From 478a294095aca20ee5822a36b317b3a5b757063d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 27 Nov 2025 13:01:31 +0000
Subject: [PATCH] chore(deps): bump multer from 1.4.5-lts.1 to 2.0.2 in
 /packages/server in the npm_and_yarn group across 1 directory (#5522)

* chore(deps): bump multer

Bumps the npm_and_yarn group with 1 update in the /packages/server directory: [multer](https://github.com/expressjs/multer).


Updates `multer` from 1.4.5-lts.1 to 2.0.2
- [Release notes](https://github.com/expressjs/multer/releases)
- [Changelog](https://github.com/expressjs/multer/blob/main/CHANGELOG.md)
- [Commits](https://github.com/expressjs/multer/compare/v1.4.5-lts.1...v2.0.2)

---
updated-dependencies:
- dependency-name: multer
  dependency-version: 2.0.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>

* update pnpm lock

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Henry <hzj94@hotmail.com>
---
 packages/server/package.json |  2 +-
 pnpm-lock.yaml               | 18 ++++++++++++++++--
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/packages/server/package.json b/packages/server/package.json
index e86c67bf..57275f21 100644
--- a/packages/server/package.json
+++ b/packages/server/package.json
@@ -119,7 +119,7 @@
         "lodash": "^4.17.21",
         "moment": "^2.29.3",
         "moment-timezone": "^0.5.34",
-        "multer": "^1.4.5-lts.1",
+        "multer": "^2.0.2",
         "multer-cloud-storage": "^4.0.0",
         "multer-s3": "^3.0.1",
         "mysql2": "^3.11.3",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 666b4dd3..bd08dec9 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -791,8 +791,8 @@ importers:
                 specifier: ^0.5.34
                 version: 0.5.45
             multer:
-                specifier: ^1.4.5-lts.1
-                version: 1.4.5-lts.1
+                specifier: ^2.0.2
+                version: 2.0.2
             multer-cloud-storage:
                 specifier: ^4.0.0
                 version: 4.0.0(encoding@0.1.13)
@@ -13830,6 +13830,10 @@ packages:
         engines: { node: '>= 6.0.0' }
         deprecated: Multer 1.x is impacted by a number of vulnerabilities, which have been patched in 2.x. You should upgrade to the latest 2.x version.
 
+    multer@2.0.2:
+        resolution: { integrity: sha512-u7f2xaZ/UG8oLXHvtF/oWTRvT44p9ecwBBqTwgJVq0+4BW1g8OW01TyMEGWBHbyMOYVHXslaut7qEQ1meATXgw== }
+        engines: { node: '>= 10.16.0' }
+
     multicast-dns@7.2.5:
         resolution: { integrity: sha512-2eznPJP8z2BFLX50tf0LuODrpINqP1RVIm/CObbTcBRITQgmC/TjcREF1NeTBzIcR5XO/ukWo+YHOjBbFwIupg== }
         hasBin: true
@@ -36155,6 +36159,16 @@ snapshots:
             type-is: 1.6.18
             xtend: 4.0.2
 
+    multer@2.0.2:
+        dependencies:
+            append-field: 1.0.0
+            busboy: 1.6.0
+            concat-stream: 2.0.0
+            mkdirp: 0.5.6
+            object-assign: 4.1.1
+            type-is: 1.6.18
+            xtend: 4.0.2
+
     multicast-dns@7.2.5:
         dependencies:
             dns-packet: 5.6.1