From cdc3170429c2a0434a62f37366e50e0bfdf3d6a7 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 27 Apr 2023 23:42:36 +0000
Subject: [PATCH] fix:
 test/fixtures/qs-package/node_modules/bluebird/package.json &
 test/fixtures/qs-package/node_modules/bluebird/.snyk to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HAWK-2808852
- https://snyk.io/vuln/SNYK-JS-LODASH-1018905
- https://snyk.io/vuln/SNYK-JS-LODASH-1040724
- https://snyk.io/vuln/SNYK-JS-LODASH-450202
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
- https://snyk.io/vuln/SNYK-JS-LODASH-73638
- https://snyk.io/vuln/SNYK-JS-LODASH-73639
- https://snyk.io/vuln/SNYK-JS-LODASHMERGE-173732
- https://snyk.io/vuln/SNYK-JS-LODASHMERGE-173733
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-1019388
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818
- https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
- https://snyk.io/vuln/SNYK-JS-MOCHA-2863123
- https://snyk.io/vuln/SNYK-JS-MOCHA-561476
- https://snyk.io/vuln/SNYK-JS-OPEN-174041
- https://snyk.io/vuln/SNYK-JS-QS-3153490
- https://snyk.io/vuln/SNYK-JS-SHELLQUOTE-1766506
- https://snyk.io/vuln/SNYK-JS-UGLIFYJS-1727251
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:growl:20160721
- https://snyk.io/vuln/npm:hawk:20160119
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/npm:http-signature:20130418
- https://snyk.io/vuln/npm:http-signature:20150122
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:mime:20170907
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:ms:20151024
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:open:20180512
- https://snyk.io/vuln/npm:qs:20140806
- https://snyk.io/vuln/npm:qs:20140806-1
- https://snyk.io/vuln/npm:qs:20170213
- https://snyk.io/vuln/npm:request:20160119
- https://snyk.io/vuln/npm:shell-quote:20160621
- https://snyk.io/vuln/npm:tunnel-agent:20170305
- https://snyk.io/vuln/npm:uglify-js:20151024


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:mime:20170907
- https://snyk.io/vuln/npm:uglify-js:20151024
---
 .../qs-package/node_modules/bluebird/.snyk    | 15 +++++++++++
 .../node_modules/bluebird/package.json        | 26 +++++++++++--------
 2 files changed, 30 insertions(+), 11 deletions(-)
 create mode 100644 test/fixtures/qs-package/node_modules/bluebird/.snyk

diff --git a/test/fixtures/qs-package/node_modules/bluebird/.snyk b/test/fixtures/qs-package/node_modules/bluebird/.snyk
new file mode 100644
index 0000000000..1a8b826c11
--- /dev/null
+++ b/test/fixtures/qs-package/node_modules/bluebird/.snyk
@@ -0,0 +1,15 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:mime:20170907':
+    - grunt-saucelabs > sauce-tunnel > request > mime:
+        patched: '2023-04-27T23:42:32.162Z'
+    - grunt-saucelabs > sauce-tunnel > request > form-data > mime:
+        patched: '2023-04-27T23:42:32.162Z'
+  'npm:uglify-js:20151024':
+    - browserify > umd > ruglify > uglify-js:
+        patched: '2023-04-27T23:42:32.162Z'
+    - browserify > browser-pack > umd > ruglify > uglify-js:
+        patched: '2023-04-27T23:42:32.162Z'
diff --git a/test/fixtures/qs-package/node_modules/bluebird/package.json b/test/fixtures/qs-package/node_modules/bluebird/package.json
index ee7844c4bc..194bc6ccae 100644
--- a/test/fixtures/qs-package/node_modules/bluebird/package.json
+++ b/test/fixtures/qs-package/node_modules/bluebird/package.json
@@ -51,33 +51,35 @@
   "bugs": {
     "url": "http://github.com/petkaantonov/bluebird/issues"
   },
-  "dependencies": {},
+  "dependencies": {
+    "@snyk/protect": "latest"
+  },
   "description": "Full featured Promises/A+ implementation with exceptionally good performance",
   "devDependencies": {
     "acorn": "~0.6.0",
     "baconjs": "^0.7.43",
     "bluebird": "^2.9.2",
     "body-parser": "^1.10.2",
-    "browserify": "^8.1.1",
+    "browserify": "^12.0.0",
     "cli-table": "~0.3.1",
     "co": "^4.2.0",
     "cross-spawn": "^0.2.3",
-    "glob": "^4.3.2",
-    "grunt-saucelabs": "~8.4.1",
+    "glob": "^5.0.15",
+    "grunt-saucelabs": "~9.0.1",
     "highland": "^2.3.0",
-    "istanbul": "^0.3.5",
+    "istanbul": "^0.4.5",
     "jshint": "^2.6.0",
     "jshint-stylish": "~0.2.0",
     "kefir": "^2.4.1",
     "mkdirp": "~0.5.0",
-    "mocha": "~2.1",
-    "open": "~0.0.5",
+    "mocha": "~10.1.0",
+    "open": "~6.0.0",
     "optimist": "~0.6.1",
     "rimraf": "~2.2.6",
     "rx": "^2.3.25",
     "serve-static": "^1.7.1",
     "sinon": "~1.7.3",
-    "uglify-js": "~2.4.16"
+    "uglify-js": "~3.14.3"
   },
   "directories": {},
   "dist": {
@@ -129,8 +131,10 @@
     "generate-browser-core": "node tools/build.js --features=core --no-debug --main --zalgo --browser --minify && mv js/browser/bluebird.js js/browser/bluebird.core.js && mv js/browser/bluebird.min.js js/browser/bluebird.core.min.js",
     "istanbul": "istanbul",
     "lint": "node scripts/jshint.js",
-    "prepublish": "node tools/build.js --no-debug --main --zalgo --browser --minify",
-    "test": "node tools/test.js"
+    "prepublish": "npm run snyk-protect && node tools/build.js --no-debug --main --zalgo --browser --minify",
+    "test": "node tools/test.js",
+    "snyk-protect": "snyk-protect"
   },
-  "version": "2.10.2"
+  "version": "2.10.2",
+  "snyk": true
 }