From 8e26c92314ac4e40b0205fa0367604926d3d2c54 Mon Sep 17 00:00:00 2001
From: yeshamavani <83634146+yeshamavani@users.noreply.github.com>
Date: Wed, 11 Jan 2023 20:16:03 +0530
Subject: [PATCH] fix(deps): solve passport-apple depending on vulnerable
 version of jsonwebtoken (#124)

forked the passport-apple repo
 changed the vulnerable version deps

GH-123
---
 package-lock.json | 13 ++++++-------
 package.json      |  5 +----
 2 files changed, 7 insertions(+), 11 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 3313e0a..ae887a8 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -15,7 +15,7 @@
         "ajv": "^8.11.0",
         "https-proxy-agent": "^5.0.0",
         "passport": "^0.6.0",
-        "passport-apple": "^2.0.1",
+        "passport-apple": "git+https://github.com/yeshamavani/passport-apple.git",
         "passport-azure-ad": "^4.3.4",
         "passport-cognito-oauth2": "^0.1.1",
         "passport-facebook": "^3.0.0",
@@ -11498,10 +11498,10 @@
     },
     "node_modules/passport-apple": {
       "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/passport-apple/-/passport-apple-2.0.1.tgz",
-      "integrity": "sha512-+ssWcwgg/PWyHNSgNn4d1dbsgQeEb13Xgu7TRb+FlHggbCTDvCb2jzm+M+hQ0vmU9y2QOmiRPqD27b3TCRc6PQ==",
+      "resolved": "git+ssh://git@github.com/yeshamavani/passport-apple.git#4d9b65c94e1a6f712033479e563e09ce5ca6a939",
+      "license": "MIT",
       "dependencies": {
-        "jsonwebtoken": "^8.5.1",
+        "jsonwebtoken": "^9.0.0",
         "passport-oauth2": "^1.5.0"
       }
     },
@@ -23280,9 +23280,8 @@
       }
     },
     "passport-apple": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/passport-apple/-/passport-apple-2.0.1.tgz",
-      "integrity": "sha512-+ssWcwgg/PWyHNSgNn4d1dbsgQeEb13Xgu7TRb+FlHggbCTDvCb2jzm+M+hQ0vmU9y2QOmiRPqD27b3TCRc6PQ==",
+      "version": "git+ssh://git@github.com/yeshamavani/passport-apple.git#4d9b65c94e1a6f712033479e563e09ce5ca6a939",
+      "from": "passport-apple@git+https://github.com/yeshamavani/passport-apple.git",
       "requires": {
         "jsonwebtoken": "^9.0.0",
         "passport-oauth2": "^1.5.0"
diff --git a/package.json b/package.json
index 1746c48..ce13576 100644
--- a/package.json
+++ b/package.json
@@ -57,7 +57,7 @@
     "ajv": "^8.11.0",
     "https-proxy-agent": "^5.0.0",
     "passport": "^0.6.0",
-    "passport-apple": "^2.0.1",
+    "passport-apple": "git+https://github.com/yeshamavani/passport-apple.git",
     "passport-azure-ad": "^4.3.4",
     "passport-cognito-oauth2": "^0.1.1",
     "passport-facebook": "^3.0.0",
@@ -130,9 +130,6 @@
       "send": "^0.18.0",
       "serve-static": "^1.15.0"
     },
-    "passport-apple": {
-      "jsonwebtoken": "^9.0.0"
-    },
     "git-release-notes": {
       "ejs": "^3.1.8",
       "yargs": "^17.6.2"