From decbb56c9f44853afe02d20a0e96b0d9383c6fc2 Mon Sep 17 00:00:00 2001
From: Andrew Bastin <andrewbastin.k@gmail.com>
Date: Mon, 28 Apr 2025 15:11:15 +0530
Subject: [PATCH] chore: bump vulnerable dependencies

---
 packages/hoppscotch-backend/package.json | 2 +-
 prod.Dockerfile                          | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/packages/hoppscotch-backend/package.json b/packages/hoppscotch-backend/package.json
index 38a6c7e6..21a78b82 100644
--- a/packages/hoppscotch-backend/package.json
+++ b/packages/hoppscotch-backend/package.json
@@ -33,7 +33,7 @@
     "@apollo/server": "4.11.0",
     "@nestjs-modules/mailer": "2.0.2",
     "@nestjs/apollo": "12.2.0",
-    "@nestjs/common": "10.4.4",
+    "@nestjs/common": "10.4.16",
     "@nestjs/config": "3.2.3",
     "@nestjs/core": "10.4.4",
     "@nestjs/graphql": "12.2.0",
diff --git a/prod.Dockerfile b/prod.Dockerfile
index d0134cc7..1b56438c 100644
--- a/prod.Dockerfile
+++ b/prod.Dockerfile
@@ -23,8 +23,8 @@ RUN go get github.com/golang/glog@v1.2.4
 RUN go get github.com/go-jose/go-jose/v3@v3.0.4
 # Patch to resolve CVE-2025-22869 on crypto
 RUN go get golang.org/x/crypto@v0.35.0
-# Patch to resolve CVE-2025-22870 on net
-RUN go get golang.org/x/net@v0.37.0
+# Patch to resolve CVE-2025-22872 on net
+RUN go get golang.org/x/net@v0.38.0
 
 RUN go mod vendor