From bcf864462b1c9b75cc756521489fe833c6206757 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 16 Apr 2021 00:28:59 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767
---
 package-lock.json | 103 ++++++++++++++++++++++------------------------
 package.json      |   2 +-
 2 files changed, 50 insertions(+), 55 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 062b4f0..ae63b27 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -16,7 +16,8 @@
     "amdefine": {
       "version": "1.0.1",
       "resolved": "http://npm-repo.devops.mhealth.tech/amdefine/-/amdefine-1.0.1.tgz",
-      "integrity": "sha1-SlKCrBZHKek2Gbz9OtFR+BfOkfU="
+      "integrity": "sha1-SlKCrBZHKek2Gbz9OtFR+BfOkfU=",
+      "dev": true
     },
     "ansi-gray": {
       "version": "0.1.1",
@@ -122,12 +123,6 @@
       "integrity": "sha1-WWZ/QfrdTyDMvCu5a41Pf3jsA2c=",
       "dev": true
     },
-    "async": {
-      "version": "0.2.10",
-      "resolved": "http://npm-repo.devops.mhealth.tech/async/-/async-0.2.10.tgz",
-      "integrity": "sha1-trvgsGdLnXGXCMo43owjfLUmw9E=",
-      "optional": true
-    },
     "async-done": {
       "version": "0.4.0",
       "resolved": "http://npm-repo.devops.mhealth.tech/async-done/-/async-done-0.4.0.tgz",
@@ -1041,13 +1036,10 @@
         "for-in": "^1.0.1"
       }
     },
-    "forEachAsync": {
-      "version": "2.2.1",
-      "resolved": "http://npm-repo.devops.mhealth.tech/forEachAsync/-/forEachAsync-2.2.1.tgz",
-      "integrity": "sha1-43I/AJA5EOHrSx2zrVG1xkoxn+w=",
-      "requires": {
-        "sequence": "2.x"
-      }
+    "foreachasync": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/foreachasync/-/foreachasync-3.0.0.tgz",
+      "integrity": "sha1-VQKYfchxS+M5IJfzLgBxyd7gfPY="
     },
     "form-data": {
       "version": "1.0.0-rc4",
@@ -1777,12 +1769,27 @@
       }
     },
     "handlebars": {
-      "version": "2.0.0",
-      "resolved": "http://npm-repo.devops.mhealth.tech/handlebars/-/handlebars-2.0.0.tgz",
-      "integrity": "sha1-bp1/hRSjRn+l6fgswVjs/B1ax28=",
-      "requires": {
-        "optimist": "~0.3",
-        "uglify-js": "~2.3"
+      "version": "4.7.7",
+      "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.7.tgz",
+      "integrity": "sha512-aAcXm5OAfE/8IXkcZvCepKU3VzW1/39Fb5ZuqMtgI/hT8X2YgoMvBY5dLhq/cpOvw7Lk1nK/UF71aLG/ZnVYRA==",
+      "requires": {
+        "minimist": "^1.2.5",
+        "neo-async": "^2.6.0",
+        "source-map": "^0.6.1",
+        "uglify-js": "^3.1.4",
+        "wordwrap": "^1.0.0"
+      },
+      "dependencies": {
+        "minimist": {
+          "version": "1.2.5",
+          "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
+          "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw=="
+        },
+        "source-map": {
+          "version": "0.6.1",
+          "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
+          "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g=="
+        }
       }
     },
     "has-ansi": {
@@ -1842,12 +1849,12 @@
       }
     },
     "hbs": {
-      "version": "2.9.0",
-      "resolved": "http://npm-repo.devops.mhealth.tech/hbs/-/hbs-2.9.0.tgz",
-      "integrity": "sha1-pizhHUgmlYPgMDuQ/OkJxzHagIs=",
+      "version": "4.1.2",
+      "resolved": "https://registry.npmjs.org/hbs/-/hbs-4.1.2.tgz",
+      "integrity": "sha512-WfBnQbozbdiTLjJu6P6Wturgvy0FN8xtRmIjmP0ebX9OGQrt+2S6UC7xX0IebHTCS1sXe20zfTzQ7yhjrEvrfQ==",
       "requires": {
-        "handlebars": "2.0.0",
-        "walk": "2.2.1"
+        "handlebars": "4.7.7",
+        "walk": "2.3.14"
       }
     },
     "he": {
@@ -2903,6 +2910,11 @@
       "resolved": "http://npm-repo.devops.mhealth.tech/negotiator/-/negotiator-0.6.2.tgz",
       "integrity": "sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw=="
     },
+    "neo-async": {
+      "version": "2.6.2",
+      "resolved": "https://registry.npmjs.org/neo-async/-/neo-async-2.6.2.tgz",
+      "integrity": "sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw=="
+    },
     "next-tick": {
       "version": "0.2.2",
       "resolved": "http://npm-repo.devops.mhealth.tech/next-tick/-/next-tick-0.2.2.tgz",
@@ -3020,14 +3032,6 @@
         "wrappy": "1"
       }
     },
-    "optimist": {
-      "version": "0.3.7",
-      "resolved": "http://npm-repo.devops.mhealth.tech/optimist/-/optimist-0.3.7.tgz",
-      "integrity": "sha1-yQlBrVnkJzMokjB00s8ufLxuwNk=",
-      "requires": {
-        "wordwrap": "~0.0.2"
-      }
-    },
     "orchestrator": {
       "version": "0.3.8",
       "resolved": "http://npm-repo.devops.mhealth.tech/orchestrator/-/orchestrator-0.3.8.tgz",
@@ -3457,11 +3461,6 @@
         }
       }
     },
-    "sequence": {
-      "version": "2.2.1",
-      "resolved": "http://npm-repo.devops.mhealth.tech/sequence/-/sequence-2.2.1.tgz",
-      "integrity": "sha1-f1YXiV1ENRwKBH52RGdpBJChawM="
-    },
     "sequencify": {
       "version": "0.0.7",
       "resolved": "http://npm-repo.devops.mhealth.tech/sequencify/-/sequencify-0.0.7.tgz",
@@ -3642,6 +3641,7 @@
       "version": "0.1.43",
       "resolved": "http://npm-repo.devops.mhealth.tech/source-map/-/source-map-0.1.43.tgz",
       "integrity": "sha1-wkvBRspRfBRx9drL4lcbK3+eM0Y=",
+      "dev": true,
       "requires": {
         "amdefine": ">=0.0.4"
       }
@@ -4070,15 +4070,10 @@
       }
     },
     "uglify-js": {
-      "version": "2.3.6",
-      "resolved": "http://npm-repo.devops.mhealth.tech/uglify-js/-/uglify-js-2.3.6.tgz",
-      "integrity": "sha1-+gmEdwtCi3qbKoBY9GNV0U/vIRo=",
-      "optional": true,
-      "requires": {
-        "async": "~0.2.6",
-        "optimist": "~0.3.5",
-        "source-map": "~0.1.7"
-      }
+      "version": "3.13.4",
+      "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.13.4.tgz",
+      "integrity": "sha512-kv7fCkIXyQIilD5/yQy8O+uagsYIOt5cZvs890W40/e/rvjMSzJw81o9Bg0tkURxzZBROtDQhW2LFjOGoK3RZw==",
+      "optional": true
     },
     "unc-path-regex": {
       "version": "0.1.2",
@@ -4326,11 +4321,11 @@
       }
     },
     "walk": {
-      "version": "2.2.1",
-      "resolved": "http://npm-repo.devops.mhealth.tech/walk/-/walk-2.2.1.tgz",
-      "integrity": "sha1-WtofjknkfUt0Rdi+ei4eYxq0MBY=",
+      "version": "2.3.14",
+      "resolved": "https://registry.npmjs.org/walk/-/walk-2.3.14.tgz",
+      "integrity": "sha512-5skcWAUmySj6hkBdH6B6+3ddMjVQYH5Qy9QGbPmN8kVmLteXk+yVXg+yfk1nbX30EYakahLrr8iPcCxJQSCBeg==",
       "requires": {
-        "forEachAsync": "~2.2"
+        "foreachasync": "^3.0.0"
       }
     },
     "websocket-driver": {
@@ -4366,9 +4361,9 @@
       "dev": true
     },
     "wordwrap": {
-      "version": "0.0.3",
-      "resolved": "http://npm-repo.devops.mhealth.tech/wordwrap/-/wordwrap-0.0.3.tgz",
-      "integrity": "sha1-o9XabNXAvAAI03I0u68b7WMFkQc="
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-1.0.0.tgz",
+      "integrity": "sha1-J1hIEIkUVqQXHI0CJkQa3pDLyus="
     },
     "wrappy": {
       "version": "1.0.2",
diff --git a/package.json b/package.json
index 62a271a..bde8107 100644
--- a/package.json
+++ b/package.json
@@ -14,7 +14,7 @@
     "cors": "^2.4.2",
     "express": "^4.9.7",
     "fecha": "^2.3.3",
-    "hbs": "^2.7.0",
+    "hbs": "^4.1.2",
     "lodash": "^2.4.1"
   },
   "devDependencies": {