From 0b07fae05856e45c86db8ac60f857e691f24f6b3 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 12 Jul 2025 06:30:34 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-REQUEST-3361831
- https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873
- https://snyk.io/vuln/SNYK-JS-EJS-6689533
- https://snyk.io/vuln/npm:clean-css:20180306
---
 package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index a7ab0e4f9e..a5cb83b7c3 100644
--- a/package.json
+++ b/package.json
@@ -18,14 +18,14 @@
     "cors": "2.7.1",
     "csurf": "1.8.3",
     "data2xml": "1.2.4",
-    "ejs-mate": "2.3.0",
+    "ejs-mate": "4.0.0",
     "eventproxy": "1.0.0",
     "express": "4.16.0",
     "express-session": "1.12.1",
     "helmet": "1.3.0",
     "ioredis": "2.0.0",
     "jpush-sdk": "3.3.2",
-    "loader-builder": "2.4.1",
+    "loader-builder": "2.7.0",
     "loader": "2.1.1",
     "lodash": "4.17.21",
     "log4js": "^0.6.29",