From 27cddc989977977f9f5bd455174f2abfb586be9e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 6 May 2026 18:05:31 +0000
Subject: [PATCH] chore(deps): bump the npm_and_yarn group across 2 directories
 with 2 updates

Bumps the npm_and_yarn group with 1 update in the /mcp-server directory: [ip-address](https://github.com/beaugunderson/ip-address).
Bumps the npm_and_yarn group with 1 update in the /scripts/create-vulnerable-demo directory: [axios](https://github.com/axios/axios).


Updates `ip-address` from 10.1.0 to 10.2.0
- [Commits](https://github.com/beaugunderson/ip-address/commits)

Updates `axios` from 0.31.0 to 0.31.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v0.31.0...v0.31.1)

---
updated-dependencies:
- dependency-name: ip-address
  dependency-version: 10.2.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 0.31.1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 mcp-server/package-lock.json                | 14 +++++++-------
 scripts/create-vulnerable-demo/package.json |  2 +-
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/mcp-server/package-lock.json b/mcp-server/package-lock.json
index 8990f747..a4b074c8 100644
--- a/mcp-server/package-lock.json
+++ b/mcp-server/package-lock.json
@@ -1341,12 +1341,12 @@
       }
     },
     "node_modules/express-rate-limit": {
-      "version": "8.3.2",
-      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-8.3.2.tgz",
-      "integrity": "sha512-77VmFeJkO0/rvimEDuUC5H30oqUC4EyOhyGccfqoLebB0oiEYfM7nwPrsDsBL1gsTpwfzX8SFy2MT3TDyRq+bg==",
+      "version": "8.5.1",
+      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-8.5.1.tgz",
+      "integrity": "sha512-5O6KYmyJEpuPJV5hNTXKbAHWRqrzyu+OI3vUnSd2kXFubIVpG7ezpgxQy76Zo5GQZtrQBg86hF+CM/NX+cioiQ==",
       "license": "MIT",
       "dependencies": {
-        "ip-address": "10.1.0"
+        "ip-address": "^10.2.0"
       },
       "engines": {
         "node": ">= 16"
@@ -1574,9 +1574,9 @@
       "license": "ISC"
     },
     "node_modules/ip-address": {
-      "version": "10.1.0",
-      "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.1.0.tgz",
-      "integrity": "sha512-XXADHxXmvT9+CRxhXg56LJovE+bmWnEWB78LB83VZTprKTmaC5QfruXocxzTZ2Kl0DNwKuBdlIhjL8LeY8Sf8Q==",
+      "version": "10.2.0",
+      "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.2.0.tgz",
+      "integrity": "sha512-/+S6j4E9AHvW9SWMSEY9Xfy66O5PWvVEJ08O0y5JGyEKQpojb0K0GKpz/v5HJ/G0vi3D2sjGK78119oXZeE0qA==",
       "license": "MIT",
       "engines": {
         "node": ">= 12"
diff --git a/scripts/create-vulnerable-demo/package.json b/scripts/create-vulnerable-demo/package.json
index 81b308fe..c0fb90e7 100644
--- a/scripts/create-vulnerable-demo/package.json
+++ b/scripts/create-vulnerable-demo/package.json
@@ -12,7 +12,7 @@
   "dependencies": {
     "express": "4.22.0",
     "lodash": "4.18.1",
-    "axios": "0.31.0",
+    "axios": "0.31.1",
     "node-fetch": "2.6.7",
     "jsonwebtoken": "9.0.0",
     "multer": "2.1.1"