From 8588bfd485a7d39c3a291e51a6812ccbc82cdf97 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 17 Dec 2020 01:05:52 +0000
Subject: [PATCH] fix: test/fixtures/demo-os/core/client/package.json &
 test/fixtures/demo-os/core/client/.snyk to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AJV-584908
- https://snyk.io/vuln/SNYK-JS-BL-608877
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-173692
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-469063
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-567742
- https://snyk.io/vuln/SNYK-JS-LODASH-450202
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
- https://snyk.io/vuln/SNYK-JS-LODASH-590103
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
- https://snyk.io/vuln/SNYK-JS-LODASH-73638
- https://snyk.io/vuln/SNYK-JS-LODASH-73639
- https://snyk.io/vuln/SNYK-JS-LODASHMERGE-173732
- https://snyk.io/vuln/SNYK-JS-LODASHMERGE-173733
- https://snyk.io/vuln/SNYK-JS-MARKDOWNIT-459438
- https://snyk.io/vuln/SNYK-JS-MERGE-1040469
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-1019388
- https://snyk.io/vuln/SNYK-JS-NPM-537603
- https://snyk.io/vuln/SNYK-JS-NPM-537604
- https://snyk.io/vuln/SNYK-JS-NPM-537606
- https://snyk.io/vuln/SNYK-JS-NPM-575435
- https://snyk.io/vuln/SNYK-JS-NPMUSERVALIDATE-1019352
- https://snyk.io/vuln/npm:braces:20180219
- https://snyk.io/vuln/npm:chownr:20180731
- https://snyk.io/vuln/npm:clean-css:20180306
- https://snyk.io/vuln/npm:cli:20160615
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:handlebars:20151207
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:markdown-it:20150702
- https://snyk.io/vuln/npm:markdown-it:20160912
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:ms:20151024
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:npm:20180222
- https://snyk.io/vuln/npm:qs:20170213
- https://snyk.io/vuln/npm:tunnel-agent:20170305


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:ms:20170412
---
 test/fixtures/demo-os/core/client/.snyk       | 19 +++++++++++++++++++
 .../fixtures/demo-os/core/client/package.json | 18 ++++++++++++------
 2 files changed, 31 insertions(+), 6 deletions(-)
 create mode 100644 test/fixtures/demo-os/core/client/.snyk

diff --git a/test/fixtures/demo-os/core/client/.snyk b/test/fixtures/demo-os/core/client/.snyk
new file mode 100644
index 0000000000..19517c51e8
--- /dev/null
+++ b/test/fixtures/demo-os/core/client/.snyk
@@ -0,0 +1,19 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.19.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:debug:20170905':
+    - ember-cli > testem > socket.io > socket.io-adapter > socket.io-parser > debug:
+        patched: '2020-12-17T01:05:45.014Z'
+  'npm:lodash:20180130':
+    - ember-cli-babel > broccoli-babel-transpiler > babel-core > babel-plugin-proto-to-assign > lodash:
+        patched: '2020-12-17T01:05:45.014Z'
+    - ember-export-application-global > ember-cli-babel > broccoli-babel-transpiler > babel-core > babel-plugin-proto-to-assign > lodash:
+        patched: '2020-12-17T01:05:45.014Z'
+  'npm:minimatch:20160620':
+    - ember-cli > broccoli > findup-sync > glob > minimatch:
+        patched: '2020-12-17T01:05:45.014Z'
+  'npm:ms:20170412':
+    - ember-cli > testem > socket.io > socket.io-adapter > socket.io-parser > debug > ms:
+        patched: '2020-12-17T01:05:45.014Z'
diff --git a/test/fixtures/demo-os/core/client/package.json b/test/fixtures/demo-os/core/client/package.json
index 7932ed4e64..8bd888ae87 100644
--- a/test/fixtures/demo-os/core/client/package.json
+++ b/test/fixtures/demo-os/core/client/package.json
@@ -10,7 +10,9 @@
   "scripts": {
     "start": "ember server",
     "build": "ember build",
-    "test": "ember test"
+    "test": "ember test",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
   "repository": "",
   "engines": {
@@ -20,9 +22,9 @@
   "license": "MIT",
   "devDependencies": {
     "broccoli-asset-rev": "^2.0.2",
-    "ember-cli": "0.2.7",
+    "ember-cli": "3.17.0",
     "ember-cli-app-version": "0.3.3",
-    "ember-cli-babel": "^5.0.0",
+    "ember-cli-babel": "^6.0.0",
     "ember-cli-content-security-policy": "0.4.0",
     "ember-cli-copy-dereference": "1.0.0",
     "ember-cli-dependency-checker": "^1.0.0",
@@ -30,19 +32,23 @@
     "ember-cli-htmlbars": "0.7.6",
     "ember-cli-ic-ajax": "0.1.1",
     "ember-cli-inject-live-reload": "^1.3.0",
-    "ember-cli-mocha": "^0.7.0",
+    "ember-cli-mocha": "^0.9.4",
     "ember-cli-simple-auth": "0.8.0",
     "ember-cli-simple-auth-oauth2": "0.8.0",
     "ember-cli-uglify": "^1.0.1",
     "ember-data": "1.0.0-beta.18",
-    "ember-export-application-global": "^1.0.2",
+    "ember-export-application-global": "^2.0.0",
     "ember-myth": "0.1.0",
     "fs-extra": "0.16.3",
-    "glob": "^4.0.5"
+    "glob": "^5.0.15"
   },
   "ember-addon": {
     "paths": [
       "lib/asset-delivery"
     ]
+  },
+  "snyk": true,
+  "dependencies": {
+    "snyk": "^1.437.2"
   }
 }