From db242d8495144a41f3ea8330932337d4902b524f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 12 Jun 2025 10:14:06 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073
---
 package-lock.json | 64 +++++++++++------------------------------------
 package.json      |  2 +-
 2 files changed, 16 insertions(+), 50 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index ad949d9e..ef696f99 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9,7 +9,7 @@
       "version": "0.2.14",
       "license": "MIT",
       "dependencies": {
-        "@promster/metrics": "^10.0.0",
+        "@promster/metrics": "^14.0.0",
         "@promster/server": "^14.0.0",
         "config": "^3.3.9",
         "es-main": "^1.2.0",
@@ -1568,27 +1568,25 @@
       }
     },
     "node_modules/@promster/metrics": {
-      "version": "10.0.0",
-      "resolved": "https://registry.npmjs.org/@promster/metrics/-/metrics-10.0.0.tgz",
-      "integrity": "sha512-WDAUpAuHQ/Jn/vOhGUnp2IswSAACZ0SSUxpKWfUjW+yGJfUYX1DBa2NX0RYAA4NnZt2MA9hq1jhkdBenzAIe0g==",
+      "version": "14.0.0",
+      "resolved": "https://registry.npmjs.org/@promster/metrics/-/metrics-14.0.0.tgz",
+      "integrity": "sha512-Qox9klvGaGHBibica4y6BzOveCI2khmb3gx/yLQYAID0H6BenU174n29LcvlawrMLfm8Z028YfHaZvFGlRXhBA==",
+      "license": "MIT",
       "dependencies": {
+        "@promster/types": "^14.0.0",
         "lodash.memoize": "4.1.2",
         "lodash.once": "4.1.1",
         "merge-options": "3.0.4",
-        "optional": "0.1.4",
-        "ts-essentials": "9.3.2",
-        "tslib": "2.4.1",
+        "prometheus-gc-stats": "1.1.0",
+        "tslib": "2.6.2",
         "url-value-parser": "2.2.0"
       },
       "engines": {
-        "node": ">=16",
+        "node": ">=20",
         "npm": ">=8"
       },
-      "optionalDependencies": {
-        "@sematext/gc-stats": "1.5.9"
-      },
       "peerDependencies": {
-        "prom-client": "13.x.x || 14.x"
+        "prom-client": "13.x.x || 14.x || 15.x"
       }
     },
     "node_modules/@promster/server": {
@@ -1605,32 +1603,6 @@
         "npm": ">=8"
       }
     },
-    "node_modules/@promster/server/node_modules/@promster/metrics": {
-      "version": "14.0.0",
-      "resolved": "https://registry.npmjs.org/@promster/metrics/-/metrics-14.0.0.tgz",
-      "integrity": "sha512-Qox9klvGaGHBibica4y6BzOveCI2khmb3gx/yLQYAID0H6BenU174n29LcvlawrMLfm8Z028YfHaZvFGlRXhBA==",
-      "dependencies": {
-        "@promster/types": "^14.0.0",
-        "lodash.memoize": "4.1.2",
-        "lodash.once": "4.1.1",
-        "merge-options": "3.0.4",
-        "prometheus-gc-stats": "1.1.0",
-        "tslib": "2.6.2",
-        "url-value-parser": "2.2.0"
-      },
-      "engines": {
-        "node": ">=20",
-        "npm": ">=8"
-      },
-      "peerDependencies": {
-        "prom-client": "13.x.x || 14.x || 15.x"
-      }
-    },
-    "node_modules/@promster/server/node_modules/tslib": {
-      "version": "2.6.2",
-      "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.2.tgz",
-      "integrity": "sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q=="
-    },
     "node_modules/@promster/types": {
       "version": "14.0.0",
       "resolved": "https://registry.npmjs.org/@promster/types/-/types-14.0.0.tgz",
@@ -12155,14 +12127,6 @@
         "typescript": ">=4.2.0"
       }
     },
-    "node_modules/ts-essentials": {
-      "version": "9.3.2",
-      "resolved": "https://registry.npmjs.org/ts-essentials/-/ts-essentials-9.3.2.tgz",
-      "integrity": "sha512-JxKJzuWqH1MmH4ZFHtJzGEhkfN3QvVR3C3w+4BIoWeoY68UVVoA2Np/Bca9z0IPSErVCWhv439aT0We4Dks8kQ==",
-      "peerDependencies": {
-        "typescript": ">=4.1.0"
-      }
-    },
     "node_modules/ts-jest": {
       "version": "29.3.1",
       "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.3.1.tgz",
@@ -12303,9 +12267,10 @@
       }
     },
     "node_modules/tslib": {
-      "version": "2.4.1",
-      "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz",
-      "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA=="
+      "version": "2.6.2",
+      "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.2.tgz",
+      "integrity": "sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==",
+      "license": "0BSD"
     },
     "node_modules/tsutils": {
       "version": "3.21.0",
@@ -12500,6 +12465,7 @@
       "version": "5.7.3",
       "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.3.tgz",
       "integrity": "sha512-84MVSjMEHP+FQRPy3pX9sTVV/INIex71s9TL2Gm5FG/WG1SqXeKyZ0k7/blY/4FdOzI12CBy1vGc4og/eus0fw==",
+      "devOptional": true,
       "license": "Apache-2.0",
       "bin": {
         "tsc": "bin/tsc",
diff --git a/package.json b/package.json
index f65d3563..623b4fd5 100644
--- a/package.json
+++ b/package.json
@@ -77,7 +77,7 @@
     "syslog-portal": "dist/app.js"
   },
   "dependencies": {
-    "@promster/metrics": "^10.0.0",
+    "@promster/metrics": "^14.0.0",
     "@promster/server": "^14.0.0",
     "config": "^3.3.9",
     "es-main": "^1.2.0",