From 30b7718b0e0327b079d9fb4595b84f89cf867c37 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 25 Jan 2026 12:13:04 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15038581
- https://snyk.io/vuln/SNYK-JS-TAR-6476909
---
 package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 714235fca9..8e9d86bef8 100644
--- a/package.json
+++ b/package.json
@@ -37,7 +37,7 @@
     "@sectester/runner": "^0.16.5",
     "@sectester/scan": "^0.16.5",
     "axios": "^0.21.2",
-    "bcrypt": "^5.0.0",
+    "bcrypt": "^6.0.0",
     "class-transformer": "^0.5.1",
     "dot": "^1.1.3",
     "dotenv": "^8.2.0",
@@ -49,7 +49,7 @@
     "jsonwebtoken": "^8.5.1",
     "jwk-to-pem": "^2.0.5",
     "jwt-simple": "^0.5.6",
-    "libxmljs": "^0.19.7",
+    "libxmljs": "^0.19.8",
     "node-jwk": "^0.1.0",
     "pg": "^8.7.1",
     "raw-body": "^2.4.1",