fix vuln in jsonwebtoken and got deps (#75)

javascript/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@transcend-io/examples-javascript",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Example of an application integrated with Transcend.",
   "main": "src/app.js",
   "scripts": {
@@ -16,8 +16,8 @@
     "dotenv": "^8.6.0",
     "express": "^4.18.1",
     "express-async-handler": "^1.2.0",
-    "got": "=11.8.3",
-    "jsonwebtoken": "^8.5.1",
+    "got": "=11.8.5",
+    "jsonwebtoken": "^9.0.0",
     "morgan": "^1.10.0"
   },
   "devDependencies": {

trackers-demo/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@transcend-io/trackers-demo",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "Example of how basic cookie tracking works",
   "main": "src/server.js",
   "scripts": {
@@ -16,7 +16,7 @@
     "express": "^4.18.1",
     "express-async-handler": "^1.2.0",
     "got": "^12.1.0",
-    "jsonwebtoken": "^8.5.1",
+    "jsonwebtoken": "^9.0.0",
     "morgan": "^1.10.0"
   },
   "devDependencies": {

typescript/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@transcend-io/typescript-webhook-example",
-  "version": "1.4.0",
+  "version": "1.4.1",
   "description": "Example of a webhook that can be integrated with Transcend.",
   "main": "build/app",
   "files": [
@@ -24,14 +24,14 @@
   "dependencies": {
     "express": "^4.18.1",
     "express-async-handler": "^1.2.0",
-    "got": "=11.8.3",
-    "jsonwebtoken": "^8.5.1",
+    "got": "=11.8.5",
+    "jsonwebtoken": "^9.0.0",
     "morgan": "^1.10.0"
   },
   "devDependencies": {
     "@types/express": "^4.17.13",
     "@types/got": "^9.6.12",
-    "@types/jsonwebtoken": "^8.5.8",
+    "@types/jsonwebtoken": "^9.0.0",
     "@types/morgan": "^1.9.3",
     "@types/node": "=17.0.26",
     "dotenv": "^8.2.0",

yarn.lock

@@ -332,8 +332,8 @@ __metadata:
     dotenv: ^8.6.0
     express: ^4.18.1
     express-async-handler: ^1.2.0
-    got: =11.8.3
-    jsonwebtoken: ^8.5.1
+    got: =11.8.5
+    jsonwebtoken: ^9.0.0
     morgan: ^1.10.0
     nodemon: ^2.0.4
   languageName: unknown
@@ -372,7 +372,7 @@ __metadata:
     express: ^4.18.1
     express-async-handler: ^1.2.0
     got: ^12.1.0
-    jsonwebtoken: ^8.5.1
+    jsonwebtoken: ^9.0.0
     morgan: ^1.10.0
     nodemon: ^2.0.4
   languageName: unknown
@@ -384,14 +384,14 @@ __metadata:
   dependencies:
     "@types/express": ^4.17.13
     "@types/got": ^9.6.12
-    "@types/jsonwebtoken": ^8.5.8
+    "@types/jsonwebtoken": ^9.0.0
     "@types/morgan": ^1.9.3
     "@types/node": =17.0.26
     dotenv: ^8.2.0
     express: ^4.18.1
     express-async-handler: ^1.2.0
-    got: =11.8.3
-    jsonwebtoken: ^8.5.1
+    got: =11.8.5
+    jsonwebtoken: ^9.0.0
     morgan: ^1.10.0
     nodemon: ^2.0.4
     ts-node: ^10.7.0
@@ -543,12 +543,12 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@types/jsonwebtoken@npm:^8.5.8":
-  version: 8.5.8
-  resolution: "@types/jsonwebtoken@npm:8.5.8"
+"@types/jsonwebtoken@npm:^9.0.0":
+  version: 9.0.0
+  resolution: "@types/jsonwebtoken@npm:9.0.0"
   dependencies:
     "@types/node": "*"
-  checksum: 56738a918c543dba30786066959f801212e7fb5cd4ec53cf7b8d227711ed358834feb9e5141f7f88ec7c642bb39757330a5a8917e3b22e0ff9084940d35f0d70
+  checksum: c7791354ba895759524c18ba609ea04efdc576e2b660bd6f80d5b917db8dc4b01acd4d1bc115a62d35406a82e627067973d475c4b36035dabaa27862b141ae49
   languageName: node
   linkType: hard
 
@@ -2835,7 +2835,26 @@ __metadata:
   languageName: node
   linkType: hard
 
-"got@npm:=11.8.3, got@npm:^11.7.0":
+"got@npm:=11.8.5":
+  version: 11.8.5
+  resolution: "got@npm:11.8.5"
+  dependencies:
+    "@sindresorhus/is": ^4.0.0
+    "@szmarczak/http-timer": ^4.0.5
+    "@types/cacheable-request": ^6.0.1
+    "@types/responselike": ^1.0.0
+    cacheable-lookup: ^5.0.3
+    cacheable-request: ^7.0.2
+    decompress-response: ^6.0.0
+    http2-wrapper: ^1.0.0-beta.5.2
+    lowercase-keys: ^2.0.0
+    p-cancelable: ^2.0.0
+    responselike: ^2.0.0
+  checksum: 2de8a1bbda4e9b6b2b72b2d2100bc055a59adc1740529e631f61feb44a8b9a1f9f8590941ed9da9df0090b6d6d0ed8ffee94cd9ac086ec3409b392b33440f7d2
+  languageName: node
+  linkType: hard
+
+"got@npm:^11.7.0":
   version: 11.8.3
   resolution: "got@npm:11.8.3"
   dependencies:
@@ -3539,21 +3558,15 @@ __metadata:
   languageName: node
   linkType: hard
 
-"jsonwebtoken@npm:^8.5.1":
-  version: 8.5.1
-  resolution: "jsonwebtoken@npm:8.5.1"
+"jsonwebtoken@npm:^9.0.0":
+  version: 9.0.0
+  resolution: "jsonwebtoken@npm:9.0.0"
   dependencies:
     jws: ^3.2.2
-    lodash.includes: ^4.3.0
-    lodash.isboolean: ^3.0.3
-    lodash.isinteger: ^4.0.4
-    lodash.isnumber: ^3.0.3
-    lodash.isplainobject: ^4.0.6
-    lodash.isstring: ^4.0.1
-    lodash.once: ^4.0.0
+    lodash: ^4.17.21
     ms: ^2.1.1
-    semver: ^5.6.0
-  checksum: 93c9e3f23c59b758ac88ba15f4e4753b3749dfce7a6f7c40fb86663128a1e282db085eec852d4e0cbca4cefdcd3a8275ee255dbd08fcad0df26ad9f6e4cc853a
+    semver: ^7.3.8
+  checksum: b9181cecf9df99f1dc0253f91ba000a1aa4d91f5816d1608c0dba61a5623726a0bfe200b51df25de18c1a6000825d231ad7ce2788aa54fd48dcb760ad9eb9514
   languageName: node
   linkType: hard
 
@@ -3633,62 +3646,13 @@ __metadata:
   languageName: node
   linkType: hard
 
-"lodash.includes@npm:^4.3.0":
-  version: 4.3.0
-  resolution: "lodash.includes@npm:4.3.0"
-  checksum: 71092c130515a67ab3bd928f57f6018434797c94def7f46aafa417771e455ce3a4834889f4267b17887d7f75297dfabd96231bf704fd2b8c5096dc4a913568b6
-  languageName: node
-  linkType: hard
-
-"lodash.isboolean@npm:^3.0.3":
-  version: 3.0.3
-  resolution: "lodash.isboolean@npm:3.0.3"
-  checksum: b70068b4a8b8837912b54052557b21fc4774174e3512ed3c5b94621e5aff5eb6c68089d0a386b7e801d679cd105d2e35417978a5e99071750aa2ed90bffd0250
-  languageName: node
-  linkType: hard
-
-"lodash.isinteger@npm:^4.0.4":
-  version: 4.0.4
-  resolution: "lodash.isinteger@npm:4.0.4"
-  checksum: 6034821b3fc61a2ffc34e7d5644bb50c5fd8f1c0121c554c21ac271911ee0c0502274852845005f8651d51e199ee2e0cfebfe40aaa49c7fe617f603a8a0b1691
-  languageName: node
-  linkType: hard
-
-"lodash.isnumber@npm:^3.0.3":
-  version: 3.0.3
-  resolution: "lodash.isnumber@npm:3.0.3"
-  checksum: 913784275b565346255e6ae6a6e30b760a0da70abc29f3e1f409081585875105138cda4a429ff02577e1bc0a7ae2a90e0a3079a37f3a04c3d6c5aaa532f4cab2
-  languageName: node
-  linkType: hard
-
-"lodash.isplainobject@npm:^4.0.6":
-  version: 4.0.6
-  resolution: "lodash.isplainobject@npm:4.0.6"
-  checksum: 29c6351f281e0d9a1d58f1a4c8f4400924b4c79f18dfc4613624d7d54784df07efaff97c1ff2659f3e085ecf4fff493300adc4837553104cef2634110b0d5337
-  languageName: node
-  linkType: hard
-
-"lodash.isstring@npm:^4.0.1":
-  version: 4.0.1
-  resolution: "lodash.isstring@npm:4.0.1"
-  checksum: eaac87ae9636848af08021083d796e2eea3d02e80082ab8a9955309569cb3a463ce97fd281d7dc119e402b2e7d8c54a23914b15d2fc7fff56461511dc8937ba0
-  languageName: node
-  linkType: hard
-
 "lodash.merge@npm:^4.6.2":
   version: 4.6.2
   resolution: "lodash.merge@npm:4.6.2"
   checksum: ad580b4bdbb7ca1f7abf7e1bce63a9a0b98e370cf40194b03380a46b4ed799c9573029599caebc1b14e3f24b111aef72b96674a56cfa105e0f5ac70546cdc005
   languageName: node
   linkType: hard
 
-"lodash.once@npm:^4.0.0":
-  version: 4.1.1
-  resolution: "lodash.once@npm:4.1.1"
-  checksum: d768fa9f9b4e1dc6453be99b753906f58990e0c45e7b2ca5a3b40a33111e5d17f6edf2f768786e2716af90a8e78f8f91431ab8435f761fef00f9b0c256f6d245
-  languageName: node
-  linkType: hard
-
 "lodash@npm:^4.17.15, lodash@npm:^4.17.20, lodash@npm:^4.17.21":
   version: 4.17.21
   resolution: "lodash@npm:4.17.21"
@@ -4889,7 +4853,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"semver@npm:^5.6.0, semver@npm:^5.7.1":
+"semver@npm:^5.7.1":
   version: 5.7.1
   resolution: "semver@npm:5.7.1"
   bin:
@@ -4918,6 +4882,17 @@ __metadata:
   languageName: node
   linkType: hard
 
+"semver@npm:^7.3.8":
+  version: 7.3.8
+  resolution: "semver@npm:7.3.8"
+  dependencies:
+    lru-cache: ^6.0.0
+  bin:
+    semver: bin/semver.js
+  checksum: ba9c7cbbf2b7884696523450a61fee1a09930d888b7a8d7579025ad93d459b2d1949ee5bbfeb188b2be5f4ac163544c5e98491ad6152df34154feebc2cc337c1
+  languageName: node
+  linkType: hard
+
 "send@npm:0.18.0":
   version: 0.18.0
   resolution: "send@npm:0.18.0"