🛡️ chore: address several npm vulnerabilities (#4151)

* chore: bump express to 4.21.0 to address CVE-2024-45590 and CVE-2024-43796

* chore: npm audit fix

* chore: uninstall unused `ws` dependency

* chore: bump nodemailer to 6.9.15

* chore: bump mongoose to v7.3.3

* chore: bump lint-staged for micromatch upgrade

* chore: bump axios to 1.7.7

* chore: npm audit fix for mongodb/mongoose vulns

api/package.json

@@ -44,7 +44,7 @@
     "@langchain/google-genai": "^0.0.11",
     "@langchain/google-vertexai": "^0.0.17",
     "@librechat/agents": "^1.5.2",
-    "axios": "^1.3.4",
+    "axios": "^1.7.7",
     "bcryptjs": "^2.4.3",
     "cheerio": "^1.0.0-rc.12",
     "cohere-ai": "^7.9.1",
@@ -55,7 +55,7 @@
     "cors": "^2.8.5",
     "dedent": "^1.5.3",
     "dotenv": "^16.0.3",
-    "express": "^4.18.2",
+    "express": "^4.21.0",
     "express-mongo-sanitize": "^2.2.0",
     "express-rate-limit": "^6.9.0",
     "express-session": "^1.17.3",
@@ -76,11 +76,11 @@
     "meilisearch": "^0.38.0",
     "mime": "^3.0.0",
     "module-alias": "^2.2.3",
-    "mongoose": "^7.1.1",
+    "mongoose": "^7.3.3",
     "multer": "^1.4.5-lts.1",
     "nanoid": "^3.3.7",
     "nodejs-gpt": "^1.37.4",
-    "nodemailer": "^6.9.4",
+    "nodemailer": "^6.9.15",
     "ollama": "^0.5.0",
     "openai": "^4.47.1",
     "openai-chat-tokens": "^0.2.8",
@@ -101,7 +101,6 @@
     "ua-parser-js": "^1.0.36",
     "winston": "^3.11.0",
     "winston-daily-rotate-file": "^4.7.1",
-    "ws": "^8.17.0",
     "zod": "^3.22.4"
   },
   "devDependencies": {