Update dependencies for DRC
In particular, upgrade `jsonwebtoken` to 9.0.0 that fixes CVE-2022-23540
Bug: 264124577
Test: npm update
Test: npm audit fix --force
Change-Id: Ia228cf5fc69baf995c37796679da74cadc646ce1
diff --git a/server/functions/package.json b/server/functions/package.json
index 85ba565..9dd1994 100644
--- a/server/functions/package.json
+++ b/server/functions/package.json
@@ -14,9 +14,9 @@
},
"main": "index.js",
"dependencies": {
- "firebase-admin": "^9.3.0",
+ "firebase-admin": "^11.4.1",
"firebase-functions": "^3.11.0",
- "jsonwebtoken": "^8.5.1"
+ "jsonwebtoken": "^9.0.0"
},
"devDependencies": {
"eslint": "^5.12.0",
diff --git a/server/package.json b/server/package.json
index 269e852..642efc4 100644
--- a/server/package.json
+++ b/server/package.json
@@ -1,6 +1,6 @@
{
"dependencies": {
- "firebase-admin": "^9.5.0",
+ "firebase-admin": "^11.4.1",
"firebase-functions": "^3.13.2"
}
}