From 0e78531cfcd910096a810e7cd881bf50292d5d82 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 7 Apr 2022 16:10:24 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ASYNC-2441827
---
 package.json | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/package.json b/package.json
index 85de928..b8350be 100644
--- a/package.json
+++ b/package.json
@@ -23,7 +23,7 @@
     "api"
   ],
   "dependencies": {
-    "async": "^0.9.2",
+    "async": "^3.2.2",
     "bluebird": "^3.3.3",
     "body-parser": "^1.13.1",
     "cli": "^0.8.0",
@@ -34,13 +34,13 @@
     "elasticsearch": "^10.1.3",
     "elasticsearch-reindex": "^1.1.12",
     "express": "^4.13.3",
-    "express-init": "0.0.1",
+    "express-init": "1.1.1",
     "express-limiter": "^1.6.0",
     "fs-extra": "^0.26.2",
     "ipaddr.js": "^1.2.0",
     "lodash": "^3.10.1",
     "moment": "^2.13.0",
-    "mongoose": "^4.4.20",
+    "mongoose": "^5.7.3",
     "morgan": "^1.7.0",
     "nconf": "^0.7.1",
     "randomstring": "^1.1.5",
@@ -49,7 +49,7 @@
     "slug": "^0.9.1",
     "underscore": "^1.8.3",
     "validate.js": "^0.4.0",
-    "winston": "^2.2.0"
+    "winston": "^3.3.0"
   },
   "devDependencies": {
     "grunt": "^0.4.5",