diff --git a/javascript/ql/test/library-tests/Extend/package.json b/javascript/ql/test/library-tests/Extend/package.json index dd73e8e0a5ec..8c5838265645 100644 --- a/javascript/ql/test/library-tests/Extend/package.json +++ b/javascript/ql/test/library-tests/Extend/package.json @@ -15,7 +15,7 @@ "lodash": "^4.17.10", "lodash.defaultsdeep": "^4.6.0", "lodash.mergewith": "^4.6.1", - "merge": "^1.2.0", + "merge": "^2.1.1", "merge-deep": "^3.0.2", "merge-options": "^1.0.1", "mixin-deep": "^2.0.0", diff --git a/javascript/ql/test/library-tests/HtmlSanitizers/package.json b/javascript/ql/test/library-tests/HtmlSanitizers/package.json index 5de2325254ed..3d9886843f8d 100644 --- a/javascript/ql/test/library-tests/HtmlSanitizers/package.json +++ b/javascript/ql/test/library-tests/HtmlSanitizers/package.json @@ -7,10 +7,10 @@ "he": "^1.1.1", "html-entities": "^1.2.1", "lodash": "^4.17.10", - "sanitize-html": "^1.18.2", + "sanitize-html": "^2.17.6", "sanitizer": "^0.1.3", "underscore": "^1.9.1", - "validator": "^10.4.0", + "validator": "^13.15.35", "xss": "^1.0.3", "xss-filters": "^1.2.7" } diff --git a/javascript/ql/test/library-tests/frameworks/Next/package.json b/javascript/ql/test/library-tests/frameworks/Next/package.json index 5f522e83890b..d70220fd07ad 100644 --- a/javascript/ql/test/library-tests/frameworks/Next/package.json +++ b/javascript/ql/test/library-tests/frameworks/Next/package.json @@ -7,7 +7,7 @@ "start": "next start" }, "dependencies": { - "next": "^10.0.0", + "next": "^16.2.10", "react": "17.0.1", "react-dom": "17.0.1" } diff --git a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/package.json b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/package.json index 5f522e83890b..d70220fd07ad 100644 --- a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/package.json +++ b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/package.json @@ -7,7 +7,7 @@ "start": "next start" }, "dependencies": { - "next": "^10.0.0", + "next": "^16.2.10", "react": "17.0.1", "react-dom": "17.0.1" } diff --git a/javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/package.json b/javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/package.json index 5f522e83890b..d70220fd07ad 100644 --- a/javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/package.json +++ b/javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/package.json @@ -7,7 +7,7 @@ "start": "next start" }, "dependencies": { - "next": "^10.0.0", + "next": "^16.2.10", "react": "17.0.1", "react-dom": "17.0.1" } diff --git a/javascript/ql/test/query-tests/Security/CWE-200/lib/package.json b/javascript/ql/test/query-tests/Security/CWE-200/lib/package.json index 89ca91e8717e..b8f25ffee342 100644 --- a/javascript/ql/test/query-tests/Security/CWE-200/lib/package.json +++ b/javascript/ql/test/query-tests/Security/CWE-200/lib/package.json @@ -1,6 +1,6 @@ { "name": "foo", "dependencies": { - "async": "3.2.0" + "async": "3.2.2" } } \ No newline at end of file diff --git a/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-non-vulnerable-lodash/package.json b/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-non-vulnerable-lodash/package.json index 26f56110158d..66f6ff399fa7 100644 --- a/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-non-vulnerable-lodash/package.json +++ b/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-non-vulnerable-lodash/package.json @@ -1,5 +1,5 @@ { "dependencies": { - "lodash": "4.17.12" + "lodash": "4.18.1" } } diff --git a/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-vulnerable-lodash/package.json b/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-vulnerable-lodash/package.json index bdc06dcd8b13..66f6ff399fa7 100644 --- a/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-vulnerable-lodash/package.json +++ b/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-vulnerable-lodash/package.json @@ -1,5 +1,5 @@ { "dependencies": { - "lodash": "4.17.4" + "lodash": "4.18.1" } } diff --git a/javascript/ql/test/query-tests/Security/CWE-918/Request/package.json b/javascript/ql/test/query-tests/Security/CWE-918/Request/package.json index 329c7acb8239..1f9361d21139 100644 --- a/javascript/ql/test/query-tests/Security/CWE-918/Request/package.json +++ b/javascript/ql/test/query-tests/Security/CWE-918/Request/package.json @@ -8,6 +8,6 @@ "start": "next start" }, "dependencies": { - "next": "15.1.7" + "next": "15.5.18" } }