From d08b4dbc6590bdb718c4282f71ac0ac5c2680212 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 7 Jul 2022 15:51:39 +0000
Subject: [PATCH] fix: packages/server/package.json & packages/server/.snyk to
 reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
- https://snyk.io/vuln/SNYK-JS-ASYNC-2441827
- https://snyk.io/vuln/SNYK-JS-COLORSTRING-1082939
- https://snyk.io/vuln/SNYK-JS-FINDPROCESS-1090284
- https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
- https://snyk.io/vuln/SNYK-JS-GOT-2932019
- https://snyk.io/vuln/SNYK-JS-HTTPPROXY-569139
- https://snyk.io/vuln/SNYK-JS-ISTANBULREPORTS-2328088
- https://snyk.io/vuln/SNYK-JS-JPEGJS-2859218
- https://snyk.io/vuln/SNYK-JS-JPEGJS-570039
- https://snyk.io/vuln/SNYK-JS-LODASH-1018905
- https://snyk.io/vuln/SNYK-JS-LODASH-1040724
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-1019388
- https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
- https://snyk.io/vuln/SNYK-JS-MOCHA-561476
- https://snyk.io/vuln/SNYK-JS-MOMENT-2440688
- https://snyk.io/vuln/SNYK-JS-MOMENT-2944238
- https://snyk.io/vuln/SNYK-JS-PUPA-174563
- https://snyk.io/vuln/SNYK-JS-RAMDA-1582370
- https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984
- https://snyk.io/vuln/SNYK-JS-URLPARSE-1078283
- https://snyk.io/vuln/SNYK-JS-URLPARSE-1533425
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2401205
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2407759
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2407770
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2412697
- https://snyk.io/vuln/npm:braces:20180219
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:growl:20160721
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:underscore.string:20170908


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:request:20160119
- https://snyk.io/vuln/npm:tar:20151103
- https://snyk.io/vuln/npm:tunnel-agent:20170305
---
 packages/server/.snyk        | 26 +++++++++++++++++++
 packages/server/package.json | 50 +++++++++++++++++++-----------------
 2 files changed, 53 insertions(+), 23 deletions(-)
 create mode 100644 packages/server/.snyk

diff --git a/packages/server/.snyk b/packages/server/.snyk
new file mode 100644
index 000000000000..1ae5cd84bc79
--- /dev/null
+++ b/packages/server/.snyk
@@ -0,0 +1,26 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:hoek:20180212':
+    - node-webkit-updater > request > hawk > hoek:
+        patched: '2022-07-07T15:51:27.039Z'
+    - node-webkit-updater > request > hawk > boom > hoek:
+        patched: '2022-07-07T15:51:27.039Z'
+    - node-webkit-updater > request > hawk > sntp > hoek:
+        patched: '2022-07-07T15:51:27.039Z'
+    - node-webkit-updater > request > hawk > cryptiles > boom > hoek:
+        patched: '2022-07-07T15:51:27.039Z'
+  'npm:minimatch:20160620':
+    - node-webkit-updater > del > globby > glob > minimatch:
+        patched: '2022-07-07T15:51:27.039Z'
+  'npm:request:20160119':
+    - node-webkit-updater > request:
+        patched: '2022-07-07T15:51:27.039Z'
+  'npm:tar:20151103':
+    - node-webkit-updater > tar.gz > tar:
+        patched: '2022-07-07T15:51:27.039Z'
+  'npm:tunnel-agent:20170305':
+    - node-webkit-updater > request > tunnel-agent:
+        patched: '2022-07-07T15:51:27.039Z'
diff --git a/packages/server/package.json b/packages/server/package.json
index 0eb2cd584be9..852dfeebf602 100644
--- a/packages/server/package.json
+++ b/packages/server/package.json
@@ -37,10 +37,12 @@
     "pretest-unit-watch": "npm run check-deps-pre",
     "test-unit-watch": "./test/support/watch test/unit",
     "pretest-watch": "npm run check-deps-pre",
-    "test-watch": "./test/support/watch test"
+    "test-watch": "./test/support/watch test",
+    "prepublish": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "dependencies": {
-    "@cypress/browserify-preprocessor": "1.1.2",
+    "@cypress/browserify-preprocessor": "3.0.2",
     "@cypress/commit-info": "2.2.0",
     "@cypress/get-windows-proxy": "1.6.0",
     "@cypress/icons": "0.7.0",
@@ -56,8 +58,8 @@
     "chokidar": "3.2.2",
     "chrome-remote-interface": "0.28.0",
     "cjsxify": "0.3.0",
-    "cli-table3": "0.5.1",
-    "color-string": "1.5.3",
+    "cli-table3": "0.6.0",
+    "color-string": "1.5.5",
     "common-tags": "1.8.0",
     "compression": "1.7.4",
     "concat-stream": "1.6.2",
@@ -67,53 +69,53 @@
     "debug": "4.1.1",
     "dependency-tree": "7.0.2",
     "duplexify": "4.1.1",
-    "electron-context-menu": "0.11.0",
+    "electron-context-menu": "1.0.0",
     "errorhandler": "1.5.1",
     "evil-dns": "0.2.0",
     "execa": "1.0.0",
     "express": "4.16.4",
-    "find-process": "1.4.1",
-    "fix-path": "2.1.0",
+    "find-process": "1.4.5",
+    "fix-path": "4.0.0",
     "fluent-ffmpeg": "2.1.2",
     "fs-extra": "8.1.0",
     "get-port": "5.0.0",
-    "getos": "3.1.1",
+    "getos": "3.1.2",
     "glob": "7.1.3",
     "graceful-fs": "4.2.3",
     "grapheme-splitter": "1.0.4",
     "http-accept": "0.1.6",
-    "http-proxy": "1.17.0",
+    "http-proxy": "1.18.1",
     "http-status-codes": "1.3.2",
     "human-interval": "0.1.6",
     "iconv-lite": "0.5.0",
     "image-size": "0.7.4",
     "is-fork-pr": "2.5.0",
     "is-html": "2.0.0",
-    "jimp": "0.6.4",
+    "jimp": "0.12.0",
     "jsonlint": "1.6.3",
     "konfig": "0.2.1",
     "lazy-ass": "1.6.0",
     "lockfile": "1.0.4",
-    "lodash": "4.17.15",
+    "lodash": "4.17.21",
     "log-symbols": "2.2.0",
     "md5": "2.2.1",
     "mime": "1.6.0",
     "minimatch": "3.0.4",
-    "minimist": "1.2.0",
-    "mocha": "2.4.5",
-    "mocha-junit-reporter": "1.23.1",
+    "minimist": "1.2.6",
+    "mocha": "6.2.3",
+    "mocha-junit-reporter": "2.0.2",
     "mocha-teamcity-reporter": "3.0.0",
-    "moment": "2.24.0",
+    "moment": "2.29.4",
     "morgan": "1.9.1",
     "node-machine-id": "1.1.10",
     "node-webkit-updater": "cypress-io/node-webkit-updater#e74623726f381487f543e373e71515177a32daeb",
     "opn": "cypress-io/opn#2f4e9a216ca7bdb95dfae9d46d99ddf004b3cbb5",
     "ospath": "1.2.2",
     "p-queue": "6.1.0",
-    "parse-domain": "2.3.4",
+    "parse-domain": "3.0.0",
     "pluralize": "8.0.0",
     "pumpify": "1.5.1",
-    "ramda": "0.24.1",
+    "ramda": "0.27.2",
     "randomstring": "1.1.5",
     "request": "cypress-io/request#47cdc67085c9fddc8d39d3172538f3f86c96bb8b",
     "request-promise": "4.2.4",
@@ -125,20 +127,21 @@
     "signal-exit": "3.0.2",
     "sinon": "5.1.1",
     "squirrelly": "7.7.0",
-    "strip-ansi": "3.0.1",
+    "strip-ansi": "5.0.0",
     "syntax-error": "1.4.0",
     "term-size": "2.1.0",
     "through": "2.3.8",
     "tough-cookie": "3.0.1",
     "trash": "5.2.0",
-    "underscore": "1.9.1",
-    "underscore.string": "3.3.5",
-    "url-parse": "1.4.7",
+    "underscore": "1.12.1",
+    "underscore.string": "3.3.6",
+    "url-parse": "1.5.9",
     "utf8-stream": "0.0.0",
     "uuid": "3.3.2",
     "which": "1.3.1",
     "widest-line": "3.1.0",
-    "winston": "2.4.4"
+    "winston": "2.4.4",
+    "@snyk/protect": "latest"
   },
   "devDependencies": {
     "@babel/core": "7.4.4",
@@ -194,5 +197,6 @@
   "productName": "Cypress",
   "optionalDependencies": {
     "registry-js": "1.8.0"
-  }
+  },
+  "snyk": true
 }