From 332dd7c94b256b0e7f792916c04eea48947c4d4e Mon Sep 17 00:00:00 2001
From: Ben Hardill <hardillb@gmail.com>
Date: Tue, 3 Jun 2025 13:01:28 +0100
Subject: [PATCH] Upgrade multer to 2.0.0

fixes #5146

Bumps multer to 2.0.0 to pick up fix for CVE
---
 package.json                                            | 2 +-
 packages/node_modules/@node-red/editor-api/package.json | 2 +-
 packages/node_modules/@node-red/nodes/package.json      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package.json b/package.json
index 628c713ef..91efc9427 100644
--- a/package.json
+++ b/package.json
@@ -63,7 +63,7 @@
         "moment": "2.30.1",
         "moment-timezone": "0.5.48",
         "mqtt": "5.11.0",
-        "multer": "1.4.5-lts.2",
+        "multer": "2.0.0",
         "mustache": "4.2.0",
         "node-red-admin": "^4.0.2",
         "node-watch": "0.7.4",
diff --git a/packages/node_modules/@node-red/editor-api/package.json b/packages/node_modules/@node-red/editor-api/package.json
index ea199077c..14c276d9f 100644
--- a/packages/node_modules/@node-red/editor-api/package.json
+++ b/packages/node_modules/@node-red/editor-api/package.json
@@ -26,7 +26,7 @@
         "express": "4.21.2",
         "memorystore": "1.6.7",
         "mime": "3.0.0",
-        "multer": "1.4.5-lts.2",
+        "multer": "2.0.0",
         "mustache": "4.2.0",
         "oauth2orize": "1.12.0",
         "passport-http-bearer": "1.0.1",
diff --git a/packages/node_modules/@node-red/nodes/package.json b/packages/node_modules/@node-red/nodes/package.json
index a513e14da..be4db2f37 100644
--- a/packages/node_modules/@node-red/nodes/package.json
+++ b/packages/node_modules/@node-red/nodes/package.json
@@ -36,7 +36,7 @@
         "js-yaml": "4.1.0",
         "media-typer": "1.1.0",
         "mqtt": "5.11.0",
-        "multer": "1.4.5-lts.2",
+        "multer": "2.0.0",
         "mustache": "4.2.0",
         "node-watch": "0.7.4",
         "on-headers": "1.0.2",