From a7a7e05b0d88cef5f920bd040ec4b364c00fd950 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 9 Apr 2022 16:04:44 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ASYNC-2441827
---
 package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index c2372e3..b5637bc 100644
--- a/package.json
+++ b/package.json
@@ -14,7 +14,7 @@
   },
   "license": "MIT",
   "dependencies": {
-    "async": "^1.5.2",
+    "async": "^3.2.2",
     "bcryptjs": "^2.3.0",
     "body-parser": "^1.15.0",
     "cors": "^2.7.1",
@@ -35,7 +35,7 @@
     "socket.io": "^1.4.5",
     "underscore": "^1.8.3",
     "which": "^1.2.4",
-    "winston": "^2.2.0",
+    "winston": "^3.3.0",
     "xml2js": "^0.4.16",
     "snyk": "^1.25.0"
   },