From 23bf0be6826b5e2a85c74d6c9c638e05c82bfd7b Mon Sep 17 00:00:00 2001
From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com>
Date: Tue, 22 Oct 2024 17:24:19 +0000
Subject: [PATCH] fix:
 workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/package.json
 &
 workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/.snyk
 to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AJV-584908
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
- https://snyk.io/vuln/SNYK-JS-BRACES-6838727
- https://snyk.io/vuln/SNYK-JS-ENGINEIO-1056749
- https://snyk.io/vuln/SNYK-JS-ENGINEIO-3136336
- https://snyk.io/vuln/SNYK-JS-HAWK-2808852
- https://snyk.io/vuln/SNYK-JS-HAWK-6969142
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-JSYAML-173999
- https://snyk.io/vuln/SNYK-JS-JSYAML-174129
- https://snyk.io/vuln/SNYK-JS-KARMA-2395349
- https://snyk.io/vuln/SNYK-JS-KARMA-2396325
- https://snyk.io/vuln/SNYK-JS-LODASH-1018905
- https://snyk.io/vuln/SNYK-JS-LODASH-1040724
- https://snyk.io/vuln/SNYK-JS-LODASH-450202
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
- https://snyk.io/vuln/SNYK-JS-LODASH-6139239
- https://snyk.io/vuln/SNYK-JS-LODASH-73638
- https://snyk.io/vuln/SNYK-JS-LODASH-73639
- https://snyk.io/vuln/SNYK-JS-LOG4JS-2348757
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
- https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
- https://snyk.io/vuln/SNYK-JS-MOCHA-2863123
- https://snyk.io/vuln/SNYK-JS-MOCHA-561476
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
- https://snyk.io/vuln/SNYK-JS-SHELLJS-2332187
- https://snyk.io/vuln/SNYK-JS-SOCKETIO-1024859
- https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-1056752
- https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-3091012
- https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660
- https://snyk.io/vuln/SNYK-JS-USERAGENT-174737
- https://snyk.io/vuln/SNYK-JS-WS-1296835
- https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1082936
- https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1255647
- https://snyk.io/vuln/npm:braces:20180219
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:diff:20180305
- https://snyk.io/vuln/npm:eslint:20180222
- https://snyk.io/vuln/npm:growl:20160721
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:parsejson:20170908
- https://snyk.io/vuln/npm:shell-quote:20160621
- https://snyk.io/vuln/npm:tunnel-agent:20170305
- https://snyk.io/vuln/npm:ws:20171108


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:minimatch:20160620
---
 .../node_modules/debug/.snyk                  | 10 ++++++++
 .../node_modules/debug/package.json           | 24 ++++++++++++-------
 2 files changed, 25 insertions(+), 9 deletions(-)
 create mode 100644 workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/.snyk

diff --git a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/.snyk b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/.snyk
new file mode 100644
index 0000000000000..c4ca074e6fc8d
--- /dev/null
+++ b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/.snyk
@@ -0,0 +1,10 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:minimatch:20160620':
+    - browserify > glob > minimatch:
+        patched: '2024-10-22T17:24:10.515Z'
+        id: 'npm:minimatch:20160620'
+        path: browserify > glob > minimatch
diff --git a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/package.json b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/package.json
index dc787ba76781d..334b30b8ba6e0 100644
--- a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/package.json
+++ b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/package.json
@@ -18,23 +18,24 @@
   ],
   "license": "MIT",
   "dependencies": {
-    "ms": "2.0.0"
+    "ms": "2.0.0",
+    "@snyk/protect": "latest"
   },
   "devDependencies": {
-    "browserify": "9.0.3",
+    "browserify": "13.2.0",
     "chai": "^3.5.0",
     "concurrently": "^3.1.0",
-    "coveralls": "^2.11.15",
-    "eslint": "^3.12.1",
+    "coveralls": "^3.0.10",
+    "eslint": "^9.0.0",
     "istanbul": "^0.4.5",
-    "karma": "^1.3.0",
+    "karma": "^6.4.3",
     "karma-chai": "^0.1.0",
-    "karma-mocha": "^1.3.0",
+    "karma-mocha": "^2.0.0",
     "karma-phantomjs-launcher": "^1.0.2",
     "karma-sinon": "^1.0.5",
-    "mocha": "^3.2.0",
+    "mocha": "^10.1.0",
     "mocha-lcov-reporter": "^1.2.0",
-    "rimraf": "^2.5.4",
+    "rimraf": "^4.3.1",
     "sinon": "^1.17.6",
     "sinon-chai": "^2.8.0"
   },
@@ -45,5 +46,10 @@
       "debug/index.js": "browser.js",
       "debug/debug.js": "debug.js"
     }
-  }
+  },
+  "scripts": {
+    "prepublish": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
+  },
+  "snyk": true
 }