From 1238427b57768f4a68d84104ab8e7fbaa94b85ea Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 26 Jan 2026 01:36:02 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15038581
- https://snyk.io/vuln/SNYK-JS-LODASH-15053838
---
 package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 5a64e51..e8d5950 100644
--- a/package.json
+++ b/package.json
@@ -14,7 +14,7 @@
   "license": "ISC",
   "homepage": "https://bitbucket.org/wbproducts/schoolerp_api#readme",
   "dependencies": {
-    "bcrypt": "^1.0.3",
+    "bcrypt": "^5.0.1",
     "body-parser": "^1.18.2",
     "cors": "^2.8.4",
     "email-templates": "^3.3.4",
@@ -27,7 +27,7 @@
     "moment": "^2.21.0",
     "mongoose": "^5.0.6",
     "morgan": "^1.9.0",
-    "node-base64-image": "^1.0.5",
+    "node-base64-image": "^2.0.0",
     "nodemailer": "^4.4.2",
     "path": "^0.12.7",
     "readline-sync": "^1.4.9",