Address npm audit vulnerabilities in pages-redirects

[RileySeaburg]

Short description:

The npm audit command has revealed several vulnerabilities in the project dependencies that need to be addressed to improve the security of the pages-redirects project.

Notes

• The npm audit revealed vulnerabilities in the following packages:
  • request: Server-Side Request Forgery (moderate severity)
  • tough-cookie: Prototype Pollution vulnerability (moderate severity)
  • trim: Regular Expression Denial of Service (high severity)
• These vulnerabilities affect dependent packages including tap-out and tap-summary
• Some issues may require choosing different dependencies as there are no direct fixes available

Acceptance Criteria

• Review each vulnerability and its impact on the project
• Investigate possible solutions for each vulnerable package:
  • Check if updated versions of the packages are available that resolve the vulnerabilities
  • If no updates are available, research alternative packages that could replace the vulnerable ones
• Test any proposed changes to ensure they don't break existing functionality
• Update the project's dependencies to resolve the vulnerabilities
• Run another npm audit to confirm that the vulnerabilities have been addressed
• Update project documentation to reflect any significant changes made

[drewbo]

@RileySeaburg just noting that this was deprioritized because pages-redirects is an NGINX application which only uses npm/node_modules to create configuration files (i.e. it isn't running live on the application and these vulnerabilities do not present any security risk)