From 975e0c90c28f6df1269f375262a8c30e17b16966 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 13 Feb 2026 20:34:41 +0000
Subject: [PATCH] fix: rest-api/jwt-filter-rules/package.json &
 rest-api/jwt-filter-rules/package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-QS-15268416
---
 rest-api/jwt-filter-rules/package-lock.json | 49 ++++++++++++++-------
 rest-api/jwt-filter-rules/package.json      |  2 +-
 2 files changed, 33 insertions(+), 18 deletions(-)

diff --git a/rest-api/jwt-filter-rules/package-lock.json b/rest-api/jwt-filter-rules/package-lock.json
index 9fd8a34..6b2441a 100644
--- a/rest-api/jwt-filter-rules/package-lock.json
+++ b/rest-api/jwt-filter-rules/package-lock.json
@@ -10,7 +10,7 @@
             "dependencies": {
                 "@types/node-fetch": "^2.6.12",
                 "dotenv": "^16.4.7",
-                "express": "^4.21.2",
+                "express": "^4.22.0",
                 "node-fetch": "^3.3.2",
                 "tsx": "^4.19.2"
             },
@@ -795,39 +795,39 @@
             }
         },
         "node_modules/express": {
-            "version": "4.21.2",
-            "resolved": "https://registry.npmjs.org/express/-/express-4.21.2.tgz",
-            "integrity": "sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==",
+            "version": "4.22.0",
+            "resolved": "https://registry.npmjs.org/express/-/express-4.22.0.tgz",
+            "integrity": "sha512-c2iPh3xp5vvCLgaHK03+mWLFPhox7j1LwyxcZwFVApEv5i0X+IjPpbT50SJJwwLpdBVfp45AkK/v+AFgv/XlfQ==",
             "license": "MIT",
             "dependencies": {
                 "accepts": "~1.3.8",
                 "array-flatten": "1.1.1",
-                "body-parser": "1.20.3",
-                "content-disposition": "0.5.4",
+                "body-parser": "~1.20.3",
+                "content-disposition": "~0.5.4",
                 "content-type": "~1.0.4",
-                "cookie": "0.7.1",
-                "cookie-signature": "1.0.6",
+                "cookie": "~0.7.1",
+                "cookie-signature": "~1.0.6",
                 "debug": "2.6.9",
                 "depd": "2.0.0",
                 "encodeurl": "~2.0.0",
                 "escape-html": "~1.0.3",
                 "etag": "~1.8.1",
-                "finalhandler": "1.3.1",
-                "fresh": "0.5.2",
-                "http-errors": "2.0.0",
+                "finalhandler": "~1.3.1",
+                "fresh": "~0.5.2",
+                "http-errors": "~2.0.0",
                 "merge-descriptors": "1.0.3",
                 "methods": "~1.1.2",
-                "on-finished": "2.4.1",
+                "on-finished": "~2.4.1",
                 "parseurl": "~1.3.3",
-                "path-to-regexp": "0.1.12",
+                "path-to-regexp": "~0.1.12",
                 "proxy-addr": "~2.0.7",
-                "qs": "6.13.0",
+                "qs": "~6.14.0",
                 "range-parser": "~1.2.1",
                 "safe-buffer": "5.2.1",
-                "send": "0.19.0",
-                "serve-static": "1.16.2",
+                "send": "~0.19.0",
+                "serve-static": "~1.16.2",
                 "setprototypeof": "1.2.0",
-                "statuses": "2.0.1",
+                "statuses": "~2.0.1",
                 "type-is": "~1.6.18",
                 "utils-merge": "1.0.1",
                 "vary": "~1.1.2"
@@ -840,6 +840,21 @@
                 "url": "https://opencollective.com/express"
             }
         },
+        "node_modules/express/node_modules/qs": {
+            "version": "6.14.2",
+            "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.2.tgz",
+            "integrity": "sha512-V/yCWTTF7VJ9hIh18Ugr2zhJMP01MY7c5kh4J870L7imm6/DIzBsNLTXzMwUA3yZ5b/KBqLx8Kp3uRvd7xSe3Q==",
+            "license": "BSD-3-Clause",
+            "dependencies": {
+                "side-channel": "^1.1.0"
+            },
+            "engines": {
+                "node": ">=0.6"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/ljharb"
+            }
+        },
         "node_modules/fetch-blob": {
             "version": "3.2.0",
             "resolved": "https://registry.npmjs.org/fetch-blob/-/fetch-blob-3.2.0.tgz",
diff --git a/rest-api/jwt-filter-rules/package.json b/rest-api/jwt-filter-rules/package.json
index c6cd28c..55b9e9c 100644
--- a/rest-api/jwt-filter-rules/package.json
+++ b/rest-api/jwt-filter-rules/package.json
@@ -9,7 +9,7 @@
     "dependencies": {
         "@types/node-fetch": "^2.6.12",
         "dotenv": "^16.4.7",
-        "express": "^4.21.2",
+        "express": "^4.22.0",
         "node-fetch": "^3.3.2",
         "tsx": "^4.19.2"
     },