From 73673c031ea1e863a091ee8fef00490b74495b57 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 27 Jan 2026 00:44:24 +0000
Subject: [PATCH] fix: packages/bitcore-client/package.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15038581
- https://snyk.io/vuln/SNYK-JS-DIFF-14917201
- https://snyk.io/vuln/SNYK-JS-TAR-15032660
- https://snyk.io/vuln/SNYK-JS-LODASH-15053838
---
 packages/bitcore-client/package.json | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/packages/bitcore-client/package.json b/packages/bitcore-client/package.json
index cdceadfbf0d..4a03c72e95d 100644
--- a/packages/bitcore-client/package.json
+++ b/packages/bitcore-client/package.json
@@ -26,10 +26,10 @@
   "dependencies": {
     "JSONStream": "~1.3.1",
     "async": "2.5.0",
-    "bcrypt": "3.0.8",
+    "bcrypt": "5.0.1",
     "bitcore-mnemonic": "^8.25.10",
     "commander": "2.15.1",
-    "crypto-wallet-core": "^8.25.10",
+    "crypto-wallet-core": "^8.23.0",
     "elliptic": "^6.5.3",
     "level-js": "4.0.2",
     "leveldown": "5.4.1",
@@ -39,7 +39,7 @@
     "progress": "2.0.0",
     "promptly": "3.0.3",
     "request": "2.87.0",
-    "request-promise-native": "1.0.5",
+    "request-promise-native": "1.0.9",
     "secp256k1": "3.7.1",
     "source-map-support": "0.5.13"
   },
@@ -55,8 +55,8 @@
     "@types/secp256k1": "3.5.0",
     "eslint-config-airbnb-base": "12.1.0",
     "eslint-plugin-import": "2.8.0",
-    "mocha": "5.0.5",
-    "sinon": "4.4.8",
+    "mocha": "10.6.0",
+    "sinon": "16.1.2",
     "typescript": "3.3.4000"
   },
   "gitHead": "012cc0216a9bc6b195035855bd17149bad41acd1"