From b58e7af65ea700cac5abaeaa75828d7afb2fdd2d Mon Sep 17 00:00:00 2001
From: Renovate Bot <bot@renovateapp.com>
Date: Wed, 27 Apr 2022 21:41:00 +0000
Subject: [PATCH] Updated dependency express-jwt to v7

- also requires a small change to the imports to reflect an API change
---
 core/server/services/auth/members/index.js |  2 +-
 package.json                               |  2 +-
 yarn.lock                                  | 16 +++++++---------
 3 files changed, 9 insertions(+), 11 deletions(-)

diff --git a/core/server/services/auth/members/index.js b/core/server/services/auth/members/index.js
index 2ee341c437..9f7eaa98a8 100644
--- a/core/server/services/auth/members/index.js
+++ b/core/server/services/auth/members/index.js
@@ -1,4 +1,4 @@
-const jwt = require('express-jwt');
+const {expressjwt: jwt} = require('express-jwt');
 const {UnauthorizedError} = require('@tryghost/errors');
 const membersService = require('../../members');
 const config = require('../../../../shared/config');
diff --git a/package.json b/package.json
index 9e6e4f08f8..b9ffe31ad8 100644
--- a/package.json
+++ b/package.json
@@ -134,7 +134,7 @@
     "express": "4.18.0",
     "express-brute": "1.0.1",
     "express-hbs": "2.4.0",
-    "express-jwt": "6.1.2",
+    "express-jwt": "7.5.2",
     "express-lazy-router": "1.0.4",
     "express-query-boolean": "2.0.0",
     "express-session": "1.17.2",
diff --git a/yarn.lock b/yarn.lock
index 5412409460..b915a7a953 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3162,7 +3162,7 @@ async@^2.1.2, async@^2.6.0, async@^2.6.1:
   dependencies:
     lodash "^4.17.14"
 
-async@^3.0.0, async@^3.0.1, async@^3.2.0, async@^3.2.2, async@^3.2.3, async@~3.2.0:
+async@^3.0.0, async@^3.0.1, async@^3.2.0, async@^3.2.3, async@~3.2.0:
   version "3.2.3"
   resolved "https://registry.yarnpkg.com/async/-/async-3.2.3.tgz#ac53dafd3f4720ee9e8a160628f18ea91df196c9"
   integrity sha512-spZRyzKL5l5BZQrr/6m/SqFdBN0q3OCI0f9rjfBzCMBIP4p75P620rR3gTmaksNOhmzgdxcaxdNfMy6anrbM0g==
@@ -5515,15 +5515,13 @@ express-hbs@2.4.0:
   optionalDependencies:
     js-beautify "^1.13.11"
 
-express-jwt@6.1.2:
-  version "6.1.2"
-  resolved "https://registry.yarnpkg.com/express-jwt/-/express-jwt-6.1.2.tgz#4a6cc11d1dcff6f23126dd79ec5b2b441333e78b"
-  integrity sha512-l5dlf5lNM/1EODMsJGfHn1VnrhhsUYEetzrKFStJZLjFQXtR+HGdBiW+jUNZ+ISsFe+h7Wl/hQKjLrY2TX0Qkg==
+express-jwt@7.5.2:
+  version "7.5.2"
+  resolved "https://registry.yarnpkg.com/express-jwt/-/express-jwt-7.5.2.tgz#9260d5f16db6b1b96c967560f42b7e4b7b353b3e"
+  integrity sha512-EHxPT8mNMT32dLlCrL98KZlKbSuP6Uc3s4PczoUtjxJoS7tfuXjz2/VOryAaVR59C2FhuOMCSFUW3hadkwEuZw==
   dependencies:
-    async "^3.2.2"
     express-unless "^1.0.0"
-    jsonwebtoken "^8.1.0"
-    lodash "^4.17.21"
+    jsonwebtoken "^8.5.1"
 
 express-lazy-router@1.0.4:
   version "1.0.4"
@@ -7962,7 +7960,7 @@ jsonpath@1.1.1:
     static-eval "2.0.2"
     underscore "1.12.1"
 
-jsonwebtoken@8.5.1, jsonwebtoken@^8.1.0, jsonwebtoken@^8.5.1:
+jsonwebtoken@8.5.1, jsonwebtoken@^8.5.1:
   version "8.5.1"
   resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz#00e71e0b8df54c2121a1f26137df2280673bcc0d"
   integrity sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==