock.json
+++ b/server/package-lock.json
@@ -4,15 +4,6 @@
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
-    "cross-fetch": {
-      "version": "2.0.0",
-      "resolved": "http://registry.npmjs.org/cross-fetch/-/cross-fetch-2.0.0.tgz",
-      "integrity": "sha512-gnx0GnDyW73iDq6DpqceL8i4GGn55PPKDzNwZkopJ3mKPcfJ0BUIXBsnYfJBVw+jFDB+hzIp2ELNRdqoxN6M3w==",
-      "requires": {
-        "node-fetch": "2.0.0",
-        "whatwg-fetch": "2.0.3"
-      }
-    },
     "graphql": {
       "version": "14.0.2",
       "resolved": "https://registry.npmjs.org/graphql/-/graphql-14.0.2.tgz",
@@ -22,12 +13,9 @@
       }
     },
     "graphql-request": {
-      "version": "1.6.0",
-      "resolved": "https://registry.npmjs.org/graphql-request/-/graphql-request-1.6.0.tgz",
-      "integrity": "sha512-qqAPLZuaGlwZDsMQ2FfgEyZMcXFMsPPDl6bQQlmwP/xCnk1TqxkE1S644LsHTXAHYPvmRWsIimfdcnys5+o+fQ==",
-      "requires": {
-        "cross-fetch": "2.0.0"
-      }
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/graphql-request/-/graphql-request-2.0.0.tgz",
+      "integrity": "sha512-Ww3Ax+G3l2d+mPT8w7HC9LfrKjutnCKtnDq7ZZp2ghVk5IQDjwAk3/arRF1ix17Ky15rm0hrSKVKxRhIVlSuoQ=="
     },
     "graphql-tag": {
       "version": "2.10.0",
@@ -44,11 +32,6 @@
       "resolved": "https://registry.npmjs.org/iterall/-/iterall-1.2.2.tgz",
       "integrity": "sha512-yynBb1g+RFUPY64fTrFv7nsjRrENBQJaX2UL+2Szc9REFrSNm1rpSXHGzhmAy7a9uv3vlvgBlXnf9RqmPH1/DA=="
     },
-    "node-fetch": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.0.0.tgz",
-      "integrity": "sha1-mCu6Q+zU8pIqKcwYamu7C7c/y6Y="
-    },
     "nodemailer": {
       "version": "4.6.8",
       "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-4.6.8.tgz",
@@ -75,11 +58,6 @@
       "requires": {
         "inherits": "2.0.3"
       }
-    },
-    "whatwg-fetch": {
-      "version": "2.0.3",
-      "resolved": "https://registry.npmjs.org/whatwg-fetch/-/whatwg-fetch-2.0.3.tgz",
-      "integrity": "sha1-nITsLc9oGH/wC8ZOEnS0QhduHIQ="
     }
   }
 }
diff --git a/server/package.json b/server/package.json
index 06783c5..f446ccf 100644
--- a/server/package.json
+++ b/server/package.json
@@ -3,7 +3,7 @@
   "version": "1.0.0",
   "dependencies": {
     "graphql": "^14.0.2",
-    "graphql-request": "^1.6.0",
+    "graphql-request": "^2.0.0",
     "graphql-tag": "^2.10.0",
     "nodemailer": "^4.6.8",
     "path": "^0.12.7"