From e67b833371b5fa6d72e043ddbf553ab2b7a96334 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 26 May 2023 16:07:16 +0000
Subject: [PATCH] build(deps): bump helmet from 5.0.2 to 7.0.0

Bumps [helmet](https://github.com/helmetjs/helmet) from 5.0.2 to 7.0.0.
- [Changelog](https://github.com/helmetjs/helmet/blob/main/CHANGELOG.md)
- [Commits](https://github.com/helmetjs/helmet/compare/v5.0.2...v7.0.0)

---
updated-dependencies:
- dependency-name: helmet
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package.json | 2 +-
 yarn.lock    | 7 ++++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index a8f3656..2707d5a 100644
--- a/package.json
+++ b/package.json
@@ -83,7 +83,7 @@
     "express": "^4.17.3",
     "express-formidable": "^1.2.0",
     "express-rate-limit": "^6.3.0",
-    "helmet": "^5.0.2",
+    "helmet": "^7.0.0",
     "jsonwebtoken": "^9.0.0",
     "lacpass-key-manager": "^0.0.15",
     "morgan": "^1.10.0",
diff --git a/yarn.lock b/yarn.lock
index c45973e..ea59689 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3954,7 +3954,12 @@ hash.js@1.1.7, hash.js@^1.0.0, hash.js@^1.0.3:
     inherits "^2.0.3"
     minimalistic-assert "^1.0.1"
 
-helmet@*, helmet@^5.0.2:
+helmet@*, helmet@^7.0.0:
+  version "7.0.0"
+  resolved "https://registry.yarnpkg.com/helmet/-/helmet-7.0.0.tgz#ac3011ba82fa2467f58075afa58a49427ba6212d"
+  integrity sha512-MsIgYmdBh460ZZ8cJC81q4XJknjG567wzEmv46WOBblDb6TUd3z8/GhgmsM9pn8g2B80tAJ4m5/d3Bi1KrSUBQ==
+
+helmet@^5.0.2:
   version "5.0.2"
   resolved "https://registry.yarnpkg.com/helmet/-/helmet-5.0.2.tgz#3264ec6bab96c82deaf65e3403c369424cb2366c"
   integrity sha512-QWlwUZZ8BtlvwYVTSDTBChGf8EOcQ2LkGMnQJxSzD1mUu8CCjXJZq/BXP8eWw4kikRnzlhtYo3lCk0ucmYA3Vg==