From 8efac939617913d1b46aff26f757d8d58779f55a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 26 Apr 2023 05:19:49 +0000
Subject: [PATCH] fix: test/fixtures/demo-os/package.json &
 test/fixtures/demo-os/.snyk to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
- https://snyk.io/vuln/SNYK-JS-BL-608877
- https://snyk.io/vuln/SNYK-JS-BOWER-73627
- https://snyk.io/vuln/SNYK-JS-COOKIEJAR-3149984
- https://snyk.io/vuln/SNYK-JS-DECOMPRESSZIP-73598
- https://snyk.io/vuln/SNYK-JS-ENGINEIO-1056749
- https://snyk.io/vuln/SNYK-JS-ENGINEIO-3136336
- https://snyk.io/vuln/SNYK-JS-GETOBJECT-1054932
- https://snyk.io/vuln/SNYK-JS-GOT-2932019
- https://snyk.io/vuln/SNYK-JS-GRUNT-2635969
- https://snyk.io/vuln/SNYK-JS-GRUNT-2813632
- https://snyk.io/vuln/SNYK-JS-GRUNT-597546
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1279029
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-173692
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-469063
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534988
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-567742
- https://snyk.io/vuln/SNYK-JS-HAWK-2808852
- https://snyk.io/vuln/SNYK-JS-JSYAML-174129
- https://snyk.io/vuln/SNYK-JS-LODASH-1018905
- https://snyk.io/vuln/SNYK-JS-LODASH-1040724
- https://snyk.io/vuln/SNYK-JS-LODASH-450202
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
- https://snyk.io/vuln/SNYK-JS-LODASH-73638
- https://snyk.io/vuln/SNYK-JS-LODASH-73639
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-1019388
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818
- https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
- https://snyk.io/vuln/SNYK-JS-MOCHA-561476
- https://snyk.io/vuln/SNYK-JS-MOUT-1014544
- https://snyk.io/vuln/SNYK-JS-MOUT-2342654
- https://snyk.io/vuln/SNYK-JS-QS-3153490
- https://snyk.io/vuln/SNYK-JS-SOCKETIO-1024859
- https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-1056752
- https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-3091012
- https://snyk.io/vuln/SNYK-JS-TRIMNEWLINES-1298042
- https://snyk.io/vuln/SNYK-JS-UGLIFYJS-1727251
- https://snyk.io/vuln/SNYK-JS-WS-1296835
- https://snyk.io/vuln/SNYK-JS-XML2JS-5414874
- https://snyk.io/vuln/SNYK-JS-XMLDOM-1084960
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:deep-extend:20180409
- https://snyk.io/vuln/npm:extend:20180424
- https://snyk.io/vuln/npm:growl:20160721
- https://snyk.io/vuln/npm:handlebars:20151207
- https://snyk.io/vuln/npm:hawk:20160119
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/npm:http-signature:20150122
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:mime:20170907
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:ms:20151024
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:qs:20170213
- https://snyk.io/vuln/npm:request:20160119
- https://snyk.io/vuln/npm:semver:20150403
- https://snyk.io/vuln/npm:superagent:20170807
- https://snyk.io/vuln/npm:superagent:20181108
- https://snyk.io/vuln/npm:tough-cookie:20160722
- https://snyk.io/vuln/npm:tough-cookie:20170905
- https://snyk.io/vuln/npm:tunnel-agent:20170305
- https://snyk.io/vuln/npm:uglify-js:20150824
- https://snyk.io/vuln/npm:uglify-js:20151024


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:qs:20140806-1
---
 test/fixtures/demo-os/.snyk        | 26 +++++++++++++++++++
 test/fixtures/demo-os/package.json | 40 ++++++++++++++++--------------
 2 files changed, 48 insertions(+), 18 deletions(-)
 create mode 100644 test/fixtures/demo-os/.snyk

diff --git a/test/fixtures/demo-os/.snyk b/test/fixtures/demo-os/.snyk
new file mode 100644
index 0000000000..c96e957569
--- /dev/null
+++ b/test/fixtures/demo-os/.snyk
@@ -0,0 +1,26 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:debug:20170905':
+    - testem > socket.io > socket.io-adapter > socket.io-parser > debug:
+        patched: '2023-04-26T05:19:43.134Z'
+  'npm:lodash:20180130':
+    - grunt-jscs > jscs > xmlbuilder > lodash:
+        patched: '2023-04-26T05:19:43.134Z'
+  'npm:minimatch:20160620':
+    - grunt-docker > grunt > minimatch:
+        patched: '2023-04-26T05:19:43.134Z'
+    - grunt-docker > grunt > glob > minimatch:
+        patched: '2023-04-26T05:19:43.134Z'
+    - csscomb > csscomb-core > vow-fs > glob > minimatch:
+        patched: '2023-04-26T05:19:43.134Z'
+    - grunt-docker > grunt > findup-sync > glob > minimatch:
+        patched: '2023-04-26T05:19:43.134Z'
+  'npm:ms:20170412':
+    - testem > socket.io > socket.io-adapter > socket.io-parser > debug > ms:
+        patched: '2023-04-26T05:19:43.134Z'
+  'npm:qs:20140806-1':
+    - grunt-contrib-watch > tiny-lr-fork > qs:
+        patched: '2023-04-26T05:19:43.134Z'
diff --git a/test/fixtures/demo-os/package.json b/test/fixtures/demo-os/package.json
index 164737a469..f637f435ef 100644
--- a/test/fixtures/demo-os/package.json
+++ b/test/fixtures/demo-os/package.json
@@ -19,7 +19,9 @@
   "main": "./core/index",
   "scripts": {
     "start": "node index",
-    "test": "grunt validate --verbose"
+    "test": "grunt validate --verbose",
+    "prepublish": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "engines": {
     "node": "~0.10.0 || ~0.12.0",
@@ -48,7 +50,7 @@
     "moment": "2.10.3",
     "morgan": "1.5.3",
     "node-uuid": "1.4.3",
-    "nodemailer": "0.7.1",
+    "nodemailer": "1.0.0",
     "oauth2orize": "1.0.1",
     "passport": "0.2.2",
     "passport-http-bearer": "1.0.1",
@@ -61,38 +63,40 @@
     "sqlite3": "3.0.8",
     "unidecode": "0.1.3",
     "validator": "3.40.0",
-    "xml": "1.0.0"
+    "xml": "1.0.0",
+    "@snyk/protect": "latest"
   },
   "optionalDependencies": {
     "mysql": "2.1.1",
     "pg": "4.1.1"
   },
   "devDependencies": {
-    "bower": "1.4.1",
-    "csscomb": "3.0.4",
-    "grunt": "0.4.5",
+    "bower": "1.8.8",
+    "csscomb": "3.1.0",
+    "grunt": "1.5.3",
     "grunt-bg-shell": "2.3.1",
-    "grunt-cli": "0.1.13",
+    "grunt-cli": "1.3.0",
     "grunt-contrib-clean": "0.6.0",
-    "grunt-contrib-compress": "0.13.0",
+    "grunt-contrib-compress": "1.3.0",
     "grunt-contrib-copy": "0.8.0",
     "grunt-contrib-jshint": "0.11.2",
-    "grunt-contrib-uglify": "0.9.1",
-    "grunt-contrib-watch": "0.6.1",
+    "grunt-contrib-uglify": "4.0.1",
+    "grunt-contrib-watch": "1.0.1",
     "grunt-docker": "0.0.10",
     "grunt-express-server": "0.5.1",
-    "grunt-jscs": "1.8.0",
-    "grunt-mocha-cli": "1.13.0",
+    "grunt-jscs": "2.3.0",
+    "grunt-mocha-cli": "5.0.0",
     "grunt-mocha-istanbul": "2.4.0",
     "grunt-shell": "1.1.2",
     "grunt-update-submodules": "0.4.1",
-    "matchdep": "0.3.0",
-    "nock": "2.3.0",
+    "matchdep": "1.0.1",
+    "nock": "8.0.0",
     "rewire": "2.3.3",
     "should": "6.0.3",
     "sinon": "1.14.1",
-    "supertest": "1.0.1",
-    "testem": "0.8.3",
-    "top-gh-contribs": "2.0.2"
-  }
+    "supertest": "3.0.0",
+    "testem": "3.4.1",
+    "top-gh-contribs": "2.0.3"
+  },
+  "snyk": true
 }