[Snyk] Fix for 3 vulnerabilities

[rasputtintin]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	534/1000 Why? Has a fix available, CVSS 6.4	Improper Authentication SNYK-JS-JSONWEBTOKEN-3180022	Yes	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Improper Restriction of Security Token Assignment SNYK-JS-JSONWEBTOKEN-3180024	Yes	No Known Exploit
	554/1000 Why? Has a fix available, CVSS 6.8	Use of a Broken or Risky Cryptographic Algorithm SNYK-JS-JSONWEBTOKEN-3180026	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @mojaloop/central-services-error-handling

The new version differs by 35 commits.

• 689a37f chore(release): 12.0.4 [skip ci]
• 270f943 chore: moved sdk-standard-components to peerDependencies and added .n… (#179)
• 69af755 chore(release): 12.0.3 [skip ci]
• 489c53c chore: bump sdk-standard components (#178)
• ea7e647 chore(release): 12.0.2 [skip ci]
• b55f7c0 chore: updated LTS version and latest dependencies
• f331849 chore(release): 12.0.1 [skip ci]
• 3070f1f fix: postchangelog now will correctly work
• eb9f9ed chore(release): 12.0.0 [skip ci]
• 1dd23ce feat(mojaloop/#2092): upgrade node js version for core services (#177)
• 1e927af feat(mojaloop/#2092): upgrade nodeJS version for core services (#174)
• 89125a3 [Security] Bump hosted-git-info from 2.8.8 to 2.8.9 (#163)
• d486f12 fix: [Security] Bump glob-parent from 5.1.1 to 5.1.2 (#165)
• 1e0ede4 fix: Bump normalize-url from 4.5.0 to 4.5.1 (#166)
• 6ecc59c [Security] Bump ws from 7.4.1 to 7.5.2 (#169)
• e673c95 feat(#2123): added settlement errors range (#162)
• 3bad90f feat(#2119): fixes for updated for AJV error objects change (#161)
• 0d27fa6 fix: added any.only to malformed syntax error reformatting (#157)
• 02ed4a0 chore: update dependencies to fix vulnerabilities (dependabot alerted), maintenance (minor linting fixes for standard) (#156)
• 7b88bbc Bump ini from 1.3.5 to 1.3.8 (#155)
• a4e86b5 chore: update license file (#153)
• 67c7c88 updated dependencies (#152)
• cfcb05d chore(package.json) move jest to a devDependency (#150)
• d9a7030 audit issues resolved (#149)

See the full diff

Package name: @mojaloop/central-services-shared

The new version differs by 2 commits.

• 7a35828 refactor: update trx requests callback enum (#159)
• 2e6c9f6 Remove unused code and dependencies (#144)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Use of a Broken or Risky Cryptographic Algorithm